Edit tour

Windows Analysis Report
https://www.honketel.com/

Overview

General Information

Sample URL:	https://www.honketel.com/
Analysis ID:	1430476

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 3860 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.honketel.com/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4108 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1960,i,17704248182438042706,167873714145639813,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7588 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://weixin.qq.com/r/xzmfh2HERzw4rSXk92zV MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7768 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1904,i,14481725958237640816,2654743794539414480,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49854 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 29MB

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183

Source: global traffic	HTTP traffic detected: GET /r/xzmfh2HERzw4rSXk92zV HTTP/1.1Host: weixin.qq.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/readtemplate?t=market_redirect HTTP/1.1Host: wechat.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: www.honketel.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49854 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@22/87@46/165

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.honketel.com/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1960,i,17704248182438042706,167873714145639813,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1960,i,17704248182438042706,167873714145639813,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://weixin.qq.com/r/xzmfh2HERzw4rSXk92zV
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1904,i,14481725958237640816,2654743794539414480,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1904,i,14481725958237640816,2654743794539414480,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Extra Window Memory Injection	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.honketel.com/	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
minorshort.weixin.qq.com	43.154.254.90	true	false	high
newcomm.wechat.com	43.159.18.10	true	false	high
www-x-honketel-x-com.img.addlink.cn	118.123.16.159	true	false	unknown
wechat.com	43.155.124.49	true	false	high
www.google.com	172.253.124.147	true	false	high
sgminorshort.wechat.com	43.159.26.129	true	false	high
41jhoui9.ovslegodl.sched.ovscdns.com	128.14.246.120	true	false	unknown
iis2.new-web.cn	218.247.83.194	true	false	unknown
weixin.qq.com	unknown	unknown	false	high
newres.wechat.com	unknown	unknown	false	high
s7.addthis.com	unknown	unknown	false	high
www.wechat.com	unknown	unknown	false	high
support.wechat.com	unknown	unknown	false	high
www.honketel.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
http://weixin.qq.com/r/xzmfh2HERzw4rSXk92zV	false	high
https://www.wechat.com/mobile	false	high
http://wechat.com/cgi-bin/readtemplate?t=market_redirect	false	high
https://www.honketel.com/honketel/enpc/productlist.asp?c=category&subc=55,96&menu=3	false	unknown
https://www.honketel.com/	false	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
43.159.18.10	newcomm.wechat.com	Japan	4249	LILLY-ASUS	false
43.159.26.129	sgminorshort.wechat.com	Japan	4249	LILLY-ASUS	false
43.154.254.90	minorshort.weixin.qq.com	Japan	4249	LILLY-ASUS	false
43.155.124.49	wechat.com	Japan	4249	LILLY-ASUS	false
43.154.240.170	unknown	Japan	4249	LILLY-ASUS	false
218.247.83.194	iis2.new-web.cn	China	139021	WEST263GO-HKWest263InternationalLimitedHK	false
142.250.105.139	unknown	United States	15169	GOOGLEUS	false
128.14.246.120	41jhoui9.ovslegodl.sched.ovscdns.com	United States	135377	UHGL-AS-APUCloudHKHoldingsGroupLimitedHK	false
173.194.219.94	unknown	United States	15169	GOOGLEUS	false
172.253.124.147	www.google.com	United States	15169	GOOGLEUS	false
43.129.254.124	unknown	Japan	4249	LILLY-ASUS	false
172.253.124.95	unknown	United States	15169	GOOGLEUS	false
118.123.16.159	www-x-honketel-x-com.img.addlink.cn	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
173.194.219.139	unknown	United States	15169	GOOGLEUS	false
172.217.215.94	unknown	United States	15169	GOOGLEUS	false
88.221.33.166	unknown	European Union	16625	AKAMAI-ASUS	false
172.217.215.84	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1430476
Start date and time:	2024-04-23 17:35:12 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://www.honketel.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	16
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@22/87@46/165

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.215.94, 142.250.105.139, 142.250.105.113, 142.250.105.100, 142.250.105.101, 142.250.105.102, 142.250.105.138, 172.217.215.84, 34.104.35.123, 23.45.182.73
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://www.honketel.com/

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 14:35:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9832467785542547
Encrypted:	false
SSDEEP:
MD5:	B023026410CBE2FE6EF440730A16D2FF
SHA1:	526529A0533696AA1CE3058B8C38C8418F8FD5C5
SHA-256:	0A910F82166F6A3E748F163CEA6FC86EB065DECE9B5D95FFD1D1AC0778297AED
SHA-512:	D62B503115754A1C4F08E26894A8DFFD0571FACF36B483607B2DC1B5E36EA18FEAF3B5B168B431CC6106D2648C1C149A1300D60DBFD1D8B32EBD14F435D133B8
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......e...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xl\|....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xt\|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xt\|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xt\|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xu\|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..........._)Dk.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 14:35:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.000018508461135
Encrypted:	false
SSDEEP:
MD5:	4FF690F2DA2D1B068B193F4D5268AD31
SHA1:	F23F16D6CEB663F5702BBC46F57FA3FCEDFD4B78
SHA-256:	CFC1987B1F8C3B4AC96B1B70CE71CE03B074D8995E88C888948C1A39F943AE0B
SHA-512:	47451BC24335365C90C53608703557987DF624B4B1D829466056E599EEAF0E95F7F014DB5EB53AA421D49D8C392C371371F4D08170BED94F993F8085181B1618
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....?.Z...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xl\|....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xt\|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xt\|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xt\|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xu\|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..........._)Dk.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.0062492400898195
Encrypted:	false
SSDEEP:
MD5:	CA99B5A8CC20963F4BA28E4493D6B1D2
SHA1:	7417AE55DB115DDCD4006CCA5C863C89BC64FD7F
SHA-256:	3B99D67DB70CC04530184756318CC78D6685E177677141150CFBE74E2CBEB94E
SHA-512:	FF1ED2A520F75E53C8B2EDF7229B5FA180767E597BD2EA15DFD07AD2292E4AB7896BE67CFB31EA3895139A16D16EA0941A6E1AFF7CE700A284C778FC22DB05A4
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xl\|....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xt\|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xt\|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xt\|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..........._)Dk.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 14:35:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9991121400783936
Encrypted:	false
SSDEEP:
MD5:	FD9F69BE22949928CF8828AA3EB443CB
SHA1:	FEFFCF9DD30C6FE3F6B5C78326FA7B3C7316FCEF
SHA-256:	A32A66E3FEA71B6293EFA838544FB46B079782764CF42C6DE59D3DD9E56AE1A3
SHA-512:	B70C5D679F812809B3056196DE2B421B8AAB0587DDDBA05D769AF1D43B70A5E9D19E5EBFE20BD938C200BFF0E864472427086323A837A84135FBB8E1CE61EEF5
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....qT...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xl\|....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xt\|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xt\|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xt\|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xu\|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..........._)Dk.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 14:35:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9866509234068674
Encrypted:	false
SSDEEP:
MD5:	A8EBFFC82E312A2FBDBD15E6112E5D10
SHA1:	FE4CC3EE32F8EC45FA7AFFFCC538AC603D6F3D3B
SHA-256:	69DCAFC51549C0E1C5CEA41682DBF0B830889B91644C46FDFBCDB2982F3D44B9
SHA-512:	0A8739AE275654DDEFF151E0BCCE6197E39375B584C44384D394E5EF2C87AE4FA08490A0D5829FD4A6C06BCBF3FCB4C00756E110F2EA0B8A586A0AF6CE137798
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......_...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xl\|....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xt\|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xt\|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xt\|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xu\|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..........._)Dk.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 14:35:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9983193299887483
Encrypted:	false
SSDEEP:
MD5:	E4C35831849E760FE7145A03E004FBC4
SHA1:	0DD9C4291D03802EDF761E23753C8D931532D658
SHA-256:	32A6D8EDD66DE051C22B9BE71B0834C2BB28EB2F091A8150733DF88AEACF4F04
SHA-512:	F86A1CEB9373E3A4599A993E8872DFF265080B73EC2E5D1E811B1BDFD4B0AD9610DDB190482C9FD01C7EEAF83460D41F952B4477B98EFE84FB9B44C1B97B666A
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......J...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xl\|....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xt\|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xt\|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xt\|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xu\|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..........._)Dk.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	769
Entropy (8bit):	5.213396336915652
Encrypted:	false
SSDEEP:
MD5:	BE8CA9C3C5A9845A868A070C6CE17939
SHA1:	A882C9FB868B00A18B7DCEC422742E57BF659517
SHA-256:	9F3619F7FB23D72C6C88E1D9CC222828A42A4335692D6784E38075DCA445359A
SHA-512:	34FA2C083919A04562E0F6562C1973E142D4A09B78B6031B0E60C8D12167D9D98264B4EAEB20B4552AE800362834CB484FCBB323BE96220E6E598033B3395C58
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR... ... .....D......GPLTEGpL....................................................................................................................................................................................................................................................................................................................................~Q2....ltRNS.........D. ..q.......Y."b.......-......y.Z_!.s}^...X.)........F..0.f....At..~...x........w=(..p[..c4.X.^....IDAT....Uc.`...k `w..........C....?1..\...i.\|....L...2O.R.@...zzY.}.pO.-.b.U/o...-Io.....\|..c.{...Q......K..z...$.h...t.Pp..?.G..........S......v\|....?.M.....VC.0....h.29..f...m..Bp.W.K..\|ks.5.0K.S.'Ct..R(.t.j'......h{7D..}....VbIq.BMuj...o.....z(....IEND.B`.

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 270 x 96, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	2242
Entropy (8bit):	7.812177560716048
Encrypted:	false
SSDEEP:
MD5:	624B20EE57C48301212460B460A47EBC
SHA1:	99E3655AEEF0E4DDC3B3A45052591F7A1240868F
SHA-256:	B2776425C088D2B7FE3AF7F31DE3F1D6B53E700414000E67E9579E022DD8D70B
SHA-512:	E5ED26AFBAF59FA123B35EDD5F72C8F5519C94E3B0C054A76F5F5E83F31785EC262EF9D929BA5A6222DAF486F4921252449CEED1B4256C1D0AB2D057248F681E
Malicious:	false
Reputation:	unknown
URL:	https://newres.wechat.com/t/wx_fed/base/wechat/wechat-main-page/wechat-main-page-oversea-new/res/static/img/uq8YAlZ.png
Preview:	.PNG........IHDR.......`.......l.....PLTEGpL................................................@@@.............. ...```.............pppaaaAAA........___...000ooo!!!...PPP.........111OOOQQQqqq...........!..m....tRNS. ...@...............IDATx...[{...`.3.Ng..d[.EL..1.rj;......9....x]4...7Z.-?x..y_.}...?...+.... ..+..?.."...<o..M..O.B.....5(4...F.V.....l.8...c..8...c..8......Cp(.y.MN.a.0}.7.....r.>9..;..".z.....q..._q.P.on...I%.T..#...Er./.p.4"....!).A.AR.....O/.5..Y.2W.CMW.{q.....7.}].3.Z.}9. H.T&.&E. ....+)#]7..TS..Qu.VI5.8V....."...9.b#..@.a1&WP./1.."9."i!8.R.)nM.1...G.#..s..I.H...%..y....a...l.9....@L...v.P9...!SG......#..&...2..\|.5..$.....@0..YO..X...aV.7.....X.E.....w...w$..H.....AV?..`J.OX2.....o..T..L.p,0.BQ. ..O.~R...A.9..Q2..iV.@.P..Ci...$.H..x...e...@*.....#.J..%"....;.;..P.C.\|....f.G..r......,f.....La.Q5v......M..b...w..S2L..i`H.q......sr..."is$bY...8f.3r.eA.I...#L792woX<....y.$3..;&.Q.(g.P..j../....$.`5.i.w.".;.M.>..>n5.p=...Lb).I

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 40 x 1, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1252
Entropy (8bit):	4.835924211726273
Encrypted:	false
SSDEEP:
MD5:	6CFD25F94A1913512C1963B3BB510046
SHA1:	2075839AAF47CC12447E62DE215B228B927BF60D
SHA-256:	D8C989169A993B646EB87AC572B6C2F2F507F57A128DAC9217C30BED990E556B
SHA-512:	506F3063365E21F547A5838E9DFC4C0BCFCB2F8E86003109796D4F6B2CD9562787D473584535E8F6A301E2491EDC97220CDBA7003C62AC1C81AE16714215498B
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/title_line1.png
Preview:	.PNG........IHDR...(...........~.....sBIT.....O.....PLTE..3....EG)....pHYs.........B.4.....tEXtSoftware.Macromedia Fireworks 8.h.x....tEXtXML:com.adobe.xmp.<?xpacket begin=" " id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 4.1-c034 46.272976, Sat Jan 27 2007 22:37:37 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xap="http://ns.adobe.com/xap/1.0/">. <xap:CreatorTool>Adobe Fireworks CS3</xap:CreatorTool>. <xap:CreateDate>2019-06-24T02:47:52Z</xap:CreateDate>. <xap:ModifyDate>2019-06-24T02:57:10Z</xap:ModifyDate>. </rdf:Description>. <rdf:Description rdf:about="". xmlns:dc="http://purl.org/dc/elements/1.1/">. <dc:format>image/png</dc:format>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>. .

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 898 x 720, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	459448
Entropy (8bit):	7.997781468687356
Encrypted:	true
SSDEEP:
MD5:	0533337BFAACF72FC94632A16CE49D5A
SHA1:	6A18AC723F21879DE40D025A89D3D3752AFA033A
SHA-256:	75EF107D5291AA471135B0377AAACB1A157BDDD86DBEBE208B489F43F1029099
SHA-512:	E2F5FBE7638B1FA83898A61FBA6B0AC6CD5278E22FA250609AE331C3DA14A6D59DBACA08FB056535C3A1A227707759B6A8E1D3644C601DB561DE4E112EF42743
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.............JZY~.. .IDATx....Y...Z..T@B.lU....[...\|.>.....4....F...6d...V%!R..p...?.#2.(t.....@.G"...+..@...s....xc.X.V..`.X.V..`.^....m.[c.X.V..`.X.V..`.H..P......+......+...A...=..M....+......+..0..g..`.X.V..`.X.V`..0..Atn..`.X.V..`.X.V.1.?...+......+....{P.1t..s...+......+........`.X.V..`.X.V......{...d.X.V..`.X.V..`....+......+........`....$+......+......c(..X.V..`.X.V..`....c..D.&Y.V..`.X.V..`..C.3......+......+....C. :7......+......+....V..`.X.V..`.X.=(.....IV..`.X.V..`.X..P......+......+...A...=..M....+......+..0..g..`.X.V..`.X.V`..0..Atn..`.X.V..`.X.V.1.?...+......+....{P.1t..s...+......+........`.X.V..`.X.V......{...d.X.V..`.X.V..`....+......+........`....$+......+......c(..X.V..`.X.V..`....c..D.&Y.V..`.X.V..`..C.3......+......+....C. :7......+......+....V..`.X.V..`.X.=(.....IV..`.X.V..`.X..P......+......+...A...=..M....+......+..0..g..`.X.V..`.X.V`..0..Atn..`.X.V..`.X.V.1.?...+......+....{P.1t..s...+......+........`.X.V..`.X.V......{...d.X.V..`

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 13 tables, 1st "FFTM", 24 names, Macintosh
Category:	downloaded
Size (bytes):	165548
Entropy (8bit):	6.706820701120207
Encrypted:	false
SSDEEP:
MD5:	B06871F281FEE6B241D60582AE9369B9
SHA1:	13B1EAB65A983C7A73BC7997C479D66943F7C6CB
SHA-256:	AA58F33F239A0FB02F5C7A6C45C043D7A9AC9A093335806694ECD6D4EDC0D6A8
SHA-512:	9FFB91E68C975172848B4BBA25284678CC2C6EB4FB2D42000AA871C36656C4CEBC28BF83C94DF9AFDFBF2407C01FE6B554C660B9B5C11AF27C35ACADFE6136AC
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/xui/fonts/fontawesome-webfont.ttf?v=4.7.0
Preview:	...........PFFTMk.G.........GDEF.......p... OS/2.2z@...X...`cmap..:.........gasp.......h....glyf...M......L.head...-.......6hhea...........$hmtxEy..........loca...\........maxp.,.....8... name....gh....post......k....u.........xY_.<..........3.2.....3.2.................................................................'...............@.........i.........3.......3...s................................pyrs.@. ........................... .....p.....U.............................................]...............................................y...n.......................................2.......................................@...................................................................................................................................................z...................................Z...........................................@.......5...5.......................z...................................................Z...Z...................@................................

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (659), with CRLF line terminators
Category:	downloaded
Size (bytes):	35774
Entropy (8bit):	5.516797080564749
Encrypted:	false
SSDEEP:
MD5:	B0315CAE6178AA9382E769D2BD8F2021
SHA1:	D4C1B164CD3252DF1EAA2F2629B0F5B4049284D4
SHA-256:	71B5A155E3BA7F36D89A5127A63B32E5C13DB1486AF04CC1817908CFA9679136
SHA-512:	649A314AA4C7B15118CEB9AE39DF1A0B7073E03FBA087A9FD8908BC540C7B94F5957B8DC33888F88F7A2C7ADE2BBE67CAD8E4B1F2F0D47ED6C16AB27429219CA
Malicious:	false
Reputation:	unknown
URL:	"https://www.honketel.com/honketel/enpc/productlist.asp?c=category&subc=55,96&menu=3"
Preview:	..<!DOCTYPE html>......<html>..<head>....<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>....<meta name="AUTHOR" content="...... WWW.NEW-WEB.CN">..<meta http-equiv="Cache-Control" content="no-transform" />..<meta http-equiv="Cache-Control" content="no-siteapp" />...... <meta name="KEYWORDS" content="Fiber optic armored patchcord,FTTH Drop patchcord ,Jumper patch cord,fiber optic pigtail,mpo breakout cable,fast connector & outlet for FTTB/FTTH;">..<meta name="DESCRIPTION" content="Fiber optical patchcord/cable,pigtails, PLC splitter,fast connector,adapter,MPO patch panel, MPO Patchcords, MPO fanout patchcord ,non-metallic optic cable distribution box,ODF unit series,splice slidable patch panel, Wall-Mounted patch pannel terminal box,CWDM, DWDM,Metal sheet telecom Cabinets,fiber optic connector,Fiber optic terminal box.fiber optic faceplate,fiber optic socket patch panel etc.">......<LINK rel="Bookmark" href="/honketel/logo.ico" >..<LINK rel="Shortcut I

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 250 x 93, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	4921
Entropy (8bit):	7.494179291821962
Encrypted:	false
SSDEEP:
MD5:	95B192DBB216EB44E4B405296BACADEE
SHA1:	677A386AEB1DC167A981B14BD1AC71638C0840CC
SHA-256:	8A804AF4A82DEA74082700BD78A77BDBD8B48D719EB8D2DBE04F721C7335B776
SHA-512:	AA8A5EFD92F98FCC54C50C2B2DD7D393AB1F916E74E8731A4B0ACCF35E7AB20A3FB6808BFCE8AAD454241799F688C2920F5AED23E16FEA694F2270198BA056A6
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/logo.png
Preview:	.PNG........IHDR.......]......+.Y....sBIT.....O.....PLTE..........b.T....;.{1.s".n.....h.2..iw..\....fp....ce..x.^_..r..4.(U.SF.)L..Q.M8.>;.M5.27..<.N!z0).8.t#ys.i.$.....y,.t(....s".n..h....2...a........r..k..d..4..c..[.8M.4I.@B. I.#B.>;..<.>+..8.G%.N!z....{1.y,.t(.h..d..a..\..b..[..`..\..T..<.;1.+5.>+.;.0)..t(.s".h..k..d..<.....t(.s".\..r..k.)@..<.....<..s".a.Hb..k.27..<..s"....r..k..k.0:.27..<..n..h..d..k.0:.27..<..s".n..<..h..<..s".h..<..s".n..k..r. I..<.S...s".n..k.....c..Z.)@.0:..<................................................................q...........b..\..n....{.y]..x..P...pk...k.b.`]...Z?...T9....R..L3....J..A.;.y#.{1.y,.t(....s"B....."...n........l"......&........................x..{..r..r..r..q..k..k..j..e..d..b..b..[..\..Z..V..Z..Y..Q. L..T..Q. I..I."D.#B.(<..B..<..:.+5.#3.0).)(..$...y.....tRNS......................................"""""""""""""""""""""""""""""3333333333333333333DDDDDDUUUUUUUUffwwwwww........................................................

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1081
Entropy (8bit):	5.766094729264981
Encrypted:	false
SSDEEP:
MD5:	F9280B051F3E17519B34E23C75D0C45C
SHA1:	3CE61C84B576B7A9BB15EE3F12137CDD659E3CA0
SHA-256:	9C7ED61CBD4415B01E25B720736CA8BDDFC9DEC78DB96D21F55F2F0F83EC8771
SHA-512:	6E0FC8DEF8194E851205A3BEE491525FC6CF6CB18AEF147EDA8EA155D211CFE4B4A39924271E213FE29F6AF00C564A5E4195F98351FD3E5E3390D38D31B0E535
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/honketel/enpc/nav_menu.css
Preview:	....menu {...width:200px;...height:auto;...margin:0px auto;..}...item {...width:100%;...height:auto;..}...item > .itemtitle {...height:45px;...line-height:45px;...background-color:#213F67;...color:#ffffff;...border-bottom:1px solid #ccc;...padding-left:10px;..}...item > .itembox {...width:100%;...height:0px;...overflow:hidden;.../display:none;.../.. /......:......................../.. /1.........css......../.. /transition-property:display;.../.. transition-property:height;.../2............./.. transition-duration:1s;..}...item > .itembox > ul {...list-style:none;...background-color:#ffffff;...padding:10px;..}.....item > .itembox > ul > li{...list-style:none;...background-color:#ffffff;...height:40px;....}..../.item..hover../.. .item:hover > .itembox {... /display:block;/..

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	5495
Entropy (8bit):	6.219814984637156
Encrypted:	false
SSDEEP:
MD5:	ABD18B668612B890E9207B42342F3452
SHA1:	4657ABBCCED1127DFF123392E3175E655F4459CE
SHA-256:	FF849F1FCF1C994C5C46ACB5186F40A1A395D064920475FD1C06102FF4F8CABC
SHA-512:	9BDD6C9319D405B82D6BAD07499D4B79E3CDD314C3748EE7EFDFF05C186AE38AAF054960E7DE2DFA17DB3C38F6638CA16B61B2CE7E1032495FC5808B9CA4F597
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/honketel/enpc/style.css
Preview:	.body,table,select,input,textarea,button{...font-family:....,..,Verdana,Arial;font-size:13px; COLOR:#333333;.... .. SCROLLBAR-FACE-COLOR: #333333; /* .........../..SCROLLBAR-ARROW-COLOR: #E90013; / ...../..SCROLLBAR-TRACK-COLOR: #666666; / ....../....SCROLLBAR-HIGHLIGHT-COLOR: #999999; / ....../..SCROLLBAR-3DLIGHT-COLOR:#666666 ; / ................../....SCROLLBAR-SHADOW-COLOR: #999999; / ....../..SCROLLBAR-DARKSHADOW-COLOR:#666666 ; / ................../..}....select,input,textarea,button{outline:none;}.........small{ / ..../.. font-size:11px;....font-family:Verdana;..}.....big{ / .../.. font-size:16px;..}.....color1{ / .../...COLOR: #000000;..}...color2{ / .../...COLOR: #ffffff;..}...color3{ / .../...COLOR: #D10004;..}...color4{ /

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=16, height=3000, bps=0, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, width=4512], baseline, precision 8, 750x800, components 3
Category:	downloaded
Size (bytes):	161006
Entropy (8bit):	7.444691901454421
Encrypted:	false
SSDEEP:
MD5:	BFA6738B4330DE8B1C633D0297DBAECE
SHA1:	0E4A662EEC28E9F33B1DB80A06861E712A29EFF7
SHA-256:	CA0D1A8C0ADDBA3D3D805050EF9E357091D57CBFD219A405A9E3F1FCBCEC3B4B
SHA-512:	89A0973203188D887913F2003AB99742D356066E229E502797A38031A9C8E9109804672AAB96A6441583F2C31A9413F6D91FD9FCA15A9F1BA74A61B35554AA21
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/2021830997.jpg
Preview:	.....1Exif..MM................................................................................................................................(...........1...........2......... .............i.........4.%....................NIKON CORPORATION.NIKON D3200..-....'..-....'.Adobe Photoshop CS6 (Windows).2020:05:25 17:29:27.............2...........:."...........'.......d...0..................0230...........B...........V.......................j...........r...........z...............................................................................,............80..........80..........80..........0100.................................. ..................................................................................................................!.....................................................................................X...d....2015:11:26 21:06:38.2015:11:26 21:06:38..........Z!...B@.e`...B@...........&............ASCII... ......................

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 110 x 110, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	1631
Entropy (8bit):	7.756347241952744
Encrypted:	false
SSDEEP:
MD5:	E823EEFFC065A2C68AC660171D9EE9C3
SHA1:	653C068C1F9111AE95BCD2B1D82946910398CBCB
SHA-256:	7FB605659F3E36B581B96336FBEDC97A7B357682391FF189CC47DE551D279264
SHA-512:	7AAEFEFF06BB9B9F826026C1B6DAFAF947C772FE769943AB278413668360B5A859A0E0DF7B57CBB7763683A83ACF490D53D5C79A186AE6C1B676F5E4152D8852
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...n...n.....4u;.....sBIT.....O....0PLTE................................................N..@....tRNS.."3DUfw........v.......pHYs.........B.4.....tEXtCreation Time.10/11/197l .....tEXtSoftware.Macromedia Fireworks 8.h.x...]IDATX..X]l.E...N.$N.hA")~...EH .h,x....P.,!...<......!...../H.5 ~..X...._.....P.%...Z.7..............vfgfgg...'i.=....K./.t.;&.d.z 5l.>.t.t...%h....Vl....V{....aGc.<...H.m...].9YJ.......&.?...6..}$.^+...7.........h.jN.....s:..Y...u.~..t=.G..L..O......ym..erd...0...~"............Nho..e..s.....X.c.Q....^..WA^6Y.c#.).XW'...[.^.U...a.......p......w.F.!../...R...<..C']...0.>...`.m.Y...)q...K...=.)\.O..X$...H.5.....<.. ...S\|O.a...9..Q.^8.e.A/.:..o.&.w..9.'8Z..zh5.........n.^.p...'.."..j..T\..U..-_L9..3.R..I..._.N.cy;4.'...#....2h.0x...2W...06.%........y..,0..=@.F...-..*..b7.;...9.....WF..3..S[.....7..Xe..p}./..h-.,....j.G@.~.~'.s_..*.j16.U.=\...~.L..h.B@.s.Z]...q.;5.3......"...C=.7n..$..S..@k-.w^+....6.m..;.6:.M.+@.k..

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1183 x 866, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	447659
Entropy (8bit):	7.996831841236734
Encrypted:	true
SSDEEP:
MD5:	E6C290A83C57878D79E53094CC9FDFFA
SHA1:	AD211CDE8C7E2879C8924C188AB0E34D8958D73F
SHA-256:	7CE43EDC77B4605B59717864E067DC6B745A8A8316BB287A8D7BA1E7437A649E
SHA-512:	DDCD989127124586FE3A37626F3ACC5A92E43DD1471C86AF6C723BDAA660BBF77137A19088EE452FCA5DA21167E573CF406FCADDB8FE596C8146BBE97A08B9B3
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/2021913105123.png
Preview:	.PNG........IHDR.......b.....@D.o.. .IDATx..Y.&.q.W....`.. ......KI.].d&.)3....$x...KU..y^....g!HB.....*32..............t..F..h...F..h...F..h....8....w.."...@#..4..@#..4..@#..4.+.....C#..4..@#..4..@#..4...w....z.Z.F..h...F..h...F..h....h.A#..4..@#..4..@#..4..@{w.P.].F..h...F..h...F..h...6..4..@#..4..@#..4...2 ...2.b...h...F..h...F..h......4..@#..4..@#..4..@#....w....eh...F..h...F..h...F...n..@#..4..@#..4..@#..,....-C-v...F..h...F..h...F..h..@#..4..@#..4..@#..4..@{w.P.].F..h...F..h...F..h...6..4..@#..4..@#..4...2 ...2.b...h...F..h...F..h......4..@#..4..@#..4..@#....w....eh...F..h...F..h...F...n..@#..4..@#..4..@#..,....-C-v...F..h...F..h...F..h..@#..4..@#..4..@#..4..@{w.P.].F..h...F..h...F..h...6..4..@#..4..@#..4...2 ...2.b...h...F..h...F..h......4..@#..4..@#..4..@#....w....eh...F..h...F..h...F...n..@#..4..@#..4..@#..,....-C-v...F..h...F..h...F..h..@#..4..@#..4..@#..4..@{w.P.].F..h...F..h...F..h...6..4..@#..4..@#..4...2 ...2.b...h...F..h...F..h......4..@#..4..@#..4

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2880x1760, components 3
Category:	downloaded
Size (bytes):	92578
Entropy (8bit):	7.574635568665834
Encrypted:	false
SSDEEP:
MD5:	892E1D57BC6289186C3DC0506C1C760E
SHA1:	6258BEDE2054602E1AC3C1806213D8F4BD403184
SHA-256:	B892B1299D03BA635EF48036CFBBECDB3BC5CB9101DC26A823ED721AAA701A78
SHA-512:	C6BE98342BC7D63A35C43B31EC970E710B140E1A4909AF5692B754A81242D3F7A0B86685B221B63B2406A0B3A4D87BB29569C383F196F66E43A890B1E74597CC
Malicious:	false
Reputation:	unknown
URL:	https://newres.wechat.com/t/wx_fed/base/wechat/wechat-main-page/wechat-main-page-oversea-new/res/static/img/3cBQnDI.jpg
Preview:	......JFIF.............C...........................#.%$"."!&+7/&)4)!"0A149;>>>%.DIC<H7=>;...C...........;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;........@.................................................................................m..$"""(."5R.U...........`N.....OUz...:V.BE@.0b9.9....&..s..s^Q.....+.t...'J.f.f.F.C".Ng..e.'.xK.\...z.I.OEwN......"....%..9.#.q.....C....+..DUHR!Y P.....^k.....S..:....""""""".X$.%(..BBD$....@...."$$U$DBDDD@d...a2.....n.."" .3....K.9...../.....!.TDBh.vt:..f..TF..r9....LJ......1\.....4..............!.U.4."T.dU..%.q....q0GH.o.OQ.='..]M...2d.....`.0..f%....b\..MV....k.t...&.F.k.U.2s9W../.<.....X.......+f.I"....b!(.5..r8.)y.(.u;GZ.uM.4"."........yK.y/9p.h.....,.5bBDDDDDDDD.D....DD$%bK$.(......+..l...X.""".&.k..*.:...h........k.9.N+.8.....s.5....T...F..f.&.D.LG3....\.F.U..5..9.L.2.......T..o..5.........j.l.H.9....^....^.zOQ.=Gs...V.@..0s9..fL.0`..r.0...M...vt...Y....F.P.FLW#.y..U./.s..^..='...J.(.DQTD@D.......

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=3937, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3937], baseline, precision 8, 750x750, components 3
Category:	dropped
Size (bytes):	111704
Entropy (8bit):	7.1859524997987085
Encrypted:	false
SSDEEP:
MD5:	410E8399B45B65FEB0D278D8E341ABAE
SHA1:	E52F1169FDE8EF4E877FBE34F6FEB8596C812EB8
SHA-256:	69A1F40276D30B3CAD9F5CBAE3EC1A6D63E5AB71E8816F51F0C175DAABB28623
SHA-512:	ADBB1A1DD60FDEEAAA4086F1FC3FD181EA8385D642AC600A2271DF9A5AF1FB574F7A49E5FA632620977B0EE7733BCDEED8A952518532D4EB9B2B722F13405065
Malicious:	false
Reputation:	unknown
Preview:	.....RExif..MM.*...............a...........a...........................................................................(...........1...........2...........;.................................3.i.........@................'.......'.Adobe Photoshop CC (Windows).2019:09:06 09:39:22.Administrator.A.d.m.i.n.i.s.t.r.a.t.o.r............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 356 x 96, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	2445
Entropy (8bit):	7.799691809849496
Encrypted:	false
SSDEEP:
MD5:	7EAFE952FDF131B0D254ED55E02C4BD5
SHA1:	0ADF981C202D3C0D1352FF0316066B7457D1C09D
SHA-256:	30E61AAFD210C9811C2CCD56D7DFFFCA753922892E1F74C3C87E99C7755B37A0
SHA-512:	AE42D03ED40EF199C6502DFFA6719187E6C8F0A3BBF251AFC5298B5D0DF1EE1152F743F78623E1CAB9A83CE786FDB2E1DC4BB995771FCE4B75752E7CA87E5AF0
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...d...`......#.....uPLTEGpL................................................ @@@........```................000PPPppp...ooo___......OOO...C.r.....tRNS. ...@...............IDATx..Yc....io:w9...Z-.n..O..ZLY^.'v....&.()....t.eY.....%.....oYo/....._.,.^.J$.i..dY.....e...;.~d.'....YR.......z. '..r..9AN..%..r..9AN.....................[.\|Z....^<..l..-.?..y...+....... @....y?0.5..B...E..d.._Q...[. ..H..G.....L+U.D&o.....v"9O#.ND.DD&.."....d....<.u{?.'"...........\.'G..K.....Y..<..6P"r0T`/e.....Pv.r"...."....xF..]..DE.T.?..j.."b...`>..f.XD..Jb.D.!x.@D.......z...a..i............."..D.Z"..%.....&...T.......k......#..@..y?. '...<+.c...7C._3(. .D.....g?R._....Y1.&..6..sg.....o2.5...f.I......8z<...q.../..AN....\|.^..9h.\..!..''.%..._.:.YA$../@... ..Zk.g....=....k 3....b`.....T.....0T.%....r8c= .@W!.$$...w...r.....P.\|.r-..6..".D.e ").]B.!x".P..A7..~........!........I.d.S.n...A......^..M.i.9...~..6... L...<.......C(..../!+6.....]....3.<

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3
Category:	downloaded
Size (bytes):	83629
Entropy (8bit):	7.853635188401251
Encrypted:	false
SSDEEP:
MD5:	39FCB47BF49073CF031DB02D9835179D
SHA1:	95CA969408D6210C246E5189D99C074E2499EF2B
SHA-256:	2A8E119231F5D060B13E9B2B17A77F7D1D8B91489BCFC2ED60956629BB9368CF
SHA-512:	DC38C690184324A6069024CBB68E700F22718CD845A43D853F557C4B6206026D2EBFDE3808ADE357EB7381F0744C2AB477EA3C803981B44185E306A32D05D3CD
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/202319143741.jpg
Preview:	......JFIF.............C....................................................................C....................................................................... . .."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	5523
Entropy (8bit):	5.522273459473488
Encrypted:	false
SSDEEP:
MD5:	8F8A62E6DFB946053590F9A16297B78A
SHA1:	2B2AFB6C36D11133BCD25C0E7A521A699DB013F6
SHA-256:	743E82C27BE84E94335621645EF08460E9144CFA439D026220E0761DCCFBF7C9
SHA-512:	9A971F537CF1EA01BFE81A8025A0ADBBB55B070DEA0EC018F2C1707D446CA34ED45CBCCEDDCA814CBB29967318C1AE6E5D3E9B8EC9A6E0948AFF1496DA2A4190
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/honketel/enpc/nav_menu3.css
Preview:	./.../...nav_menu3,...nav_menu3 ul,...nav_menu3 ul li,...nav_menu3 ul li a,...nav_menu3 #menu-button {.. margin: 0;.. padding: 0;.. border: 0;.. list-style: none;.. line-height: 1;.. display: block;.. position: relative;.. -webkit-box-sizing: border-box;.. -moz-box-sizing: border-box;.. box-sizing: border-box;..}...nav_menu3 #menu-button { .. margin-top: 100px;.. background: #F00;.. position: absolute;.. ..}...nav_menu3:after,...nav_menu3 > ul:after {.. content: ".";.. display: block;.. clear: both;.. visibility: hidden;.. line-height: 0;.. height: 0;..}...nav_menu3 #menu-button {.. display: none;..}...nav_menu3 {.. width: auto;.. line-height: 1;....}..#menu-line {.. position: absolute;.. top: 0;.. left: 0;.. height: 3px;.. background: #990B2C;.. -webkit-transition: all 0.25s ease-out;.. -moz-transition: all 0.25s ease-out;.. -ms-transition: all 0.25s ease-out;.. -o-transition: all 0.25s ease-out;.. transition: all 0.25s ease-out;..}..

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:10:16 14:40:36], baseline, precision 8, 800x800, components 3
Category:	dropped
Size (bytes):	62712
Entropy (8bit):	7.444960756499905
Encrypted:	false
SSDEEP:
MD5:	B23D396EC349DA1B4805CD1FF6F397EB
SHA1:	BD55E7EF2823920F71E920E22B605D50D2920C85
SHA-256:	7413C38DE71D49D63EADD275432CF838B1292B4AFFD7D53FCBCB544E375CE299
SHA-512:	DE9AE930D6C4311DF2FC4BE1F03A45FF9FD4E9EB9738D25779F8EDBE997937F285C80FF42D5014EEC6833F16ABBAD0F57C1BC2CB4ACC823C6F81378F3C66FD7C
Malicious:	false
Reputation:	unknown
Preview:	.....6Exif..MM..............................b...........j.(...........1....."...r.2...........i.................x..'....x..'.Adobe Photoshop CC 2019 (Windows).2020:10:16 14:40:36.......................... ........... ..............................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d......................................................................................................................................................"................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)$.IJI$.R.I$...I%)$.IJI$...,..\........u..?KmL}...$...)I$.JRI$.....T.I%)$.IJI$.R.I$...I%)$.IJ\%.t...

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1077 x 787, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	511963
Entropy (8bit):	7.996605183873196
Encrypted:	true
SSDEEP:
MD5:	3A142FA575A744524F378E5C7BEA2A7D
SHA1:	DB4B54E67FFE72905F8CA322C3919D73B269C0CE
SHA-256:	3AF9F595416D3A24989E52F6217630265783D695D490FF9799A1FA925F6B9DA0
SHA-512:	F59A22D7B28CD80ABC8599C9F0BB7E365B61FB40CDF2B8D5FD641ACFC55A413E1BF56076E9DA2DBBB7D024D85AB8F66BDBB42B41A7970465E6FB539A4AAE8838
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...5.........>@.... .IDATx..v.I.%JBk.P...g...b......... . @..x..FXZzD&...$n.+`nn..F..[.....[......B@...! .....................!......B@...! .....Z...\-.........B@...! ..@...'.,D..! ......B@...!p..(>.Z..]...! ......B@......O:X...B@...! ......B.j.P\|r......B@...! ..........t..%......B@...! ...."...j.w! ......B@...! .:.(>.`!J...! ......B@....E@..../.B@...! ......B@.t.P\|..B....B@...! ......W...._.....B@...! ..... .....(! ......B@...! .....'W.....! ......B@...!.A@.I..QB@...! ......B@.\-..O...y..B@...! ......B............B@...! .....Z...\-.........B@...! ..@...'.,D..! ......B@...!p..(>.Z..]...! ......B@......O:X...B@...! ......B.j.P\|r......B@...! ....(....C.1i.'7.Q..B@...! ......_...o..BJ.......c.B@...! ......B@.\|...O>.7i..! ......B@...!...P\|..1.E! ......B@...! .>...'.........B@...! .......(>.......B@...! ...........MZB@...! ......B..F v1..:.G..ux.....B@...! .....l.b.. ...m....."....B@...! .....y.` ...R....N5..B@...! ...........Z0.K...! ......B@...KE.:L....

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 110 x 110, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1461
Entropy (8bit):	7.706055286241675
Encrypted:	false
SSDEEP:
MD5:	235E2296EB67B1B6982AF0E76C9CF7B3
SHA1:	482C40C5B18543591E9B005070D3CBFA680D529F
SHA-256:	DBD3D3E9C508D75E214D6F0CFBE1D35AD8E425B1382E5C7E890539607039FEC7
SHA-512:	714F69F0EC1DBF97A14E12C6F82BD26757C748F89392FD824E29AF94F81AD10F667F86BA9BAB2CFD05061A5F702CDF26D410A38E380881F477F874277FBC24AB
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/icon1.png
Preview:	.PNG........IHDR...n...n.....4u;.....sBIT.....O....0PLTE................................................N..@....tRNS.."3DUfw........v.......pHYs.........B.4.....tEXtCreation Time.10/11/197l .....tEXtSoftware.Macromedia Fireworks 8.h.x....IDATX..X]h.E...7.I....U0..b[.C.."R.>.>J...\|js#...F.-."(....E.{U....V.j.?XKe[...f..&......s...l.M....o.3g.93B.?....G>\|.......M..xg.-....t9~{1.6..-.8..r..Z.k.G...[.[.#.Ya%.vf..Y....Z`{.O.S......rMuv...R.M.x8.x...c._...e..K3L.K\x.Y.."..3.6K..e..p(.i..sK.......Gg..2..L.....z.......7.w..%.Wj..O.\......V...i.s.+...E..TW......f.......{.....z%.._o....S..i.B.....V...(K.f...\|W.&..{..U.}$..R../..S...Z.}......z'.....)..b.G..1..;.....n.'.}.1.d=.......q\O..z;y.R.....N.....z+y.D..2.EL%...N..^..&.9...&\|.5.3.2.0......D*.#zk..0>.2..;r%z.-.@..v.4...e6G.o.O.4m.P..}.5.o..L'.'i.....>..+.{a.S.~...\|...."0.o....g...h....(./...t>.a....z.K..4...(i.\....G....Q.Ap...f/.Y....C...qa.5;..4..S.a.i...\|n../.g..v..._./V..~I...<........l\|....T\[....

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2017:03:17 11:56:07], baseline, precision 8, 1000x1000, components 3
Category:	downloaded
Size (bytes):	148579
Entropy (8bit):	7.734076139774554
Encrypted:	false
SSDEEP:
MD5:	BEB681E6B892FDD67F46D70128786685
SHA1:	D72420722B26277BE8B67D3EB44DADE01E5231AB
SHA-256:	3211A5331A730ACCAD4465A0FDD335DD0F594A1F6546D0237C5BEC43FFFAA0A9
SHA-512:	018F516718BCDA707449207CDE70507F17769A4909336D0874BAD33E08D7DD90D02359E4540B7A881BD9FBD71C3260F03A5DD66ECA2E0BD3643C32567C5CDA05
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/202183014555.jpg
Preview:	......JFIF.............6Exif..MM.*.............................b...........j.(...........1.........r.2...........i.................x..'....x..'.Adobe Photoshop CS5 Windows.2017:03:17 11:56:07...................................................................................&.(.........................................H.......H.......@Photoshop 3.0.8BIM.%......................8BIM.:....................printOutput........ClrSenum....ClrS....RGBC....Inteenum....Inte....Img ....MpBlbool.....printSixteenBitbool.....printerNameTEXT.......8BIM.;....................printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@X.........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y......8BIM.........`..

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=16, height=3000, bps=0, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, width=4512], baseline, precision 8, 750x800, components 3
Category:	dropped
Size (bytes):	145140
Entropy (8bit):	7.23638392902927
Encrypted:	false
SSDEEP:
MD5:	7284EA4AF18CB26832638DECC037B065
SHA1:	74E7CE1FC798427AD34CC5C2801DB0735869FCC6
SHA-256:	AB76AA211363B27CA46B843F300959A5B245288351DA70189F50701CDCA69784
SHA-512:	FB29F9F13BAD20FE9475571C9CA60AD21F467CF60132E33A01EC515E09C9A4CB5C55266002835441C329AFF3E6CEFF039202EF2B5C5C71291AC21612F3FD55B5
Malicious:	false
Reputation:	unknown
Preview:	.....cExif..MM................................................................................................................................(...........1...........2......... .............i.........4.%....................NIKON CORPORATION.NIKON D3200..-....'..-....'.Adobe Photoshop CS6 (Windows).2020:05:22 14:27:05.............2...........:."...........'.......d...0..................0230...........B...........V.......................j...........r...........z...............................................................................,............80..........80..........80..........0100.................................. ..................................................................................................................!.....................................................................................X...d....2015:11:26 21:06:38.2015:11:26 21:06:38..........Z!...B@.e`...B@...........&............ASCII... ......................

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (32769)
Category:	downloaded
Size (bytes):	94839
Entropy (8bit):	5.372689725312414
Encrypted:	false
SSDEEP:
MD5:	B11CED65F32FEDBE9BF81EF9DB0F3C94
SHA1:	FDFD441E66831BFB8809E8CB69C2C3CD26B5D7C2
SHA-256:	0FB170F24675C84F8228AD6B61D69BF6705030949CC2FEC316B3A006EAB282F8
SHA-512:	864E5AA02E74823DE70E3914A9BA75413C9559E4508F72EE7D23993ACBF6488D69EF13A50E5B465BEE3A709B36664F38AEFE9EC0B8D9D86F4873F1AC552C64CB
Malicious:	false
Reputation:	unknown
URL:	https://newres.wechat.com/t/wx_fed/cdn_libs/res/jquery/1.7.2/jquery.min.js
Preview:	/! jQuery v1.7.2 jquery.com \| jquery.org/license /.(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView\|\|a.parentWindow:!1}function cu(a){if(!cj[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"\|\|e===""){ck\|\|(ck=c.createElement("iframe"),ck.frameBorder=ck.width=ck.height=0),b.appendChild(ck);if(!cl\|\|!ck.createElement)cl=(ck.contentWindow\|\|ck.contentDocument).document,cl.write((f.support.boxModel?"<!doctype html>":"")+"<html><body>"),cl.close();d=cl.createElement(a),cl.body.appendChild(d),e=f.css(d,"display"),b.removeChild(ck)}cj[a]=e}return cj[a]}function ct(a,b){var c={};f.each(cp.concat.apply([],cp.slice(0,b)),function(){c[this]=a});return c}function cs(){cq=b}function cr(){setTimeout(cs,0);return cq=f.now()}function ci(){try{return new a.ActiveXObject("Microsoft.XMLHTTP")}catch(b){}}function ch(){try{return new a.XMLHttpRequest}catch(b){}}function cb(a,c){a.dataFilter&&(c=a.dataFilter(c,a.dataType));var d=a.dataTyp

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14, height=2551, bps=0, orientation=upper-left, width=2551], baseline, precision 8, 750x750, components 3
Category:	dropped
Size (bytes):	98351
Entropy (8bit):	7.636620496889473
Encrypted:	false
SSDEEP:
MD5:	EA8B0BDDE37334D1772A2AAD2E1F34BF
SHA1:	242C0674AF73C3BB9A6ADDF0CA6BAD707CE8A7DF
SHA-256:	43EE62CFBE245245C66AFF5505C5069890D720904D947E9495C71A0C37BCD14D
SHA-512:	718294C1528436321D214A35B90589ACBEF24D8B36C60649CA3DD87F49ADB1050527E33AD0AC3F786FF6BC43BDA666DB9646B44F8224126B7E9B2B82481C08DD
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....,.,......Exif..MM.*...........................................................................................(...........1...........2...........;...........i..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14, height=2076, bps=0, orientation=upper-left, width=2076], baseline, precision 8, 750x750, components 3
Category:	downloaded
Size (bytes):	70230
Entropy (8bit):	7.47721210476252
Encrypted:	false
SSDEEP:
MD5:	4D8129C7C1E1B0B7691C053C0664A8F6
SHA1:	A28FE30E8F94FDAF1ECCB4522F2F92D5B7C2080F
SHA-256:	61716E624241DF5AC341BAE500333171619C5643D2CD3144D548AA68E8B78F54
SHA-512:	9354F8C35C164BB98800334AE63035C530BD0CC1D357B73CA5032112975986A7FB22EBA5007EF6EC1B75F7F03271BA4AE3BEEC72133869D8A1D6338133C2CBDE
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/2021830135943.jpg
Preview:	......JFIF.....,.,......Exif..MM.*...........................................................................................(...........1...........2...........;...........i..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=589, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=795], progressive, precision 8, 800x593, components 3
Category:	dropped
Size (bytes):	96914
Entropy (8bit):	7.8292524362633795
Encrypted:	false
SSDEEP:
MD5:	68032D04F8B067986BD5560F41F58606
SHA1:	270879DA983F254C2B669E24B0F0F5D7C415DA36
SHA-256:	515AC2173A3BC763D7A7753A32CD90611FFED0D83D5E5956923964EABAA4BD53
SHA-512:	BDBAC6812C29D7E602C0E7C98C3B9651393B6CC1F812F92E4E10563D402D7C29CEFD9B8CFF1D3C1D2916DA26BE4DD27B964D1BA09203CE12793E874EE5DF94F3
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*...........................M...........................................................................(...........1...........2..........i............. ............'.......'.Adobe Photoshop CS6 (Windows).2021:09:09 17:20:16.............0221....................... ...........Q...............................n...........v.(.....................~...................H.......H.........XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (10041), with no line terminators
Category:	downloaded
Size (bytes):	10146
Entropy (8bit):	5.308956869218994
Encrypted:	false
SSDEEP:
MD5:	2BEFAC42809EFD3DE107552F707BCE96
SHA1:	5AF61E222038A0A4BEF18DF9ACCB194ED6A26173
SHA-256:	A074C83991384C885D6D43CECC65D9C31A0487A92B71F05CFD8139E71B28F66E
SHA-512:	6785500E843A2AD2518C8E12A320D7D1FF39D6CD4CEF46B76CEC16563DDB3A658A03A4024D5FFA9B8217C0F2D24EBFE7F87AF20980CF8553A6F574DC485FCB76
Malicious:	false
Reputation:	unknown
URL:	https://www.wechat.com/mobile
Preview:	<!doctype html> <html lang=en class=en> <head> <meta name=facebook-domain-verification content=b3spylm29rmtw1v91765iz8d7o8fl7 /> <meta name=twitter:card content=app> <meta name=twitter:app:country content=us> <meta name=twitter:app:name:iphone content=WeChat> <meta name=twitter:app:id:iphone content=414478124> <meta name=twitter:app:url:iphone content=weixin:// > <meta name=twitter:app:name:ipad content=WeChat> <meta name=twitter:app:id:ipad content=414478124> <meta name=twitter:app:url:ipad content=weixin:// > <meta name=twitter:app:name:googleplay content=WeChat> <meta name=twitter:app:id:googleplay content=com.tencent.mm> <meta name=twitter:app:url:googleplay content=weixin:// > <meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"> <meta charset=utf-8 /> <meta name=keywords content="WeChat Weixin chat mobile chatting free send message send photo voice weixin offline message Weibo private message data consumption"/> <meta name=description content="Available for all kinds of p

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	4286
Entropy (8bit):	3.6215858122112348
Encrypted:	false
SSDEEP:
MD5:	919BDE38D3072B59CDB304787C669D5D
SHA1:	C362DE95B6C3AA01FECFAF81065AFF1372140CCD
SHA-256:	AE465D6B4BA486EE8846C500FD148432D9B7C0D6FA0A547D41D0E46B32867FD6
SHA-512:	4ADC6E60804FB2A4CFFECACD756208631834BCB0567ABB653D485C4A616F7E14DCF53A9C305E265F3E96E2BF1A4E5549D5589AF478A8A6165B30F3398FC78D53
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/honketel/logo.ico
Preview:	...... .... .........(... ...@..... .....................................................................+y..&s..&t..%s..$s..&t..<...)v..................................................................................................%r..$r..#r..$s.G%s.O&t...x..Pr...k..........................................................................................2{..%r..!o..*v.3\|..-y..$s.<t..Du...q.......................................................................................... p..&s..%r.R@...I....x.cAo._...i.$.i.........................................................................................)v...R..3{.^...?...Tn.P.]..c...u...D.........................................................................................%s...h..K...e.../z.h$..`...j...~.................................................................FD..EC..=:..=4..<(..<E.....%r...n./^...]...$r.Jjjv..c.g.k.......8....~.......6K..F...;6..=9..IE..ID..........................EC..ED..<7..>5..L...S...O..Qc

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (65321), with CRLF line terminators
Category:	downloaded
Size (bytes):	248789
Entropy (8bit):	5.334374667134581
Encrypted:	false
SSDEEP:
MD5:	ADEC52ACD338EC610E4BF5A5FCCDCD3E
SHA1:	4F41A6576B2E8772D303FE04F36DFC7BECE317FA
SHA-256:	A3F5FAB1544B2B21AE6689A92D3E1221185320BD604F54EF1ECC7CAE12B2F25D
SHA-512:	ECF65B5325B81FF49579408EF5F9D988BF733736A7F7C7F662F5055DE93D2B6529AB77AF0EF11707B5A7878267C490F1E3E6FF6DC1BA16AFDF3E90ABBAF089AE
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/xui/xui.js
Preview:	./*.. =====================================================.. * XUI - http://xui.xfeng-studio.com/.. * version: 1.0.1.. * email:1106245966@qq.com.. * =====================================================.. */..function includeCss(e){document.write('<link href="'+e+'" rel="stylesheet" type="text/css"'+xui.scriptAttrStr+" />")}function includeScript(e){document.write('<script type="text/javascript" src="'+e+'"'+xui.scriptAttrStr+"><\/script>")}function include(e){var t=e.match(/\.\w+$/);switch(t=t.length>0?t[0]:"",t=t.replace(".","")){case"js":includeScript(e);break;case"css":includeCss(e)}}!function(){for(var e="",t=document.getElementsByTagName("script"),i=["charset"],n=null,o=[],r="",s=0;s<t.length;s++)if(null!=(n=t[s].getAttribute("xui"))){for(var a=0;a<i.length;a++){var l=t[s].getAttribute(i[a]);null!==l&&(o.push({name:i[a],value:l}),r+=" "+i[a]+'="'+l+'"')}e=t[s].getAttribute("src").replace(/(xui\.js\|xui\.min\.js)$/,"")}if(window.xui={baseURL:e,version:"1.0.1",eventDelegate:"b

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14, height=1770, bps=0, orientation=upper-left, width=1769], baseline, precision 8, 750x750, components 3
Category:	downloaded
Size (bytes):	82361
Entropy (8bit):	7.60037592789719
Encrypted:	false
SSDEEP:
MD5:	AC495CC433B241B8374C3191292B2EBF
SHA1:	2BD41C812469A58F9F220B85CB4D5234EFC3D189
SHA-256:	580F8B9D9BEFE5CF2E5BE5074169F41229729D2E62003079A7F2E23B81DB68FB
SHA-512:	F48CE65DF6533EA29671D67B7E36B577076FD75DBAB2968C8C551EB254C12A742F2B5255A3990B98EFDD24ED9DE80D20A5BCCD73EF7804230661150227920B92
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/2021830135234.jpg
Preview:	......JFIF.....,.,......Exif..MM.*...........................................................................................(...........1...........2...........;...........i..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 50 x 50, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	220
Entropy (8bit):	5.613244615831287
Encrypted:	false
SSDEEP:
MD5:	B91A8E3E46F6D6242CF47B275F9A7173
SHA1:	02251C058CC89274D7496DF0A1E99A6FD2E8494D
SHA-256:	2C3DEFDD48246279C2364A15FD6388501447073DC1E56D5BE17BEE2CFBB47282
SHA-512:	2DA97F7568354FADE947C7D1DC5B251386F87999D25CED6AB55DEA4B4807134AD70C74C8877AB4375F3C7AE37873686C96F013E6B3ADBE1639F8C7D7E208CA8B
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/icon_bg.png
Preview:	.PNG........IHDR...2...2.....$.......sBIT.....O.....PLTE......U..~....tRNS.w..).....pHYs...........~.....tEXtCreation Time.07/22/209. .....tEXtSoftware.Macromedia Fireworks 8.h.x....IDAT..c.....F.AA...tPd..t?....IEND.B`.

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ISO-8859 text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1308
Entropy (8bit):	6.625507391445949
Encrypted:	false
SSDEEP:
MD5:	2923B250A3660C034AA7831D5E6D7F3C
SHA1:	646F109012BAC000FE1BC58F40D112F77483F22A
SHA-256:	E682DFCDDE010F6E15BAE0D843696F6AE8D5A85E75441660B782789EE747F075
SHA-512:	E7A323D17F9F1C70BBEE04C2D05970EED992E01830F73531A9B08A70A72BF253E5E3365213C96B2495B4B1FE9B9A61B8EE0A43126ED600F4468559A56CA03E74
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/xui/fonts/fontawesome-webfont.woff?v=4.7.0
Preview:	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">..<HTML><HEAD><TITLE>.........</TITLE>..<META HTTP-EQUIV="Content-Type" Content="text/html; charset=GB2312">..<STYLE type="text/css">.. BODY { font: 9pt/12pt .... }.. H1 { font: 12pt/15pt .... }.. H2 { font: 9pt/12pt .... }.. A:link { color: red }.. A:visited { color: maroon }..</STYLE>..</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>....<h1>.........</h1>..............................................<hr>..<p>.............</p>..<ul>..<li>..........................................</li>..<li>...................................................................</li>..<li>....<a href="javascript:history.back(1)">....</a>.................</li>..</ul>..<h2>HTTP .... 404 - .............<br>Internet ....... (IIS)</h2>..<hr>..<p>........................</p>..<ul>..<li>... <a href="http://go.microsoft.com/fwlink/?linkid=8180">Micr

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	810
Entropy (8bit):	7.358500720719984
Encrypted:	false
SSDEEP:
MD5:	449ABE2F6FF048A1054E44967B1A0770
SHA1:	EF92FD8335311CF374F813FFAA7150618DD305FE
SHA-256:	08CB99B4D0A702FFBF578C43337EA9C1E1CC30A5B4CEEA5DA9BAC21BE8B3B7D6
SHA-512:	9A06DC50488B912C2B9F66AD5F272E4B017E8670AFA25BB338ED7438581FC63D4D60C7A6AFA0BD55A0DFD758CFC6E07ACD16069F2AAE8219C77F207C7A7E59D7
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/tel.png
Preview:	.PNG........IHDR...0...0......,.....sBIT.....O....0PLTE................................................N..@....tRNS.."3DUfw........v.......pHYs...........~.....tEXtCreation Time.07/23/20.9G.....tEXtSoftware.Macromedia Fireworks 8.h.x...(IDAT8.mT.n.A...q...W (.I.........@.w4....3".!.q....."..1..p..........Dq.vp.......]L.....;3.....Vx.n.?<.Y..".......?=.{.bR3..1}.8s;..=%D..&N,...<...r..].DA?R[.&.=.bT...U.g.+...-\|#..G..8..4F.S..h$..F........D\.e.\....u..(.4P...:.(..Z..#.m..1z..4../.e..c%.0yqGNR.+...y...".#._...#i...=k%..Wjh.oQG.. .4.uD..b..[..........a...E.4....4`.R.......)=...W...-.p.$s.........&.4.H...F>....g......a...<.(...E....a.)n...<..MC.@.F.T.+.\|...4.......<.KC._y.1V..:.w..S.U............~........U\|..B....02.Q>..z..0....m...O..f.r;...%.....\..s.j.zC.....(..!.q....IEND.B`.

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with very long lines (3630)
Category:	downloaded
Size (bytes):	3669
Entropy (8bit):	5.248104788637419
Encrypted:	false
SSDEEP:
MD5:	DFFA77A9DD8DBCB4B7B34411FD6E9086
SHA1:	0081BCAC9F36A3F439DD7A518D243075E05F490E
SHA-256:	3FBA66F212FF59E0CCD0202D508BEBAF633C74442391CA297636601D1EE5BDAE
SHA-512:	B348A4F38146DF68EB8AB7FACDB6106E4CE9C90C2636662629BD8E2D08ECC8C23EDDDB5C2DC23FA8DD23B180BB86AFA8E2AC6BB472BA3BF7409F66B5E2A9B110
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/codelib/scrollanim/scrollanim.min.js
Preview:	./! kissui.scrollanim 2016-08-07 /.!function(a,b){"function"==typeof define&&define.amd?define([],function(){return a.kissuiPosition=b()}):a.kissuiPosition=b(a)}(this,function(){function a(a){if(a="Kissui.position: "+a,1!=n.safeMode)throw Error(a);console.log(a)}function b(){for(var a=document.querySelectorAll("*["+n.attribute+"]"),b=0;b<a.length;b++){var d=a[b],e=d.getAttribute(n.attribute);c(d,e)}}function c(b,c){for(var d=c.split(" "),e=!0,f=0;f<d.length;f++){var g=d[f];if(n.events.indexOf(g)==-1){e=!1;break}}e?l.push({element:b,event:c}):a("Invalid event name: `"+c+"`. Skipping "+b)}function d(){l=[]}function e(a,b){window.addEventListener?window.addEventListener(a,b,!1):window.attachEvent&&window.attachEvent("on"+a,b)}function f(a,b){var c=b.split(" "),d=!0,e=a.getBoundingClientRect().top,f=a.getBoundingClientRect().bottom,g=a.getBoundingClientRect().left,h=a.getBoundingClientRect().right,j=a.getBoundingClientRect().height,k=a.getBoundingClientRect().width,l=window.innerHeight

Chrome Cache Entry: 172

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with very long lines (55728)
Category:	downloaded
Size (bytes):	55921
Entropy (8bit):	5.089263673250833
Encrypted:	false
SSDEEP:
MD5:	B1A64DD65F3FDEFA44C072572A836749
SHA1:	A3D7693F728165005AE3B3D2398FB65CC461182B
SHA-256:	C988A2F51E9B54A43E63D9ED104F46F74BC2554E17A08D657BC91D66CDDD112C
SHA-512:	CECA9101FAF25905F8ECEEECFB945B20492A0D82C1D4C7300E30CEF945ABA016A5BA227F23CC125FD7F8AF0BDE959D77C37C29F77BDE9783D465CE887F731305
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/codelib/scrollanim/scrollanim.min.css
Preview:	.@charset "UTF-8";/!. animate.css -http://daneden.me/animate. * Version - 3.5.1. * Licensed under the MIT license - http://opensource.org/licenses/MIT. . Copyright (c) 2016 Daniel Eden. */.animated{-webkit-animation-duration:1s;animation-duration:1s;-webkit-animation-fill-mode:both;animation-fill-mode:both}.animated.infinite{-webkit-animation-iteration-count:infinite;animation-iteration-count:infinite}.animated.hinge{-webkit-animation-duration:2s;animation-duration:2s}.animated.bounceIn,.animated.bounceOut,.animated.flipOutX,.animated.flipOutY{-webkit-animation-duration:.75s;animation-duration:.75s}@-webkit-keyframes bounce{20%,53%,80%,from,to{-webkit-animation-timing-function:cubic-bezier(.215,.61,.355,1);animation-timing-function:cubic-bezier(.215,.61,.355,1);-webkit-transform:translate3d(0,0,0);transform:translate3d(0,0,0)}40%,43%{-webkit-animation-timing-function:cubic-bezier(.755,.050,.855,.060);animation-timing-function:cubic-bezier(.755,.050,.855,.060);-webkit-transform:

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9788), with no line terminators
Category:	downloaded
Size (bytes):	9788
Entropy (8bit):	5.51203950969634
Encrypted:	false
SSDEEP:
MD5:	46172CEE66BF4F26D72091B7741B1A7E
SHA1:	6FF2DBBA90645EFA6FFE08656FEEC5479E7FFB40
SHA-256:	383FFABC2ACEDE3E97F1106DEB3A54F46BA13B5766A3DC515E3D1D852AB12823
SHA-512:	A04EBCE29A7D288D39584F919D2C0A780D91ABCF035137651ACCFCB1F7F9B2ADA2BAB85D828AD980D528A42BDB7FFB7BA0F04E13A30C3D8069FC377883AFBB9B
Malicious:	false
Reputation:	unknown
URL:	https://newres.wechat.com/t/wx_fed/base/wechat/wechat-main-page/wechat-main-page-oversea-new/res/static/css/46172cee66bf4f26d72091b7741b1a7e.css
Preview:	.footer{position:relative;font-size:12px;color:#a8a8a8;text-align:center;background:#eee;padding:50px 0 80px}.footer_inner{border-top:1px solid hsla(0,0%,100%,.12);margin:0 auto}.footer .link{padding:6px 5px;color:#a8a8a8}.footer_ele{padding:6px 4px}.footer_ele,.ic_hook{position:relative;display:inline-block;display:inline;zoom:1}.ic_hook{top:-3px;height:0;width:0;border-style:solid;border-width:4px;border-color:transparent transparent #a8a8a8;margin-left:.5em;vertical-align:middle}.footer_ele.copyright{padding:6px 10px}.last_footer_ele{margin-right:0}.footer_ele.first_footer_ele,.footer_ele.first_footer_ele .link{padding-left:0}.social_link.footer_ele{padding-top:10px;padding-right:0}.social_link.footer_ele .ic_insta{padding-right:0;margin-right:0}.social_link .link{display:inline-block;display:inline;zoom:1;width:20px;height:20px;padding:0;margin:0 5px;vertical-align:bottom;border-radius:10px;background-color:rgba(0,0,0,.2);-ms-background-size:60%;background-size:60%;background-pos

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2309x2661, components 3
Category:	downloaded
Size (bytes):	224744
Entropy (8bit):	7.519289877275493
Encrypted:	false
SSDEEP:
MD5:	C6A23DD34FB115E8B565F3D9FD6B1750
SHA1:	16DA4D0ED947D9796664DB56DBBC9DFB4F01CB53
SHA-256:	0F5F8A006E3FDFB00049D529B6407B227EC101AD4D6ADCD059387E9D1C9E73D3
SHA-512:	9E839B9BF151CF95C21576AB9B75364998C54DD9A097954B6A72F1E15F21174E40AC39E7A960A3C0CF27CFD26EEA13E8B567CFC1214E211FAA7F0932D88C9C49
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/202291710377.jpg
Preview:	......JFIF.............C....................................#,%.!!..&4'./121.%6:60:,010...C...........0 . 00000000000000000000000000000000000000000000000000......e...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(.Lq....D$.g.ARTV..W5-..QE..QE..QE.Atq.=MJ...AU.[u.GV....-...P.E.P.E.P.X.'.C...1.?Z..........1.?.7-N ...0..$.Nz..V....3@.At.-.n.MOUu..)~..9.a.``...\|..&.4.F.!........#.&6.5,:....{...F....Dfrz.UR....RMi....c..w....r..!..SyRGL...B

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.625
Encrypted:	false
SSDEEP:
MD5:	A3FD428B6753F2D0C323E6C6C65263B5
SHA1:	3F02BB1D4B6667AB66E83B75F6AC42A1B38F42EA
SHA-256:	755C5736B87400A0D79F422C081A4C5543330DF3BFED5A92820B7F5F73A910AE
SHA-512:	9A719F710B0A543D0A9D9EF17748D67AD1E12F6F3C8085E28E7B548729AFD2784404D500DAC5DD064F285880A359D532D431FE5CF0C255CF492515EE9FA0450D
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAmYllgdBI9LVhIFDUZdct8=?alt=proto
Preview:	CgkKBw1GXXLfGgA=

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3
Category:	downloaded
Size (bytes):	117368
Entropy (8bit):	7.816247268934838
Encrypted:	false
SSDEEP:
MD5:	498FEBFE28E6953570259C8580043C78
SHA1:	41A3DDC532C5EAC65D10F7CC8E87D85943690EE5
SHA-256:	D51C8C4BF7B25E68123D7755C88DACDDC57A318954B049313675B76DF9FDA1E6
SHA-512:	85CCBA9F25DD9B34E1B48C989831294AEB6DC255106BA1B8D7C0492BBFA119225DE7A678774C238C299646D233A3FE981314A7BE819393F59DBC2FFAAEA67A08
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/2021911145827.jpg
Preview:	......JFIF.............C....................................................................C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	827
Entropy (8bit):	7.720123455680749
Encrypted:	false
SSDEEP:
MD5:	5281E972EC463897022F56464011B5ED
SHA1:	2A719C124449E0C31A0166CEA7867BB1A44780BD
SHA-256:	A62D7D84BD02B1718106D294D1F2C8387F9967239696C1E8B446201B63F34DC7
SHA-512:	D5FC5821A1BA50F444665B01D3004EBD7546AE6B6A696C80CA4601C1ECDAED6632342381711055E65B86703D103BB38ABD3A591FB21254ED4C934F0E41968B40
Malicious:	false
Reputation:	unknown
URL:	https://newres.wechat.com/t/fed_upload/25d133b0-63d9-4102-857c-5cc84c752232/NTI4MWU5.ico
Preview:	.PNG........IHDR... ... .....szz.....IDATX..Ah.g.....Yk.J.1..Y.V.G/=.E.....^.."..T<....)..y.". ..]....J...DDdSc3..e).B.l.\|.......F..{....{..a...z.........F..l....kUA.T.tSY........n([..k,2;..^Z....N:..~.By..xm..7f....{-p+....hx!...k..s...f#....t.g...............M......=..f>.y."P.,../..Z;........\|T.pK.g._..Kz.D).Q.....Z.....c.........m.t...].~e.Sf.P..of...o..M.#.S...R..7..Ca`.xb......@..7L\J.b..M8wn........^f.\|9Z.,...[....=..8.\..a....(N....L.Fp.8U,.x%o..p..Q.#.J..1cg.b.d..i.TK...F.#.....p ..f.H.5(...$.q..[.C.$.:6."f.8.[oK@.u.q^....,..}.B?......\..... .._.OV...t...6\|...h..vIG..!...N..p......~..L......p.`4(...j.7....\g...i8.._..\|).7.g.;..N......o..v.{.......m..}?....{_....'TA.j.....L.!.O.qyv....*..X..>l.{.:._.?sg......}u.w..W.MDD.j..j..o..g.iq.q.....e..e\|.....t.."...r......IEND.B`.

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with very long lines (65314), with CRLF line terminators
Category:	downloaded
Size (bytes):	127689
Entropy (8bit):	5.292629684463733
Encrypted:	false
SSDEEP:
MD5:	E8AD5044AC51872C7EB1BF46502AB9CB
SHA1:	19DFE0882424E2F2C8E0AC6C8EFBC2EEE48366B3
SHA-256:	F70766949634D187DD04387B211491B4ACA0A709607F2DD723EE2432427FD16B
SHA-512:	7DE900336D0611F9FE8F05D6DB7213E6C3B2362900080F605399F14D37C783916F0519DEADAE740F7BA6739CB44C381083FEE1533C814288ACAEAF368755F218
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/xui/xui.css
Preview:	./*.. =====================================================.. * XUI - http://xui.xfeng-studio.com/.. * version: 1.0.1.. * email:1106245966@qq.com.. * =====================================================.. * .. /...inline-block{display:inline-block}{padding:0;margin:0},:before,:after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box}body{-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}html,body{-webkit-overflow-scrolling:touch}img{border:none;max-width:100%;display:inline-block}p{display:block}article p,section p{text-indent:2em}select{border:0px}label{display:inline-block;font-weight:700}input[type='checkbox'],input[type='radio']{margin-right:.5rem}pre{white-space:pre-wrap;white-space:-moz-pre-wrap;white-space:-pre-wrap;white-space:-o-pre-wrap;word-wrap:break-word}[class='xui-grid-avg-']{display:block;list-style:none;clear:none}[class='xui-grid-avg-']:before,[class='xui-grid-avg-']:after{content:' ' !important;display:bl

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2000x1049, components 3
Category:	dropped
Size (bytes):	64936
Entropy (8bit):	6.815420842607941
Encrypted:	false
SSDEEP:
MD5:	03F67502572C3CE73F29005FD3DBCE5D
SHA1:	5BB5A21CB50E003A48643D96006B6A2C8F6D2D8B
SHA-256:	16B754137C1DC74EF6B6881B5E18D8AE315269B01CD90CB4F4B5C744A72CFC18
SHA-512:	88C6B54F6F14FAFF1CE6567578B40F3DDAE60F4409DFF0045F376EC065377B562CF74A6DC9B2BE03E2B9E64567200B89154893AC3DEB1D076037DD2235E8EFB3
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....H.H.....C..................................................#"""#&&&&&&&&&&...C......................"....."#! !#"#"""#"$$##$$&&&&&&&&&&&&&&&..............................................................................................P...P.(...............................................@.... ... ......@.@.......................................P.................................. ............................ ...................(...(...............@............... ................... ................................................PB..(.................................................. ... ..@.....B.....@.............@..............P..................@.....................@.... ........... ........................P.....P...P.(.......@..............................................@...@.................B........................(...(............P...............@.................. ...........R........................(...(......................A..............................

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x600, components 3
Category:	dropped
Size (bytes):	108296
Entropy (8bit):	7.946923061335154
Encrypted:	false
SSDEEP:
MD5:	F08A9A8F80CCEF6CE189E25B77567433
SHA1:	B5D2095EB84A316A74B865C308961DDA16D7205E
SHA-256:	B2645090B39583B4336360DBA1A2E1610724308B0C12E915AB8209799E960F82
SHA-512:	BBDDE6DF2E3DBA74A6ED4A14DE3D5CA180E9D7F49AFE4A447DC44671E62539E8E96534160EE153306A583F3755C9376B886A10524A8DF7E2C931E65267B019CE
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....H.H.....C............................................ "" ,,,,,.............C......................$.....$(" "(%'$$$'%((.....................X.............................................X.........................!1AQ.."2aq.R.......#3BUb...CSTrs.......$45t...%6Dc.....Ed.&................................;.......................!1Q.Aa."2q....R.B..br..#S...C.$3.c............?....G.Sb5..U8.<...}..E.....6W........=g...P.Cq....H.QY.+.>....?w3.G.&......./.\....#R{.3...y.qJ.....6Ge.=...{...6-Y.......#..u'..yU...H+..t......>P.n......z.^..m7..._....m.[<....R.....-l.h.'.n...U.I...x...>...Sm;G..~..y....Z..H........LS...w..d.>.fb.,.....,.>.n.yy3.\|...c..^....Jl..\|.....S....omL.K..F;C>%...r.....Ur..mD....t.:v..x..-.Sc.QYX.....Fev....7_...2....F...=.<...1..c....Sr.2l.X;&...S..}."m.^>.9C.g....6..B.../)$6f)\..<.i<(O.{..-.`/63U.~uL...R..v7....F...w.x.7.J.h7[....(].e}Dc..8...g...m.\.<.:.Z..Q/.Y.{B....S./...X..)...n..._+V../.LGct.=...j..e.J..^.c....

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 620 x 1245, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	167984
Entropy (8bit):	7.98202594838431
Encrypted:	false
SSDEEP:
MD5:	D125F273833371EE3A018CBCBC8AEC86
SHA1:	57AB7ACD7221081FEF4508D3C527E9CC642F98E7
SHA-256:	D8EBB902B541CAE5EEDB3A5BF67AA464261C040341ED58BB20118FA951657FB2
SHA-512:	36CECC308888745022DA0D17333E193009CCEBBA27EAD3E1CDCAAC2CECE938676415DA2DE4F9E0F18DD2634AB84BBB68FDAE07DE183E5E72744D853F659CC37E
Malicious:	false
Reputation:	unknown
URL:	https://newres.wechat.com/t/wx_fed/base/wechat/wechat-main-page/wechat-main-page-oversea-new/res/static/img/1-MVNBf.png
Preview:	.PNG........IHDR...l.................PLTEGpL)!1......))!...!!!...))))!!TTS.JJ...T2'dD2;200.....!.'......H@@......kUH7(!...hOc[\1E^.....(4L51'9BA.P8..n1)1.YF.sydR.th..x...@Sm......................yf...............sT...Kc\|[r...........)119!.................p....ppo.",.....[.........~;0...\|.......v.........S.!.........................y....'...............]eW.......ME.............)1).........6<.@*.....tRNS.@..f...^IDATx..[.k.H..#!..YY.f$F.A>...`{.@.....g.7..g_..........W..OK.$.q2.U.Z.vduW.W..v.;.......`.P....Waw........,.0.[Hn.>....mZ{YK....}..x.KB.....s..8..yI.>&.....B7.AQ..$.v....+.nI....k.u}.-=........s..l...Oa...W.h.&qv...n8.........].....9.......> E..q.G...0o....m........Lw>9g\...t.Z9.t3y.c....0$$...D1E..U]..../8`AFc.....^.u.O...?.y@;...j......!...b..ogH.?$\tgP...=UK.K....m!.X>r>..C.X7../.o~......v...qNFy..G..r....B.\1k.S..um-...p.z........}..s.....6.......C.9E(...kb.....wP.CT'....I+/ 8....s+P......F.1!.-...h.............

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:03:03 15:46:18], baseline, precision 8, 600x600, components 3
Category:	downloaded
Size (bytes):	189672
Entropy (8bit):	7.816636775864835
Encrypted:	false
SSDEEP:
MD5:	E924183E54427ABE99FBC450EB4593FB
SHA1:	53883BD838907DD72D0780A9BAE11E32649A5218
SHA-256:	9FE643F169B0532ED4A679563B6520A55C13BCAD8ED7E34AFDD5508444CCA5D6
SHA-512:	23AEECC81C4E0BD26E4B561AB01170488D676B04EC3D632904816C18BEC519D853863606895CD638245EC88B4778EA0F6D22C5464A2213056CEB4F8BB452646C
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/202183011225.jpg
Preview:	......JFIF.....H.H......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop CS4 Windows.2016:03:03 15:46:18............................X...........X...........................................&.(.................................k.......H.......H..........JFIF.....H.H......Adobe_CM......Adobe.d......................................................................................................................................................"................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...N..k..Us.#....V...?q.__.,.......?}?.]X..ck.......,\...V.....)....5...!3...

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 570x570, components 3
Category:	downloaded
Size (bytes):	50123
Entropy (8bit):	7.871345248852179
Encrypted:	false
SSDEEP:
MD5:	A42EF86786C3BA8AE9B89FD1ABA0DC8E
SHA1:	903F5DB47FEEAFF19FFB3BB325C317770E0CD167
SHA-256:	0D53381CE34A87B544FE4F9A608565F5D2B2EBBCECC19789672B557A9FB3F870
SHA-512:	C66F8EE97A70DBE16348D0DEF895AB5B71F0E32B244FA63FB5332BD2F7122BCA63E30D25F1C9CB500FAC33A9996DFC7796F3F2CE6BA309011A5D23AFC96FB6D0
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/ewm.jpg
Preview:	......JFIF.....H.H.....C....................................................................C.......................................................................:.:............................................e............................!..7Vu.......1AQt..."268TUq.....#45RSas..$%'3Ber.(C.....&Ebd..DFc....................................:.........................!1.AQq....."BRab...#$2cr.s.CST.............?..`.................................................................................................................................................0g..5...9.f...`..f...`..f...`......`..f...f. ..1....[h...{@5.3...3.x.5.....km..H.^0...........?....3..m...........m..f...`..f...`..f...............J..(. P.p ..IZ....sqI.T..........A.......A.......A.......A.......A.......A.......A.......A.......A.......A.......A...4M.....I....<.I....F.p...)[20.C ._I.//./..[.Zu>L"..vJ\75.....Yl....8..=#.{..;.8..=#.{..;.8..=#.{..;.8..=#.{..v.....1r.]..B..2+O.q

Chrome Cache Entry: 192

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 120 x 40, 2-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	231
Entropy (8bit):	5.6398428408932215
Encrypted:	false
SSDEEP:
MD5:	79F104A9A14E6F5E9EC36FF78470490C
SHA1:	B694F666877EDCF518B33C08C7B80AC20ADAED02
SHA-256:	E5D103CD8F9C2775FC2C868E39712D1723EDF25FE07E91355FAEA9BDD440C45F
SHA-512:	E15B46050FD6DBA243610AB91F56AEAD9B0047F3BDF5C4F016FE0799D63441F2E20FBE1D168DD134D646C68D28638F43912F5767195AC05AD5970CE5146591D1
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/lab_on.png
Preview:	.PNG........IHDR...x...(.....H......sBIT.....O.....PLTE.......... m.....tRNS...DP.!....pHYs.........B.4.....tEXtSoftware.Macromedia Fireworks 8.h.x....tEXtCreation Time.05/04/19.@.u....IDAT8.c`...`...A.B...Ux........r....IEND.B`.

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 810 x 288, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	5997
Entropy (8bit):	7.795516920713676
Encrypted:	false
SSDEEP:
MD5:	C338CDA91242421593EEEFD63E87DB5E
SHA1:	67A695CD06ACBA2958232CB97AB6E63B4F5ABFD5
SHA-256:	18EDE824B7D5C69D433082289D017FEB88145E1D37D81B91E14BA17DA35FAC2A
SHA-512:	EE56B3A9340F9CEE23FA007B14B714ACF6DDEB2D86B31532B0039B770563E5DFDBCF92D57DBBA64CE3860AC79DF3C4B3023DF0F0FA336BD8BF396AFE7683258D
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...... .....l.w....{PLTEGpL.........................................................```@@@ .................ppp.........PPP000............ooo___.......tRNS...`... ..P.._...rI.....IDATx..kc...@=}Og.sm.....i......-@..q..].[S.....z V.1_>...._7..+.?...U./.\|...6..Q[..Ak.p.,..0...(.>P3..n..a..M.....M./.@..a.........qz..S....K..3..........>._..@<....?....Y.Q..5+....I.../.$...D\|!....i..J.H.}...........W....... .U.P..U.P..U.P..U..U.P..U.P..U.P..U..U.P..U.P..U.P..U..U.P..U.P..U.P..U..U.P..U.P..U.P..U..U.P..U~S........6..Uo..T. .^.@.T...yW.Fk.~....E6/.z8..n.0.r[.<...U._......9.uN9...Un).1.).....yu...>.t9W.Un.E.}..u.p.Qx..F&{.B.A...BWm..ES...L~..T:...H........<%...P..WA].h..~.<i.\Ge.Z...._.....k......QE=.gG.........Y..?.6U.X4....f.r.H..%......<.6m.K+C..)U...P..Ty.l^^..Se;...UnA....\[.s."..\W.....T.T..~i.P...7e.......c.....S.uY....F.Nc..j.Uf...........K....T.....h.s.3.6.>\.U.rx..'.....2_V&...z*...Y.?un..B.}\:.o5L..%ZW....1...?}g..".

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 750x750, components 3
Category:	dropped
Size (bytes):	95054
Entropy (8bit):	7.8633231231619956
Encrypted:	false
SSDEEP:
MD5:	95B082C2D94B59FC6B33E9C8B88D77CB
SHA1:	D14FAF724F811E6ACA07199388C7E834A512E4A0
SHA-256:	8FF0188F6BAE4A9BFBB40FDF1269AA443696FE447D107B88BF70AF707E7864B1
SHA-512:	98978861FE34CA6394D51B8AB173AA4DFE7F2795408E5DF7036567A6CC205A9A6866A4391F6F5A6385DDCEDDC36F664A72B6F279B47A122CB89001694869E4E6
Malicious:	false
Reputation:	unknown
Preview:	......JFIF............."Exif..MM..........................C....................................................................C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3
Category:	downloaded
Size (bytes):	4579
Entropy (8bit):	6.601481597235545
Encrypted:	false
SSDEEP:
MD5:	F6EE0114FC9D7B0C57102114724B4A5E
SHA1:	8C0D7098163B922CB2E20CE51E69DA19AC1AB94E
SHA-256:	08D98D0FBD317BE15C737086974580953ED773BBEB8626F4704CF4E249A14E7E
SHA-512:	95CF0889230802A89A66D9518D4532F31754630FA932777C2EA0737B8D147182A1AED5405D5653CB25A7437AEF93DD079FA37B1384F39CD60C3CC8C669FA7C6C
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/imglib/nopic.jpg
Preview:	......JFIF.....H.H.....C....................................................................C.......................................................................,.,............................................P.............................!1Q."6Aaqs..#2tu...45BR...37Uf........STbcr..............................................................?............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................U.}{7.u.....N\|9J./..6G.....n9.F.s;q...z.@...+D...m.$t.&..p..mE_..g...........i........(...{....E.U.~p..I...

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	544
Entropy (8bit):	5.189991607093636
Encrypted:	false
SSDEEP:
MD5:	5CC6D4D82BCE7663D505A18D25890203
SHA1:	198CD998861D70D1B6C117EB78CCB08F0041442B
SHA-256:	9FD2B7A81DCF235F711E84E59C7C894EDDF3E191A29EFE145CDE33888B259B4C
SHA-512:	020811634C1018BC26DC730F69694789D6E77679693DA5F5ABFD07159E2725DE7AA4D9FF9B740CF249DFB4A3C90FF3E458F0F816155FAECE0FEB6D0A48858ECC
Malicious:	false
Reputation:	unknown
URL:	https://weixin.qq.com/r/xzmfh2HERzw4rSXk92zV
Preview:	<!DOCTYPE html>..<html>...<head>....<meta http-equiv="content-type" content="text/html;charset=gb2312"/>.......</head>...<body>........<script>................... if(navigator.language == "zh-CN" \|\| navigator.userLanguage == "zh-CN"){.. window.location="http://weixin.qq.com/cgi-bin/readtemplate?check=false&t=weixin_getdownurl_sms&s=download&from=100&stype=10037102";.. }else{.. window.location = "http://wechat.com/cgi-bin/readtemplate?t=market_redirect";.. }.......</script>......</body>....</html>....

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 120 x 40, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	299
Entropy (8bit):	5.8762073785661455
Encrypted:	false
SSDEEP:
MD5:	462A537FE219C7D095AD16BC537FEEDA
SHA1:	6B4C4EF7158F17F24F7225819D3B605D2DD925BE
SHA-256:	A03D7F7EFF7C451A672829CB8A70E0270A7C9E33A4092CC7C305ED23E24061C4
SHA-512:	9224D4F5FD4A4151C5015CE3781188F275ABF46F3FAD86ACB83FB06E60DAF97E6A0E088F908BB8C23637A70C0D2B8340EF816752E2F2C956CBB9F32D53F15938
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/lab_off.png
Preview:	.PNG........IHDR...x...(.....5.>%....sBIT....\|.d.....pHYs.........B.4.....tEXtCreation Time.05/04/19.@.u....tEXtSoftware.Macromedia Fireworks 8.h.x....IDATx......@..A...qSY.8..*......]...8K.8.....8N.8.....8N.8.....8N.8.....8N.8.....8N.8.....8N.8.....8N.8.....8N.8.....8N.wf.(.}e>..bF......IEND.B`.

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 225 x 225, 1-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	1305
Entropy (8bit):	5.0224552060550876
Encrypted:	false
SSDEEP:
MD5:	9713C74A15183A3E2F1910DB67E9B855
SHA1:	E8BE2DBF34A364F7E5D7D3D0A60DFC318D4A8CA8
SHA-256:	169D5CD6A5B1E718A74965B9F76CE0BF50AC7FFD50E73340DBD0BCA8115B22BD
SHA-512:	BA22D8F8F587FD984D52B7EFB7A2A281A75A631A694D6DCC17383845B2CD96B0D2CA9F69A9F5A50645FDBC730F1FE7D9F2F31C096C4ED45870A2095E0DECA10B
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............}@9....sBIT.....O.....PLTE......8.....tRNS...@......pHYs.........B.4.....tEXtCreation Time.11/29/19..yE....tEXtSoftware.Macromedia Fireworks 8.h.x....tEXtXML:com.adobe.xmp.<?xpacket begin=" " id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 4.1-c034 46.272976, Sat Jan 27 2007 22:37:37 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xap="http://ns.adobe.com/xap/1.0/">. <xap:CreatorTool>Adobe Fireworks CS3</xap:CreatorTool>. <xap:CreateDate>2019-11-29T08:18:39Z</xap:CreateDate>. <xap:ModifyDate>2019-11-29T08:20:30Z</xap:ModifyDate>. </rdf:Description>. <rdf:Description rdf:about="". xmlns:dc="http://purl.org/dc/elements/1.1/">. <dc:format>image/png</dc:format>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.

Chrome Cache Entry: 208

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Category:	dropped
Size (bytes):	54590
Entropy (8bit):	7.129928173795758
Encrypted:	false
SSDEEP:
MD5:	D68D614F442CE94ED8F741AA0A2EF228
SHA1:	67776CE6028CEF986333E983C44239B26BC3FCC5
SHA-256:	3A4A5E474A48F58BE9D5B07D143D6151B655735D21AD95FB2F2B3ABE4C09BAB3
SHA-512:	A10FFE1DEEEA305C1E725AA1729815CFA44F0B609D0BDF44E8B94052E76CD0F78C5BD998894554154B5D329D27D4B1F521BD988C5C8B64CFC36EE4710B9D24F5
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*............... ........... ...........................................................................(...........1...........2..........i............. ............'.......'.Adobe Photoshop CS6 (Windows).2020:07:11 11:10:14.............0221....................... ........... ...............................n...........v.(.....................~...........u.......H.......H.........XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 356 x 96, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	3004
Entropy (8bit):	7.850295835680949
Encrypted:	false
SSDEEP:
MD5:	AAEC6A453C14067CD710518FCA1E718D
SHA1:	19522F1DA1306E3F66EF888C0A96A9939DEB10A9
SHA-256:	999AC1A2B60D99E6F84189F2490555D5354002474F5CC257653D1A1F088E7019
SHA-512:	5A696509BBC679DB2DB36618B9479ABF449E4578694302ED6AA5F6C84E53E20E4E7FEDA8271AE876AB6020C11166DD0B2F91BC019BCCBDC814793AF073801F1E
Malicious:	false
Reputation:	unknown
URL:	https://newres.wechat.com/t/wx_fed/base/wechat/wechat-main-page/wechat-main-page-oversea-new/res/static/img/u7U1PY3.png
Preview:	.PNG........IHDR...d...`......#......PLTEGpL...................................................@@@ ............```.........000...PPPppp...ooo...___OOO...............!!!...qqq...111.........aaaAAA....B.&....tRNS. ...@...............IDATx...b........3....8iO....... HJ4#E..b..[& ..`6.r.eY...w.......e....h.N.v.eYv.C"qK........,{.(.X~z...(.Z~.E...3K.no/...9AN. '..r..9AN. '...BDY?&~7.,.......y..\|mM..\..K.\|..M....\|..uQ........o..g.,...N...M.m@~..y.2...O...M@...3." q..d...;..r'2.AD..D.h.H........Z...:...b...bu. .C.uo...0cs"...E!(.......o.rP..^.th..P.f..@.Q.ED..r<p..o!.}...r.......u.<.(.e...QnU].Y@.T..D$....xS..}.".,P.DGD.ZC..Q.0D.%..Q..`H.....[.UPD$..c...44Q...J....(. .Y.Q].)..N.s.9..Z..h..l.I.D1..(...;....3...........5.d...K../......}.r.......Ihr..#..>@n.N2......c../q..7_9>...j.....@....X!. ..S.."U....t....[-M..[_...Zk..&.1.9./...Y..:...K+qO..~\Cv.....HD.B...Xy.5.Y.2.............,....3.+FE..a0..H..D.9.k..ZCD=J..vchm.g+..A.<dbk^?ds.c..>.P..R.s..hz....;T....

Chrome Cache Entry: 212

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x550, components 3
Category:	downloaded
Size (bytes):	99559
Entropy (8bit):	7.944771469313319
Encrypted:	false
SSDEEP:
MD5:	019521DAE4986EA51DE17F5E42166B47
SHA1:	1F1132F4F26C3D24A54018F0812301DC918D9EFE
SHA-256:	4A08EF53CCABF091CAAF39E034407B39F6D2DA0E2B39B393B094CDF6E6FF6DAD
SHA-512:	6D637A55D00FA1F21F4CD81811D74AA5441FD5026F3C5FBD53FFBD27B63130A1C001AA1A620CACE64E58B6AC7ADFF7CFAC9471B73314CBA378C204BE9A7BB451
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/wenhua_bg.jpg
Preview:	......JFIF.....H.H.....C....................................................................C.......................................................................&..............................................I.....................!1...AQ.a."q..2B...R.b...#r...3...$CS....%&4D.Ec..................................?........................!1.A.2Qa."qBR.......#3Cbc...r.$4...............?..@.C'..?;.>l..b7.;.m4....!xs...r.....eps...g.d...#..'b..X...?.>......L<l...Q....a.Ox?.:v4^nL.g....f_=.s..._1...,..q.....;.Q.X..e.:.F'.g.9\|.;g.8....%.N2..{b....~...x....h.g2.r.....{.h..s..e]....a.7...p.....s.zs.....s~/.Nc-..;./......!..a.\|....}/....=q\|.O....5.....-c.j......b..o.,..8z...v'.]"{6Y.9V...&.C..`..#.g.WHk7q......./k.Y...../)..^66#.D..L6...a.:r...v......$....\.x....q...#...x..Z....q..'.....?.....9.l:?L.S.~...j..B.yt...$..UX$...+-3..s...A........=..p..u..eRaC...2....l..m..^g...".y..P..2+v...d[O.n.Mt.`..s..b....`..LC.kEI$...f...........\|.......o..3.L_..X\|M.....F....

Chrome Cache Entry: 213

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2102 x 426, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	15808
Entropy (8bit):	7.887817596599795
Encrypted:	false
SSDEEP:
MD5:	6BFEEE13F3FD56248A37A219CF248391
SHA1:	C8D6DCEB14BFDD69FBF528DBAC177410B8408C2D
SHA-256:	274676A3F9EE7B6D883C666452195F092DA3B28B030A411C15C4684710B41E88
SHA-512:	4C54777C9070B11826BBE69DE4B44BF205591358E6D05BB23B366BAF7768DF65A79BD6CACAE35C4C904DDD65AB768187EEC27614AD1FDC6C93E4E10153588253
Malicious:	false
Reputation:	unknown
URL:	https://newres.wechat.com/t/wx_fed/base/wechat/wechat-main-page/wechat-main-page-oversea-new/res/static/img/1jwBxj0.png
Preview:	.PNG........IHDR...6...........&...3PLTE...........................................................tRNS..@...`. .0Pp..%.8/..=,IDATx.........................................................................`..@.........TUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU....M...0l...w.W....[A.L..yN.....v......................../q..........U..W~i.l.. ...........UU/..j..l`.d.lx.f.....s=...l`.d.l(n:.....l`.d.l(......@vE6.Y.A6...c<h.Y.)M=F....d.qnc.."..w;.....NC.<..h.6..&6...E.XC6.K\|...h..g6,k]'....K...E.o?....#v.t...l..j(..C\....a..I6.V........g..&M.a..'.r,."...{v...X...............!].$.<...9...f";.:n......7..p....ubCr.]..dC.7.H6d..N...Z'....X.>=........n..........{.I..l.I.]..&.uqe...b1'.<.R.E.H$.$.>{$2;.YL.W..#.....A^C6Tq5.~..........J6...U....i..}..V.....d6.od.[M.....u.^6...:.....r.0..a$.....igJSN......y...h../....]...f...p.lX..../?...7 ..Y#...3.l8..8K.~..6u6.QV...q....'..j..7G.p.5.....H"d.Y..XC6.p.5....5d.,....`....}...@6.......9dC..Q#...P

Chrome Cache Entry: 214

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 332 x 332, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	5167
Entropy (8bit):	7.333065509932749
Encrypted:	false
SSDEEP:
MD5:	5496C1924FD485D9C8E2541434A1B3DC
SHA1:	84D2DD027A1606E626B443772154F7C23605426A
SHA-256:	BDAE8284141567888D1BE53D094325242DFEC516845A7F87D47B6FD93F736864
SHA-512:	F615A95F83BCD8E61D9E9FE93A668B1FF60A25DF0675EF2A663A34FA90489EDFB7548F9430F488B6AAABF6EB9F17ABBC3E0A57FAFE4FF95C12F8CAA9D73C78D8
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...L...L.......um....PLTEGpL...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................5......tRNS......"..........B...J.......Z..f......{.4w.h.1.........~.'.et. ...=.2`.T.>P.!c%.\|..)R3....-p..YA.o$.,.@Ei+05}...Vz..K.I...d&.^.*N.r.9bH....#......n.s..y;.x....m...X..v.W8.

Chrome Cache Entry: 215

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	2750
Entropy (8bit):	4.951433444476404
Encrypted:	false
SSDEEP:
MD5:	D97B64259FDDF480CC02A2144959FFB2
SHA1:	F99A0915CA4C9D6672B2B0FE450CAA7E53920352
SHA-256:	147521C9133D143F936B99A6D080CB7AC74A1C7B8858190CC33B1A9CCBBD6905
SHA-512:	CB127F9C4EF9FD516A897EDBEB168E718E89C390FB83A3AE61F6F49759B27D5AEC21E3D09928D31506D071D7E20C11073AA91C0CD92EAA698447142F80DF6096
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/codelib/scrollanim/scrollanim.kissui.css
Preview:	./.. Kissui v0.1.0..* www.kissui.io..* MIT license../../! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css /............../ Modules */...container {.. position: relative;.. width: 100%;.. margin: 0 auto;.. padding: 0 20px;.. box-sizing: border-box; }.....column,...columns {.. width: 100%;.. float: left;.. box-sizing: border-box; }....@media (min-width: 400px) {.. .container {.. width: 100%;.. padding: 0; } }....@media (min-width: 550px) {.. .container {.. width: 100%; }.. .column,.. .columns {.. margin-left: 4%; }.. .column:first-child,.. .columns:first-child {.. margin-left: 0; }.. .one.column,.. .one.columns {.. width: 4.6666666667%; }.. .two.columns {.. width: 13.3333333333%; }.. .three.columns {.. width: 22%; }.. .four.columns {.. width: 30.6666666667%; }.. .five.columns {.. width: 39.3333333333%; }.. .six.columns {.. width: 48%; }.. .seven.columns {.. width: 56.6666666667%; }.. .eight.columns {

Chrome Cache Entry: 216

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1920 x 437, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	557352
Entropy (8bit):	7.997538902368216
Encrypted:	true
SSDEEP:
MD5:	C7B7516DF8AA1E0BC0F6030C51520671
SHA1:	53FBBCA71BDFB8F283777335EFA243743D6343F5
SHA-256:	319D1E75306C7A21EE5F68580698BE8C9D849DB00FED75B6291B7A168585761E
SHA-512:	4D5254D731609A51B5EC0F44E883945B346DE62D1E42E4F752ED919DB203FD4C64D7BEC39D148737BD35A9EB3BDC5717118D10013F6196CC53C66EF7ADB1D910
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/photo/202198143025.png
Preview:	.PNG........IHDR...............~... .IDATx..i.$......{-$..}o..........s.9.nI.."k.-v.y...K.3.H.(.......3.a3........._.Z.m..o..:.v..im[.v...."t..v....hr<.M..^....:..r=..]...V..UUm6U.x.....u..jC .U.........-23.".2..[.^...r.~.w=..q."D`A..n.........`<...A..k.+.ZW..y...t...j5_...n..ih #.i..q$1.Y...."HQ.{..........Qg.X\^,..........F.V...sH...6...?...!r...Z.(Y.HAp...\.V..Kb..~....:....i..yD....fMi..Xr..)zR.!n0...q..f3.B...`x\|.l...j.jS...N[.ug[u..b.^.[.M.#.0.Cz..$..6R.......o......`:...z.\.hkXmw..b.^-........V.....!.........-......`8. .5C...H#.%.]....E.I..5b...._..\|...m2.<...`8..&..{..U.3..{...,..9.WK...{}D....:j.%..p8B.$..J.E..}x..>..I....l.............c..1[..E......Fq.........!..%.e5..'p..-e.E.08..Q.W.~...?S...b.....v..a1..,iB....prx0..{.....:J .@T6HJ........AxI.Xv.l..:....NWP.....),.:....Hz.47.....#.8<;...&'../P.]?]....t,..._.......&?..O........sZ.Z.V.z...[[..Du.{.v....K..n..u.1...t(.W.6.U...[.j[-+F..&6.:..j.\........E{9.W.q.}zx........x../...

Chrome Cache Entry: 219

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	772
Entropy (8bit):	7.333587032891604
Encrypted:	false
SSDEEP:
MD5:	B187DC2BA79793C017743EE90D5CCA7C
SHA1:	61836B0A80437944640F9B3708092CF888A6E5FE
SHA-256:	6B3CA5261274850458005F1DF1BC1B76B9A6D0C87FCDD0856B57BAEACF0D2147
SHA-512:	BC3910377D0772438979D4B9210AAE0ECA4F6B2EFEDCFB079948AA5AB4F5F93866272FAF1D9C067645D01E353C8D5A493FED449332B5D74721D5E3E1EBFD1D77
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...0...0......,.....sBIT.....O....0PLTE................................................N..@....tRNS.."3DUfw........v.......pHYs...........~.....tEXtCreation Time.07/23/20.9G.....tEXtSoftware.Macromedia Fireworks 8.h.x....IDAT8.mSKO.Q.>3}P@....tm.Bb..5..T...B.. ..LL.(...3qQ.....V. !i2.W\4."-..y.<o.~.3.=..y.!.0..m...4.5.....;OO........{[..Y.i.(d..wS..^1`....o7u5.k...c....&......VY....m.=.R.7....H...>...k.p.o.b...?.X.Q......_.y..".q./F..=..q......=?..Q.....l..W.P-1.B...l.,...!X.......u}.hA.&.j....).J...%.....!.LH.>&..Z..K..Q.....f...Oy..*..'..a...}8.%(.s....R.(..n".u..l.$H...Nr...Dw...y.x...YM.B.U/d#.m..!......p.......".L..b.. ...RB)...)!.....J.....Dt..\|...$...].&AMW.S...AGy.!.. .ZL.......N......A.............IEND.B`.

Chrome Cache Entry: 220

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 645x645, components 3
Category:	downloaded
Size (bytes):	43376
Entropy (8bit):	7.530705680294084
Encrypted:	false
SSDEEP:
MD5:	9CFFD2FC46E64C1D135866468124F6AA
SHA1:	B8397213BB07E133F1623486EF9DD9511AFEA9E0
SHA-256:	EC745474EB9733A91ADE88CE49799F14A550247AE937A3BB736A86F80493870A
SHA-512:	871B069C4BDCD5E2CD443E52F1E402C2895B92D4422FAF07F0800692D749FF47D4C2E309810943DD3901D2B2FDC630FA73A15902D8F39AB9637F587C3770EF63
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/202183014818.jpg
Preview:	......JFIF.....`.`.....0Exif..MM........1..............www.meitu.com....C....................................................................C.........................................................................................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..S.....(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(....

Chrome Cache Entry: 223

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 280 x 280, 1-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	267
Entropy (8bit):	5.918494152094322
Encrypted:	false
SSDEEP:
MD5:	A49EA19FC1447A47BA3FBF27A7507A14
SHA1:	36224B7406CBA2DE17F996791156073C44C76B63
SHA-256:	8E72C81EBF3FFE5752B56FE571C081B223B9501FA7A141A17613431B026107AB
SHA-512:	28584D456AB4C0D1F3E8513C8C14D52BE14EF08FE9F9A31B5FEAC6B079BA2E1FED0B2C5C710E146869CDCC7671849CA0058BCEA9BD090764B535DFA09B186C3B
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............@{.....sBIT.....O.....PLTE......8.....tRNS...@......pHYs.........B.4.....tEXtCreation Time.11/29/19..yE....tEXtSoftware.Macromedia Fireworks 8.h.x...AIDATh.....0...gs6OF...W{..Kg...a..a..a..a..a..a..a..a..a..Y.s..~..Z.......IEND.B`.

Chrome Cache Entry: 225

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 110 x 110, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	1634
Entropy (8bit):	7.757501723501472
Encrypted:	false
SSDEEP:
MD5:	7F5CD94C3D90FE8E7F17F6C9F5FCE046
SHA1:	EC15B8D408A40A59F2B4552E7879D82CFE1F0872
SHA-256:	0EC2459F9CC6ECFFA95727B5317EFB225A3AFB59476673EE43F3BEAEB6CD5406
SHA-512:	C76402B55100F2E6CA14C112BB7FBEFBB41C7C3229024E2B25CBEF568E457552C8375BCE151FB8EDBBF818EF0F12CCB8B9BC2E2CCF3AFCC94B3EF6525F9B6D56
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...n...n.....4u;.....sBIT.....O....0PLTE...333333333333333333333333333333333333333333333........tRNS.."3DUfw........v.......pHYs.........B.4.....tEXtCreation Time.10/11/197l .....tEXtSoftware.Macromedia Fireworks 8.h.x...`IDATX..X]lUE..=...mm+.j....H.R..cPh\|.h4.`.1..<..mE.F.h5.....1. ...D..hR.">...............s....s..U.....;;;;3...?..~p.....yJ.K.9..3{gj..= ...t..D}...G....\|5....vwu....#.a....(q..#.b..C..5U-~.~$QU>.P.Wc/G.$...m1......u.3...lp..`.$8...V..%N.^.wcu..8h.dm.9~.\|7.....p...1.....N...k........&.2..s..<..c...Z\.'.y=/.g..i<.c.P-.......+..a...0....j.M..O...P.x.yM5..O._^.Gh.././..."N.y.R.t.n`...aH...h..8sB....N..D..j;/.q.........>..fr.E-...Y.....'.L@.)...T.O..k.`...OM.(...UQ3..\|r.!..B..\....'j.B..Y.S..e.....En0Z%..p...DV...zj$zD..FZydU.......)Q.dE.....8.....f^...s.$.A3.........7.E..o.n\.. .>.g..#...N}.v.s.&I.....Z..]..g....Y;a..._..u@c...M....^..:.R)r.>.j..0.:n,.c.).O.^K:nI...M..q...k.....f-.0f{..Lw.....].-..<.+.x.C^.....g......

Chrome Cache Entry: 226

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1149
Entropy (8bit):	7.591253576482018
Encrypted:	false
SSDEEP:
MD5:	BD064D5CD12433BBD226CBEB13E0815F
SHA1:	22823B478CF3AAF91B201120FFC817023A54A7B8
SHA-256:	E4EEADD7D89E3F1B5216FF071CFB79DE769BF80478C53D2AA8D997461D14C10A
SHA-512:	AFB25C62F61E9268E6C4D53AA15D7E1CA962606B37EF23D3622A1A1337DDF6BE57E5520BE481807C350DBD59B31A4335FEC231C9AB4E11B263C28CC0C2FB42C0
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/web.png
Preview:	.PNG........IHDR...0...0......,.....sBIT.....O....0PLTE................................................N..@....tRNS.."3DUfw........v.......pHYs...........~.....tEXtCreation Time.07/23/20.9G.....tEXtSoftware.Macromedia Fireworks 8.h.x...{IDAT8.eTmh[e.>.I+..).B..%c~L3..6.\.....#c.6.S...... ..YS.~.9;...gRe..q...[{mU.J.6.m..`......\...z9.=.<..>..4.m...=.!.........+...N.R.......\|..[..u...^..K...l./.....(.n...?..o.l.....G=.8..fB...C....\|Ya.......g,m,...3.Y..3!]....h$.cY.:.O`........:.r.g.[...b..YJk].^..r....`..d.k...z...o..s..5.E...9W.vg-....)...:O...C...e...s.U....j...Y.k...4...tSK.8.N.Hh....lV....3x.1.}.....U....EA....+2.........S.....[P.{...B.......p.....@..L7.\....z.$so...X.<..Hh..5...h4}-.9_..........J..M..e...<..M..K.........;J..'.s.a...31..9.0.h..8.l...2.Z..V...1.."V....r./R=.0#. .=..O6nN.t[..6[..U.KY,2}.@.n..e.&.E...V._jA....M.o........\.......M.H......^.E....n..Z%U.z....'.s....9...0.H.......SSnL.J. ..p.a.....}<!........D}..DQ...k.a.. L&

Chrome Cache Entry: 229

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	292
Entropy (8bit):	5.425638386930412
Encrypted:	false
SSDEEP:
MD5:	E8A575BCDB8EC7BE3FC87E234811C5B1
SHA1:	5AB0BED695EC5CEB1BCEBA7AF226A375A4461AD2
SHA-256:	0B253AEF5E474CCE4BAB6A0CBE67145D6CE2625B4AD45F737DC1A5A19972B25E
SHA-512:	B74A9E8487D179BAC52FBB2C8EA20DDE228C18D5EAAB432501934A4B4A926B9B6EEAFA34197D23A78EC652642DF47EEF50E547B9F362990AAF0DCB6F231AD277
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR... ... .....D......TPLTEGpL..................................................................................K......tRNS.-........V.,.&..5.:........}....dIDAT8.c`@.B<...@...H.HC.vyN>i....+..&.@...a...7?'..V.b`...8.>..C....@B...0.".........D.)`..!9..R..N..!G......IEND.B`.

Chrome Cache Entry: 230

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	56
Entropy (8bit):	4.141565412858599
Encrypted:	false
SSDEEP:
MD5:	DE3701EECB9340AE075E05B04BB05A6B
SHA1:	1262474193BC31E859367DF01C4B2B26214A375C
SHA-256:	F475C34186022BA531EBC8BBA97FC10DF7E4C3EA854F314A18AB0644C851620D
SHA-512:	4CCE11ABF10DF2640900C923B0CAC9AE1B80890F52701D5B57AB937C4752E91AEA392ED9439EE24357A6F88AC6F0F79B160A9C080F5670220C29C81B5148C69E
Malicious:	false
Reputation:	unknown
URL:	https://s7.addthis.com/js/300/addthis_widget.js
Preview:	// AddThis services have been deprecated as of 5/31/23.

Chrome Cache Entry: 231

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 750x750, components 3
Category:	downloaded
Size (bytes):	85297
Entropy (8bit):	7.843217657595541
Encrypted:	false
SSDEEP:
MD5:	FFF144B3F2BF696509F945334E45E227
SHA1:	D639BA9C9F0E30EE386B194DDB8C8DD6D907049F
SHA-256:	C5F8D90A50C9F77A6AEAAB27B6E1AFDB5C93ECFF4391F36274D68A5FD91A7CAD
SHA-512:	9980EFFFC9B1D776A6112A085A0F2B28C9B90FB4B9872B8B0E8C6833F38FA086874FE612164354C2801B98FEC73AEAB7FCEC9949364E90071FE0F02B88456D85
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/2021830112610.jpg
Preview:	......JFIF............."Exif..MM..........................C....................................................................C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....3...QE..QE..QE..QE...@.Fy...('...E5[4..h.h..q@.4SU.N...Q.....(...(...M.....E.P.E&.cJ.h...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(.....L.J\.3Fh.2}(..\...P..E..QE....j.i....P...i....h..q@.RM('4..6Z..E.P.E.P....(...h...(..P....MV.(l..Z(...(...(...(...(.

Chrome Cache Entry: 232

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x800, components 3
Category:	dropped
Size (bytes):	185470
Entropy (8bit):	7.9574872865215776
Encrypted:	false
SSDEEP:
MD5:	FCB9256468661E8645BC49ACEF6B4304
SHA1:	75B1DF17BA2D6A04283963B2B8D6FD32E1D452B6
SHA-256:	6C41E251116A438123308E2B981C31670E605F18020B0AD9739E784619F4F4A0
SHA-512:	340EB3AB24BDDFC92746CB4082BC92CF1847FAE1393458078C1AAB775DD6FF8210CCFEFDD22176F82C220E35049AEB57DD85295098B457152667EBC1C1507BAC
Malicious:	false
Reputation:	unknown
Preview:	......Exif..II.................Ducky.......d.....http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC (Windows)" xmpMM:InstanceID="xmp.iid:EDA91D3D53AA11EAB53599572E2E0EF9" xmpMM:DocumentID="xmp.did:EDA91D3E53AA11EAB53599572E2E0EF9"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:EDA91D3B53AA11EAB53599572E2E0EF9" stRef:documentID="xmp.did:EDA91D3C53AA11EAB53599572E2E0EF9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d..................................................................................................................................

Chrome Cache Entry: 233

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (32036)
Category:	downloaded
Size (bytes):	97034
Entropy (8bit):	5.318839773667727
Encrypted:	false
SSDEEP:
MD5:	F89DBF8F275E3C9144675C3F49959141
SHA1:	94CBB9B6C8D8E4E03B59A73300E8CF70E83FE3D3
SHA-256:	BDF6F9A5259B321625A79BDAF405530E7EC53999C30205B9A159A838A1C03595
SHA-512:	2E2CA137EC7DDABDE93460558AFCED639C48C28218D0D69F54FD271FFD13CC42C7EC432BB4EC8BFA52197C7111937AF9F1BFBBC576976CBE8A23109ACD9BEB74
Malicious:	false
Reputation:	unknown
URL:	https://newres.wechat.com/t/wx_fed/base/wechat/wechat-main-page/wechat-main-page-oversea-new/res/static/js/index_f89dbf8.js
Preview:	!function(e){function t(r){if(n[r])return n[r].exports;var i=n[r]={exports:{},id:r,loaded:!1};return e[r].call(i.exports,i,i.exports,t),i.loaded=!0,i.exports}var n={};return t.m=e,t.c=n,t.p="//newres.wechat.com/t/wx_fed/base/wechat/wechat-main-page/wechat-main-page-oversea-new/res",t(0)}({0:function(e,t,n){e.exports=n(377)+n(336)+n(340)},334:function(e,t){},336:function(e,t,n){var r=n(337);r(document).ready(function(){r(".js_footer_ele").on("mouseover",function(e){var t=r(this),n=t.children(".js_footer_second_menu");n.show(50)}),r(".js_footer_second_menu").on("mouseover",function(e){var t=r(this),n=t.children(".js_footer_second_menu");n.show(50)}),r(".js_footer_ele").on("mouseleave",function(e){var t=r(this),n=t.children(".js_footer_second_menu");n.hide(50)}),r(".js_footer_second_menu").on("mouseleave",function(e){var t=r(this),n=t.children(".js_footer_second_menu");n.hide(50)}),r(document).on("click",function(e){r(event.target).hasClass("js_footer_link")\|\|r(".js_footer_second_menu").h

Chrome Cache Entry: 236

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=984, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2953], baseline, precision 8, 2953x984, components 3
Category:	dropped
Size (bytes):	367440
Entropy (8bit):	7.900140219900953
Encrypted:	false
SSDEEP:
MD5:	641A26A9C86154B996DB62580E00D767
SHA1:	9AE96836183B820EA54C07DABDC2C4C7E519CD47
SHA-256:	068CE150994DE9326AA2E30A01085F8B51CD911FE16826127EA9B25BFCADB73D
SHA-512:	850A476F71B8B1EFA75F09DED75454DB33D0ECCE4A625A8C146168746F7A48849AB0B6EFD14644750170499337E1134D395B0C482B2A3B0B80B3FBE5F3ACE5D1
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*.......................................................................................................(...........1...........2..........i............. .......-....'..-....'.Adobe Photoshop CS6 (Windows).2021:09:08 15:31:50.............0221...................................................................n...........v.(.....................~...................H.......H.........XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

Chrome Cache Entry: 237

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x350, components 3
Category:	dropped
Size (bytes):	55692
Entropy (8bit):	7.920604697685536
Encrypted:	false
SSDEEP:
MD5:	17F6C61729EBC735299C31DCE31E71BB
SHA1:	9F822660A6AA5016813D5DAB4EC606D28F28DEE5
SHA-256:	69B476A4C754A2522789187E96BBD0DA5FAF70C67CF53787C7EB1C9D0ACCF5D9
SHA-512:	0AD362DE1FC0D54187B7B81450E5D1DFC0129729424BA5B79DE56268AA5D4A64CC2C9760012AACD0B592CFC6B524E69CA0BDCC929F96279D3123E5E0C2908B7E
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....H.H.....C....................................................................C.......................................................................^............................................._.......................!1...AQ."aq..2....BR#3br.....C.....$47Su....DVs....%5Wct..68U....Ev...................................;..........................!1AQ...2aqBR..."b.3...#r..C...S............?....}..X..J..f.d..P..\..Fd...H.\)`.. ..R...^(.{_..7....9.r"...dT...6.....5\|..........6.yq?B.!T.........n.....\...g..V.....P.P...x...F.r.._..M...h.u".2 i.'..<./................ ......X...P.@K...]r...v.... R..ZW......x\|..qF.......p..@....P..&]..h....K.....z..0........._B......... .....j.B.E .............M4 ..\....S?$.l...0...3.....0.v.....f.0..W.......?........`KK..............`,.w.........@(.P..v.......................v..(].....r.......R.R.w..P.}F....2...._........i...s(.3.).?@.@.vP.......2..B.K.........j...... .D..Kp..T y....a{...^........aw..Q.......p..4...y.d.,....

Chrome Cache Entry: 241

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (671), with CRLF line terminators
Category:	downloaded
Size (bytes):	35774
Entropy (8bit):	5.5130145187924535
Encrypted:	false
SSDEEP:
MD5:	F8801F641C3B59D9ECF26C7A84A17873
SHA1:	927C61E448A2A212681AFC87FB0A51666CD506AC
SHA-256:	1A3BA7C24D058954644C90D7C0090F6D76FDF16E594C0021CBA25ACC5C5A6D28
SHA-512:	5DF9F150AAC64B9CFF9F28CBC5780CA53DEBF3BC0E07C7A7943FD0CEC3E7069C2BE91B9EBA98DA8A11DDFAA69A8D00FFB8209AEFADE6681316E9D237E348661F
Malicious:	false
Reputation:	unknown
URL:	https://www.honketel.com/
Preview:	..<!DOCTYPE html>......<html>..<head>....<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>....<meta name="AUTHOR" content="...... WWW.NEW-WEB.CN">..<meta http-equiv="Cache-Control" content="no-transform" />..<meta http-equiv="Cache-Control" content="no-siteapp" />...... <meta name="KEYWORDS" content="Fiber optic armored patchcord,FTTH Drop patchcord ,Jumper patch cord,fiber optic pigtail,mpo breakout cable,fast connector & outlet for FTTB/FTTH;">..<meta name="DESCRIPTION" content="Fiber optical patchcord/cable,pigtails, PLC splitter,fast connector,adapter,MPO patch panel, MPO Patchcords, MPO fanout patchcord ,non-metallic optic cable distribution box,ODF unit series,splice slidable patch panel, Wall-Mounted patch pannel terminal box,CWDM, DWDM,Metal sheet telecom Cabinets,fiber optic connector,Fiber optic terminal box.fiber optic faceplate,fiber optic socket patch panel etc.">......<LINK rel="Bookmark" href="/honketel/logo.ico" >..<LINK rel="Shortcut I

Chrome Cache Entry: 242

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x300, components 3
Category:	downloaded
Size (bytes):	69409
Entropy (8bit):	7.965802770353119
Encrypted:	false
SSDEEP:
MD5:	78B1318F421B417A9784272C96E20C5F
SHA1:	C5858DA4C904102CF61E119FDEA1D87B87AEADC7
SHA-256:	68AAB9B2439F799FF062874AA54A1B7362AE0AC38BD37663F88492F157A483A2
SHA-512:	E03635AB64A28E5B55EF9ADCF4CC8F52D6CE14C0BD0EB0E54EF7030A366651796F55E753A580AB1883EF04ABE6ACC7C4747C3FD3672AB63770DC3D52049FFB92
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/photo/20219814244.jpg
Preview:	......JFIF.............C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,..............................................Y..........................!1.."AQ.2aq..B...#3R...$br.CS.......%467..stu..&58TVc...DWd..................................<......................!..1.A."2Q..aq....#B...$3R.br..4.C..............?..fO}..2...@ .......@ .......@ .......@ .......@ .....p.....\..A.9\t..].....@...(.\. ..+k........%.p.......(.[U..........8....0.zn..=U).MR.2VxV.l.\.)C........P.....@..\..P.K........j.)...i..2^UZi.DC..Z.0NH....B...NH.U\...AY.CV+....Q..\<Z=R.[B...B..G...I.&F....._@.iG.4.....n..$uU....E..X.6..T...-5.=...Z...>P....'...#V.F...5./%...;w[..,S+...zVd.N!lY...&4.K..\%>..V.g.zs...tW<.....W.x.Xve.G.J3)..[.C5.qM8cG*.+.)".9g...s..'....RN....\|.).8..Zi.m.Kg.2.5tN.M...v.g.KN;.\.O.]..4.j.G ...P..j.f........0.UG........6...`..e[XF`...0..G..i..U..pL...MR.....)..Y..

Chrome Cache Entry: 244

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x390, components 3
Category:	dropped
Size (bytes):	122391
Entropy (8bit):	7.9794969493653065
Encrypted:	false
SSDEEP:
MD5:	DA987B99110FC2C3A195C9438573D9C2
SHA1:	32F46D1A064BEF3039A395899830BFAD2300914B
SHA-256:	A7E067F827B127E5E875AEDF1090D4C39B0D3AECD87BCB622ED67C0AD45286C4
SHA-512:	19E4293EF2CC95DB322C1AB05648C842738412C7EB7BCDDCF1741F2D28ABDAE2A871C374155D09B3C43DED39A8ED1E2FC3B963ECF0283D35D7E1454933B45864
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....H.H.....C....................................................................C.......................................................................................................................J.........................!1.AQa."q..2..#B.....Rb..3r....$C..4DScs.T..%&.................................;..........................!1AQ.."2aqB....R....#.b.$3r................?..j.;.==..{........)...4........M/..F.*,i.;n....p...l...=2.+\|...UB....f....5..,.....U.......R_`..?\|..O.}.T...{..R.I."..#.v..l.c..)..im..S.0...@......K.e..nm.+g.v.....E.sI9t.d....J.@m.=.....y..Zly.[r.I..7....Y...6.K.@-4N?..P.......................{..#.....-..%r...qsc..v..G$Q..Nv......8.C>p<..o.i.NNH.24.V..M.#-b.M....F...7%.h...&m..D@..3s^?..YU.9Rkt....m..bi9 i............_.5\.E1............c......-4.Z....A....j.f..Y...,q.....H:.....xK.x...p._(....eP....e...q.....?.^K..!.(...v...M....GR..g/?....^...X.....uV.+.+.....G.P....%..{39..uT..h.....v...qG.r.....6....R.MsF.A{.........

Chrome Cache Entry: 245

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2019:04:24 15:31:20], baseline, precision 8, 800x800, components 3
Category:	downloaded
Size (bytes):	220337
Entropy (8bit):	7.8028550948819575
Encrypted:	false
SSDEEP:
MD5:	FE758A698020D501FF7ABAC8A0A584EF
SHA1:	654AB003626DD1BE3FF6DC0E6C5911E9CDA3D2DC
SHA-256:	80301A114E6EA7A5442EC09871FF073788A15DCFBCA4D0FD276FFB9B2ED84ADB
SHA-512:	D01560767656CB0CA70066482D06F5CE4E6C49FD485C6888865065B2C465019D1D1FB3591E873FDEFF8349C7DDAA8F5F58A691542C7B3F7F197120B9AA4C6507
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/2021913102548.jpg
Preview:	......Exif..MM.*.............................b...........j.(...........1.........r.2...........i.................x..'....x..'.Adobe Photoshop CS6 (Windows).2019:04:24 15:31:20.......................... ........... ...........................................&.(.........................................H.......H.........XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........desc........IEC http://www.iec.ch............IEC http://www.iec.ch....

Chrome Cache Entry: 247

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x800, components 3
Category:	downloaded
Size (bytes):	101581
Entropy (8bit):	7.853001849495385
Encrypted:	false
SSDEEP:
MD5:	8B0F54D3C7A77ECB061D21B249276D62
SHA1:	75FD9106F5C0BB00C12B2E5A0332C504B9DD3808
SHA-256:	6B4EA544FE8349C35FE614E74701E51BFCEB05A995DF725D86F0B2286D902661
SHA-512:	BAC30F215B1923681F8C0EF37B0904F3313132AFEEA5BB231777ED18178BAF97423B602D161F62F742DC1F1FB9DA9E6861FFA155F5D5C89182BEECCF6C81B8C5
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/202183092312.jpg
Preview:	......Exif..II.................Ducky.......d.....http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC (Windows)" xmpMM:InstanceID="xmp.iid:F212629F514B11EA95AF8C4364171CB5" xmpMM:DocumentID="xmp.did:F21262A0514B11EA95AF8C4364171CB5"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F212629D514B11EA95AF8C4364171CB5" stRef:documentID="xmp.did:F212629E514B11EA95AF8C4364171CB5"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d..................................................................................................................................

Chrome Cache Entry: 251

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 110 x 110, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	1610
Entropy (8bit):	7.749134934146295
Encrypted:	false
SSDEEP:
MD5:	57942B63892F0867D6146F9D27D8802C
SHA1:	A584C468FFC52F82F950CAC0E86BD02DEC703A52
SHA-256:	CB3CA4474B4C191E7FD750C023CAACF14AFA5BBF7A7D45F3DF9A52467241EB84
SHA-512:	137A775E5BCA9182C79AA660159702BF8551727168829CC3BADC8BFB3937DED8978C152D9C96F65ACF7094AFF12057CDD19D11D57FB0D83F2FB5E3B04B4DFE8F
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...n...n.....4u;.....sBIT.....O....0PLTE................................................N..@....tRNS.."3DUfw........v.......pHYs.........B.4.....tEXtCreation Time.10/11/197l .....tEXtSoftware.Macromedia Fireworks 8.h.x...HIDATX..X]h\E..{./.I.m.c..54...E...h...4.B.LVQ...U.."X.%..."vU.......j.XK.V.V..M.{.3..{.....y.3..9..3g..B..d].k...._...\..=.@f.%.......PO.....-.2..........y4.fs.m...}.....{.-zGU..)~4QUk......c..I....~.....R<l.5.....w6.f7.}6fn...q.N.\|...4.G..........qf..ba..).h..\|..#..p.3.w..d".n.O:.D..D.!..\|q'..E.....\.8BF.[...I...v......Ra......%.V3...T.O.}..<..C...d.......-Q........F.V..xA.]...!............u5...}x.F32W...l@x(F.K<eQxe;.G...k.N..`T...:h'.....;...tf..^.2..o..+Sk..J.F.G.P..~........Q.0..jO!..8.....H..Z..DS..X...E..6..>....#.....]....7.V.. ..?:...#..L..su..5....hM.Kt.H ..B./.....!.....n...d...Z...9C8:.......w.=.`....W....[.+...W.....{..k..g.s..<.0.P..(.....,....;..,...j</[.O.......g...c2x\|..."....v/.[#.<%

Chrome Cache Entry: 254

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	539
Entropy (8bit):	6.944951903469708
Encrypted:	false
SSDEEP:
MD5:	FD41E230609C6DB9ECB26EBE9DA9DA58
SHA1:	63E4B25FC0E7C6E063AD0B5F300FE635280CDD84
SHA-256:	FFA35F1710345D7782E753D08A199D537119031E75530C73E1609DEE56F24F4E
SHA-512:	34C62C7822B7A32EB08B989BC3EF938A0A2F54ACCF6379A8D97CB337332E3C1EF68F9AAD310562BD953CD2DF3F1E57050C115828578CCCDFBD46C07A14CEACC6
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/enpc/imglib/email.png
Preview:	.PNG........IHDR...0...0......,.....sBIT.....O....-PLTE...............................................0.....tRNS.."3DUfw........*.....pHYs...........~.....tEXtCreation Time.07/23/20.9G.....tEXtSoftware.Macromedia Fireworks 8.h.x....IDAT8...1N.0.....(i..L..Uba@=....;22V.$...R7&$.@G.lU.I.3.....Of....OIl...3yCa..iY...........N....>.....3.F....B..PY.....2.7J0......1d.A..\..bH.,.1x.A..:.@...@.!.. $....@.&#P..y.....=.~...[M.C...7x..._Dw.N.6.).Eq.6..W7.H...@$h0.....B.....A.LNb..:...4..n...i....hU.G.h...o.}..}.....$r..$-.....IEND.B`.

Chrome Cache Entry: 256

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2018:12:08 09:37:59], baseline, precision 8, 1000x1000, components 3
Category:	downloaded
Size (bytes):	103244
Entropy (8bit):	7.661436202355695
Encrypted:	false
SSDEEP:
MD5:	5203282909D98817EC12105254A82EC4
SHA1:	4CE4F337E1B69B06B2CE9E113B1C81BBC4FB16BC
SHA-256:	5052523C867886DC7EDDBEBB112001066353312406734F3F38DC99F38BA3254F
SHA-512:	38F5D87CD7C85352C9B16D58924D9C962E51C450F26B731CABDE307B8A8ED10D79DF388F53DB2C83FD2D87D4083FC2EAC97E059F29D6D650C1D7B2CE83067924
Malicious:	false
Reputation:	unknown
URL:	https://www-x-honketel-x-com.img.addlink.cn/honketel/attach/product/2021913103123.jpg
Preview:	......JFIF.....H.H......Exif..MM..............................b...........j.(...........1....."...r.2...........i....................'.......'.Adobe Photoshop CC 2015 (Windows).2018:12:08 09:37:59....................................................................."............(.....................2...........g.......H.......H.........C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222......x.x..!............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...(....(....(....(....(....(....(....(....(....(....(....(.

Chrome Cache Entry: 257

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, description= , manufacturer=SONY, model=ILCE-6000, xresolution=193, yresolution=201, resolutionunit=2, software=www.meitu.com, datetime=2017:08:11 17:49:08], baseline, precision 8, 1000x1000, components 3
Category:	dropped
Size (bytes):	109473
Entropy (8bit):	7.583277556335939
Encrypted:	false
SSDEEP:
MD5:	4EDCA91D89178338AF4A7AB5DC01290A
SHA1:	C9216455AACC0162D87CDAFAC18903A320E1A0BC
SHA-256:	844E8A88E2C2C2D9CC0577E6A320CA5C1BFF6B6E8142AEF10F4D0C1508FA9113
SHA-512:	A3569EB52BA839D0CB07F2F85BD24D71CCA3AEFBE23F750EAEB588272A83A644C8357446A1B9A6FE088469D1F505580E40DE2460D137954F07DE0E62AE2135E8
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....,.,......Exif..II*........... .......................................................(...........1...........2.......................i.......].......j........... .SONY.ILCE-6000.................www.meitu.com.2017:08:11 17:49:08.PrintIM.0300............"..............'.......'.......'.......'.......'..^....'.......'.......'.......'..$........................."...........'.......d...0...........2.......d...........0230........#...........7.......................K...........S...........[...........c...............................................k.......@...s...........0100........................................................................................................................................................................2...........4.......................2.......2017:01:04 11:32:07.2017:01:04 11:32:07..........I.....................................................................................................................

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	Process: OS API Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.honketel.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 119

Chrome Cache Entry: 125

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Chrome Cache Entry: 136

Chrome Cache Entry: 137

Chrome Cache Entry: 138

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 150

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 167

Windows Analysis Report
https://www.honketel.com/