Windows
Analysis Report
http://improvingpayments.com
Overview
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64_ra
- chrome.exe (PID: 1824 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t http://i mprovingpa yments.com / MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA) - chrome.exe (PID: 3484 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2132 --fi eld-trial- handle=197 2,i,171854 6804654273 3416,17312 5111812975 17858,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
- cleanup
Timestamp: | 04/23/24-22:27:34.601771 |
SID: | 2051948 |
Source Port: | 53108 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/23/24-22:27:34.601436 |
SID: | 2051948 |
Source Port: | 59885 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/23/24-22:27:34.933406 |
SID: | 2051949 |
Source Port: | 49733 |
Destination Port: | 443 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
improvingpayments.com | 160.153.0.14 | true | false | unknown | |
visit.startfinishthis.com | 172.67.152.194 | true | false | unknown | |
www.google.com | 64.233.185.104 | true | false | high | |
bind.bestresulttostart.com | 193.163.7.113 | true | true | unknown | |
improving.patriotcbdguide.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
1.1.1.1 | unknown | Australia | 13335 | CLOUDFLARENETUS | true | |
142.250.105.94 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.105.84 | unknown | United States | 15169 | GOOGLEUS | false | |
172.67.152.194 | visit.startfinishthis.com | United States | 13335 | CLOUDFLARENETUS | false | |
142.250.105.139 | unknown | United States | 15169 | GOOGLEUS | false | |
173.194.219.94 | unknown | United States | 15169 | GOOGLEUS | false | |
193.163.7.113 | bind.bestresulttostart.com | Denmark | 1935 | FR-RENATER-LIMOUSINReseauRegionalLimousinEU | true | |
172.253.124.95 | unknown | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.9.95 | unknown | United States | 15169 | GOOGLEUS | false | |
64.233.176.101 | unknown | United States | 15169 | GOOGLEUS | false | |
160.153.0.14 | improvingpayments.com | United States | 21501 | GODADDY-AMSDE | false | |
74.125.138.94 | unknown | United States | 15169 | GOOGLEUS | false | |
64.233.185.104 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.17 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430580 |
Start date and time: | 2024-04-23 22:27:05 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | http://improvingpayments.com |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 18 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.win@15/50@15/138 |
- Exclude process from analysis (whitelisted): SIHClient.exe
- Excluded IPs from analysis (whitelisted): 74.125.138.94, 142.250.105.139, 142.250.105.138, 142.250.105.101, 142.250.105.100, 142.250.105.102, 142.250.105.113, 142.250.105.84, 34.104.35.123, 142.250.9.95, 142.250.105.94, 172.253.124.95, 142.251.15.95, 64.233.185.95, 142.250.105.95, 74.125.138.95, 172.217.215.95, 173.194.219.95, 108.177.122.95, 64.233.177.95, 64.233.176.95
- Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, clientservices.googleapis.com, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: http://improvingpayments.com
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9901291207614644 |
Encrypted: | false |
SSDEEP: | |
MD5: | 68A53969366D96AE7B32253524DBA08A |
SHA1: | A9E2B743BB33F6528387EA9A061AFA0122D7E7D2 |
SHA-256: | 7B5D5A587CD1014A979A1DC46B843F31FA847191C5BA0D78644BA79F0ACF9854 |
SHA-512: | C0CA622AAD9FCB6205387EC24F2AC51D91BA382BC9E6730C5E3522621FF87C6FF9A80EF1188423C36E7D06802285191BAC1B386C6EDACE230F7441C054BF321E |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.008058362676881 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6BB0AE5D7541EC6078627EBAB609BE95 |
SHA1: | F6551BDDB8590FC833AB43FA8ACEAE8DD79D2CED |
SHA-256: | F637BBD9A7B116F081E4887C177B52C55D7467238FFDD204BD950758D0E2E003 |
SHA-512: | 4AEB11C30D7FBFA2371A6DE92D3F23373EEF3C08F05AA933ABC1FC22701CF08A4526D08BAAC697B276E3C8E6263D010F4FA9F4E8875C7924917870CD19D240A7 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.015830148484902 |
Encrypted: | false |
SSDEEP: | |
MD5: | 95A2791896F4CB41FF88B343C2CB99FD |
SHA1: | 950953731D5FEC2F1074F323330FCB1877CC180D |
SHA-256: | 8454FE6235FC24C4A7C0589B51557CF06C05A192A43CE3E34ACEEFBDF3AE55BC |
SHA-512: | AD979736A71EC4DC3952FD946A60AB2C51F163942889D74EB09715D40A4B43EAEDA0330E16EEF9C0C4F47D1BD2461F5B00D0B3ABB2939422BA79373E0C7408C6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 4.005524963229139 |
Encrypted: | false |
SSDEEP: | |
MD5: | A052ADED9B88FB53428B5CF2A6E09F60 |
SHA1: | D5829C7453CC70B8296783DB351B0E934557BEB0 |
SHA-256: | 00BC1218B2BC8896268A5C8292E749DBEB1F8D7495F3313C47AD5D35F37B8159 |
SHA-512: | 4EF027578C0DBF5D9B72DFC853D9E32916556EC9096AE9D3498F144E5D7C4392D3B05742B0E21910DE7532F83F91374583629FF80D8A47E18EA505394F6A565E |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.994412100195721 |
Encrypted: | false |
SSDEEP: | |
MD5: | D51578EC4F6B53CA6B2FE8DADEF5DED3 |
SHA1: | DEC4B6A0185FC25D90BBBE2C53902AE8EEABFC61 |
SHA-256: | 4F3FC4254B40579CAD5942FCC139F441B5733C2BA4CFB3084DED25BD40D504F7 |
SHA-512: | C38F89736498BE2FD633BD17991D3FCCA1501C57A9AC49808CA2064FE9F2F4DC0ED5520D462D643AEA18023A3D7CD9C42F5AC99246635A1065E829D7AF401FA6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 4.0066029470502205 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6446025FB7066BA7E73AE3E02BBA5682 |
SHA1: | 9FD42DD4D80B4EF446FCE66570228F8942FD5176 |
SHA-256: | B57D6C88F8D8A21DE1CCEAB18C7CF7BA034554E38570CED9BE3C4F35F6C09483 |
SHA-512: | F25EC527DA00CC37D4A3C14705FCF2A2D57B5675D2FF9986747C0B52C3E49AAA5272A3EDDFE7A1A542D9B00BD478C0EF50991867694212E41505E53843CBB7F0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 413 |
Entropy (8bit): | 4.388084632528324 |
Encrypted: | false |
SSDEEP: | |
MD5: | CB17D4E4C3FD00800B0F561B8A057149 |
SHA1: | 638201B94E04BD2082788A774DDE22696AD7402E |
SHA-256: | 5ECB54F91384AF7226CB4F18F87588EDD49CEFF5BDD4A3010336E1C22CCC390D |
SHA-512: | E297C755125BC5F41927C53C22B676ECEBD0A96F41DD1998C85DC90AE1CCE1082EA6CF207146FCBA49CC56A0B86270EBF0DF38CFF31CC68078ED1842A11F7293 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/elementor/assets/css/modules/lazyload/frontend.min.css?ver=3.11.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1099 |
Entropy (8bit): | 4.823534405714972 |
Encrypted: | false |
SSDEEP: | |
MD5: | B9444342D9DC2815E7207AA9E4FAE19B |
SHA1: | 623170F05E753A0BE0CCD74F8BD3AD64E8898CD1 |
SHA-256: | D3DB8504F059A77C6FECB4DBAC858CA00B80B33AE444F8F86BF4FDA5400B5A32 |
SHA-512: | 1FD4329ADC715FD034F295D49710837F5D59B69DAAFA32BA56CE2D96946F862CBEA83A56C8C8E6012A4EB0B5073238A9DC0ED322533D39B181616512F855DD85 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/uploads/elementor/css/post-5.css?ver=1676534195 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 21438 |
Entropy (8bit): | 5.300921910116817 |
Encrypted: | false |
SSDEEP: | |
MD5: | C4E68A0F3463C0BD3C39EAB38815E881 |
SHA1: | 0CE58644E9F3C5063A11453FF287C5EC096465A7 |
SHA-256: | CA7DCE2391845E8AEC7DA135F33FABD10F74EED28A532AC66FD01F761FCFB42F |
SHA-512: | E871F258F625A5C8E8EC3848242352FD75DCB0F0B580333FCE07625A6A2F53E83F22E4DD7492F2D12A880709D540DE0BCDD9B335D853FE9CCCFC0EFCCF718BCE |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 190395 |
Entropy (8bit): | 5.228783949808712 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6164F2C4AC72A2DED2A883F057AB5B12 |
SHA1: | 747E3EA972027A7F4B99D3598D5B08988F512901 |
SHA-256: | 5C10B8231B19222EC7C908BA74A87A57A44A694F7B1471594F03BF937A42F489 |
SHA-512: | 49693BD17549C31F6F5DDAC48989086DE87DED6FA3BDBB8A17D4D1E72FFCD345314EB1CBEDE084D27297F40B7C7A4CA6120E7C877B742EB715FFFF64374CA40E |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 776 |
Entropy (8bit): | 4.613066560374153 |
Encrypted: | false |
SSDEEP: | |
MD5: | A5BF64D5859EE94A3E8E93D592D6D2A0 |
SHA1: | 049EB63B42DBB820B06870A430F523BF06880721 |
SHA-256: | 25825611ADE7CEAED7DF3862EC56DC91AD1D2BE539966EF7BBE84306E51CFB08 |
SHA-512: | 22C9C7AD86AD2B45124C5FF6B0A41E271EE176CFE0249C973877E51A1895F6D25C8F69B1C4EB565F5FE5E2BEFE2F4B80D4A89DCEA57EEAC43B3AE8E020469809 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 56 |
Entropy (8bit): | 4.417827466198228 |
Encrypted: | false |
SSDEEP: | |
MD5: | E4F3F03809A1403455262996EBD49F26 |
SHA1: | 8F31D07941D2B7EE1FDF3656E8B9FBCB5A3712BA |
SHA-256: | DF5A2E20E2A65A8D2ACB23A305949315DF437527BAC00AA329BE595C9A2E85A6 |
SHA-512: | 8E10194A457015E74B918CD4950536BEFBA7B6B42EB7C52C755FBEF0D7116DA27711E037093C8E43ECE7181E0F4DFB5D867AD8031B6F6CB42EDC3F1F97A38DDA |
Malicious: | false |
Reputation: | unknown |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAkf6BYpks2nXxIFDRM0Cs4SHgmGrp7L4T1hMRIFDQFrT-0SBQ27JJMAEgUN17YV3Q==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12264 |
Entropy (8bit): | 7.981408815916569 |
Encrypted: | false |
SSDEEP: | |
MD5: | D3D668CE420AA39A809332CFA20BEE62 |
SHA1: | E88C367BE3BD76A0E1CA756B24EF896A5E9B5349 |
SHA-256: | EDCA86796431C83A5C62288A256A2E33D2A1B5B91511BFD47FA8B13A405BC450 |
SHA-512: | B1FDF74636111343BCBD9A2C46188D8470B11330749162EEDFD953A86E6C75D71E72D715DF150652A9EBA49261FC886820ECDEBBC844A3B21B37C14714499E54 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/astra-local-fonts/heebo/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EuyysdUmm.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13577 |
Entropy (8bit): | 5.272065782731947 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9FFEB32E2D9EFBF8F70CAABDED242267 |
SHA1: | 3AD0C10E501AC2A9BFA18F9CD7E700219B378738 |
SHA-256: | 5274F11E6FB32AE0CF2DFB9F8043272865C397A7C4223B4CFA7D50EA52FBDE89 |
SHA-512: | 8D6BE545508A1C38278B8AD780C3758AE48A25E4E12EEE443375AA56031D9B356F8C90F22D4F251140FA3F65603AF40523165E33CAE2E2D62FC78EC106E3D731 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 33092 |
Entropy (8bit): | 7.993894754675653 |
Encrypted: | true |
SSDEEP: | |
MD5: | 057478083C1D55EA0C2182B24F6DD72F |
SHA1: | CAF557CD276A76992084EFC4C8857B66791A6B7F |
SHA-256: | BB2F90081933C0F2475883CA2C5CFEE94E96D7314A09433FFFC42E37F4CFFD3B |
SHA-512: | 98FF4416DB333E5A5A8F8F299C393DD1A50F574A2C1C601A0724A8EA7FB652F6EC0BA2267390327185EBEA55F5C5049AB486D88B4C5FC1585A6A975238507A15 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/astra-local-fonts/montserrat/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12198 |
Entropy (8bit): | 5.031745242580206 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3819C3569DA71DAEC283A75483735F7E |
SHA1: | ECD40A5CC6F0B76200C454CA880210DC301CFAB8 |
SHA-256: | 214674CC77ABA35AB3567B88E2739FD08E8E96C61D279559AD61874069683EA0 |
SHA-512: | 2710655DFF46653DAEB3A6E3F6D36F885E51D5B375738EE353ACA40C6F66AE1A7DECE57039D58747012ED9EA2822191143C06F270123B8CC580F6A41B8E8AEF4 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 50030 |
Entropy (8bit): | 5.488503231408606 |
Encrypted: | false |
SSDEEP: | |
MD5: | 313A6232699B2F02296B5BE9F4A0A5F8 |
SHA1: | D9AA6F8DE96B123EA9F0546E062E340657EF0191 |
SHA-256: | 94F0CB222975E7939A4B4C283376FC06FBCDFCFCED990A4CFBB37BF74A29567F |
SHA-512: | BC2E265DCE9B7980797576354E94F3403FCC09F7090FE3BCC8C1979CC1D4D5A022226B98ABC293C3FD9D45D3E9465779FA43E7C1E68042F8AEBEC14A9CD43C8D |
Malicious: | false |
Reputation: | unknown |
URL: | https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.5.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 34943 |
Entropy (8bit): | 5.13938609998511 |
Encrypted: | false |
SSDEEP: | |
MD5: | C5B5A7CC2B37189F6138BCA4A785AEF3 |
SHA1: | EFCF240338645D53E5545313C127E34E2C9F9FB3 |
SHA-256: | 6729AF5194454B5DAE48057BF13E0C8302108D96071F5B4E74E7FD3F732A8BC5 |
SHA-512: | 21A5C22936DD20E317F4EB9016C67F6295205F2001ECF29224790129DE25C4BD9E26FA1BC3C319B69B37F0A1B0D669B08CDB6A3F8A1F137293AEB7AB9DEF2E77 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/uploads/astra-addon/astra-addon-660af4587c31c5-27379364.js?ver=4.0.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3147 |
Entropy (8bit): | 4.685727105894895 |
Encrypted: | false |
SSDEEP: | |
MD5: | 452D788D5DDDADB1D8BB4194B046BFA8 |
SHA1: | C532F75226E2E27FD17ECD48411403A17AECF75D |
SHA-256: | 27D880A933A42A50068D72128560A19FEB2C52DA76B9B5BF2A62DD1EE431B109 |
SHA-512: | 7323FE50929791FD3351EF2927FC8F35A83FA4ACC9E9C762BA3B3C0B038CDF6774361D9355BBE4FD0C52C255F9316204602B0F4542D8297B859CC6147721087B |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/uploads/elementor/css/post-263.css?ver=1676534196 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1360 |
Entropy (8bit): | 5.125806283028512 |
Encrypted: | false |
SSDEEP: | |
MD5: | CB0E5952FBE533069CDA30292E2EF353 |
SHA1: | F46E169AD03BAC202A3109A692DA9F1F6C27AB99 |
SHA-256: | B1EFC1D040CD39F97B10A044357DB6D17A2150EFE99C3A1ADED204C09B88C7A9 |
SHA-512: | 455951932CFE04F6719855CF8EFDE17CDDE194FE8C64C1725007513057D72AE70881BEAFEE05ACAAC4EF5B89F052254CD2FE544DF547EFB30F9E4C9FBCCC3D94 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 339 |
Entropy (8bit): | 4.872617629737575 |
Encrypted: | false |
SSDEEP: | |
MD5: | F2A351D1597CC89F92A145B82B461890 |
SHA1: | 1EBDC6F91F82C6D01332E1A5E225AD27D6EDA91E |
SHA-256: | B969721EF6FCCA6918159844304AFF2970CF511E07F17837C55E989876CD7A3B |
SHA-512: | 68DA8FA0D45610B7A11108D00935B99E10F52EDCE6CD8408B04FE39D4E0186764E97EAC6C9D036BA7C06EE1F6B1641E64019B8EC69B1F2A389C36D7F5BFDD252 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.8.0.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 113381 |
Entropy (8bit): | 4.921824878665509 |
Encrypted: | false |
SSDEEP: | |
MD5: | 51A8390B47AA0582CF2D9C96C5ADDEE2 |
SHA1: | B16A640874025D085C38119A1A02A3460F83F2DE |
SHA-256: | 98CECF88A23542FA047CE46EEDB650B5C5128761ED4386C0977B847094DDFA20 |
SHA-512: | 711162AB43E59E0FF5F050CCA4278682194248A13EF2EE1F00AB276B6221E7A4DDDEB9645E8798E7F67A34F0001C8F63469F2B2C3E6D4E2519ADA30B6775E191 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 24602 |
Entropy (8bit): | 5.240691940710685 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7E539226482D5D4835F6DA6642245C3F |
SHA1: | F367AAC9DD8C86F072E73C11C6973F53465B6161 |
SHA-256: | 2F4CFBBC8E5EC834092F3E40158B5A1B1551FB0B8E5BB9894335BAC7B49F913A |
SHA-512: | 997DA6F6B264FEACF39B06FD49AEE8C3389D827E8167C56573F637D16D4F22F97A421EB470BE710614F1F200D2F453FF2F656768B2523826A87BB0BA723BC731 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 18833 |
Entropy (8bit): | 5.198890693042313 |
Encrypted: | false |
SSDEEP: | |
MD5: | F88D5720BB454ED5D204CBDB56901F6B |
SHA1: | F1952292FDE4B15936E9AAC16B2B9896684DB95B |
SHA-256: | 726B820E44F6AB90AD991D30A4BF26D3A5D71493CBCD1FB1EFD0D14E89B9DF2A |
SHA-512: | F7E3EC0C5B832116D75CAC2A5A40AB6FE673CC6C0996BD898F25850ED5555484D821E1FC4CA039C69DA3AB51FAA25613D622DB1177D7CDE16DA477145C3A6E22 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-includes/js/underscore.min.js?ver=1.13.4 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1781 |
Entropy (8bit): | 7.71814114028459 |
Encrypted: | false |
SSDEEP: | |
MD5: | 750BC5C2D986534FEDD7051F035AFF59 |
SHA1: | 140F44E909AAE264F19BC17A86216D353F975F34 |
SHA-256: | 4392BAD1C53DF97E6DD0E7FCB04768F878545276B59F9C848D6C7F3EF1ACD38C |
SHA-512: | 1301DB8A1027DEAE9ECBF6778073B54F548358E6E23B9A5A647F9AF62A69DC2839DD351420AC704BF8759C5F2EF875FD40EC85809F80371B2E2713C2086E1FF5 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/uploads/2023/01/improving_payments_White.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2787 |
Entropy (8bit): | 7.848479161217875 |
Encrypted: | false |
SSDEEP: | |
MD5: | D0BDBA05C366E7F0454F294221F0F1A5 |
SHA1: | 66A21C5551C6461EE1F4A0AB54425EA05F3CCB61 |
SHA-256: | EE68E53389C1262C04081307570F147182FDE7F07D3AB50B5DC9178C1CA67FE5 |
SHA-512: | 75051C70DDC77AC5D07934AE50755368A61B2BAA796772187EACB7617C00428563CF9213E62BDBB1AE4275FEE27F2FA9B65BE8EFCDFFB31E042324E17C9287AB |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 41883 |
Entropy (8bit): | 5.256114240920933 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3AF7549A6B56C8C65BBEBDA33FE04160 |
SHA1: | 1F9D61F1D467425720D81689E46D777785B48475 |
SHA-256: | A328F40F34617B5CB97D142EAA74977767856B0269B0E3EDF5B656F827B54575 |
SHA-512: | FC2D5B37199D8FB59D881A03D6E9E8DE4E9DB9E2509E9F2EB34AA48B01BCC077705F12CFF5C5162D6E1DA16990CF1AAF8FCA9DA4B4E182418AA24444708FE5CC |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.11.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1426 |
Entropy (8bit): | 5.2713128211306 |
Encrypted: | false |
SSDEEP: | |
MD5: | 19D386C9004E54941C1CC61D357EFA5D |
SHA1: | 0A77594006C8D86FDCC0ADBC2B9AECAEF3869586 |
SHA-256: | 3BC6467A95CEC8FA516C6F5F69E1301E37E16F9BB1046FE7756729249F901B95 |
SHA-512: | 7811CF6BABB4DF41707F97D1BD65337B5AD7AAEDFF301FCEDB90FB7773FA9876F52458AA03A576910F6126384599EF25F8DE76EE309C22E1914D9CF444AEFB6F |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-includes/js/wp-util.min.js?ver=6.5.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1713 |
Entropy (8bit): | 5.452886903350374 |
Encrypted: | false |
SSDEEP: | |
MD5: | 23B0D9051790B4A386F66FF1836815BC |
SHA1: | 0DC76A6BCAD4BDCE1B88EC6E68215733C97FC520 |
SHA-256: | 69A15BA379260F131F7DFA2A5414CBDC48DB661AC21D696773C7E67259255CA1 |
SHA-512: | 0A042362B87D03C344926446DBDAFB436BF5CCBBAB4826A8FE27C21B3CD1D8661620C88C636400379FCF4B66A75A63CCD21E4DDF8B86CEC11EE972092641126B |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 15371 |
Entropy (8bit): | 4.617340142542053 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2AC1F611B613445AE97A38B92915F2AE |
SHA1: | 9FD95FF7909F9C91D8F547EF4EFF344AF6413CCC |
SHA-256: | 6C8110358CE36D46A951C04242F4256F5E7B04D4C5FDE0469066C8EE9FB5EA4C |
SHA-512: | 954CDF4E65A7CC450D330C9524F1BC039FCAE320E16F31F642B3387F63F8D8D6872E3C5E7652BE9C7E105FFAC5F23503CA7A441C039A50303AF5DD4097471AEC |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/uploads/elementor/css/post-1111.css?ver=1686169416 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 33305 |
Entropy (8bit): | 5.211813676233741 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3CB598A648684B27E3D265A6990444FF |
SHA1: | 7B2095A8CA07BD3A399C44BA3541794397FED226 |
SHA-256: | BEE737D0ECAD2508B9AA3D6EBA93B86EC6836453344D8B5F0090C6B13FFDB633 |
SHA-512: | 5B1E207948556D43F4F63DCB2BF2FCF04C674AED4DA64323547C33B881016E01DAB2D3ECFA52C379AF3BB2D0CE565AAE6FE40D00692B84CD4B8F3827BA9C8496 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.8.0.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 771 |
Entropy (8bit): | 4.987651578772006 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2399EF783701F73C399589AE95298B0F |
SHA1: | 3E1F2A7AC9DCB2B50B1F1CF768441E46FD9F62EE |
SHA-256: | 2DEA57483641F8762937DFD9B09126A9B21C88BD3D7486186003E0BBB9043145 |
SHA-512: | 50F1C2B16C8C2FC62C504A33529DCEF3FDBDD1533206C8779772CBBA1A336C7C5BBB533A35F99E559ADED3D1BF0C858C10A04EC083969F47A29DEAC92E366FA1 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.0.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40618 |
Entropy (8bit): | 4.979887452105827 |
Encrypted: | false |
SSDEEP: | |
MD5: | DAC3BC08A99787138AF9B083E33B363F |
SHA1: | 943167BDA215C2CC27569C56952F577BB3240F6C |
SHA-256: | 61EFDDBAC8C465A7AC3B014E0BD5D26826CD2A0AD036D3CF3861EDB6CB502AC3 |
SHA-512: | 27485C5DCCEB08496C981F1C9CA2FD0856D902C09CCCEC121850A5A4CD8EF84DEDF7FEBB0A50BDDBD5F977723AC3840FB134560298A639E15EFFDE35F490A9C7 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.0.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 18114 |
Entropy (8bit): | 5.1268985699598115 |
Encrypted: | false |
SSDEEP: | |
MD5: | 17021088D1E5BF6D919F1EEF0E7C9EDB |
SHA1: | 24009D663FA269F6E85368F0F0E314681CBA36E7 |
SHA-256: | 149712C16718936D2B7AD4C16D10E89DE23C9C3B1C157158B533B961F2BF644D |
SHA-512: | 898218FE568542FD60B6335B5ADF440DC9DF915B80EE6F49B4CA5DD1D79B351A7D0141D05FF2F0B2CB479CB9A268C263CBF0CBB1B46257C327CF80D550651854 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.0.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 75684 |
Entropy (8bit): | 4.794084903788304 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2395C81E72A52F14588816B4F72A7F17 |
SHA1: | 711357E8D49C28BE7605FCFBF881B90567DECEE1 |
SHA-256: | EA14D1B1233E6CBC9B1A156AC532F076F7ADAFC309726FCA7BF8833F882AC872 |
SHA-512: | 1E39451DE9CD1A5484C1E507C085AEBCDED77467926FC52E6436DE506C5CA698CDA6EECD202B36F7BA63FA7BDE576F0CB866BAD8D4EFEBBC3C1FD5D02F2817E2 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1239 |
Entropy (8bit): | 5.068464054671174 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9E8F56E8E1806253BA01A95CFC3D392C |
SHA1: | A8AF90D7482E1E99D03DE6BF88FED2315C5DD728 |
SHA-256: | 2595496FE48DF6FCF9B1BC57C29A744C121EB4DD11566466BC13D2E52E6BBCC8 |
SHA-512: | 63F0F6F94FBABADC3F774CCAA6A401696E8A7651A074BC077D214F91DA080B36714FD799EB40FED64154972008E34FC733D6EE314AC675727B37B58FFBEBEBEE |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1044 |
Entropy (8bit): | 7.680182532376457 |
Encrypted: | false |
SSDEEP: | |
MD5: | F9293EDB781BCFC3D86EE678A784C9FF |
SHA1: | 596BD48C510C90A958C6B60B09494D41C9F41502 |
SHA-256: | B46B6BB22DC946A587F7DF72E3ED54B8E7F1ED971F6EE4520FC0561292FF73AA |
SHA-512: | F8EED66F9E170F279DD70CE43767CCE536913DD321CE4529C7A14E2C702D345A60A04BB56ECA986B51C796B6CA9FA6DEC6920DDC2C390E80D1A672CBC895B13D |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/uploads/2023/01/cropped-improving_payments_White-32x32.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 59904 |
Entropy (8bit): | 4.668994899901222 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9093E0C93D6FF18C21CDAC4B6170DD89 |
SHA1: | 21AFDCAE27345B403D5A3F92B6E6491BDC784653 |
SHA-256: | 823113963CA9249AF9C19815593344A05AEC2BB85F6AAA6EDEE914E2B6CE44AA |
SHA-512: | 815C4C9C2596A170B5ED54438F9B4AA5E9764171B7A02EA54DCEDEE81E0FFA40CCB80EA3457C4C35369EE54B62B808DF032A391C868A2B1C80F73C82F96271CF |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/uploads/astra-addon/astra-addon-660af4587aaf00-77822469.css?ver=4.0.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4958 |
Entropy (8bit): | 5.390412287804772 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4823637838D1B4C2FEA531ABB3AFCCE1 |
SHA1: | 898E97D64A51CA26B2824CAA2AD831F68705A441 |
SHA-256: | 4DE82973751E1A4E2996C44C92020C354FA7E5CA4D76EE1AE53A1425B9B628E4 |
SHA-512: | 2A26F5D2FEAB4AB643590AB0826529D52E70F3D108E45B9A5D03B872798E189C69B73EAB2A564375BAE3C43AE4516D352BFE35A5406665F27D58FC6CC2FEF0CB |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.11.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 18726 |
Entropy (8bit): | 4.756109283632968 |
Encrypted: | false |
SSDEEP: | |
MD5: | B976B651932BFD25B9DDB5B7693D88A7 |
SHA1: | 7FCB7CB5C11227F9213B1E08A07D0212209E1432 |
SHA-256: | 4E6CE5444C7F396CEF0EB1FA3611034151E485DD06FBE5573A5583E1EEBC98C3 |
SHA-512: | A241EBDCFAF153D5C2A86761145B2575CBE734B4F416ACBFAC082AE5C6EB7C706BD6CA3BC286B7E1A0F9E326729252DCB95B776750C4A3A0D81F2AA6258EA39F |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10109 |
Entropy (8bit): | 4.429196767538415 |
Encrypted: | false |
SSDEEP: | |
MD5: | 19B95EE2269F49A3AA96A550F548D98B |
SHA1: | F7E1B5D987DB7974CDC3A74CE53E9F3285E6ABA3 |
SHA-256: | AC0C54BA0F76834FDA4621C42D0ACC752CD7500EF2B039AFD91A882E2AE54562 |
SHA-512: | 590075B1B6AD695FFD7154FED31028133B8761377F5FCF7D2D28783DB05C516B9290E034758E8CD47EF83339D35DEC6D1EA374DA18F5AF790DBD467DC5B1FC21 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 36460 |
Entropy (8bit): | 5.286699001884056 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5FA33164A5E68ABCF75E51B6A29AC0F5 |
SHA1: | A23D1D5269FEC85EA8366F836D94CD2113B4802F |
SHA-256: | 9616C2E19B686804FE1EFED0D503A3BE2F0BB6F909E31750E5D01D3377778437 |
SHA-512: | 483A24C1B2CAE3FA28A47A9F0A01E2E9B9AAB4CB1CE44BF62FD5FE07DC853B1C62451FBD3337A44376B443514A27352CFF4C13025275BDCBCAD0760BE640F3F5 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4014 |
Entropy (8bit): | 5.270926250216877 |
Encrypted: | false |
SSDEEP: | |
MD5: | 84CDF2AF726EA0AD5C67B7EC6479E363 |
SHA1: | BBA43108F022EAA28A7637C1ED7B7CB287D1691D |
SHA-256: | 8A3820962C15D26C4CDC9EFF4F8C66ED29F96E353B7893285CB14962D6A6956D |
SHA-512: | F33EFCC2B5CEF492D562AFF1EC40006A9620B57A82EFF925A63F163C56E4B05F930E682141A81FF0180326A7B6A91F9D5877FF5DCDD786241A85EA8AE2C03A76 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 31329 |
Entropy (8bit): | 4.81717354454148 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2FEC937CAB990CE421DA1A2CFD88A4EC |
SHA1: | 390BB264F357F2115FA2DCA78000674128844A51 |
SHA-256: | 09B3633DA7ECB14FA7028F4D023C34ED5B4DEB93DE6C7EA03C83693C1CB0EB21 |
SHA-512: | 240AAB0D8C0B10A19388DE65BA6CF87F8340846831A65BD1CDCBA6FA3087850EF957E1B9953B084F03BD363BFB7B568ACB31DBB85BC807E9AC5483498C69A5F8 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.8.0.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12876 |
Entropy (8bit): | 5.1179527069320745 |
Encrypted: | false |
SSDEEP: | |
MD5: | BCAD7781B3E74DB2565B8424C45232CD |
SHA1: | 41B0D94434EF667897C06E1184B703064FFCEDA1 |
SHA-256: | D622534D53D3AC1095AF275F0B30274FCD835785577DF2DDE6D9398E6F7A2C8F |
SHA-512: | 8BF688AD357079C992136D62AD437795165F22EA1F23919611FCB756D1975D34FE2272819CFCB6B16AA79980997149F253C20334F8AB7BF133E3C91B3F9E98B7 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13786 |
Entropy (8bit): | 5.3437849678241625 |
Encrypted: | false |
SSDEEP: | |
MD5: | 58D15C8061659EF77D42E8C5D3FF4984 |
SHA1: | 4FEFB78331EE102E720C03A36265F3B286DF3457 |
SHA-256: | 709F60C4E7BE64193C1EFF6ACA024338E157DA87200E114E84B061BFED693F98 |
SHA-512: | B19FADFBA525AFFA4A19B99F9B204BD6C4B74BEC88CF8892B5B17F996FF79C5782680EC9B57062600483226BD58CA5893EF61B95953B206E2EE1AC009DEF2885 |
Malicious: | false |
Reputation: | unknown |
URL: | https://bind.bestresulttostart.com/xf4mKQ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 85698 |
Entropy (8bit): | 4.774936465195385 |
Encrypted: | false |
SSDEEP: | |
MD5: | 14AAE242012E8A0114CD278B66023400 |
SHA1: | C9E14F21772E08F065A5DF7988943070D08A4032 |
SHA-256: | 11A9015A1AA0195411CD9CF874386967BBA2F1E663403D7685ED16673DDAACE6 |
SHA-512: | 24BD248DE7492919B965443CB7B10FF14B6F0F48E3B694A14797100585CD0E999BAD59C7088026029335DC31A29A230ABD848F5208FFE927CEB07CBB5EFF66B7 |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.11.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 87553 |
Entropy (8bit): | 5.262620498676155 |
Encrypted: | false |
SSDEEP: | |
MD5: | 826EB77E86B02AB7724FE3D0141FF87C |
SHA1: | 79CD3587D565AFE290076A8D36C31C305A573D18 |
SHA-256: | CB6F2D32C49D1C2B25E9FFC9AAAFA3F83075346C01BCD4AE6EB187392A4292CF |
SHA-512: | FC79FDB76763025DC39FAC045A215FF155EF2F492A0E9640079D6F089FA6218AF2B3AB7C6EAF636827DEE9294E6939A95AB24554E870C976679C25567AD6374C |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7989 |
Entropy (8bit): | 5.404300576524872 |
Encrypted: | false |
SSDEEP: | |
MD5: | D2F4C92DB038787FDE54C44AC984C40C |
SHA1: | EAA0E134343505681B1C76BDA9393329AC30432B |
SHA-256: | C2C8352EB0FDDA76CB1A3F19D958AEE2B88BAE4DB3B3F41CC75892493A856593 |
SHA-512: | 55B64C3CEB7A2913EF42FCEB91C671857AF0EDCA125D883E94BCE1805FD0C72B65CA846B4E3CB9ABC3BDF5E266BA86531D042AB6B1E3597D58CC8D127480420A |
Malicious: | false |
Reputation: | unknown |
URL: | https://improvingpayments.com/wp-content/astra-local-fonts/astra-local-fonts.css?ver=4.0.2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 136489 |
Entropy (8bit): | 7.9886063892870505 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7BB3A4F9B14404E12FF1B819D9CDF344 |
SHA1: | 5441DFE8D98D43BFA9960E62444871C0E15E002B |
SHA-256: | 6D881E87E4467CEA670E8468944FB074C27F877485F773AFB146A73548237F9C |
SHA-512: | 14E05E0AF6CC4BA5CB32CE047E6ED06BB6E70D5FDAB6E7D72625DD0F7B904170B171ECEBA88EC31F7C6D3BE57F785A0BB929AEC4D96D5F37C623C3CFCF20427E |
Malicious: | false |
Reputation: | unknown |
Preview: |