Windows
Analysis Report
Request For Quotation (RFQ)_ RFQ2400598.eml
Overview
General Information
Detection
Score: | 4 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64_ra
- OUTLOOK.EXE (PID: 6312 cmdline:
"C:\Progra m Files (x 86)\Micros oft Office \Root\Offi ce16\OUTLO OK.EXE" /e ml "C:\Use rs\user\De sktop\Requ est For Qu otation (R FQ)_ RFQ24 00598.eml" MD5: 91A5292942864110ED734005B7E005C0) - ai.exe (PID: 1504 cmdline:
"C:\Progra m Files (x 86)\Micros oft Office \root\vfs\ ProgramFil esCommonX6 4\Microsof t Shared\O ffice16\ai .exe" "FDF CBF6C-301D -4498-AEFF -487513A4A FB9" "4BC4 7D0A-1AFA- 4E2C-B133- A29D3D5388 65" "6312" "C:\Progr am Files ( x86)\Micro soft Offic e\Root\Off ice16\OUTL OOK.EXE" " WordCombin edFloatieL reOnline.o nnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD) - Acrobat.exe (PID: 6288 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \AppData\L ocal\Micro soft\Windo ws\INetCac he\Content .Outlook\0 3UIW9HD\RF Q2400598_0 000063414_ 2024041916 1746.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 3364 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 7248 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=22 60 --field -trial-han dle=1564,i ,830088317 2976244484 ,156405720 8235788366 6,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - chrome.exe (PID: 7948 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// extapp.dso .org.sg/Su pplierPort al/RFQVend or/Create/ 0?enc=20AD E221D3ACAC 68BCB8A062 575F01B5B2 C412DEA468 C864C57B7D F6E845C68C C237468EE5 2EE58B8255 551025EC0B 65849C2C1C E6B6023646 A6B4AB5C53 930E30BA5E 14F9B6240E A9A4DCCF0A E46D91 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 8172 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2084 --fi eld-trial- handle=198 4,i,127918 2426653077 6244,14028 9411700342 93688,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source: | Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): |
Source: | Author: frack113: |
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | ML Model on OCR Text: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | IP Address: | ||
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Initial sample: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window found: | Jump to behavior |
Source: | Window detected: |
Source: | Key opened: | Jump to behavior |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Process information queried: | Jump to behavior |
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 1 Spearphishing Link | Windows Management Instrumentation | 1 DLL Side-Loading | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 Registry Run Keys / Startup Folder | 1 DLL Side-Loading | 1 Process Injection | LSASS Memory | 1 File and Directory Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 1 Registry Run Keys / Startup Folder | 1 DLL Side-Loading | Security Account Manager | 13 System Information Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 74.125.136.147 | true | false | high | |
extapp.dso.org.sg | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false | high | |||
false | high | |||
false | unknown | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
184.25.164.138 | unknown | United States | 9498 | BBIL-APBHARTIAirtelLtdIN | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
74.125.136.147 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.16 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1428869 |
Start date and time: | 2024-04-19 18:42:39 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 52s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 23 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | Request For Quotation (RFQ)_ RFQ2400598.eml |
Detection: | CLEAN |
Classification: | clean4.winEML@34/115@6/4 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 52.113.194.132, 52.109.4.7, 20.42.65.94, 184.31.60.185, 52.202.204.11, 54.227.187.23, 52.5.13.197, 23.22.254.206, 162.159.61.3, 172.64.41.3, 74.125.138.94, 172.217.215.113, 172.217.215.139, 172.217.215.138, 172.217.215.101, 172.217.215.102, 172.217.215.100, 142.250.105.84, 104.18.12.51, 104.18.13.51, 34.104.35.123, 173.194.219.95, 64.233.176.95, 108.177.122.95, 172.253.124.95, 142.250.105.95, 172.217.215.95, 142.251.15.95, 74.125.136.95, 64.233.185.95, 64.233.177.95, 142.250.9.95, 74.125.138.95, 23.34.82.7, 23.34.82.6
- Excluded domains from analysis (whitelisted): extapp.dso.org.sg.cdn.cloudflare.net, e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, us1.odcsm1.live.com.akadns.net, odc.officeapps.live.com, slscr.update.microsoft.com, clientservices.googleapis.com, acroipm2.adobe.com, mobile.events.data.microsoft.com, ecs-office.s-0005.s-msedge.net, clients2.google.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, osiprod-eus2-bronze-azsc-000.eastus2.cloudapp.azure.com, ecs.office.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, acroipm2.adobe.com.edgesuite.net, p13n.adobe.io, s-0005-office.config.skype.com, onedscolprdeus23.eastus.cloudapp.azure.com, fe3cr.delivery.mp.microsoft.com, eus2-azsc-000.odc.officeapps.live.com, edgedl.me.gvt1.com, s-0005.s-msedge.net, ecs.office.trafficmanager.net, clients.l.google.com, geo2.adobe.com, prod.odcsm1.live.com.akadns.net, mobile.events.data.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size getting too big, too many NtQueryAttributesFile calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Report size getting too big, too many NtSetValueKey calls found.
- VT rate limit hit for: Request For Quotation (RFQ)_ RFQ2400598.eml
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
184.25.164.138 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | RHADAMANTHYS | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Lokibot, PureLog Stealer, zgRAT | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | DarkGate, MailPassView | Browse | |||
Get hash | malicious | HTMLPhisher, ReCaptcha Phish | Browse | |||
239.255.255.250 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse | |||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse | |||
Get hash | malicious | Phisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
BBIL-APBHARTIAirtelLtdIN | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | RHADAMANTHYS | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse |
| ||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse |
| ||
Get hash | malicious | Phisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.250826042105618 |
Encrypted: | false |
SSDEEP: | 6:XlROq2PRN2nKuAl9OmbnIFUt8Yp6Zmw+YpGkwORN2nKuAl9OmbjLJ:XLOvaHAahFUt8YQ/+YY5JHAaSJ |
MD5: | C21EB462694FC1577C126ADF0BBA1E83 |
SHA1: | 4715BD2953DC44D2240C2C0AD6D44C1033A478ED |
SHA-256: | 1212A6971402E37460EFC297F85D259801F7902C50E5455A070EE6C852CDE59A |
SHA-512: | FF07A48BF5006719B2176AC108816046FA4F1575C5BB2C5F66B2A439958480A2AC18F56E09ADAA5580E306870DBD94A4C15B6DC0A9139B40B5805A0D2A4F7C9A |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.250826042105618 |
Encrypted: | false |
SSDEEP: | 6:XlROq2PRN2nKuAl9OmbnIFUt8Yp6Zmw+YpGkwORN2nKuAl9OmbjLJ:XLOvaHAahFUt8YQ/+YY5JHAaSJ |
MD5: | C21EB462694FC1577C126ADF0BBA1E83 |
SHA1: | 4715BD2953DC44D2240C2C0AD6D44C1033A478ED |
SHA-256: | 1212A6971402E37460EFC297F85D259801F7902C50E5455A070EE6C852CDE59A |
SHA-512: | FF07A48BF5006719B2176AC108816046FA4F1575C5BB2C5F66B2A439958480A2AC18F56E09ADAA5580E306870DBD94A4C15B6DC0A9139B40B5805A0D2A4F7C9A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 334 |
Entropy (8bit): | 5.179998720406089 |
Encrypted: | false |
SSDEEP: | 6:XUcM+q2PRN2nKuAl9Ombzo2jMGIFUt8YqKNJZmw+YqKNcMVkwORN2nKuAl9Ombzz:XZM+vaHAa8uFUt8Yq6/+YqlMV5JHAa8z |
MD5: | B0F42BAE1474C6193F91B4E56034BBC6 |
SHA1: | 74EA15E097898E9EEE835366402EBFAF2D370413 |
SHA-256: | 565A8E090BEF6CC1AAD81ED87F7BCC793EB493CB791F1D753612F3862AB562E1 |
SHA-512: | A1B7D969D0BDAA839F483A33028D094D51A9B6AE4687834936B81D2ACBBF602D0E73003F8C0C8EA6043FB6C99F93758A97796830E7894D44BCF949D2E97D0CC8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 334 |
Entropy (8bit): | 5.179998720406089 |
Encrypted: | false |
SSDEEP: | 6:XUcM+q2PRN2nKuAl9Ombzo2jMGIFUt8YqKNJZmw+YqKNcMVkwORN2nKuAl9Ombzz:XZM+vaHAa8uFUt8Yq6/+YqlMV5JHAa8z |
MD5: | B0F42BAE1474C6193F91B4E56034BBC6 |
SHA1: | 74EA15E097898E9EEE835366402EBFAF2D370413 |
SHA-256: | 565A8E090BEF6CC1AAD81ED87F7BCC793EB493CB791F1D753612F3862AB562E1 |
SHA-512: | A1B7D969D0BDAA839F483A33028D094D51A9B6AE4687834936B81D2ACBBF602D0E73003F8C0C8EA6043FB6C99F93758A97796830E7894D44BCF949D2E97D0CC8 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\487c501e-2d80-4577-a3a6-8aa59bd038eb.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 403 |
Entropy (8bit): | 4.989975352353706 |
Encrypted: | false |
SSDEEP: | 12:YHO8sqZ6psBdOg2HrX2caq3QYiubrP7E4T3y:YXsX6dMHr53QYhbz7nby |
MD5: | 7053083D27BD30602D3DB4F4906E23B3 |
SHA1: | CCE94336F359C13CBAEE86EEE2F518E63C999834 |
SHA-256: | 797CEE53E935A4CF72DC9EE6ABE3DE9F23F00A9D8A332B31E6E8E9A43DB4DEB8 |
SHA-512: | 0F0FF7998A071FCBA2B84C184F7E07D22F6A2AF20FF3FC5A19B45BE8482FF0DD4BC3C9805426B4708213760AA441C6A8E0842A183E1366E0EF6AF882D0C31ED1 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.953858338552356 |
Encrypted: | false |
SSDEEP: | 12:YHO8sq/WLksBdOg2H9caq3QYiubrP7E4T3y:YXsRJdMHM3QYhbz7nby |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF3b5719.TMP (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.953858338552356 |
Encrypted: | false |
SSDEEP: | 12:YHO8sq/WLksBdOg2H9caq3QYiubrP7E4T3y:YXsRJdMHM3QYhbz7nby |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\f15b71e7-dd20-4a44-ab47-ef13bfc62bfc.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 403 |
Entropy (8bit): | 4.953858338552356 |
Encrypted: | false |
SSDEEP: | 12:YHO8sq/WLksBdOg2H9caq3QYiubrP7E4T3y:YXsRJdMHM3QYhbz7nby |
MD5: | 4C313FE514B5F4E7E89329630909F8DC |
SHA1: | 916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56 |
SHA-256: | 1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873 |
SHA-512: | 1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4509 |
Entropy (8bit): | 5.224523787530085 |
Encrypted: | false |
SSDEEP: | 96:OLSw0bSwIAnrRqLX2rSq1OUxu/0OZ0xRBTxekN8xevTzfIahlOnzfeohlZ:OLT0bTIeYa51Ogu/0OZARBT8kN88vTrU |
MD5: | 43686CF5DD081E42E1126712A0578AA0 |
SHA1: | C52E3D29F1D81B9F962A1BE5B3E212229111ACB2 |
SHA-256: | E4892D741B9DCD636963057F891478F93C55C9B38DE932130F389D6B4CB8A99D |
SHA-512: | CBDBC08D94525909B7E033A819A7860E074BF4A2360051B8A89311104AB4DF7D455691C2AAE664964945F193988668DBD8A8A430D5F552B52F1DAE9305D751C7 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 322 |
Entropy (8bit): | 5.229411301607881 |
Encrypted: | false |
SSDEEP: | 6:XnWcM+q2PRN2nKuAl9OmbzNMxIFUt8YlWJZmw+YrJocMVkwORN2nKuAl9OmbzNMT:XnjM+vaHAa8jFUt8Yq/+YrJlMV5JHAab |
MD5: | 6B3D6634FF72F8185A82D5FA76912464 |
SHA1: | 9665C5A8C4E16C2030768A1045843648F1729F8A |
SHA-256: | A92519E71591DDBB29A07664DA159F861BCE30D7B314BE4019CAE277623F237E |
SHA-512: | C8D776A2F6B9756D383476B48A4151AFB68BDAC2D9AC92E34F18EA4FE48081F99A1266A7281398D1B602FE430E9C5F3693068967E26A3F8AE774B813E24B6149 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 322 |
Entropy (8bit): | 5.229411301607881 |
Encrypted: | false |
SSDEEP: | 6:XnWcM+q2PRN2nKuAl9OmbzNMxIFUt8YlWJZmw+YrJocMVkwORN2nKuAl9OmbzNMT:XnjM+vaHAa8jFUt8Yq/+YrJlMV5JHAab |
MD5: | 6B3D6634FF72F8185A82D5FA76912464 |
SHA1: | 9665C5A8C4E16C2030768A1045843648F1729F8A |
SHA-256: | A92519E71591DDBB29A07664DA159F861BCE30D7B314BE4019CAE277623F237E |
SHA-512: | C8D776A2F6B9756D383476B48A4151AFB68BDAC2D9AC92E34F18EA4FE48081F99A1266A7281398D1B602FE430E9C5F3693068967E26A3F8AE774B813E24B6149 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240419164327Z-163.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 65110 |
Entropy (8bit): | 1.520945008110262 |
Encrypted: | false |
SSDEEP: | 384:+phHXxD0SoximYwZrKWBfAPEbWuCplgsS:SHXxD0NximYwZrKWBfAPEbWuCpmsS |
MD5: | F912D29020D0B54AAD0907FEAB293095 |
SHA1: | 7C27EAD9912A34A65A8DC91596F02A1CEB1EC02F |
SHA-256: | 0F193B9414BB4B01952B1BA8F4D4EA956C07884DCE77ACC8ECF46D37A79AA36D |
SHA-512: | 6E5E3A034FFB85217C2705419411F14C8BEA1810ADBB5A867B2EB8E1A7706F837258AE618E5E0A5E10857B086A0DDAF79C7FDA6F3AA7AD7DDC2F0579ECB8AF8F |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 57344 |
Entropy (8bit): | 3.291927920232006 |
Encrypted: | false |
SSDEEP: | 192:vedRBvVui5V4R4dcQ5V4R4RtYWtEV2UUTTchqGp8F/7/z+FP:veBci5H5FY+EUUUTTcHqFzqFP |
MD5: | A4D5FECEFE05F21D6F81ACF4D9A788CF |
SHA1: | 1A9AC236C80F2A2809F7DE374072E2FCCA5A775C |
SHA-256: | 83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2 |
SHA-512: | FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16928 |
Entropy (8bit): | 1.2123303442888698 |
Encrypted: | false |
SSDEEP: | 48:7MhDGRqLmFTIF3XmHjBoGGR+jMz+LhJGT/Gn:7eyf9IVXEBodRBkae |
MD5: | 602134883C57834D55062EDDDDEF0424 |
SHA1: | C85D2211AFC8886AC885A16913EDB79F8C7CF69F |
SHA-256: | 82DC5E021C1B32A9744E6A2C4520A835F203541ED9F0215CF6458CB61CA75BCB |
SHA-512: | CBCA2130375E6A13340354BFDCD0E11B333424E7F4D48023D613FC5E1FF30E362BAB8848746D6FD85CB95F0FE5877202C151127279DD83A3445B77FB270D3DFE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 185099 |
Entropy (8bit): | 5.182478651346149 |
Encrypted: | false |
SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 227002 |
Entropy (8bit): | 3.392780893644728 |
Encrypted: | false |
SSDEEP: | 1536:qKPC4iyzDtrh1cK3XEivK7VK/3AYvYwgF/rRoL+sn:XPCaJ/3AYvYwglFoL+sn |
MD5: | 265E3E1166312A864FB63291EA661C6A |
SHA1: | 80DFF3187FF929596EB22E1DB9021BAD6F97178C |
SHA-256: | C13E08B1887A4E44DC39609D7234E8D732A6BC11313B55D6F4ECFB060CD87728 |
SHA-512: | 48776A2BFE8F25E5601DCC0137F7AB103D5684517334B806E3ACF61683DD9B283828475FC85CE0CBE4E8AF88E6F8B25EED0A77640E2CFFF2CC73708726519AFA |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.369464652664115 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJM3g98kUwPeUkwRe9:YvXKXz3cWRuUhUYBwGMbLUkee9 |
MD5: | 7A30BDAA8452EA6636BEE9236045B80E |
SHA1: | F35817A8482C43D37BDA02E83E1AF4C20C1ACAC8 |
SHA-256: | 31984B219E7AC2655E86A747816929CDFE8A4CC8B5505C73B597ED243A6ABDF9 |
SHA-512: | 01AA904293ADD4B29076F7970AF6F05773442F68F63CBA4B0770AA24E28B69EDBA151D2D32225BBFCADD66B1F946074C3F02AFD6FF495AFA92CC44BA50147D0F |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.317045172353576 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfBoTfXpnrPeUkwRe9:YvXKXz3cWRuUhUYBwGWTfXcUkee9 |
MD5: | 2CAB8989AE6165412732706752DD3DBF |
SHA1: | 1B3BAD9E8A0617815897BAC7780320AA6B42BC37 |
SHA-256: | D66191AB3BC53A390182B4A6E2DD8A0B25B64C06439504B89606DAE0C6BD5983 |
SHA-512: | A74E31541F5EBB8D751758C83F9A742EB0315B32154F7F5A47AA944CBF22EA6F93A4C1C1BEA3C207DA3E31AEFC2997782EE1870619391606C08201A9C44B418C |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.295866247399175 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfBD2G6UpnrPeUkwRe9:YvXKXz3cWRuUhUYBwGR22cUkee9 |
MD5: | 637CDFD37D6C510412C690A4177E29C1 |
SHA1: | 66D4F18B6A7D21046E76D26B278EF79CF0CF0F2B |
SHA-256: | 887C29F2D610CC83D1F97ABA1F3065C8B8EE6782DB6C2DB0BE002EA8C360DE1B |
SHA-512: | BF3EBFD6E64ECB18D679C601F06DB912AF932BC7AD15A229D6A5DA2C7E5A137AB0D0A0DCE5C02B60E3368036681B865B206C11BC8A7ABA0697B4E2526A733936 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.358058920926055 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfPmwrPeUkwRe9:YvXKXz3cWRuUhUYBwGH56Ukee9 |
MD5: | F895AB4DF965C76DFE50E8DB9731071B |
SHA1: | AD42F06387B5B1F36D0F37ED90338A0458473BDF |
SHA-256: | FC40DDA212337B0820EF6C1BB46D764BB7E6E230EDB6538AE722500A45CB6A57 |
SHA-512: | 7EB3EA9AE4AB00C1F757C30B861B7B224C62CC06B7F63487C7290E4BA52D1AB9B14C093C98F29F2F100874E62705D251F6FC2D7BF943D37B1593E3AD96CE44A5 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.316431616325604 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfJWCtMdPeUkwRe9:YvXKXz3cWRuUhUYBwGBS8Ukee9 |
MD5: | 35E2C6E25F97ADD05618565BFE35DD58 |
SHA1: | 9528A49462487E1B7721FB3B5F73F883F0490153 |
SHA-256: | 69B43491CAD6F9FA501F09F0742CB6785E84B8CB51877E8E85ED70270B35BFFE |
SHA-512: | 6045C1A7F7E9824E2071B9C4074FB4BDAD2AC7A73AD04D9056425348648B3B2C487B6FFF207F8183E0A160233F775EC2EE5788863AEC370C14BC8CDE20CE73C7 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.303662282327248 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJf8dPeUkwRe9:YvXKXz3cWRuUhUYBwGU8Ukee9 |
MD5: | 1466A5830C7D1098C4CF4AC78207A530 |
SHA1: | 952404A8928E81280DA5053C07B74812C87B4703 |
SHA-256: | B9D56F427C3B2E23C48AED983CF149D39AD38F1CF9654E9305E674789E52E399 |
SHA-512: | CBBFECF4BD8E1540877BD8DB6BA7D9317481A930D7E9515852F235A57A55BBE5946352FA3D8B05993AFA09BC665C9E58FD3393929F3A1E28EA84FBE12755F923 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.3056932841716975 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfQ1rPeUkwRe9:YvXKXz3cWRuUhUYBwGY16Ukee9 |
MD5: | AA75CB7B2E8A0AC6D39E072029145FCC |
SHA1: | E0A894FC01D254E271371D09E767BB1A44B837E9 |
SHA-256: | BB3604EA674FB91E05C2C54CB8F26619D36D19CE5F33D60E70DBEC9EBA8E5B77 |
SHA-512: | 3A0572F14813C82A3C7890BEEB7E6639B8F47E3EAB70DE60AFDC10C4C5EA9FAF8BEC0B307C76347134D9E036A3E4F76058ABC895F0855B26AF751FE0087155B1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.3121294670068515 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfFldPeUkwRe9:YvXKXz3cWRuUhUYBwGz8Ukee9 |
MD5: | BA3F9DBD22AB523AE6BE1471DB27EA18 |
SHA1: | CA6BB99617F6079541388B4CB5E2016996FE186B |
SHA-256: | 80F275C660B3C4B361328113F160A89DF0643D569EB73A3FD408D75B0EF04FA9 |
SHA-512: | 7A9227376149C2CC12C99ECE237A8DBB4FC2CE1F7827953BD15F6E9CD89142AABE98EC1B83CCEBF69D70DF15C7B7FA02CAC4649E7CF18C0754A59EE650A18FBD |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1372 |
Entropy (8bit): | 5.735824248515254 |
Encrypted: | false |
SSDEEP: | 24:Yv6XjFU4oKLgENRcbrZbq00iCCBrwJo++ns8ct4mFJNY:YvqU4oEgigrNt0wSJn+ns8cvFJ2 |
MD5: | 6E4096A51E40E4BDA3223052A8E84CC2 |
SHA1: | 5BBADC9604AD52B9EFD349EBA915126E7211BDD3 |
SHA-256: | F310FE88C9ECD09A9347761F6AF34D5243E2EFD1073F34B3552511FB1D520344 |
SHA-512: | DE9CEE80FADA7EF6C930F8D7D897062874D4A271E803E54949EFD51E36144B60C24B5525D84550C606BD9E2D3734A522C0AE71D565E4900EB0EB62CEC7EB9820 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.309675485675993 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfYdPeUkwRe9:YvXKXz3cWRuUhUYBwGg8Ukee9 |
MD5: | 9FFA52A41138D1C6FEAA2719EED64C21 |
SHA1: | 3582D4CE7207F9BAA1967CC9F7B7C478134A4864 |
SHA-256: | A725DF01B12CA10EA005A0EE9B20F0C844DADF1122F678970F9AE339C26D7D1A |
SHA-512: | 437989F3DA80E60013A98809DECD1AF29ADCDB9C243679AAE0E67CEA76FFD6DC6625357031B10FB70699BAEF4DCF9A142208E484055B62BD412079CD69C03747 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1395 |
Entropy (8bit): | 5.770595845891431 |
Encrypted: | false |
SSDEEP: | 24:Yv6XjFU4HrLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNw:YvqU4HHgDv3W2aYQfgB5OUupHrQ9FJC |
MD5: | 051F32F10A34C07D6973DC06788314FC |
SHA1: | 871DF0F6921E2F6A175B873ECD6E90FE93B0F802 |
SHA-256: | E10437DD1E7D3CFAF4EDC3E3DC4C82F64CDFAA774A97FD7AF16E5775483B7171 |
SHA-512: | 9EF84BC6C97B40C4A273A6BB8ACFE2333AF2D592FD4B8EAE62A54781A531C6836E6C5C4DAC3350DC8E5783592CCFADDC7C29288D3BE23ECFDD01472C756CD440 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.293156085166516 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfbPtdPeUkwRe9:YvXKXz3cWRuUhUYBwGDV8Ukee9 |
MD5: | 428103BB097A90DBBA2FA37517D2A9ED |
SHA1: | EC0630C406BD7A461DF6DACBDB68AC7DB5EFFC14 |
SHA-256: | 8F8016F464B73F6D4A5851A664DFDB9B5AA33094011339C1DF99B55D431C6D9F |
SHA-512: | F20589D7BAEF20519772D0F439BA830E25BC759B0206AE5888316DBC7E71870BCBB6079E769B0F523CBE7D7DD858B33EA79152AB16E9E583669A1626A8A8DE67 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.296356948039628 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJf21rPeUkwRe9:YvXKXz3cWRuUhUYBwG+16Ukee9 |
MD5: | 6AC714EE65B58E80E60847D2578A8F86 |
SHA1: | 77982A28355ADA74315DEFCB35A0B2DAA3210873 |
SHA-256: | C53FB37EC5CC715365F12D982B425CF81BD5436867DCF66E5918ABB5A76ADC90 |
SHA-512: | 506D44B984729838704BE776DA1F91DF4B2DEED5AEFB6D01C11D780A9C607449EACDD90232870F03064BB29E7DF1706843989E84FA5321C9485229EEA20C7BD5 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.316788091959265 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfbpatdPeUkwRe9:YvXKXz3cWRuUhUYBwGVat8Ukee9 |
MD5: | 8553EF1CBDD5464E1C2417FF7821A43C |
SHA1: | E46368F11B07DF7B6CD7E1BF5C94EB541A0593AD |
SHA-256: | 654E304A97B910A49403D5DF11FC50DD11513D80AE25AE567097C612340F8A66 |
SHA-512: | 69FCA3BA9AC655C23AC3CB14E1E54BFA6648DDEE05CEEB792B74E2EDA34991C5C82231B56561047172AEEF00F6292A3FE1D11320580230B500B24DC77409122B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.271778020305775 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXzwIc5IRR4UhUR0YsBPoAvJfshHHrPeUkwRe9:YvXKXz3cWRuUhUYBwGUUUkee9 |
MD5: | 648CECE4EB1E3297C44FE4BBBF1436C8 |
SHA1: | 2F252453CCFD2ABC0442BC850A111CCA71771D48 |
SHA-256: | 1836DFC39FF9628E5D70175B8FA77ADE9CDA44DC1E19D655CE2182B1B0A3D533 |
SHA-512: | BF8F9A5E0B6C7C28C4320E9CFB91F623A350B5C67F597E8B242E6A4CDD7F21072A1BBC112B4CFF49081D045343BA6D9214EEC3AD1380BF8F54AC0BE6C483745A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 782 |
Entropy (8bit): | 5.371040403213218 |
Encrypted: | false |
SSDEEP: | 12:YvXKXz3cWRuUhUYBwGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWk:Yv6XjFU4m168CgEXX5kcIfANhV |
MD5: | F5E13B2D0BFE6A9DA7649B4042F67FBD |
SHA1: | 6910FEBCE9C53A8C44EBA4D4EB458AA338C8CF17 |
SHA-256: | F64F5004BA870FA3208B8C75FF425DF41AB940D28669C1FB00826C8901E3B5EC |
SHA-512: | 23C66F75A6421427DF810CD3A3F4497647F5F012215E8E71DD6D427B219E45DA38C9F043CE3E726C4BF6EEC3AFDB67B4601D94CAEC9B25762AB1B43860263D15 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.131253294385473 |
Encrypted: | false |
SSDEEP: | 24:YGF7HnETYC8/LGREcv4Saqi5aaydhBJEgMujwPEej0SeBgRYy2v2LSIjQ8954kVp:YGWsvLGycvjf7wH0gFKKc89X9j |
MD5: | 8AA7AB8566279A478BA651BB54EFBC3E |
SHA1: | 0A5CDB80E56DA113CCCEEE0B65B1262176ADD945 |
SHA-256: | 18A41A535D640676E56A42B3E2858EDE0ECEBF52EBDE5BA7BCDC3205E313331A |
SHA-512: | D4930C44A6B7A88CB407031C9505A97680B16D54D0CA31454569B0F2A82EDE99CB85B4EC742DEEE311B2692368329211F45C188E6AAB037BB97BDC03BA388519 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 0.9883773595498395 |
Encrypted: | false |
SSDEEP: | 24:TLHRx/XYKQvGJF7urs67Y9QmQ6QeiLIcLESiAieKLF:TVl2GL7ms67YXtrTcI8c |
MD5: | 9E93FAAB3258148128FDDC17BD5E68C8 |
SHA1: | 3251E6980746E6FF6980238B4F0D4C62F19432D2 |
SHA-256: | 857C3CCCBCB01482D94C133FA1E29EC8B6F1F5ABFE868F52BB2F4FCEEFAF7621 |
SHA-512: | F625A466DE4F098989F756169CC3091EA09C778BD94342420791374FCB7581CBB33E4533518F95555211CBDC3A804522236CDCD8D142837220B128619AE68EFF |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.3462336094373253 |
Encrypted: | false |
SSDEEP: | 24:7+tvASY9QmQ6QeiL7cLESiAi0mY9QHRqLBx/XYKQvGJF7ursf:7MvlYXtrQcI8KYURqll2GL7msf |
MD5: | 76A197612034246170F21C2DF9B8D914 |
SHA1: | B9B0F48BFE12F5C320AC810923097565E5552DB7 |
SHA-256: | EA47B8E027C65C8CB9883A2D9090D341FFC0B37DA5382E3FE296057D108C8A82 |
SHA-512: | 4C97E73676AF0DF16D7258483EEB91B1AAAE8941BEBFCC6F3EA9433E16ACF24B075AB44806B51BEC1F1767EC518871099E0DB6680076E8F7FDA8D1C2E4F5602F |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 231348 |
Entropy (8bit): | 4.390836382005547 |
Encrypted: | false |
SSDEEP: | 1536:7nYLtUgsIol74VHsFgsFvNcAz79ysQqt2yhXXqoQl7rcm0Fvb68yEFBmfHVYKXs6:E6gcKGgKmiGu2wqoQprt0Fvmks/mwvu6 |
MD5: | E0129F6427612DD766E5A225BC36E4E8 |
SHA1: | 33D2C1CD010F1F8672A8510C92C0F3745F8C716C |
SHA-256: | 494B67F4195563D5961705F571FE02F6DC56499C1948D3FE83472946A97B52BE |
SHA-512: | 1E1B5D5D098036B68BFF7E0257F2E55DA7B5BDCD33C1DEA259A6B7441DF973BC83CDA68D627993B7C0142D4FD05EE77F1A1424EEECA779447F94EBB63F3A87AB |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 32768 |
Entropy (8bit): | 0.04567525615967531 |
Encrypted: | false |
SSDEEP: | 3:GtlxtjlkOAkGv1ql/tlxtjlkOAkGv1l/jR9//8l1lvlll1lllwlvlllglbelDblx:GtEObGv1OtEObGv1lF9X01PH4l942wU |
MD5: | 1623654C118B4FC3E82CF8AA292529D8 |
SHA1: | 987A32B8082CC1405EEA8FDC39AB0263FD682D50 |
SHA-256: | 2E56B8922A1A5067479257F738252DD91B40A4A1E9BABCBA4DEB1BDC8FD2EF87 |
SHA-512: | C394DF0012E62EB90C107AC1AFF67716B241DD1A2BBBA0A90F3C415F5A1D3B8442312FD67B8BD2B9A701908B55C77DBC94EB427264E43462D1EA1D5CCC69F0D5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 49472 |
Entropy (8bit): | 0.48310557919476615 |
Encrypted: | false |
SSDEEP: | 48:LC+nQ16IUll7DYMyzO8VFDYMKjkBO8VFDYML:+1Ebll4FjVG/ajVGC |
MD5: | 254A6A2E6FD41A9FF3BB4C0038CE07B3 |
SHA1: | 37F5AC6E1ED7B742091CCA10E41ACABE873D834A |
SHA-256: | F74EBF855E51457860C30056FE27E457D91DD712BDE3DD658AA1A36CA3705BA4 |
SHA-512: | 087342A37C8AC2C2EEF5FBECFAE555DC8020EE74516D8529E335E18CA02D4F623A5F7F9A5171570C025308A1CE45716892F15B198D4E1A9B73A936F682C062ED |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\03UIW9HD\RFQ2400598_0000063414_20240419161746 (002).pdf
Download File
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 185059 |
Entropy (8bit): | 7.95240013053437 |
Encrypted: | false |
SSDEEP: | 3072:GsULiOZOvdyNuRwAQFfLdTJvsZZrTn5zZkN19Klt7wYJKm:i1KdysiAiLfv8TnJZ214lNwYJ |
MD5: | 31CC6A52EE07145E22FAE11CED14CA33 |
SHA1: | 7CE75CFFBD447E5D9A77EE2D842E81AE8B7C1C0E |
SHA-256: | C132FD45EBAD0648C9806E89567346BCBB46B4638CE31C0BE88176B4AD79CBAF |
SHA-512: | 2791C74DB4E8C53063D8F92DCC333DF2602F017BFEF133CF3985882C3BCCC5E3821B9E2373C654B5FFF59BB6682BE795AEFFA61D48A4D2E63272754315426034 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\03UIW9HD\RFQ2400598_0000063414_20240419161746 (002).pdf:Zone.Identifier
Download File
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | modified |
Size (bytes): | 26 |
Entropy (8bit): | 3.95006375643621 |
Encrypted: | false |
SSDEEP: | 3:gAWY3n:qY3n |
MD5: | FBCCF14D504B7B2DBCB5A5BDA75BD93B |
SHA1: | D59FC84CDD5217C6CF74785703655F78DA6B582B |
SHA-256: | EACD09517CE90D34BA562171D15AC40D302F0E691B439F91BE1B6406E25F5913 |
SHA-512: | AA1D2B1EA3C9DE3CCADB319D4E3E3276A2F27DD1A5244FE72DE2B6F94083DDDC762480482C5C2E53F803CD9E3973DDEFC68966F974E124307B5043E654443B98 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\03UIW9HD\RFQ2400598_0000063414_20240419161746.pdf
Download File
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 185059 |
Entropy (8bit): | 7.95240013053437 |
Encrypted: | false |
SSDEEP: | 3072:GsULiOZOvdyNuRwAQFfLdTJvsZZrTn5zZkN19Klt7wYJKm:i1KdysiAiLfv8TnJZ214lNwYJ |
MD5: | 31CC6A52EE07145E22FAE11CED14CA33 |
SHA1: | 7CE75CFFBD447E5D9A77EE2D842E81AE8B7C1C0E |
SHA-256: | C132FD45EBAD0648C9806E89567346BCBB46B4638CE31C0BE88176B4AD79CBAF |
SHA-512: | 2791C74DB4E8C53063D8F92DCC333DF2602F017BFEF133CF3985882C3BCCC5E3821B9E2373C654B5FFF59BB6682BE795AEFFA61D48A4D2E63272754315426034 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\03UIW9HD\RFQ2400598_0000063414_20240419161746.pdf:Zone.Identifier
Download File
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 26 |
Entropy (8bit): | 3.95006375643621 |
Encrypted: | false |
SSDEEP: | 3:gAWY3n:qY3n |
MD5: | FBCCF14D504B7B2DBCB5A5BDA75BD93B |
SHA1: | D59FC84CDD5217C6CF74785703655F78DA6B582B |
SHA-256: | EACD09517CE90D34BA562171D15AC40D302F0E691B439F91BE1B6406E25F5913 |
SHA-512: | AA1D2B1EA3C9DE3CCADB319D4E3E3276A2F27DD1A5244FE72DE2B6F94083DDDC762480482C5C2E53F803CD9E3973DDEFC68966F974E124307B5043E654443B98 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{FD96D24F-17DD-4E5C-9405-4172EB113E4F}.tmp
Download File
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 1604 |
Entropy (8bit): | 1.1710614971572304 |
Encrypted: | false |
SSDEEP: | 6:t+RCNl8a+5MVyM/FcvYo9AKY2EAhkly/n8irwl2flXMvOwWlqH4/rH:tXz+5uynvYvL2Vkl5iklGlXUIH |
MD5: | DF95EB34BD1E2FCCFA6E301406E842FC |
SHA1: | 4A4BB72DEF491FEA9DEB2E408CBF110CF5A1F286 |
SHA-256: | 812E658E769F6DADA6E69B3019C7C6AC25BD30C69571D6D261C8CEF4E6AE1945 |
SHA-512: | 5D0ECC695B18E28E001ACA54693D07C39E619276B425201CC261BF1C191A980C193A60C9B2E3290EAF6BC2252790D99F1E3F3BD0BF9B50EBC6B6B98A5B5DD4B1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1713544993488227400_621DCCF0-B640-4C69-88D6-56C5D0CBC84B.log
Download File
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 20971520 |
Entropy (8bit): | 0.1592962310059289 |
Encrypted: | false |
SSDEEP: | 1536:icIGJWNFTjOdhxTRKcRdULlq/FirVzjS3/7oaQEfBZT:DWredhtR2xaJ |
MD5: | 4E27A5F21E5711F19B4F14F08EF1A404 |
SHA1: | E2676B4F1A5AD7FA5F183913716765671D8A4FDC |
SHA-256: | F3A102BDF0FD5DCE8CDF3EF1B2D859D257342ABE5F4BD4434EBF65B28A65BE6C |
SHA-512: | DC5AB3AE87AE40DFDE9D02C298BBC233B24B98820156F3AB8535CB95D3D556AF488CCB5863EB04C88C943002F040466F9D061A5BA861F4824C6295A7DBBB7998 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1713544993488929600_621DCCF0-B640-4C69-88D6-56C5D0CBC84B.log
Download File
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 20971520 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | 8F4E33F3DC3E414FF94E5FB6905CBA8C |
SHA1: | 9674344C90C2F0646F0B78026E127C9B86E3AD77 |
SHA-256: | CD52D81E25F372E6FA4DB2C0DFCEB59862C1969CAB17096DA352B34950C973CC |
SHA-512: | 7FB91E868F3923BBD043725818EF3A5D8D08EBF1059A18AC0FE07040D32EEBA517DA11515E6A4AFAEB29BCC5E0F1543BA2C595B0FE8E6167DDC5E6793EDEF5BB |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.529459928009153 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8m+aF23nH:Qw946cPbiOxDlbYnuRKm |
MD5: | 51883851D4D96873076F589F8188739E |
SHA1: | 5B5E129260FBCA333961CB38999C5513F371D328 |
SHA-256: | 17ED657B532D26F7A53D4FA3157F40A10AF8E2E078AB9BE3064CDBCAE601D35E |
SHA-512: | A32836E29DF851C50D865F1E95FA5E46CA06F7FC41FB31E1CE38F3988C6C491E3486F136F71328F02F5DD0EF5DAFA75D2606575C7B872B99165BCB9D52B73A23 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20240419T1843130290-6312.etl
Download File
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 106496 |
Entropy (8bit): | 4.487726613772287 |
Encrypted: | false |
SSDEEP: | 768:UoMpnpUweRHIBw/kOmRfKn4ws97V7dYa87zXj5+4K9O8SHpZNF:rMzUnQZ24ws97VxYrfXU4KgJz |
MD5: | 33ADAA903A09A2FCE69E426DCC6628A5 |
SHA1: | 97D2CF8E8615B1809C8DF97E13FFB394FE9FE24A |
SHA-256: | C6ECC6674120434614C372A15860D586B0E325F91BB8CE7FF11CD23E5C59F780 |
SHA-512: | 30D7B0DF3E6538C7DA0C7373ABE35B183C371F35548BC4F78668B77065EE91981567FA609D78251614AF23ADD0926A0FE6C04B7E47A1B79E000282053DA0CEC7 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-19 18-43-25-172.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.353642815103214 |
Encrypted: | false |
SSDEEP: | 384:tbxtsuP+XEWJJQbnR8L31M7HeltV+KYm3wsa2KjF4ODkr/O8r2IUHUHMWwEyZRN2:aPL |
MD5: | 91F06491552FC977E9E8AF47786EE7C1 |
SHA1: | 8FEB27904897FFCC2BE1A985D479D7F75F11CEFC |
SHA-256: | 06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB |
SHA-512: | A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16603 |
Entropy (8bit): | 5.383477759854156 |
Encrypted: | false |
SSDEEP: | 384:MTHuNNTSnMcQKzYNa6Ri0VIwq9k7CenTYARDnjazMxGQceeelJHMnXju5/WxQYcD:jX1 |
MD5: | 9FC5DF2D7BBEE91FD20784D3AE21078E |
SHA1: | 5F8552ADC608952902A9583D129FBAA6A521EA6D |
SHA-256: | 22967936A9054BC2F18060E28C808E5512CFC28994DE8819974EC546BCF34B04 |
SHA-512: | 8E7036D951A142C1C0ADCCECF70489D5632E5B928E3444C9F41A164C3B117B02754ABB454125C8E639515BA0AACB892C9C9AC2D12F1D40ED800CF3CBF22C79DE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29845 |
Entropy (8bit): | 5.423614720256224 |
Encrypted: | false |
SSDEEP: | 192:0cbgIhPcbocbAIlncb2cbwI/RcbNcbQIVvcb4Uj1cb/KIoScbzqV:fhWlA/TVzou |
MD5: | 25E3067B841D0A0562BF622C16964073 |
SHA1: | E4BB298509893D593F47A2923D1939B0F3DF4AB9 |
SHA-256: | B1CBDEBB1659FA09DEFBA625015E07FF2A38C73313496131FA9C9254011C170B |
SHA-512: | FACD7B3BBD489F0A16CE531CC0B431F9BFCEC59527E1AB929968B98AFEC8F827BD3C55C9BD87DE32ABD154680A2E3419AA6BE731F8EBDD3C7527D6511F6F03B1 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/M7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R077WLaGZjZwYIGNPJe:RB3mlind9i4ufFXpAXkrfUs03WLaGZje |
MD5: | 716C2C392DCD15C95BBD760EEBABFCD0 |
SHA1: | 4B4CE9C6AED6A7F809236B2DAFA9987CA886E603 |
SHA-256: | DD3E6CFC38DA1B30D5250B132388EF73536D00628267E7F9C7E21603388724D8 |
SHA-512: | E164702386F24FF72111A53DA48DC57866D10DAE50A21D4737B5687E149FF9D673729C5D2F2B8DA9EB76A2E5727A2AFCFA5DE6CC0EEEF7D6EBADE784385460AF |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/M7oMOWLaGZ4ZwYIGNP8dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:RVWLaGZ4ZwZGm3mlind9i4ufFXpAXkru |
MD5: | E787F9888A1628BE8234F19E8EE26D68 |
SHA1: | 44D5180C06ADBBDAADDBCE350CE4DEC997CD83E5 |
SHA-256: | 3A09F3799148DA49F039A35AEDD22F368FB35B8D6022C4691C10606F704DAF80 |
SHA-512: | EE9B602898706CC0F33AA570E29A79A58ED748E1B738D74DF0C8C8DF193E23421B47AC8C862623ED774289D94FA90662A4CC436B80479D6420433D81752E9CA9 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
MD5: | 3A49135134665364308390AC398006F1 |
SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 53987 |
Entropy (8bit): | 7.887554082100959 |
Encrypted: | false |
SSDEEP: | 768:4ol3s/KStfqHMwp5pQ2Fm83PtgMcHPeXLWvAyQAWtw4uKls2M6IAt6Y8S2rqEbnA:So6I0LlKltxIAwYKn8JKm |
MD5: | E9D53143E6F0855D5264A62F891721D5 |
SHA1: | 56983484D8E88F8A22B9CB790A67576002A46E91 |
SHA-256: | D25AE0AFE47C34AE435C913F1F4355959D9A86459D1086A0494AED579415E7D2 |
SHA-512: | 319CEE0A14EDA4E110492D3762A55D763A9AE6C860AAFC37ED1469DD5BF0D9FC81D9C957A6F6C7E0D5D075CDBFA20CF256D93A84371F364D82FB6198AF9E8FEC |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 30 |
Entropy (8bit): | 1.2389205950315936 |
Encrypted: | false |
SSDEEP: | 3:eelhlX:ee |
MD5: | 352356E29A6E6762736BB5983EEB7A2B |
SHA1: | 8E8F34F38C37E57F3552AAA2298DFF1D8EF5CA61 |
SHA-256: | 114DC1BB09680E4DAAA91956D80AB61E214D8E2E46C085DBAF1C12F3F1DD25E6 |
SHA-512: | 06695DB6C548722AF4ACBFC75C08FA3BDBC5A72690451ABE5ABAFBCE4C975BE8FB7CCCA253D51C82DA99BBF49B4F4211FF9ED86104C57A4FA5A09E0EEA6998BB |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.9816473575788653 |
Encrypted: | false |
SSDEEP: | 48:8JdeTaK5H3WidAKZdA1FehwiZUklqehAy+3:8KfS/y |
MD5: | 24C2C980C2D8378EC79FAEC3553EAE63 |
SHA1: | 0AF86765226BA296FA8776E29A87E4B2361A19DC |
SHA-256: | A10A94106C048FAADF3379B04CA8E2A17FC090879E0DB95ACD70DCCBB1E0EF9D |
SHA-512: | 76CB4705B04D4D3DCA78FD0C3A5972273077CB8EAA470CA8E060A3A156901647EC0A465474F6A55445FBDA2454E21CDD266F5E386EA4CC1C1BF7BE4CF6CD62FC |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 3.998469824275267 |
Encrypted: | false |
SSDEEP: | 48:8udeTaK5H3WidAKZdA1seh/iZUkAQkqehvy+2:8DfM9Qay |
MD5: | 162AF5CB866CA5210FCADBD2CE92E0C7 |
SHA1: | 0BFF275F49557EA88671267FC582A67A78EDA4FE |
SHA-256: | D6FE9CFCD0BFCC634D2D8FF7BE7A8F8F4EF0E42352F2E8E50F9A081E86380177 |
SHA-512: | 804CD50CD9DD854A72D3C922AF6F0E92A5A06817CD8B6D747E074B8C59A7BB0197768E1D4A01F6192703A56E6E58158695BF3DF9321990A7B49FCB7137CF8AE1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.004526764497255 |
Encrypted: | false |
SSDEEP: | 48:8MdeTaKAH3WidAKZdA14meh7sFiZUkmgqeh7sZy+BX:8RfPnby |
MD5: | 1413E92934FDB318B1985BACFE85C9C7 |
SHA1: | D17AF59373D440E34348FC13C2F023F71C72BF73 |
SHA-256: | D429C8D3421AEFB836F2CE9042038F7336E6634C5C29893EF44AD92BF7E353FD |
SHA-512: | 0A6BE9114C41F8A9F22F7CF51D9AE46880399783E6228EDDA111EDB1078EB5DC0CD69578B4A5734F95620E12B239DE3DC1D9C7BDAE9E8EDC5EE149C48FBD72B2 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9912207590605613 |
Encrypted: | false |
SSDEEP: | 48:8HdeTaK5H3WidAKZdA1TehDiZUkwqehTy+R:8IfHRy |
MD5: | 7829D46F38E40EE128F309F51E0843A7 |
SHA1: | BDFC178A9B443A7DD771D9F53EEF31A358348950 |
SHA-256: | 365762C90A4BE7D156B82E13C01D73A21386B736B32F519A84552DD913ACB72A |
SHA-512: | 4E3BEE113E9EB1A4A06872CD5F2C66A3651154A613EA124902057329B3CCD9901423ED324B2B0713F92ABC370CCF7E4E9C623CBE3CFD73C9574FA5070D11963A |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9808175553735476 |
Encrypted: | false |
SSDEEP: | 48:8sdeTaK5H3WidAKZdA1dehBiZUk1W1qehFy+C:8xfX9ly |
MD5: | A7CA31F51AF78AFE75D9EA18367E780F |
SHA1: | 2F15D7F9061AAE61B8FA8B5C885F9948EA2D98D0 |
SHA-256: | 02E4ED1F10A7A9C5FCA1AF353D524CC75C6103A98C11476057603B4343E9A179 |
SHA-512: | 8061D576F4A0E19177600AFD384D32B94CEE63BB661B7CB8E8BFCD2E0E9B9A3C74491DAA49B68B10684E1544E831092F99CDC7476AA41D148F721535A342576C |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9929249423120656 |
Encrypted: | false |
SSDEEP: | 48:8HdeTaK5H3WidAKZdA1duTeehOuTbbiZUk5OjqehOuTbby+yT+:8IfbTfTbxWOvTbby7T |
MD5: | 215A7F7BF78D3102F0C28F6E00521C9F |
SHA1: | 420C75781295D1F314F94B0546C5E4D291B48875 |
SHA-256: | 2085AE6EAA3107597FD20009953116EE61C06015183BEDDB7A2845DCE7E3E227 |
SHA-512: | 3755B5982A2B7D660043A1C3E36BAA1B3AF27431C00C55AC3106F42E34ED91177A4C4B046954D2A1D05BF5FF6484276927DFE0EB0413CD3DED4136A87CCF2070 |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 2302976 |
Entropy (8bit): | 1.440335546118001 |
Encrypted: | false |
SSDEEP: | 6144:Sy8+RvXmeg8xwElLqEmc8jhOzzA9Fbpqpsu2zPu:S0RuegFEAEmdjhuUqS |
MD5: | BB044B82F799E9E7E764232997F385A2 |
SHA1: | EE3D9D36F5475B249EC3232A48AA2079F6B0DC05 |
SHA-256: | 754C46E6445A830B146AC3EBBD3FDB8BC6D8C949988966BBDDD6233B78F7F023 |
SHA-512: | CAF634AE530D24038932277EE408BD1B1D5FC237A44282CF4280CE9A723518B446057084335FB45CFCCAE5D4C8CF0F3401C78736C93ADF209C199A000F2C29B8 |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 262144 |
Entropy (8bit): | 7.468336660060387 |
Encrypted: | false |
SSDEEP: | 6144:sMtG582ZwkOq283wElCqE0r8jdOzjAfpbpqv4:XtGzZeq2bErE04jd+G |
MD5: | A7DC274919F4CE2287CA80EFB1662EB6 |
SHA1: | 77EA2686B7FB299F390AC4EE42D6B14B5F414543 |
SHA-256: | F87CD6FAE384F92FA90AA430CEF2B0B86CA80A738BE91B6F5A227085B293B3C4 |
SHA-512: | C736CFB0EFA167F9559B7D27C153AA12F681E2BD62DA8208B37D1C0AF1736FEE45DB1C6F2B09C87F3D0C2564C972DABD70941909D1F963B846EC73867A39D3F7 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1238 |
Entropy (8bit): | 4.936220115487561 |
Encrypted: | false |
SSDEEP: | 24:yYiH0G37S3WEyBF1l/egSQLrLccLDLzKI7Dr97uwyJA9:vibrEyBde7QL3ccLDLzF7Dr8wl9 |
MD5: | 7662C4F20AEFCB6B30286599CEBE18A5 |
SHA1: | 2F7DC06F6EA90CDDAD870D5AA45601807C0BD5CE |
SHA-256: | D40ED33A1725CCC71146F9B1E03E59AAB847815E3E3C91C910415B2FCE4A3248 |
SHA-512: | 17A31AE3B38ECF7377D0ADE941296CF23A1D226252D4BA9EA2AEF128C12C42B12E7F78BC00C54CC8B0CB2C8ED8566EBD06B05D242F838C588BE9CC0A9E05D85A |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/SupplierPortal.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 25725 |
Entropy (8bit): | 7.971853802112119 |
Encrypted: | false |
SSDEEP: | 768:r6iCKMvoZTT2Hyh+Qe19TBAsfsEj1hFvpizCeiaKHR:BPZTT2Shw19TBAtEJdiznFKx |
MD5: | 0B10E88D46E82EB78B497233C79EEDCE |
SHA1: | 9A67DA61EEE5BD875964B4DF0520590F2264122D |
SHA-256: | 76F975D862C8C75EF1DBA50F37455E019982B93D9948F519BAA313F753659840 |
SHA-512: | 82C675C2DB9BCE74F393ED3BCDD71FBFDF59FAE77D070564F6A31BB2573B16F3987BA8C03D7CCF0AECC33101010E0F9573CFE1B6121C15B3A91565CC936F5EC3 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52 |
Entropy (8bit): | 4.685922650791795 |
Encrypted: | false |
SSDEEP: | 3:eLGiCVdk1sMVbjkTk0Uup1:eLGicYsMJ4 |
MD5: | 5493BE8464F7E8E96DB514CE5FD4D70A |
SHA1: | 468B1E1EDF3A84BAF997DAA8EE32258CE7D82EAA |
SHA-256: | 57D2249484EE4F36A7D162A8D529F81CCBA820260055757D639C48CF157C7D79 |
SHA-512: | 55F7687481445E9DAC26A48C34EAC4278ED8F3C7E9DF0CB36068063DD27BE0B9A95C7ECE2043D769D0F871516039F635D5BF381A5111C37F9146671D6679F8D3 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgkQ70dmL_EQxhIFDRhUHPsSBQ2qmDegEgUN-wuwSw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 89664 |
Entropy (8bit): | 5.290543045467053 |
Encrypted: | false |
SSDEEP: | 1536:SjjxXUHJnxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBvUsuy8WnKdXwhLQvg:SdeIygP3fulzcsz8jlvaDioQ47GKH |
MD5: | 00727D1D5D9C90F7DE826F1A4A9CC632 |
SHA1: | EA61688671D0C3044F2C5B2F2C4AF0A6620AC6C2 |
SHA-256: | A3CF00C109D907E543BC4F6DBC85EB31068F94515251347E9E57509B52EE3D74 |
SHA-512: | 69528A4518BF43F615FB89A3A0A06C138C771FE0647A0A0CFDE9B8E8D3650AA3539946000E305B78D79F371615EE0894A74571202B6A76B6EA53B89569E64D5C |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/jquery-3.6.1.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1750512 |
Entropy (8bit): | 5.25507723530572 |
Encrypted: | false |
SSDEEP: | 49152:uPjHgEJPp6y9iBXWQzUMO1S/WQ+ynwCZwHV:/zUb |
MD5: | 957F1208363646C73D62F73B5286DEDB |
SHA1: | 84B084D5F8A03EBC81C74F3A6F4DD7C620261982 |
SHA-256: | 61D96902E06EE48E5CD2382A6EFEF264BBED0FF24C9234E5191BD566A8944147 |
SHA-512: | 3A916AB16FAF4E006B0787F3268F28E60E40B2EAAF70496BEE95928D33A0099270F71BB4A4025B5ECF4B79AB5E766D97576CCE5B30ECA5C2EE870D6F528FB11C |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/kendo/kendo.all.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 180 |
Entropy (8bit): | 5.80019542694008 |
Encrypted: | false |
SSDEEP: | 3:yionv//thPloyTtkwMLts7CX9/gm6KpksyxtuGpQScUgl//t1pFGRms8QeNjTj7J:6v/lhP24tkwMR/C+KNuLjjrGRmsdeJjF |
MD5: | 76E0733CB0AF1A1C3329D851A4D967B0 |
SHA1: | 0EE81D073AB80D41D268A0119EE945F0C2533B76 |
SHA-256: | 2BC0722595481EDC1372C2B578FABE1F1D78F29A9991F89259AEB7CC63517791 |
SHA-512: | B42984166BFC529CD88BD30FFA0498C693D711E7EEBD6A8303265447A11F25E16D7565B9E0A4578BE02DB58F0DD280623DA41072EA0717384FA8D59CA2BE1BDE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9852 |
Entropy (8bit): | 5.1908381425252 |
Encrypted: | false |
SSDEEP: | 192:QijkBgqDFxrF9cfLEsbFvzEs/nZRpclQva6Nu0PyZhRey/F+T1DoQYYT9nFD:QijkBgOrC/h7Zva6NuzhRey/F+5Dnpn1 |
MD5: | 12F7266E9E99876F83F581EE17185C82 |
SHA1: | 1EAF9349B68DE5124DCD39590BDF2246C508DA3D |
SHA-256: | 22983A14CF34C5EDC049F3D94A1B788FF0B4681A3FF3F6FD3646CD137D21F0A7 |
SHA-512: | A77E62A3D18658B3676407A957C47B837F05A68C23EB8ED6A7FC146CF687878A5C08551FBB2C9F94B2DCFCE1858628D76DD3AEACB5AE7DE096A56CA83BA92CD0 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/kendo/kendo.aspnetmvc.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 25350 |
Entropy (8bit): | 7.9841635737224825 |
Encrypted: | false |
SSDEEP: | 768:xRV8lj58M0SX54InIY9S27VzdH14e7wlO3FlmSs:1S30SJ4InyCa3lO3Flmj |
MD5: | 4DD04B05307BE4A824975B4938C249F9 |
SHA1: | C32DC91172336D957A1F407E8BA07BDD8FB6AD1A |
SHA-256: | 03AB5D238898701915C557B8CF786095F6039EE17AB159D4408B40D2FC445795 |
SHA-512: | DF742A13908621C830FD4D1B960C55B964C5EB0F07DAF7D67B5C6F437777AB5760BF134C3C43A6C08476FC1101213188D8058592B5B44043573AECC6D0161C02 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/Images/applogo.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3844 |
Entropy (8bit): | 5.134886341438832 |
Encrypted: | false |
SSDEEP: | 96:m+ijDOc41cHAx1ToGH/tBFR0Twy/bPwhS8QQ8CtKcZqOe787lXgDH8DILAg3:m+ih4L/ToGH/t3R0TVUhS8QQ8CtKQqOc |
MD5: | DE486A6852828DE84E85AA15B792E424 |
SHA1: | 570E1AFEB33EB4DF3339B6497CABE33DB47FB788 |
SHA-256: | 8BE4750EE4C973A07CE989BC481E8A1F1E37D7BECE26FA960D5D98C7122E0494 |
SHA-512: | 7483DF61E9A7A09CE06D878E19636C24AB764D1B1F21F6BAA1CCF5E3B89D5ED42C683AAC55EAA7DF679512FAFF196D1706D266579B6A7CBB12A412F916AC02C7 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/jquery.validate.unobtrusive.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 602 |
Entropy (8bit): | 4.440419871616921 |
Encrypted: | false |
SSDEEP: | 12:sL7GctEc2hkGxFEvvF2wvF2R08G6WEvvF2wvFFWiIQGnvvF2wvFFyF2R0WiXTf6y:su5xav3vYCh6Bv3vXUlvv3vGYCNDiuLh |
MD5: | 22AAF3AAB75983A0199E43FED27C7A27 |
SHA1: | 64C104C4DA2144B8A3534313E02CDF79B003C6C8 |
SHA-256: | 138BDA4B94672B403A73FFDB410CB27E122C9ABEAAA5A6DB686A37F94D7A9A76 |
SHA-512: | 8AC88AB9DBFCB59F19983A241EB0F7B0ED42FBBE63C439E86DFFD3623C06F05E57B832BB6E19B5B5CC8C31CAF982F8DA0C30149D6BF89F96C32267BDF50C87A9 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/dialog-window.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5542 |
Entropy (8bit): | 4.948295222016391 |
Encrypted: | false |
SSDEEP: | 96:KgCdlh8iI/hQ4OC+J++QuT+YH+t2zlDfgDMFS88k8niX4VwBAjcB:w6/CCwhQuTxHw2p8w0Ti8wBecB |
MD5: | 941F1A03B16649938876037078E41B1A |
SHA1: | B1235911EA8F936F25F67D5301D5C484D530736D |
SHA-256: | 3FA260876EA3B0608E0398158FCE69DB8ED38E1BC90DAF25FF5243E07D15FBF9 |
SHA-512: | CBEF195204BAAA3C84B941A2711162008E4A91BC5C53CA43F1679DE37E0255E7777801F23B96D9D50BE1F792F9DFB2369AC5012727EE70239CA0DD644AFE97AB |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/main.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 25350 |
Entropy (8bit): | 7.9841635737224825 |
Encrypted: | false |
SSDEEP: | 768:xRV8lj58M0SX54InIY9S27VzdH14e7wlO3FlmSs:1S30SJ4InyCa3lO3Flmj |
MD5: | 4DD04B05307BE4A824975B4938C249F9 |
SHA1: | C32DC91172336D957A1F407E8BA07BDD8FB6AD1A |
SHA-256: | 03AB5D238898701915C557B8CF786095F6039EE17AB159D4408B40D2FC445795 |
SHA-512: | DF742A13908621C830FD4D1B960C55B964C5EB0F07DAF7D67B5C6F437777AB5760BF134C3C43A6C08476FC1101213188D8058592B5B44043573AECC6D0161C02 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 25614 |
Entropy (8bit): | 5.19342415156933 |
Encrypted: | false |
SSDEEP: | 768:PtpHJrx0o6d9z16oc8eDTW3vnyV9msz7aH0z30:Xv0o6d9z16oc8aTW3vnyV9IHj |
MD5: | A39AA7A120DC457A7158F93300343080 |
SHA1: | 6018E711893B3EB94D69FB7BF8151389D1B907B7 |
SHA-256: | 98D9D777AD9FD96F2CFA6FD75A199B4D6A1AD7BAB792A7DDCB73212F8DC12B57 |
SHA-512: | D828375397C80563CDD7834226F5CE8E8AB0C8D03C13B29CBB6EF48FE5CF202FA0A4FC64948BE021BEC2014FF8A65D4A06C1410684EB989BBA2F4F6441DF7100 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/jquery.validate.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13424 |
Entropy (8bit): | 5.261709214397548 |
Encrypted: | false |
SSDEEP: | 192:arprDN+e3IUefKSfI0bP1CMjt9kdgOFWIa/aC3+sZv9LRM:arprx6PfK2P1CMjt8FWIa2sZVi |
MD5: | 5CFA2B481DE6E87C2190A0E3538515D8 |
SHA1: | 0FCCF3C8AB2C10B4DCC7970E64CE997AB1622F68 |
SHA-256: | 9810AEE7E6D57D8CCEAA96322B88E6DF46710194689AE12B284149148CABC2F3 |
SHA-512: | 51C4C1DBAF330EA0F6852659CB0FE53434F6ED64460D6039921DD8E82F7A0663EEBFB7377DC7E12827D77FF31A5AFEE964EEA91DA8C75FA942ACF6D596EF430F |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/jquery-migrate-3.4.0.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 11931 |
Entropy (8bit): | 5.395501265689811 |
Encrypted: | false |
SSDEEP: | 192:3mbPGYF2UQfxDisjQlJlQG1lVe/+9THerTXAGg8jOILB:3aPP2UQ51QlJlBlU/+9yDAQtB |
MD5: | 34F9525653CE189D212A4C56C9D5E4B7 |
SHA1: | A5160142DEB280F067BD96B287B96CE792574A0D |
SHA-256: | 4E9CD283CD8D3E79DE3138DC0991430C01A6B14788C7B5025DCBDFF3D136BC9D |
SHA-512: | 7A8361190577039EC54F0BCEC0BC473CBEB84E654514C1785A92F79DAC3963928645C7BA23AC0A380D2031CD0188757F901BFE7A3F135F08BD4DFE554D60A2DD |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/jquery.cluetip.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1552 |
Entropy (8bit): | 5.206671091562328 |
Encrypted: | false |
SSDEEP: | 24:SLZLRvdPzaEm1jraaNSiI1y6wOPud3Rg6HlJ9qg9J0JGrdGOEPzEiSfLgqSJ3:SLFRlmLbMV15G3Rgcc6sOEPzExTgqSJ3 |
MD5: | 3D78C8353A53B5265E7E6A26DEDD30D1 |
SHA1: | 6E4B6178DFA93BC399BCF21C41F17B581CCEB544 |
SHA-256: | 26B6495E80E1FF14797B3E99EE09D10CCAAD8CA862788F84D246226755528507 |
SHA-512: | 29DD058934162ECF704456F00B811BEE3E44841BC73FB4E527D81B774D818F376872750A601AA128F0753B7361145DC0A6700A44E0F3E0EB9BF1AC1E65CF576B |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Scripts/kendo/cultures/kendo.culture.en-GB.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 180 |
Entropy (8bit): | 5.80019542694008 |
Encrypted: | false |
SSDEEP: | 3:yionv//thPloyTtkwMLts7CX9/gm6KpksyxtuGpQScUgl//t1pFGRms8QeNjTj7J:6v/lhP24tkwMR/C+KNuLjjrGRmsdeJjF |
MD5: | 76E0733CB0AF1A1C3329D851A4D967B0 |
SHA1: | 0EE81D073AB80D41D268A0119EE945F0C2533B76 |
SHA-256: | 2BC0722595481EDC1372C2B578FABE1F1D78F29A9991F89259AEB7CC63517791 |
SHA-512: | B42984166BFC529CD88BD30FFA0498C693D711E7EEBD6A8303265447A11F25E16D7565B9E0A4578BE02DB58F0DD280623DA41072EA0717384FA8D59CA2BE1BDE |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/Images/mobilemenu.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13950 |
Entropy (8bit): | 4.5368476479711735 |
Encrypted: | false |
SSDEEP: | 192:wMpVsXQFqNKqQ4ZIp90R1pdc+nDdedmSWQSXgj8YbmR:YUqBupOXT |
MD5: | 80744241258A30671C761A9208B5595A |
SHA1: | A7E20488505719412F084152A5BB3E2F5DA0C854 |
SHA-256: | B47B4C96422768CD91F8B0C60B4E9447A20F54F23B140A95382C8560D41FDA33 |
SHA-512: | 9424D7A33AE25AE14B575882D46AAF37AC93BB515ACC6FA6BC073992A847B7BF8BFABECA4BC7925C78FF6D18B716F5C01FF5EAA7698071E1AAE5D6E8D7D6A183 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/Site.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 36380 |
Entropy (8bit): | 4.972424492632804 |
Encrypted: | false |
SSDEEP: | 384:Q8YjS/zDETO/NAEJYT2pJpT8xLyCVQRmXjbTKpMPK2pB9YoVbyHtJk7I:Q8YjS/zDEK/N9SxLyCVI66pMPwHh |
MD5: | 4B6A7820C407AB84423211CFB911978F |
SHA1: | B0971F4538F6F9A9A67875374A0220C38B206F70 |
SHA-256: | A0F45AE22DD490757FB3326EDDE9E6073E3C5C1887A6E22AE03A0EDA8DA7E5F9 |
SHA-512: | 3BAB765BE9430A65BDD3401E48B226DDFE56E7CE6DF9A343BCEAE4DAAE5A995420C445E298A34B084215BF88F82F702CF451CC9253C8359EBEED5DB0BA6A9D07 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/kendo/kendo.default.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3346 |
Entropy (8bit): | 5.092257107801661 |
Encrypted: | false |
SSDEEP: | 96:vT+3sq2ixgj/7H6qiPfhHV6k2ZeW9oIRrwE:va3sqLxgj/b+HRdIRrr |
MD5: | A083513746AD6508FF3E42FE3CDE9FB8 |
SHA1: | 8F2022D8487DD1832CDC02C0FEBAAC0A6D165AB4 |
SHA-256: | E1BD8C84AF706B6D51DACEB0FAB9B0987E9323F0921D52DDEDB5021FABFA9635 |
SHA-512: | 7939E9ED460AD11DEB8B8F229C7499AF58BE0EBB6C9FC0D1F9DAE784C091F9FDDB17ECEBAC01C0B25EE06AC7F9AB5293B1F165B463F66B43C24839C1DAA0FC41 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/jquery.cluetip.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 183299 |
Entropy (8bit): | 4.9413661303608905 |
Encrypted: | false |
SSDEEP: | 1536:JeXFBrK7r4nGedxPIF/WNZElVU/4eDrT9beeGdrDMjoe3pZAG:leGVp3G |
MD5: | 351FB9E0D2C19C676A8B33D503498E2C |
SHA1: | E2DA6DA9B3A42BEC1EAA31406E2352A3D1BC8F89 |
SHA-256: | 3FD58F502057DB07C6A2FA1EEEB1F2AB3CC7CADF775BB998B57A9659375F9E0B |
SHA-512: | 93020178153CBBAFA59A520ABAA73839A6A80A5D08855DB108D39467B90C100969EC1C574D7D4BCF71D8AF65C4D3C7E08495F64ED4FB11802EB450953E362013 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/kendo/kendo.common.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10215 |
Entropy (8bit): | 4.750430596494177 |
Encrypted: | false |
SSDEEP: | 192:QnyQXDCwz8K5YQ+/dvE4TYt+dJEgTKTvRWimZ+apF4zGG8et:QnyQTCzeYL/dvE4TYt+JEgTKTvRWnNPU |
MD5: | F6152F7B56235A174EC847E55AD34409 |
SHA1: | D2982AA3C27668EF7328FBC75C7353B99BB17013 |
SHA-256: | 5A9A5566EADE6DC675CFA68C19D025E3500E2AA6D7E848C137669DD11F2BF6F8 |
SHA-512: | 93A8157FFC8ABC103F1E17A45A6C108E96217E2EF8F34A81591724C69AFE2746B79BBC1C792C698FE49F9BDC02A14FDB06E487B2E03377D3D62EBAA9C6941399 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/kendo/kendo.rtl.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1245 |
Entropy (8bit): | 5.462849750105637 |
Encrypted: | false |
SSDEEP: | 24:hM0mIAvy4Wvsqs1Ra7JZRGNeHX+AYcvP2wk1RjdEF3qpMk5:lmIAq1UqsziJZ+eHX+AdP2TvpMk5 |
MD5: | 5343C1A8B203C162A3BF3870D9F50FD4 |
SHA1: | 04B5B886C20D88B57EEA6D8FF882624A4AC1E51D |
SHA-256: | DC1D54DAB6EC8C00F70137927504E4F222C8395F10760B6BEECFCFA94E08249F |
SHA-512: | E0F50ACB6061744E825A4051765CEBF23E8C489B55B190739409D8A79BB08DAC8F919247A4E5F65A015EA9C57D326BBEF7EA045163915129E01F316C4958D949 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22872 |
Entropy (8bit): | 4.758817468421598 |
Encrypted: | false |
SSDEEP: | 384:HAYoSKP0DD2YTfPgWuOlx5rDl795AhpG1:WXPa2YTfPgWuOlrl795AI |
MD5: | 5006EE8C047E157565B2A57FE588DB80 |
SHA1: | 0357C50A375117E45DDD65B84657F57BBBBF34F3 |
SHA-256: | 72A3FC241A8E7DE887F9B12B65F1E0FE462CEA872BF72F4829253A7584A1F29C |
SHA-512: | 8E493315EDC1039363D5276A421EAFDBA2905F13BDDCD21163994A190A66614D010EA05A76D2063438CF537C0C3E0A20C5BA74BAC8AC8540BDD52A720C2E2CE6 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/RFQVendor/Create/0?sid=732b52e0-73cf-4307-b156-81fb10fbdb28&enc=20ADE221D3ACAC68BCB8A062575F01B5B2C412DEA468C864C57B7DF6E845C68CC237468EE52EE58B8255551025EC0B65849C2C1CE6B6023646A6B4AB5C53930E30BA5E14F9B6240EA9A4DCCF0AE46D91 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 25725 |
Entropy (8bit): | 7.971853802112119 |
Encrypted: | false |
SSDEEP: | 768:r6iCKMvoZTT2Hyh+Qe19TBAsfsEj1hFvpizCeiaKHR:BPZTT2Shw19TBAtEJdiznFKx |
MD5: | 0B10E88D46E82EB78B497233C79EEDCE |
SHA1: | 9A67DA61EEE5BD875964B4DF0520590F2264122D |
SHA-256: | 76F975D862C8C75EF1DBA50F37455E019982B93D9948F519BAA313F753659840 |
SHA-512: | 82C675C2DB9BCE74F393ED3BCDD71FBFDF59FAE77D070564F6A31BB2573B16F3987BA8C03D7CCF0AECC33101010E0F9573CFE1B6121C15B3A91565CC936F5EC3 |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/kendo/Default/sprite.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 8951 |
Entropy (8bit): | 4.7593813297703225 |
Encrypted: | false |
SSDEEP: | 192:ORhYoPfo2AiWSXagRZbTa1qYXxMWZoIpJRWZ:cPa8v+Pi |
MD5: | FFB6221494F5FE2D1CB291E196DD0744 |
SHA1: | 192F5F786E52D74CA3F0305FBAE20BCAF78E8498 |
SHA-256: | 919100B39B643AEDA7A7A245B9099160C04471ABB1700F65B963640E99CF5397 |
SHA-512: | 1CD9D52487B7E56989214777D420DA4AE3AD33613663C9D4A4DF670ED9AB0CD83805E5A1074FB1E7F21998E894D03B9D9C7D00195CA993278F735572B0BAC69D |
Malicious: | false |
URL: | https://extapp.dso.org.sg/SupplierPortal/Content/SupplierPortal.css |
Preview: |
File type: | |
Entropy (8bit): | 6.1011726139346845 |
TrID: |
|
File name: | Request For Quotation (RFQ)_ RFQ2400598.eml |
File size: | 273'378 bytes |
MD5: | d1877952c89684b362caf92b6a34477b |
SHA1: | eabadeefaf4bf7fa7df2b8d0aa1bb4fb4d50d3e5 |
SHA256: | 61bacabab5ca1289167090a37b32c940a9fd892bffdf10e0e0cccabac3557eae |
SHA512: | 55eff0d2714b3133f26da81462c72d0a2861681ffe8d7510d60d34de8b6c741606ecbcc3086bc8a019eea4127164c770a1602dfcd3460885577ca7c139bc9552 |
SSDEEP: | 6144:L4Dx/urG9u6dLjIZmdz+797AUoRuHpLIP4/9gkF0/nmEbrrSZXKnetv4J:L4Dx/urd6yY+79MUPHlIg/1Xio4J |
TLSH: | D8440227AD6514BA973023FFA31FFC4735B33E1D1D5789C0B266425282A82BBDA15C8D |
File Content Preview: | ...Received: from MW4PR20MB5202.namprd20.prod.outlook.com (2603:10b6:303:1e8::20).. by PH7PR20MB5946.namprd20.prod.outlook.com with HTTPS; Fri, 19 Apr 2024.. 09:19:01 +0000..Received: from SJ0PR13CA0169.namprd13.prod.outlook.com (2603:10b6:a03:2c7::24).. |
Subject: | Request For Quotation (RFQ): RFQ2400598 |
From: | DSO Email Service <emailsvc@dso.org.sg> |
To: | OFS Avon Customer Care <AVOorders@ofsoptics.com> |
Cc: | Fok Yi Ling Carmen <fyiling@dso.org.sg>, DSO Email Service <emailsvc@dso.org.sg> |
BCC: | Fok Yi Ling Carmen <fyiling@dso.org.sg>, DSO Email Service <emailsvc@dso.org.sg> |
Date: | Fri, 19 Apr 2024 09:18:14 +0000 |
Communications: |
|
Attachments: |
|
Key | Value |
---|---|
Received | from SGBP274MB0300.SGPP274.PROD.OUTLOOK.COM ([fe80::b761:4e8e:522c:a1cb]) by SGBP274MB0300.SGPP274.PROD.OUTLOOK.COM ([fe80::b761:4e8e:522c:a1cb%6]) with mapi id 15.20.7472.037; Fri, 19 Apr 2024 09:18:14 +0000 |
From | DSO Email Service <emailsvc@dso.org.sg> |
To | OFS Avon Customer Care <AVOorders@ofsoptics.com> |
CC | Fok Yi Ling Carmen <fyiling@dso.org.sg>, DSO Email Service <emailsvc@dso.org.sg> |
Subject | Request For Quotation (RFQ): RFQ2400598 |
Thread-Topic | Request For Quotation (RFQ): RFQ2400598 |
Thread-Index | AQHakjqCJ1KYL+UbnEa4JwGaId2fLA== |
X-MS-Exchange-MessageSentRepresentingType | 1 |
Date | Fri, 19 Apr 2024 09:18:14 +0000 |
Message-ID | <SGBP274MB0300D1136C18D6B3B3748171E60D2@SGBP274MB0300.SGPP274.PROD.OUTLOOK.COM> |
Accept-Language | en-US |
Content-Language | en-US |
X-MS-Exchange-Organization-AuthAs | Anonymous |
X-MS-Exchange-Organization-AuthSource | CO1PEPF000066EA.namprd05.prod.outlook.com |
X-MS-Has-Attach | yes |
X-MS-Exchange-Organization-Network-Message-Id | 69a3ae1e-1754-47d6-bd4b-08dc6051a673 |
X-MS-TNEF-Correlator | |
X-MS-Exchange-Organization-RecordReviewCfmType | 0 |
received-spf | Pass (protection.outlook.com: domain of dso.org.sg designates 40.107.133.98 as permitted sender) receiver=protection.outlook.com; client-ip=40.107.133.98; helo=SGP01-SG2-obe.outbound.protection.outlook.com; pr=C |
authentication-results | spf=pass (sender IP is 40.107.133.98) smtp.mailfrom=dso.org.sg; dkim=pass (signature was verified) header.d=dso.org.sg;dmarc=pass action=none header.from=dso.org.sg;compauth=pass reason=100 |
dkim-signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=dso.org.sg; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lQPE9HTTp5ov1G/OaXSOc0NUyu7RrVmm/n30zbEurpU=; b=6CkxrEpiw03gQU3fE0SkZyTkrQFVPcwJjLEJhR4dU1aAqUmXJvACn75wHYG9tfzXGAoQpee4WanV0Vuo0L4QecCccYX3bf/1h2zTUPmgx+Jw4YB+3xNWWya+iYT3BeRp1KbWTti3mi0NbT367NAbWIswF5gs1hRnTv3PhE3FvIQ5zGeIXfx9/BW9YYavTIMrucWaDt78j99P4IKvjjXXZPDo4T9lM3fKc4hDJRo6rbD6mj9yetOtekhTbVmwZwxlVGkE3FI2cWe/PEO/uwBDlCsQRaCFoklzjpflxfMlP7x9dgVHWGYxSkMsJxPMVlxH8lrlN1zMtJqpr07idISh3Q== |
x-ms-publictraffictype | |
x-forefront-antispam-report | CIP:40.107.133.98;CTRY:SG;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SGP01-SG2-obe.outbound.protection.outlook.com;PTR:mail-sg2sgp01on2098.outbound.protection.outlook.com;CAT:NONE;SFTY:9.25;SFS:(13230031)(5000899004);DIR:INB;SFTY:9.25; |
arc-seal | i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gj1xbvw2i7/9jkefMvBe7IJCmvmDifpgxSTrEfxFZ4JRr5xDpUWVMem06hKMjuYyovJ1eqlB1aGowsckbfhmywbrAxy6xDCkknDNFIwo27mBHxQi0YelTptpRcDfmHLhGApemQTi1KF6lZJRZdcezIJSDO9FXtgurfcB5RLfGJpgkO1LqGTjUh/J0OykZq/sIbDYh9jRDUlJSpwymSU100ShCVQ8Tw9owtj2/cr9EEhaBhrT3zIhu9JIwvfn3eVJFILe1gvAp0weABEkGyjTw8AWp8hc7GyHfXN7dRUHSHkDZ5uD6O2mcDNG2xtcEtQJ1BCA9HKrPjg6lnjiO0PYHw== |
arc-message-signature | i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lQPE9HTTp5ov1G/OaXSOc0NUyu7RrVmm/n30zbEurpU=; b=iHoOpWulRoyaGo0qRD9q7q5ZcK72WzTxmmi0mpVE3mzRIzmzO9TDWirH0yYa4ddeN5fgfMTHtzT6QAgZW588LmmtRFx1hslfZKWoyLv/wgyIulyuyU809lAI+i41Ec2UpTWUGRRNsRJnSyr9crkRGYDNoUlOuUjoun43iPsgWk9uUDF3/YLz51IN3zXhNZuRlfj1MELd7beIbvkxX1kpwMQrxvEx/3tpekCimEnm2Rbjv/kogtIk0l/hX0HGJt+kO+lspkGIvebyacyv0VQLy8D2qhfjqzJ2dk0cXV/EdM0HphLP3XksPB0y0zrdCvcXVZ1BgfoAqRrf2E5KREiyng== |
arc-authentication-results | i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=dso.org.sg; dmarc=pass action=none header.from=dso.org.sg; dkim=pass header.d=dso.org.sg; arc=none |
authentication-results-original | dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=dso.org.sg; |
x-eopattributedmessage | 0 |
x-forefront-antispam-report-untrusted | CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SGBP274MB0300.SGPP274.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230031)(366007)(1800799015)(376005)(38070700009);DIR:OUT;SFP:1102; |
x-ms-office365-filtering-correlation-id | 69a3ae1e-1754-47d6-bd4b-08dc6051a673 |
x-ms-traffictypediagnostic | SGBP274MB0300:EE_|SGAP274MB0505:EE_|CO1PEPF000066EA:EE_|MW4PR20MB5202:EE_|PH7PR20MB5946:EE_ |
x-ms-exchange-senderadcheck | 1 |
x-microsoft-antispam-untrusted | BCL:0;ARA:13230031|366007|1800799015|376005|38070700009; |
x-microsoft-antispam-message-info-original | OtdNfFWjNOPtsJgizhgETO8kAQe/Pn2FfEY6ANMsf/779LvhzXLWFjIrWfBfJ+TFMYqXQA45L2k3U0YXrtMH/+SfuYhuJ7p2x/zDaIb483kKEMCaFHkNbqBvbnNn6g49jHswTb3cKpfG6JhNP3xjNvHIQ0MAmc/TUg/tVdVPxWel1uhwkHIkHQYyH+m4uaP2HaZGmYtQFEowQxi2yjOYJw18rw6lF/pCT8zRHXdOXVn0hPWKRjpV930ZuhBSz71yAPlT6fadd0vSiLCqaxMcA+1RF6kLoHe5kl7ApKcYSigHRVQbkVdiw8AV0/x06vjRjZlmljJ3ROTYNYwbBf+9KqHDNzVZZjuJZpBfGIvhGubUjIyUg+Ad0VmZvBw8jemSOVugxrqotteee2mJ8DZOxVPlPEctUpArvECSKv0bmdVuwsKgXUyFFbIyrd1EioiIkG3ltowEZ1YljfrPn+0eGnSkr095b+Jl3yp3x5kW0SF1LDxQkuy7okAKv2wLX2tJ7Ephg1aos5k4WAyFIjvz3uWqzBSbmw0y7u6kMJ5QotKfD5nTQ4SDWe0Z7Vb+5m6VW8tVd5BdOsoxofYnnt8k5jej66t/gBJA4uXNxAl01uTWBeX53O/JiUpdN2OL6fzYczl5oijph1rYr8isBTIi0ZjrxLoEJjosH9ZfrcqtOY2MBFf3HU1nNDvU5/51xv1BqK7+KoxbaGzB5V6qSrQpmFHHT+e3tfzkQuS7UMmA6RG1VfmC2JGkIoG1ikrV3ReQbivAbOPVr8Z5xNVgd6D034b80BerwlGFJ4fLm5HcOOQakysJJt7tydYN5QNwknRgVAeB7rtAIaurHe5+U/K9Gf8gMlb45OcGska0pNsFCF48jfLLhzCFxY4UJhcxdG5RfNIqvu5VErUiNVCSjIbx+ktEtF4FZwaFZJFU6bgyzZQ4vm8BBIVw1sPwBVtOEZ2QA4cvf/Y4BHpi26ZwP9/M5PewxFU68flgffRBZJx9bJEbtm2AQeLvHDhkrVI8whU1ROVXtGdYwLYOmj+kgIVAJLyImCVVpKOvpgqGFLxfDWAP+YzzJjohQ+YEI4CxqOSN4pL6IlScxu7J8WlsTwOnOzlcM6Wmm1xYgtitXPClXevs0QWuRA9aW5M5ssAyYxZiiFfl+9XZKQyK36rhkPDBjhXCzUzyF+Bb+FhIT4HyY0+9scwJs+n4zpS6Mbv8MIsq3fptVxOaa45786IKujuWXA== |
x-ms-exchange-transport-crosstenantheadersstamped | MW4PR20MB5202 |
x-ms-exchange-transport-crosstenantheadersstripped | CO1PEPF000066EA.namprd05.prod.outlook.com |
x-ms-office365-filtering-correlation-id-prvs | 566d5548-967c-4fdd-1509-08dc6051a48f |
x-ms-exchange-atpmessageproperties | SA|SL |
x-microsoft-antispam | BCL:0; |
x-ms-exchange-crosstenant-network-message-id | 69a3ae1e-1754-47d6-bd4b-08dc6051a673 |
x-ms-exchange-crosstenant-originalarrivaltime | 19 Apr 2024 09:18:17.7081 (UTC) |
x-ms-exchange-crosstenant-fromentityheader | Internet |
x-ms-exchange-crosstenant-id | 8bfb461a-5c15-4f85-8b7e-d88458bf4341 |
x-eoptenantattributedmessage | 8bfb461a-5c15-4f85-8b7e-d88458bf4341:0 |
x-ms-exchange-transport-endtoendlatency | 00:00:43.4086581 |
x-ms-exchange-processed-by-bccfoldering | 15.20.7452.029 |
x-ms-exchange-transport-crosstenantheaderspromoted | CO1PEPF000066EA.namprd05.prod.outlook.com |
x-ms-exchange-crosstenant-authas | Anonymous |
x-ms-exchange-crosstenant-authsource | CO1PEPF000066EA.namprd05.prod.outlook.com |
x-ms-exchange-antispam-messagedata-original-chunkcount | 1 |
x-ms-exchange-antispam-messagedata-original-0 | ONScsGXXGhvsvBEEd5mtinSwRITwFTV9TODIVz8O8AyG1dnWNyPD0rPim+wJiiQcb12hNTPCDUTF28Alil2HEaCtEduqtOtf2VRgbQPtT/CwF7Z+tdhe259KzUXVniB11wdTD0Aih/55nevXw/phnLYHAl2/yFrZ81uFQscQKRRQNg+Z8NLJBk5y79siimr8jEO+PRDYNtIOUq0gWzJuO8oi+enetGZvprM6UMuxZX5K06ovIuAPqexvQj2KFboa4CP1dLNmI+cT9zvXp4JojjkMe/AZSPRSMfmdvBf+S9pfq/QZ7kklPaf8zN9QAspXk7GpvkYHXOzFs/22gXlQehIIKB7Ra7PrGOTsGHlxQerjiLNxJiHlNjSKnJbRt4/3qpe4dnaO/4F8/2AZOMXpmfiS4UEmSd9vWKUqexyOuDLzaBezTp+MDxhAMBVZ6l2d2LE60LZQI7roWclmwU1ATY/Ie07USta7E94OA+zE+yeLnRyRyINpa1eDrB9+YzbsxDRUYKOtjBqhTbqnmy6NbBspaRJTajv6wiKZkDNXmDldKiuIx6nsLQYz2vDX1ek0K8/TuEPx5Zi30ONOvuyKwN4O1mUhnSxLvyZIFMz9VkxTZ5tBFmzgtluBG7w5z3EHhtjcRLLPIuIfhw+omOeJAe3uwVXEI3vpJeTui+7vsjVcI0xWCj1tBL/TZjzELuoEiaAJwKg9g4fUuLHaxUhzcCC2nto8zwA+pW39seqVUnAlu4URjLGXV9Zmduh7LgJMfTRbE6rtfc9jMS4lQSfFVlb9gVUJxJG2PnTex8Ky8/+nCF9W6mWgOqYggTiueWOUyM4kRFOg6zu2FcBQlh4Xof+1W3jCnpMsN9ynMur1rn8vUezSzIAJSQmx0NjZr0EQc2ZNoTBFmhJOAvk5nAzB8JnkUHseOiH9vhdNZAZFjywvIKqoZHiyDNmb4XR1FJnxfmEYss07pDyFIGz+JK2vvq3Q/pUjwhPV3LQzuwSHt1/zbIrmbCoyPQ+K9b6RE8fDE5UtJmkNhhgnOyvtPDKRvPl4xk4RdlcgXK2qoJbxeJ7Cy/jZ/VzySsdfAMZaCNji+c9nGeJrK9vUMtZli9m5A7E3wq4kknn7X1YdtJ/iUvQCg5EAYg5nu8HyqR+Jj8i4eVi7aaZQcUgr4/UwCk/Xz2KcoK6dn1nGONk7zfwdY0iajAlrqtNw1igPMCCPS63K5aNUjf+1fwEbi9L3vAqZoCBZom8Kzbuefh2tc7vmrW3vipKtuzWAJ6wQ7CigL/8AYx0o2qRtd8mK5X33oO/kIUfHrX425H9t7EZoVl2SR+97A3ccGWAL+Cff4mLLzElh78aB7Ip40Q34IdZ/u5bzH4ORHJ79hwer36dzFtxggu/yEcY+TiQzhOkB1/jD1AYqgWYTbIslc4lddW5UzdfluHBjW23bDvuyR//qe2IJv2gyQ1zhUnPXphhKXSfGRKJKsIabh4cf/uwVSibxildkSFX4oovkrnAI2XZqtCP1SoPe1Xcy3a4O6NCAHRwZlJkVpDAL2dpzZJ/bMjuCEyB81oc/0vfa7L4RmjhBXOnITKAL+yJnYnkKUmINTDYXr0zqCdBkHf8GawCJJPbJHHDavg== |
x-ms-exchange-antispam-relay | 0 |
X-Microsoft-Antispam-Mailbox-Delivery | ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(930097)(140003)(1420198); |
X-Microsoft-Antispam-Message-Info | 4bonrV3VS9JCkhyM5K9n/Xo0rlYyRv3cjEVBiukGKfjgzSZYXDx7G2q2RA5Pj2AB4k89goxWxG+lglElmCtLWyYh4ktZg0Pm9asIMf82s1QR9Hwn8S/4JAyHUYftBoMZIaZEH88w7UNzaGCIhqH9gI9fDSXsgPnkEw/44qlJ9pu01phg/ue0CwE0nMwCqK5t+Yh/6bo0i+BeWzC6evtvggZNCyE+PkO4y31a2fW+Eb28bsSmwUg4VkpepA7jR6vMNwz7dij5M04jW6iJTfM1RhDqyz0FUeoCKUJYxgsycg1Ary/dTU2DnhilB5XzP4sq1OWtCMDuKqnhf0Rwpi5ck2Bx3TDBuqe3w9HumdZyDopL0nyfrGxxk0kq7B/DKeNc1z6q1O3Ih4MyfN/j+grAD+CdwM71JMnSNDVAQ8rDpJwY2fH+ZrxaJP0JIibEhj/tVrG0NAiz65rvQ9wgN33WcdPlv0apQYsSykCrPtYh/gnTVuEERbmBucUTNuzSEMsqcTv7A4AFsjnxyGJ79/+r4sWr7Ljhzb7K+FZRavvfI0jXL/o3/B4xQWWwr51ev/hr8Z4WgetTI6/FzmwF28zJD1OK5qfJewgopKxViZ5W/WttE+BKYoZJ9ZjQHmKNipvHmVv1R3u176OE7RZ8Oqx9JvJCVpiXWDvi6OYy2h7lQbiuyWvVdbHK15F0iKjkgggVe9oNl8eZWCmHANsL7kvWnEN2xQJXmHrDC4WwvJ9637ev5d/D5y6J8iX1ISL+xGdn/MM2Fl5W1UuQ+oY5lov9VJHuBTir47bvaRshc48LaP+tCXOzR25mTz5cWGFcdhb2mIA/2EpWSQAejCIPevcKG5JtvYKKVSEAIDO1wELiYTaA2j2DDqUMlg5SP//LoughoUgBJkSAH367Yr9Vj6jBle8Jimw5aI5zgaEjObFUizX30Qx7ERpuKe0WO97Em7WDyUX/bePVbqyxO8B/ZEQXx3GapTsqiWgwfuQ20vrXScbeO8Eyh7qPilieeYus9A3nQcjY+wFXc0YemoB7TBMT6Yw3BhWCvzgTpnNfn+yOJNflZMd53a1a3LF9DaD9JmFE+LIUZ0L3w/TLOrvSovhUnpLmlf2uvo/uFnmn+F1V9HKhDdsTuCE2FMsfw1EWQGgcO50DFpu5vSO4Fnj6ju0IeGRO2N0Nhn3jy8PEbA4rAZ++TcA0mSmcTqTSGpgausm1wpIbeayl2X1+ZBV9VvdZdZvz61Fc74iQ17gFg/tErC7igl81i7V22WLW1vYsHbGRzh5r5qGBylh3i6x0g3My/iv5jTT44VASfVGgF8xEiTji7w/Gw+bYFVLPeqdQWJ6z9DZtXeNXjOQZ6ySHasz6e6hxB6Vr8DlLbUnbmSfQQRaNxmWPYkydTnCLdgqv7LKfOA4FboGMqYstdVixdr/5HB3abT3s0/Qen9A1tgoU3XiqQfvLAOdphX2Vqnfaalzk/YrgLy4ztfeBcrKuBF3ojNOeDiRKQnPUOU03ZL0rd6DWUbJWyn9Pfek7+PlaWQq1gnmVdnkPRrIdRbMQ61anvb4pXLOoWWXHFUIVjCsPTdHxQz93sGBoeuW0BlDzcjMGPzNX9tgiT5QjxZXUU5IF5hc6COWdFzG2sojBL3sXiIcR+wG038Y2+QtYTSrX+paenc7GkqR43RRi7vDceajqIJgHoswudVM+LdvNwxyt9bE5oOVjgH0uGahXYGTwTuC+wtfWCigwGW8kCelm1MHLujoWbXZS6lD14ekS4uZxlH2TRspPxaWE2J6vbIkBn9T/jGI3gIC59JHniz8Q6HBc1512r2rgEYTDG82kVgKl3Hfli+vRJhGp3q/ZYIi73rGBEgD1tztTTNlkcqG/cwQSt7TIwE5miaqt531M6QutpsPTt5cqf3K0XVcDqfe5cpVqyrdhIsWJHv9UsBmrNQxnJ9Atf3jgPf0ODjhzp4VdrhI= |
Content-Type | multipart/mixed; boundary="_004_SGBP274MB0300D1136C18D6B3B3748171E60D2SGBP274MB0300SGPP_" |
MIME-Version | 1.0 |
Icon Hash: | 46070c0a8e0c67d6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 18:43:10.532157898 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 18:43:10.835886955 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 18:43:11.442857981 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 18:43:12.652766943 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 18:43:15.057765007 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 18:43:16.943800926 CEST | 49706 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:16.943842888 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:16.943972111 CEST | 49706 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:16.945935965 CEST | 49706 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:16.945947886 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.160605907 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.161022902 CEST | 49706 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.164721966 CEST | 49706 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.164730072 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.164984941 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.210901022 CEST | 49706 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.252140045 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.363269091 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.363334894 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.363430023 CEST | 49706 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.363728046 CEST | 49706 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.363728046 CEST | 49706 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.363754034 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.363765955 CEST | 443 | 49706 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.399818897 CEST | 49707 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.399883986 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.399986029 CEST | 49707 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.400365114 CEST | 49707 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.400387049 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.613868952 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.614001989 CEST | 49707 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.615890980 CEST | 49707 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.615910053 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.616421938 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.618325949 CEST | 49707 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.664114952 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.823174953 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.823308945 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.823374033 CEST | 49707 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.825643063 CEST | 49707 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.825671911 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:17.825685978 CEST | 49707 | 443 | 192.168.2.16 | 184.31.62.93 |
Apr 19, 2024 18:43:17.825692892 CEST | 443 | 49707 | 184.31.62.93 | 192.168.2.16 |
Apr 19, 2024 18:43:18.705024958 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 18:43:19.007775068 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 18:43:19.265326977 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.265412092 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.265790939 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.266011000 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.266032934 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.613763094 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 18:43:19.656976938 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.657078028 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.668401003 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.668453932 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.669035912 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.669810057 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.669872999 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.669943094 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.867774963 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 18:43:19.962663889 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.962691069 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.962753057 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.962811947 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.966121912 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.966491938 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.966491938 CEST | 49708 | 443 | 192.168.2.16 | 40.126.28.14 |
Apr 19, 2024 18:43:19.966533899 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:19.966559887 CEST | 443 | 49708 | 40.126.28.14 | 192.168.2.16 |
Apr 19, 2024 18:43:20.828772068 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 18:43:23.172925949 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 18:43:23.236787081 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 18:43:23.475775003 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 18:43:23.512120962 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:23.512217045 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:23.512310982 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:23.514915943 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:23.514950037 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:23.937592030 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:23.937690020 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:23.939987898 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:23.940001011 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:23.940326929 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:23.985884905 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.018201113 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.060125113 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.079775095 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 18:43:24.338854074 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.338920116 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.338941097 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.338980913 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.339023113 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.339052916 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.339071989 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.339123011 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.339139938 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.339139938 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.339153051 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.339195013 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.339240074 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.339248896 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.339313030 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.339736938 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.358647108 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.358690023 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:24.358721972 CEST | 49710 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:43:24.358731985 CEST | 443 | 49710 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:43:25.293797016 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 18:43:27.697779894 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 18:43:28.045810938 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 18:43:29.471894026 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 18:43:32.501878977 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 18:43:35.469623089 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:35.469646931 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:43:35.469715118 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:35.469911098 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:35.469927073 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:43:35.697942019 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:43:35.698568106 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:35.698580980 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:43:35.700171947 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:43:35.700256109 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:35.701349020 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:35.701436996 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:43:35.743793011 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:35.743809938 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:43:35.791815042 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:35.991451979 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:35.991482973 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:35.991605997 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:35.991852045 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:35.991863966 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:36.307665110 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:36.308507919 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:36.308526039 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:36.309638977 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:36.310698032 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:36.313364029 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:36.313457966 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:36.313560963 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:36.313571930 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:36.368460894 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:36.418709040 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:36.418796062 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:36.420399904 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:36.420655966 CEST | 49743 | 443 | 192.168.2.16 | 184.25.164.138 |
Apr 19, 2024 18:43:36.420667887 CEST | 443 | 49743 | 184.25.164.138 | 192.168.2.16 |
Apr 19, 2024 18:43:37.656816959 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 18:43:42.112804890 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 18:43:45.681308031 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:43:45.681406021 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:43:45.681500912 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:47.099800110 CEST | 49742 | 443 | 192.168.2.16 | 74.125.136.147 |
Apr 19, 2024 18:43:47.099828005 CEST | 443 | 49742 | 74.125.136.147 | 192.168.2.16 |
Apr 19, 2024 18:44:00.063055038 CEST | 49696 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 19, 2024 18:44:00.063149929 CEST | 49697 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 19, 2024 18:44:00.166659117 CEST | 80 | 49696 | 199.232.214.172 | 192.168.2.16 |
Apr 19, 2024 18:44:00.166701078 CEST | 80 | 49696 | 199.232.214.172 | 192.168.2.16 |
Apr 19, 2024 18:44:00.166809082 CEST | 80 | 49697 | 199.232.214.172 | 192.168.2.16 |
Apr 19, 2024 18:44:00.166842937 CEST | 80 | 49697 | 199.232.214.172 | 192.168.2.16 |
Apr 19, 2024 18:44:00.166889906 CEST | 49696 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 19, 2024 18:44:00.166944027 CEST | 49697 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 19, 2024 18:44:01.208091021 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:01.208154917 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:01.208372116 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:01.208679914 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:01.208695889 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:01.634664059 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:01.634752035 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:01.636177063 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:01.636202097 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:01.636615992 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:01.638186932 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:01.684124947 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037404060 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037461996 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037504911 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037569046 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:02.037635088 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037676096 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:02.037678003 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037699938 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:02.037719965 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037750959 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:02.037764072 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037801027 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:02.037811995 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037864923 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:02.037909985 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.037965059 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:02.040854931 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:02.040875912 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:02.040888071 CEST | 49752 | 443 | 192.168.2.16 | 52.165.165.26 |
Apr 19, 2024 18:44:02.040894985 CEST | 443 | 49752 | 52.165.165.26 | 192.168.2.16 |
Apr 19, 2024 18:44:12.455003977 CEST | 49688 | 443 | 192.168.2.16 | 13.107.21.200 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 18:43:30.549200058 CEST | 54648 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 19, 2024 18:43:30.549493074 CEST | 64158 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 19, 2024 18:43:30.637275934 CEST | 53 | 56610 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:43:30.711498976 CEST | 53 | 50807 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:43:30.927755117 CEST | 53 | 64158 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:43:31.311705112 CEST | 53 | 60028 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:43:35.364084959 CEST | 62559 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 19, 2024 18:43:35.364284039 CEST | 55135 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 19, 2024 18:43:35.468607903 CEST | 53 | 62559 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:43:35.468641996 CEST | 53 | 55135 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:43:36.013073921 CEST | 52629 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 19, 2024 18:43:36.013123035 CEST | 62619 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 19, 2024 18:43:36.425684929 CEST | 53 | 62619 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:43:36.765302896 CEST | 53 | 53993 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:43:48.322747946 CEST | 53 | 56218 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:43:53.975361109 CEST | 137 | 137 | 192.168.2.16 | 192.168.2.255 |
Apr 19, 2024 18:43:54.725939035 CEST | 137 | 137 | 192.168.2.16 | 192.168.2.255 |
Apr 19, 2024 18:43:55.477112055 CEST | 137 | 137 | 192.168.2.16 | 192.168.2.255 |
Apr 19, 2024 18:43:56.228255987 CEST | 137 | 137 | 192.168.2.16 | 192.168.2.255 |
Apr 19, 2024 18:43:56.979131937 CEST | 137 | 137 | 192.168.2.16 | 192.168.2.255 |
Apr 19, 2024 18:43:57.729954004 CEST | 137 | 137 | 192.168.2.16 | 192.168.2.255 |
Apr 19, 2024 18:44:07.138335943 CEST | 53 | 60996 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 18:44:14.880445957 CEST | 138 | 138 | 192.168.2.16 | 192.168.2.255 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 19, 2024 18:43:30.549200058 CEST | 192.168.2.16 | 1.1.1.1 | 0xadd4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 18:43:30.549493074 CEST | 192.168.2.16 | 1.1.1.1 | 0x74da | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 19, 2024 18:43:35.364084959 CEST | 192.168.2.16 | 1.1.1.1 | 0x9c95 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 18:43:35.364284039 CEST | 192.168.2.16 | 1.1.1.1 | 0x2c3b | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 19, 2024 18:43:36.013073921 CEST | 192.168.2.16 | 1.1.1.1 | 0x7c01 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 18:43:36.013123035 CEST | 192.168.2.16 | 1.1.1.1 | 0x5259 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 19, 2024 18:43:30.915811062 CEST | 1.1.1.1 | 192.168.2.16 | 0xadd4 | No error (0) | extapp.dso.org.sg.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 18:43:30.927755117 CEST | 1.1.1.1 | 192.168.2.16 | 0x74da | No error (0) | extapp.dso.org.sg.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 18:43:35.468607903 CEST | 1.1.1.1 | 192.168.2.16 | 0x9c95 | No error (0) | 74.125.136.147 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 18:43:35.468607903 CEST | 1.1.1.1 | 192.168.2.16 | 0x9c95 | No error (0) | 74.125.136.99 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 18:43:35.468607903 CEST | 1.1.1.1 | 192.168.2.16 | 0x9c95 | No error (0) | 74.125.136.103 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 18:43:35.468607903 CEST | 1.1.1.1 | 192.168.2.16 | 0x9c95 | No error (0) | 74.125.136.104 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 18:43:35.468607903 CEST | 1.1.1.1 | 192.168.2.16 | 0x9c95 | No error (0) | 74.125.136.105 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 18:43:35.468607903 CEST | 1.1.1.1 | 192.168.2.16 | 0x9c95 | No error (0) | 74.125.136.106 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 18:43:35.468641996 CEST | 1.1.1.1 | 192.168.2.16 | 0x2c3b | No error (0) | 65 | IN (0x0001) | false | |||
Apr 19, 2024 18:43:36.392354965 CEST | 1.1.1.1 | 192.168.2.16 | 0x7c01 | No error (0) | extapp.dso.org.sg.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 18:43:36.425684929 CEST | 1.1.1.1 | 192.168.2.16 | 0x5259 | No error (0) | extapp.dso.org.sg.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.16 | 49706 | 184.31.62.93 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 16:43:17 UTC | 161 | OUT | |
2024-04-19 16:43:17 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.16 | 49707 | 184.31.62.93 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 16:43:17 UTC | 239 | OUT | |
2024-04-19 16:43:17 UTC | 805 | IN | |
2024-04-19 16:43:17 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
2 | 192.168.2.16 | 49708 | 40.126.28.14 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 16:43:19 UTC | 422 | OUT | |
2024-04-19 16:43:19 UTC | 4722 | OUT | |
2024-04-19 16:43:19 UTC | 569 | IN | |
2024-04-19 16:43:19 UTC | 10197 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.16 | 49710 | 52.165.165.26 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 16:43:24 UTC | 306 | OUT | |
2024-04-19 16:43:24 UTC | 560 | IN | |
2024-04-19 16:43:24 UTC | 15824 | IN | |
2024-04-19 16:43:24 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.16 | 49743 | 184.25.164.138 | 443 | 7248 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 16:43:36 UTC | 390 | OUT | |
2024-04-19 16:43:36 UTC | 225 | IN | |
2024-04-19 16:43:36 UTC | 120 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.16 | 49752 | 52.165.165.26 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 16:44:01 UTC | 306 | OUT | |
2024-04-19 16:44:02 UTC | 560 | IN | |
2024-04-19 16:44:02 UTC | 15824 | IN | |
2024-04-19 16:44:02 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 1 |
Start time: | 18:43:13 |
Start date: | 19/04/2024 |
Path: | C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x640000 |
File size: | 34'446'744 bytes |
MD5 hash: | 91A5292942864110ED734005B7E005C0 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | false |
Target ID: | 3 |
Start time: | 18:43:14 |
Start date: | 19/04/2024 |
Path: | C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff69d7b0000 |
File size: | 710'048 bytes |
MD5 hash: | EC652BEDD90E089D9406AFED89A8A8BD |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | false |
Target ID: | 11 |
Start time: | 18:43:21 |
Start date: | 19/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff68de10000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |
Target ID: | 13 |
Start time: | 18:43:22 |
Start date: | 19/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff761420000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |
Target ID: | 14 |
Start time: | 18:43:23 |
Start date: | 19/04/2024 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff761420000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Has exited: | true |
Target ID: | 15 |
Start time: | 18:43:28 |
Start date: | 19/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 17 |
Start time: | 18:43:29 |
Start date: | 19/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |