Edit tour

Windows Analysis Report
http://mm-2.uxr919zm.eu.org/

Overview

General Information

Sample URL:	http://mm-2.uxr919zm.eu.org/
Analysis ID:	1614737
Infos:

Detection

Score:	52
Range:	0 - 100
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

HTML page contains obfuscated javascript

Program does not show much activity (idle)

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64

chrome.exe (PID: 6080 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5820 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2488 --field-trial-handle=2440,i,5010745601036668866,16808485882505489998,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5568 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6076 --field-trial-handle=2440,i,5010745601036668866,16808485882505489998,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2740 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://mm-2.uxr919zm.eu.org/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://mm-2.uxr919zm.eu.org/

Avira URL Cloud: detection malicious, Label: malware

Phishing

HTML page contains obfuscated javascript

Source: https://js.player.cntv.cn/creator/vodplayer.js

HTTP Parser: var a0_0x51f3=['7G179E7AA7A17G179P7A9','ui_webFullScreen','iPhone','zIndex','hasBarrage','barrageApp

Source: https://mm-2.uxr919zm.eu.org/	HTTP Parser: No favicon
Source: https://mm-2.uxr919zm.eu.org/	HTTP Parser: No favicon
Source: https://mm-2.uxr919zm.eu.org/	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon
Source: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	HTTP Parser: No favicon

Source: chromecache_502.2.dr	String found in binary or memory: <li class="language-item"><a href="https://www.facebook.com/cctv.cn" target="_blank"><img src="//p3.img.cctvpic.com/photoAlbum/page/performance/img/2021/12/27/1640578397052_827.png"></a></li> equals www.facebook.com (Facebook)
Source: chromecache_502.2.dr	String found in binary or memory: <li class="language-item"><a href="https://www.youtube.com/channel/UCnAsZ46UTeFEgwOEwMezngQ " target="_blank"><img src="//p5.img.cctvpic.com/photoAlbum/page/performance/img/2021/12/27/1640578423094_12.png"></a></li> equals www.youtube.com (Youtube)
Source: chromecache_502.2.dr	String found in binary or memory: + _player_height +'&href=https%3A%2F%2Fwww.facebook.com%2facebook%2Fvideos%2F' equals www.facebook.com (Facebook)
Source: chromecache_502.2.dr	String found in binary or memory: var fhtml = '<iframe src="https://www.facebook.com/plugins/video.php?height=' equals www.facebook.com (Facebook)
Source: chromecache_502.2.dr	String found in binary or memory: var yhtml = '<iframe src="https://www.youtube.com/embed/' equals www.youtube.com (Youtube)

Source: chromecache_488.2.dr, chromecache_507.2.dr	String found in binary or memory: http://js.player.cntv.cn/creator/fingerprint2.js
Source: chromecache_488.2.dr, chromecache_507.2.dr	String found in binary or memory: http://js.player.cntv.cn/creator/html5player_standard_multi.js
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: http://jsfiddle.net/NDYV8/16/
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: http://jsfiddle.net/NDYV8/19/
Source: chromecache_413.2.dr	String found in binary or memory: http://ns.attribution.com/ads/1.0/
Source: chromecache_502.2.dr	String found in binary or memory: http://tv.cntv.cn/video/C18472/a28126e5e0424a44af6a9bc4c5a47742
Source: chromecache_488.2.dr, chromecache_507.2.dr	String found in binary or memory: http://vdn.apps.cntv.cn/api/getIpadVideoInfo.do?pid=
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: http://www.lalit.org/lab/javascript-css-font-detect/
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: http://www.stucox.com/blog/you-cant-detect-a-touchscreen/
Source: chromecache_502.2.dr	String found in binary or memory: https://big5.cctv.com/gate/big5/global.cctv.com/index.shtml
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=781447
Source: chromecache_432.2.dr, chromecache_259.2.dr	String found in binary or memory: https://dh5.cntv.cdn20.com/asp/h5e/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/main
Source: chromecache_432.2.dr, chromecache_259.2.dr	String found in binary or memory: https://dhls.cntv.cdn20.com/asp/audio/0/c/7/4/0c74829e770b484e8fee35d49cdbb63e/mp3/main.m3u8
Source: chromecache_432.2.dr, chromecache_259.2.dr	String found in binary or memory: https://dhls.cntv.cdn20.com/asp/enc/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/mai
Source: chromecache_432.2.dr, chromecache_259.2.dr	String found in binary or memory: https://dhls.cntv.cdn20.com/asp/hlsaudio/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63
Source: chromecache_432.2.dr, chromecache_259.2.dr	String found in binary or memory: https://dhls2.cntv.cdn20.com/asp/enc2/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/m
Source: chromecache_502.2.dr	String found in binary or memory: https://english.cctv.com/
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: https://github.com/Modernizr/Modernizr/blob/master/feature-detects/canvas/winding.js
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: https://github.com/Modernizr/Modernizr/issues/548
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: https://github.com/Valve/fingerprintjs2
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: https://github.com/Valve/fingerprintjs2/issues/66
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2024/12/04/VIDE3SuMJLq97GA7XRe3ztIl241204.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2024/12/06/VIDEQL44pOaZa5DwRnaWJZWK241206.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/01/17/VIDE2ZAnd1zluFZdshrPRUU6250117.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/01/17/VIDETJQ1QB1byOLu0uUHgckf250117.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/01/17/VIDEZuR08BtkT2E1FiAYrl00250117.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/01/23/VIDEwR8xMpFcDYIe5NLTDeer250123.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/01/27/VIDEhzTVgmmoo3xnpeosudRs250127.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/02/04/VIDEybiYWadtnrWnvvCyjGsI250204.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/02/06/VIDE4NnTbvNJwk77JqSWZTlH250206.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/02/06/VIDEcwBmypCij1CMeKMqchVu250206.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/02/12/VIDEOaDMczCfVLPtfaN7kBI0250212.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/02/12/VIDEcAWHEUMwq92LKhoM1fS5250212.shtml
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://global.cctv.com/2025/02/13/VIDEZifRwc6AsgocDoUEgRk8250213.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/chineseart/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/chinesegourmet/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/cmsdatainterface/guonei/new/video/
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/cmsdatainterface/guonei/new/video/PAGEBaWhj2ZEWMJOi90M4Jmc211130_
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/cmsdatainterface/guonei/new/video/newestvideo.jsonp
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/cmsdatainterface/guowai/new/video/
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/cmsdatainterface/guowai/new/video/PAGEBaWhj2ZEWMJOi90M4Jmc211130_
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/cmsdatainterface/guowai/new/video/newestvideo.jsonp
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/crossstrait/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/documentary/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/event/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/ipanda/hipanda/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/ipanda/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/ipanda/nationalpark/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/ipanda/pandastories/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/ipanda/pandatroupe/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/live/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/trending/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/tvplay/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/wehk/index.shtml
Source: chromecache_502.2.dr	String found in binary or memory: https://global.cctv.com/zgmk/index.shtml
Source: chromecache_432.2.dr, chromecache_259.2.dr	String found in binary or memory: https://hls.cntv.cdn20.com/asp/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/main.m3u
Source: chromecache_488.2.dr, chromecache_507.2.dr	String found in binary or memory: https://js.data.cctv.com/__aplus_plugin_cctv.js
Source: chromecache_488.2.dr, chromecache_507.2.dr	String found in binary or memory: https://js.player.cntv.cn/creator/fingerprint2.js
Source: chromecache_488.2.dr, chromecache_507.2.dr	String found in binary or memory: https://js.player.cntv.cn/creator/html5player_standard_multi.js
Source: chromecache_502.2.dr	String found in binary or memory: https://js.player.cntv.cn/creator/liveplayer.js
Source: chromecache_502.2.dr	String found in binary or memory: https://js.player.cntv.cn/creator/swfobject.js
Source: chromecache_502.2.dr	String found in binary or memory: https://js.player.cntv.cn/creator/vodplayer.js
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/fmspic/2024/12/04/3974a1337c0844e9b691520072659264-300.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/fmspic/2025/01/27/203ce7c7867d4ac1814bbec34e92d849-300.jpg
Source: chromecache_583.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/fmspic/2025/02/04/f39f74da3ba14825b75a6431b3c79bc4-1.jpg
Source: chromecache_583.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/fmspic/2025/02/13/74d74bb370c84e62adab57ae768cb892-1.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/fmspic/2025/02/13/74d74bb370c84e62adab57ae768cb892-300.jpg
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/bq_l.png
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/bq_l_hover.png
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/bq_r.png
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/bq_r_hover.png
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/brief_down.png)
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/brief_up.png)
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jianjie_icon.png)
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jianjie_icon_hover.png);
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jiantou.png)
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jiantou_hover.png);
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jiantou_hover_top.png);
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/md_hd.png)
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/time_icon.png)
Source: chromecache_502.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/title_bg.png)
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoworkspace/2025/01/27/2025012717220529870.png
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p1.img.cctvpic.com/photoworkspace/2025/02/06/2025020615143717202.png
Source: chromecache_583.2.dr	String found in binary or memory: https://p2.img.cctvpic.com/fmspic/2024/12/06/a70f6aa0f7ff44f996febb1b4a7bd85f-1.jpg
Source: chromecache_248.2.dr	String found in binary or memory: https://p2.img.cctvpic.com/photoAlbum/templet/common/TPTERE93VfAfo34uSEe8veca211216/headerDown.png?a
Source: chromecache_248.2.dr	String found in binary or memory: https://p2.img.cctvpic.com/photoAlbum/templet/common/TPTERE93VfAfo34uSEe8veca211216/headerUp.png?a
Source: chromecache_502.2.dr	String found in binary or memory: https://p2.img.cctvpic.com/photoAlbum/templet/common/TPTEupxt3LqYk9X9JPH6jLis230719/lQDPKGxa5Wa3YgfM
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p2.img.cctvpic.com/photoworkspace/2025/01/17/2025011716100791275.png
Source: chromecache_367.2.dr, chromecache_583.2.dr, chromecache_502.2.dr	String found in binary or memory: https://p2.img.cctvpic.com/photoworkspace/2025/02/11/2025021111202087715.jpg
Source: chromecache_583.2.dr	String found in binary or memory: https://p3.img.cctvpic.com/fmspic/2024/12/04/3974a1337c0844e9b691520072659264-1.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p3.img.cctvpic.com/fmspic/2025/01/17/98eec5744f634da69d19b50596a79b1a-300.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p3.img.cctvpic.com/fmspic/2025/01/27/203ce7c7867d4ac1814bbec34e92d849-1.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p3.img.cctvpic.com/fmspic/2025/02/04/f39f74da3ba14825b75a6431b3c79bc4-300.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p3.img.cctvpic.com/fmspic/2025/02/06/5cd761ce0e1d4cbcbf9e0c0df80f4625-1.jpg
Source: chromecache_583.2.dr	String found in binary or memory: https://p3.img.cctvpic.com/fmspic/2025/02/12/f5a449e017df4dad94a9b51a55926c9d-1.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p3.img.cctvpic.com/photoworkspace/2025/01/23/2025012317535344640.png
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p3.img.cctvpic.com/photoworkspace/2025/02/06/2025020613581254371.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2023/01/19/8403096164fd4b3eb1b6591cddfa8e71-41312559-0.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2023/01/19/8403096164fd4b3eb1b6591cddfa8e71-41312559-2.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2024/12/06/a70f6aa0f7ff44f996febb1b4a7bd85f-300.jpg
Source: chromecache_583.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2025/01/17/5b745e2639fb452da06d91712d7207a1-1.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2025/01/17/5b745e2639fb452da06d91712d7207a1-300.jpg
Source: chromecache_583.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2025/01/17/98eec5744f634da69d19b50596a79b1a-1.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2025/02/06/5d60cdb5cdcd40af8c46095a5ffcac29-1.jpg
Source: chromecache_259.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2025/02/11/0c74829e770b484e8fee35d49cdbb63e-180.jpg
Source: chromecache_583.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2025/02/12/6940cdadf83f457a85ef9f868a00d304-1.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p4.img.cctvpic.com/fmspic/2025/02/12/f5a449e017df4dad94a9b51a55926c9d-300.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p5.img.cctvpic.com/fmspic/2025/01/17/0692dae40c5240cdb45cab03a78bb4b5-1.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p5.img.cctvpic.com/fmspic/2025/01/17/0692dae40c5240cdb45cab03a78bb4b5-300.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p5.img.cctvpic.com/fmspic/2025/02/06/5cd761ce0e1d4cbcbf9e0c0df80f4625-300.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p5.img.cctvpic.com/fmspic/2025/02/06/5d60cdb5cdcd40af8c46095a5ffcac29-300.jpg
Source: chromecache_367.2.dr, chromecache_583.2.dr	String found in binary or memory: https://p5.img.cctvpic.com/fmspic/2025/02/12/6940cdadf83f457a85ef9f868a00d304-300.jpg
Source: chromecache_502.2.dr	String found in binary or memory: https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEGOTucs2RKGcaiRh3Vf5j211209/better-scroll.min
Source: chromecache_502.2.dr	String found in binary or memory: https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEJPeICF1vmheNurgKmG9y210128/font_2289754_26ky
Source: chromecache_502.2.dr	String found in binary or memory: https://r.img.cctvpic.com/photoAlbum/templet/common/TPTERE93VfAfo34uSEe8veca211216/findGetParameter3
Source: chromecache_502.2.dr	String found in binary or memory: https://r.img.cctvpic.com/photoAlbum/templet/common/TPTERE93VfAfo34uSEe8veca211216/jweixin-1.6.0.js
Source: chromecache_502.2.dr	String found in binary or memory: https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEb9d46l9PrknkCbJF7vpo201225/getArea.js
Source: chromecache_502.2.dr	String found in binary or memory: https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEnNVyOjEur48OX4pmtTvc210125/babel.min.js
Source: chromecache_502.2.dr	String found in binary or memory: https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEnNVyOjEur48OX4pmtTvc210125/moment-with-local
Source: chromecache_502.2.dr	String found in binary or memory: https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEnNVyOjEur48OX4pmtTvc210125/moment.min.js
Source: chromecache_502.2.dr	String found in binary or memory: https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEnNVyOjEur48OX4pmtTvc210125/polyfill.min.js
Source: chromecache_502.2.dr	String found in binary or memory: https://twitter.com/cctv
Source: chromecache_355.2.dr, chromecache_484.2.dr	String found in binary or memory: https://www.browserleaks.com/canvas#how-does-it-work
Source: chromecache_502.2.dr	String found in binary or memory: https://www.cctv.com
Source: chromecache_502.2.dr	String found in binary or memory: https://www.instagram.com/cctv.chinese/
Source: chromecache_502.2.dr	String found in binary or memory: https://www.youtube.com/channel/UCnAsZ46UTeFEgwOEwMezngQ
Source: chromecache_502.2.dr	String found in binary or memory: https://www.youtube.com/embed/

Source: classification engine

Classification label: mal52.phis.win@20/548@0/32

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2488 --field-trial-handle=2440,i,5010745601036668866,16808485882505489998,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://mm-2.uxr919zm.eu.org/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6076 --field-trial-handle=2440,i,5010745601036668866,16808485882505489998,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2488 --field-trial-handle=2440,i,5010745601036668866,16808485882505489998,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6076 --field-trial-handle=2440,i,5010745601036668866,16808485882505489998,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: all processes

Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected

Source: all processes

Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Data Obfuscation	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Junk Data	Exfiltration Over Bluetooth	Network Denial of Service

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://mm-2.uxr919zm.eu.org/	100%	Avira URL Cloud	malware

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://dhls.cntv.cdn20.com/asp/hlsaudio/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63	0%	Avira URL Cloud	safe
https://global.cctv.com/documentary/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/2025/02/04/VIDEybiYWadtnrWnvvCyjGsI250204.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/event/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/wehk/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/ipanda/hipanda/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/chinesegourmet/index.shtml	0%	Avira URL Cloud	safe
https://dhls.cntv.cdn20.com/asp/enc/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/mai	0%	Avira URL Cloud	safe
https://global.cctv.com/cmsdatainterface/guowai/new/video/newestvideo.jsonp	0%	Avira URL Cloud	safe
https://global.cctv.com/ipanda/pandatroupe/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/2025/02/06/VIDEcwBmypCij1CMeKMqchVu250206.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/2024/12/06/VIDEQL44pOaZa5DwRnaWJZWK241206.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/2025/02/12/VIDEOaDMczCfVLPtfaN7kBI0250212.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/2025/01/17/VIDEZuR08BtkT2E1FiAYrl00250117.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/cmsdatainterface/guowai/new/video/PAGEBaWhj2ZEWMJOi90M4Jmc211130_	0%	Avira URL Cloud	safe
https://global.cctv.com/chineseart/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/2025/02/06/VIDE4NnTbvNJwk77JqSWZTlH250206.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/ipanda/nationalpark/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/2025/01/17/VIDE2ZAnd1zluFZdshrPRUU6250117.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/cmsdatainterface/guonei/new/video/PAGEBaWhj2ZEWMJOi90M4Jmc211130_	0%	Avira URL Cloud	safe
https://global.cctv.com/cmsdatainterface/guowai/new/video/	0%	Avira URL Cloud	safe
https://global.cctv.com/ipanda/pandastories/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/trending/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/zgmk/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/2024/12/04/VIDE3SuMJLq97GA7XRe3ztIl241204.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/crossstrait/index.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/cmsdatainterface/guonei/new/video/newestvideo.jsonp	0%	Avira URL Cloud	safe
https://english.cctv.com/	0%	Avira URL Cloud	safe
http://tv.cntv.cn/video/C18472/a28126e5e0424a44af6a9bc4c5a47742	0%	Avira URL Cloud	safe
https://global.cctv.com/2025/02/13/VIDEZifRwc6AsgocDoUEgRk8250213.shtml	0%	Avira URL Cloud	safe
https://global.cctv.com/2025/01/23/VIDEwR8xMpFcDYIe5NLTDeer250123.shtml	0%	Avira URL Cloud	safe
https://dhls2.cntv.cdn20.com/asp/enc2/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/m	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

⊘No contacted domains info

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://mm-2.uxr919zm.eu.org/	false		unknown
https://global.cctv.com/2025/02/11/VIDEXn5JISu31MjktLhjJmo1250211.shtml	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://global.cctv.com/2025/02/04/VIDEybiYWadtnrWnvvCyjGsI250204.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/ipanda/pandatroupe/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://p4.img.cctvpic.com/fmspic/2025/02/12/6940cdadf83f457a85ef9f868a00d304-1.jpg	chromecache_583.2.dr	false		high
https://js.player.cntv.cn/creator/swfobject.js	chromecache_502.2.dr	false		high
https://global.cctv.com/documentary/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/embed/	chromecache_502.2.dr	false		high
https://p1.img.cctvpic.com/photoworkspace/2025/02/06/2025020615143717202.png	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/brief_down.png)	chromecache_502.2.dr	false		high
https://p1.img.cctvpic.com/fmspic/2025/01/27/203ce7c7867d4ac1814bbec34e92d849-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://dhls.cntv.cdn20.com/asp/enc/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/mai	chromecache_432.2.dr, chromecache_259.2.dr	false	Avira URL Cloud: safe	unknown
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/bq_l.png	chromecache_502.2.dr	false		high
https://p4.img.cctvpic.com/fmspic/2023/01/19/8403096164fd4b3eb1b6591cddfa8e71-41312559-2.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://dhls.cntv.cdn20.com/asp/hlsaudio/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63	chromecache_432.2.dr, chromecache_259.2.dr	false	Avira URL Cloud: safe	unknown
https://bugzilla.mozilla.org/show_bug.cgi?id=781447	chromecache_355.2.dr, chromecache_484.2.dr	false		high
https://p2.img.cctvpic.com/photoAlbum/templet/common/TPTERE93VfAfo34uSEe8veca211216/headerUp.png?a	chromecache_248.2.dr	false		high
https://global.cctv.com/event/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://p1.img.cctvpic.com/fmspic/2025/02/13/74d74bb370c84e62adab57ae768cb892-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEnNVyOjEur48OX4pmtTvc210125/polyfill.min.js	chromecache_502.2.dr	false		high
https://twitter.com/cctv	chromecache_502.2.dr	false		high
https://p2.img.cctvpic.com/photoAlbum/templet/common/TPTEupxt3LqYk9X9JPH6jLis230719/lQDPKGxa5Wa3YgfM	chromecache_502.2.dr	false		high
http://jsfiddle.net/NDYV8/16/	chromecache_355.2.dr, chromecache_484.2.dr	false		high
https://global.cctv.com/ipanda/hipanda/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/wehk/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://p2.img.cctvpic.com/fmspic/2024/12/06/a70f6aa0f7ff44f996febb1b4a7bd85f-1.jpg	chromecache_583.2.dr	false		high
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/bq_l_hover.png	chromecache_502.2.dr	false		high
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jiantou_hover_top.png);	chromecache_502.2.dr	false		high
https://p5.img.cctvpic.com/fmspic/2025/02/12/6940cdadf83f457a85ef9f868a00d304-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
http://js.player.cntv.cn/creator/fingerprint2.js	chromecache_488.2.dr, chromecache_507.2.dr	false		high
https://js.player.cntv.cn/creator/liveplayer.js	chromecache_502.2.dr	false		high
http://ns.attribution.com/ads/1.0/	chromecache_413.2.dr	false		high
https://global.cctv.com/cmsdatainterface/guowai/new/video/newestvideo.jsonp	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jiantou_hover.png);	chromecache_502.2.dr	false		high
https://p4.img.cctvpic.com/fmspic/2024/12/06/a70f6aa0f7ff44f996febb1b4a7bd85f-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://p2.img.cctvpic.com/photoworkspace/2025/01/17/2025011716100791275.png	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://global.cctv.com/chinesegourmet/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/bq_r.png	chromecache_502.2.dr	false		high
http://www.stucox.com/blog/you-cant-detect-a-touchscreen/	chromecache_355.2.dr, chromecache_484.2.dr	false		high
http://jsfiddle.net/NDYV8/19/	chromecache_355.2.dr, chromecache_484.2.dr	false		high
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jianjie_icon.png)	chromecache_502.2.dr	false		high
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/brief_up.png)	chromecache_502.2.dr	false		high
https://p5.img.cctvpic.com/fmspic/2025/01/17/0692dae40c5240cdb45cab03a78bb4b5-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://www.instagram.com/cctv.chinese/	chromecache_502.2.dr	false		high
https://global.cctv.com/2025/01/17/VIDEZuR08BtkT2E1FiAYrl00250117.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/2024/12/06/VIDEQL44pOaZa5DwRnaWJZWK241206.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/2025/02/06/VIDEcwBmypCij1CMeKMqchVu250206.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
https://p4.img.cctvpic.com/fmspic/2025/01/17/5b745e2639fb452da06d91712d7207a1-1.jpg	chromecache_583.2.dr	false		high
https://global.cctv.com/2025/02/12/VIDEOaDMczCfVLPtfaN7kBI0250212.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEGOTucs2RKGcaiRh3Vf5j211209/better-scroll.min	chromecache_502.2.dr	false		high
https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEnNVyOjEur48OX4pmtTvc210125/moment-with-local	chromecache_502.2.dr	false		high
https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEnNVyOjEur48OX4pmtTvc210125/moment.min.js	chromecache_502.2.dr	false		high
https://js.player.cntv.cn/creator/fingerprint2.js	chromecache_488.2.dr, chromecache_507.2.dr	false		high
https://www.cctv.com	chromecache_502.2.dr	false		high
https://global.cctv.com/chineseart/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://js.player.cntv.cn/creator/html5player_standard_multi.js	chromecache_488.2.dr, chromecache_507.2.dr	false		high
https://p5.img.cctvpic.com/fmspic/2025/02/06/5d60cdb5cdcd40af8c46095a5ffcac29-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
http://www.opensource.org/licenses/mit-license.php)	chromecache_355.2.dr, chromecache_484.2.dr	false		high
https://global.cctv.com/2025/02/06/VIDE4NnTbvNJwk77JqSWZTlH250206.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jianjie_icon_hover.png);	chromecache_502.2.dr	false		high
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/time_icon.png)	chromecache_502.2.dr	false		high
https://p1.img.cctvpic.com/fmspic/2025/02/13/74d74bb370c84e62adab57ae768cb892-1.jpg	chromecache_583.2.dr	false		high
https://global.cctv.com/ipanda/nationalpark/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
http://js.player.cntv.cn/creator/html5player_standard_multi.js	chromecache_488.2.dr, chromecache_507.2.dr	false		high
https://global.cctv.com/2025/01/17/VIDE2ZAnd1zluFZdshrPRUU6250117.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/cmsdatainterface/guowai/new/video/PAGEBaWhj2ZEWMJOi90M4Jmc211130_	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://p4.img.cctvpic.com/fmspic/2025/01/17/98eec5744f634da69d19b50596a79b1a-1.jpg	chromecache_583.2.dr	false		high
https://github.com/Modernizr/Modernizr/blob/master/feature-detects/canvas/winding.js	chromecache_355.2.dr, chromecache_484.2.dr	false		high
https://global.cctv.com/cmsdatainterface/guonei/new/video/PAGEBaWhj2ZEWMJOi90M4Jmc211130_	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/cmsdatainterface/guowai/new/video/	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://p2.img.cctvpic.com/photoAlbum/templet/common/TPTERE93VfAfo34uSEe8veca211216/headerDown.png?a	chromecache_248.2.dr	false		high
https://p1.img.cctvpic.com/fmspic/2025/02/04/f39f74da3ba14825b75a6431b3c79bc4-1.jpg	chromecache_583.2.dr	false		high
https://p1.img.cctvpic.com/photoworkspace/2025/01/27/2025012717220529870.png	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://global.cctv.com/trending/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://js.data.cctv.com/__aplus_plugin_cctv.js	chromecache_488.2.dr, chromecache_507.2.dr	false		high
https://p4.img.cctvpic.com/fmspic/2025/02/12/f5a449e017df4dad94a9b51a55926c9d-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://global.cctv.com/ipanda/pandastories/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://english.cctv.com/	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/2024/12/04/VIDE3SuMJLq97GA7XRe3ztIl241204.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/cmsdatainterface/guonei/new/video/newestvideo.jsonp	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/crossstrait/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://global.cctv.com/zgmk/index.shtml	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/title_bg.png)	chromecache_502.2.dr	false		high
https://p5.img.cctvpic.com/fmspic/2025/02/06/5cd761ce0e1d4cbcbf9e0c0df80f4625-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
http://tv.cntv.cn/video/C18472/a28126e5e0424a44af6a9bc4c5a47742	chromecache_502.2.dr	false	Avira URL Cloud: safe	unknown
http://vdn.apps.cntv.cn/api/getIpadVideoInfo.do?pid=	chromecache_488.2.dr, chromecache_507.2.dr	false		high
https://global.cctv.com/2025/02/13/VIDEZifRwc6AsgocDoUEgRk8250213.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
https://p3.img.cctvpic.com/fmspic/2024/12/04/3974a1337c0844e9b691520072659264-1.jpg	chromecache_583.2.dr	false		high
https://big5.cctv.com/gate/big5/global.cctv.com/index.shtml	chromecache_502.2.dr	false		high
https://p4.img.cctvpic.com/fmspic/2025/01/17/5b745e2639fb452da06d91712d7207a1-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://p2.img.cctvpic.com/photoworkspace/2025/02/11/2025021111202087715.jpg	chromecache_367.2.dr, chromecache_583.2.dr, chromecache_502.2.dr	false		high
https://p3.img.cctvpic.com/fmspic/2025/01/27/203ce7c7867d4ac1814bbec34e92d849-1.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://p3.img.cctvpic.com/fmspic/2025/02/06/5cd761ce0e1d4cbcbf9e0c0df80f4625-1.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://hls.cntv.cdn20.com/asp/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/main.m3u	chromecache_432.2.dr, chromecache_259.2.dr	false		high
https://global.cctv.com/2025/01/23/VIDEwR8xMpFcDYIe5NLTDeer250123.shtml	chromecache_367.2.dr, chromecache_583.2.dr	false	Avira URL Cloud: safe	unknown
http://www.lalit.org/lab/javascript-css-font-detect/	chromecache_355.2.dr, chromecache_484.2.dr	false		high
https://dhls2.cntv.cdn20.com/asp/enc2/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/m	chromecache_432.2.dr, chromecache_259.2.dr	false	Avira URL Cloud: safe	unknown
https://p3.img.cctvpic.com/fmspic/2025/01/17/98eec5744f634da69d19b50596a79b1a-300.jpg	chromecache_367.2.dr, chromecache_583.2.dr	false		high
https://js.player.cntv.cn/creator/vodplayer.js	chromecache_502.2.dr	false		high
https://github.com/Valve/fingerprintjs2/issues/66	chromecache_355.2.dr, chromecache_484.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
163.171.132.119	unknown	European Union	54994	QUANTILNETWORKSUS	false
95.101.182.65	unknown	European Union	20940	AKAMAI-ASN1EU	false
142.250.185.206	unknown	United States	15169	GOOGLEUS	false
173.194.76.84	unknown	United States	15169	GOOGLEUS	false
138.113.27.66	unknown	United States	776	FR-INRIA-SOPHIAINRIASophia-AntipolisEU	false
163.171.132.42	unknown	European Union	54994	QUANTILNETWORKSUS	false
2.17.22.168	unknown	European Union	16625	AKAMAI-ASUS	false
59.37.89.184	unknown	China	134764	CT-FOSHAN-IDCCHINANETGuangdongprovincenetworkCN	false
157.185.129.134	unknown	United States	54994	QUANTILNETWORKSUS	false
95.100.110.9	unknown	European Union	20940	AKAMAI-ASN1EU	false
39.107.0.195	unknown	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
163.181.131.243	unknown	United States	24429	TAOBAOZhejiangTaobaoNetworkCoLtdCN	false
142.250.184.228	unknown	United States	15169	GOOGLEUS	false
138.113.147.185	unknown	United States	776	FR-INRIA-SOPHIAINRIASophia-AntipolisEU	false
163.181.131.244	unknown	United States	24429	TAOBAOZhejiangTaobaoNetworkCoLtdCN	false
2.21.65.137	unknown	European Union	20940	AKAMAI-ASN1EU	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
104.21.16.1	unknown	United States	13335	CLOUDFLARENETUS	false
163.171.128.148	unknown	European Union	54994	QUANTILNETWORKSUS	false
119.3.155.97	unknown	China	55990	HWCSNETHuaweiCloudServicedatacenterCN	false
104.21.32.1	unknown	United States	13335	CLOUDFLARENETUS	false
172.217.18.3	unknown	United States	15169	GOOGLEUS	false
95.101.182.18	unknown	European Union	20940	AKAMAI-ASN1EU	false
163.171.130.92	unknown	European Union	54994	QUANTILNETWORKSUS	false
2.21.65.135	unknown	European Union	20940	AKAMAI-ASN1EU	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
39.107.0.245	unknown	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
39.107.0.244	unknown	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
142.250.185.195	unknown	United States	15169	GOOGLEUS	false
140.143.180.217	unknown	China	45090	CNNIC-TENCENT-NET-APShenzhenTencentComputerSystemsCompa	false

Private

IP
192.168.2.8
192.168.2.4

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1614737
Start date and time:	2025-02-14 01:49:06 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 57s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://mm-2.uxr919zm.eu.org/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal52.phis.win@20/548@0/32
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, audiodg.exe, SIHClient.exe, conhost.exe, svchost.exe
Not all processes where analyzed, report is missing behavior information
Skipping network analysis since amount of network traffic is too extensive
VT rate limit hit for: http://mm-2.uxr919zm.eu.org/

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Feb 13 23:50:06 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.983364659273093
Encrypted:	false
SSDEEP:	48:8v0dPTn/i0H40idAKZdA1oehwiZUklqehey+3:8vQ7inDxy
MD5:	7365D422CD2CFD42D0FE82A4DEA45CEC
SHA1:	37ACDF9BC05D08CFB704DC2C3D4531B9F40F0B01
SHA-256:	45C671BBED3348790C2E9AEC7EEED927FACC7C56C6CD59830E5F450545DA7C70
SHA-512:	3F28B9F37C9159E20EE89233D1333785B62C6EBB5018E6033BFAB87E54AC47E8B7C64C9530A7E30DC46131069E8F4A74C4CC232D4C50B401A117603E5B01A57C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......cz~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.INZB.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZB.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZB.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZB............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZD............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........GU^l.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Feb 13 23:50:06 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9997269136422524
Encrypted:	false
SSDEEP:	48:860dPTn/i0H40idAKZdA1leh/iZUkAQkqehhy+2:86Q7inx9Qcy
MD5:	16998ABF5283811747A4EBA6FED30C54
SHA1:	15F03DA4A55AE73369A84ABA3FBEEC1359FE263B
SHA-256:	C9AD1647DCC6192AEFC0D93F2336FB1CE3D517E8DB1247A88703EEAA7A0D5CF6
SHA-512:	913D5FE8E1F24485856C1782BDDC447A36DF364FE21AEBDCFD53A3EC89280F5E011CF1AED7149E89C5FA9217F8F751DA5D20FE95B967280FF599E612DB67D7A1
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......cz~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.INZB.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZB.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZB.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZB............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZD............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........GU^l.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.0102777310114845
Encrypted:	false
SSDEEP:	48:8m0dPTn/bH40idAKZdA14t5eh7sFiZUkmgqeh7sXy+BX:8mQ7cRnNy
MD5:	A5FD7B5A93E9B03263548AFA31678739
SHA1:	FDE553ADED0A70A5322984DFEB1DD27A6E5AF115
SHA-256:	69EE9FECBF35F8C47FDFA3223E4374C9CD7CD753DC8A87501F0A9D4D0255083E
SHA-512:	DE021328C1A8825FFB7D55F5CEE0F1C9F23FC36570B10E4F0201ABB2A4FE7B34744EE829A5A30518A4D473FB7B988E64E66E13EA05E6DE9E6545F53EA358E964
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....C..b...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.INZB.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZB.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZB.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZB............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VEW.@...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........GU^l.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Feb 13 23:50:06 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9995674129151277
Encrypted:	false
SSDEEP:	48:820dPTn/i0H40idAKZdA16ehDiZUkwqehly+R:82Q7inCPy
MD5:	0C8C45C20C96CEA88C86CBEF8F43EB10
SHA1:	88C4FEF6AE04E058816A40F9480682EB2039F080
SHA-256:	A6264120D59D471E8C74E85CA71CD454628D0A34C05AFEF967CDE05639AED747
SHA-512:	BD32489F9B0EC85D0BA3D5DDC260B6440C05C7DF4234A86910564014571C7F7135E14B89390B75F1E3AD77AD6B656E9BE800B6885464386984953F066F96168C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......cz~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.INZB.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZB.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZB.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZB............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZD............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........GU^l.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Feb 13 23:50:06 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9849127032187646
Encrypted:	false
SSDEEP:	48:8O0dPTn/i0H40idAKZdA1UehBiZUk1W1qehzy+C:8OQ7iny9Ty
MD5:	4ED11764D87494409BC8C7FA63C31DF5
SHA1:	82A46DCABB86603500242964ABC68724FA549503
SHA-256:	BE48998023516DC78C24D187818367082AA2C1A56E7E87292F00011D85EC6710
SHA-512:	3724C434D04D9ADF9125CDED8AEE6D2A807F25D07786F7DC3F5257FD8D1D1B4DA9FE71EEE02CA86A8D9CAE87A1BE0332A3ECFBA8F083D4E6D6B042A2FD6E096C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....h..cz~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.INZB.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZB.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZB.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZB............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZD............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........GU^l.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Feb 13 23:50:06 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.99827385896594
Encrypted:	false
SSDEEP:	48:8v30dPTn/i0H40idAKZdA1duTrehOuTbbiZUk5OjqehOuTbNy+yT+:8v3Q7inzTYTbxWOvTbNy7T
MD5:	FA660D7C6264D308D79F89A45A28F5CF
SHA1:	0F8F51B3D79448B866702F904C60C8654C069568
SHA-256:	44311043E49F3EE27E791FA32DCE96F22A8816EE71845278A206AEA6F01C7087
SHA-512:	E0C708BE22FCFF7037CD9848E5E10D2CBCBAF12EF73C284D399BE0438D0544FA25F7F1E2A2CE39B4F87A04076473C38F3C0EE7886BB071CD05779496CBB24584
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....x.cz~..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.INZB.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZB.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZB.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZB............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZD............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........GU^l.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 238

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 966x543, components 3
Category:	dropped
Size (bytes):	49463
Entropy (8bit):	7.934570827436775
Encrypted:	false
SSDEEP:	1536:T25R9INMag3xJYE5l5MWiKrnW4azaZc7WQyL5yhB:yOK3XXBMWDW4a2Zc7WrNyn
MD5:	9267B6AE849FF91BAD24B960FEF2223F
SHA1:	5BF44DFE3697608718A315108B2FB299CE60F772
SHA-256:	226B834783CB29EB2CFC93DC3EE37476D2A3EB0290B4D85EA04E32EE58693790
SHA-512:	65ECA26CC7E1B0CF4AEA990B1ABDF6DABA9817B7CB595D8A34CB15B3C47EFAEE07A1224FC11A2977C33BF1053B377C790B733295733CAE5C1A717BDE77BC03CB
Malicious:	false
Reputation:	low
Preview:	......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....zS...zw<.3y..!v#.Jc..HF..C.....e?(..m9.,.O......*.8..K....<.p\.t..<....8..y.O..94.(..h.%.aN...H...!....61.B..u..Op.#..enT(^.Z..X#/>..E.fA.+u.O:K...o....3...K.v0.....R.J.[.b$#....O4s..X.J..5..a....../..P....J..j\|.q9...0.=.....o.$...f..JM.bqO.\...e.9.....'.Z..A$.tS..\|g.t.G0r..6.....G=.y....DO.5L...z.f..'..%..s]TV.:.P.jU..........8.b.q.....d.J.g..[.`".........".

Chrome Cache Entry: 239

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2311383
Entropy (8bit):	7.997226129697849
Encrypted:	true
SSDEEP:	49152:H830Wp03/rOyqMLADeNfqhBu1BUdBinX1IPEKWJCk12Dhbx7Mps/:H8EWSPrOy3LvGQnyC1IMKWJCkg91MpW
MD5:	C18C43643E6EA5BA677FA11AA76B8E7E
SHA1:	04969AAF493266BBA3B95F850BEBC24F5914EA78
SHA-256:	2267E00A9BDFAF382ABFC0BFDAD09CED886ED75DCCDD0281FC0C00FCB5D23AC5
SHA-512:	AED0E3BF2E8457348F96255283F5D775E40C31770E54BAB8AFCB16B07D201FA341447CC413542B8E92A0191114ADCAD295DDF573CEEDFDD6C9C603C145468F4A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............}.V.. .IDATx.....$.U%.c......<W.J.%.......M....h/.f.V.....x5..oZM7`..1v3.X...I.%YsYU%U.j._.1.9...Fd.....W.[..efd.{.=..}.9W..... A.,..\|.e:...t.d..oX&.$F..0....4M.%.....7.`$1,..4..6m...h..S.O....."H........kZ..:0.e.x.....g1V=.v.......D..`!..lY..;w........(.^..g.~..=......1..e0u.s^.MK1....G.J... .e.C.\D....c.....]y....=7\.'.y..../!L....$.`i:.8F.B..fY(Y..s..r..=.Z...R...O!._.=k.3.U..^.R>_y.v.])Y}...H...4......4.0..0..S.u9..!2.r..3o...v..rY.H4..Ry.{>....^.6=#...dK2....~...e..J...~.,..X.g.ed....,^...d6..&....x..Gqm}.Q.a......8x..fFGqK...5Rd...QF..(u:....]...M..,...y._..........O?..../.....LG.....d.f.G....7n._~...e..\Y^...o....7..W...^hg.Q...C.]$..h..w.n.!-[..#.][.6`.<<...)s..?....>N..?..R...h6.X.i+n.....?..k'..)...p9j.5.\|.~..._y.....N..K.yt.>.8.n[.....A/YpJ.t....W.a.6..a.2Zs.Y&..B......i.(..y6.Q.r.,.;...hJ..?.i.p'..<I...i.d;.o..4.,....t[.8.l....e...Z.r....:.K...Q..8.D^).....F>....F..q.f.>.2..\|.}...._=

Chrome Cache Entry: 240

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1327
Entropy (8bit):	6.863353478916793
Encrypted:	false
SSDEEP:	24:t1hiyWwjx82lY2T37VjyW292yJ3VjYbwpGRDXDpl8/ZETthvlSi5:TuNn2vcJ3DifoIh9Sq
MD5:	21E2695ABC63B54DC1610E53F94E5C78
SHA1:	B1CBDE8101699E0F8FC7844E01D481AEB2A8CBB5
SHA-256:	967EE76068E645DE21C70B7EAC483BAD95AABA3C1B06188FAED588B93651C654
SHA-512:	0BE3DEE0E622D549C4475E15A3221D11835AEF61CC63D67BBCA7E707F9757FAB54B4C46CAE2481C94D2C0D79D6FC4DC035EEB91CB11EB2B296A41EA8EFB722BF
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............V.W....tEXtSoftware.Adobe ImageReadyq.e<...&iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c067 79.157747, 2015/03/30-23:40:42 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2015 (Windows)" xmpMM:InstanceID="xmp.iid:FBCC9ED3ADFB11E98474EB9FA7D1D81D" xmpMM:DocumentID="xmp.did:FBCC9ED4ADFB11E98474EB9FA7D1D81D"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FBCC9ED1ADFB11E98474EB9FA7D1D81D" stRef:documentID="xmp.did:FBCC9ED2ADFB11E98474EB9FA7D1D81D"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...Y....IDATx...+Ea...y.R..;.6.....Y.b...X...X...K.+J,d.d.di.(..Xd..9....S.u..W.N..s..=oL .."*..hC3..~...c.......

Chrome Cache Entry: 241

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 208 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	5724
Entropy (8bit):	7.688841949712854
Encrypted:	false
SSDEEP:	96:Ho7F8knmWIYq/+koHf7HpH06SZwGB4TSl90ovsCAfNUshxC8ItONEVvRJ5uUqyQf:I7F8knvT/7JDbk4w065uC8TN4/U/y+mS
MD5:	81CB192B6E3EA564BE9BC5DFDBC46E93
SHA1:	9EE9021E719CC1F87EFC2FC9F7E37CEA41165B37
SHA-256:	57E93544A7DD0982C163784073C7E7D123A0A24381A0606894BC5E8B1474EC76
SHA-512:	5FE7F996FD4DF7F48C5FED8B6F3A5745BD5FB6B3F05C4F83F576558A818B9A50C124E7E679CDAB46CD78CEFC7B50A2099A94E759D3B54C3FC67CE341A5182C1A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......$........{....pHYs..........+......iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC (Windows)" xmp:CreateDate="2020-11-27T14:50:56+08:00" xmp:ModifyDate="2020-12-02T13:18:49+08:00" xmp:MetadataDate="2020-12-02T13:18:49+08:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:63841f97-dd18-b540-9767-47062e9bfb67" xmpMM:DocumentID="adobe:docid:photoshop:a9dc7d03-5055-704a-8bd3-d5dc4709016b" xm

Chrome Cache Entry: 242

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0950611313667666
Encrypted:	false
SSDEEP:	3:CUMllRPQEsJ9pse:Gl3QEsJLse
MD5:	AD4B0F606E0F8465BC4C4C170B37E1A3
SHA1:	50B30FD5F87C85FE5CBA2635CB83316CA71250D7
SHA-256:	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
SHA-512:	EBFE0C0DF4BCC167D5CB6EBDD379F9083DF62BEF63A23818E1C6ADF0F64B65467EA58B7CD4D03CF0A1B1A2B07FB7B969BF35F25F1F8538CC65CF3EEBDF8A0910
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........L..;

Chrome Cache Entry: 243

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, baseline, precision 8, 800x450, components 3
Category:	downloaded
Size (bytes):	117637
Entropy (8bit):	7.951133516258948
Encrypted:	false
SSDEEP:	3072:5xL0yYsyLRYFUjHe3TNPsVR+H4rROyVNYdgVIXHn9oJ:X0y4LRYFUHYZy+H4rxVvm3nqJ
MD5:	E36726051D702E84B8ACB04A6EE0F406
SHA1:	D563867E960233804B1F34C181D4FE144BD3C556
SHA-256:	7664E3C2F5E9983FB5FD0F7B6CA9CD3D1344CAAC831CCE4432583ED0F239C2F9
SHA-512:	496B56B35226AC08F2E5B59C7C8B20343C2D75087852A56A4E6687C88CD0C8C4CA9D070BE0950A1DD6EDB4881DBF2F1FB8F1D00E1E705EBA9478002A05F2F245
Malicious:	false
Reputation:	low
URL:	https://p2.img.cctvpic.com/photoworkspace/2024/12/27/2024122714504016973.jpg
Preview:	.....Phttp://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c138 79.159824, 2016/09/14-01:09:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about=""/> </rdf:RDF> </x:xmpmeta>

Chrome Cache Entry: 244

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	M3U playlist, ASCII text
Category:	downloaded
Size (bytes):	604
Entropy (8bit):	5.32432394525828
Encrypted:	false
SSDEEP:	12:PtoN08YSnYZQGwoN0JxtYZRwoN0hMwYYZiawoN0LFwpTYZO:loRYSVFo8xdo7omgJ
MD5:	AF17B9608CEEE4E4CCA9BBB37F00EF6D
SHA1:	FE03A839B560B4C9C93A9905BB70E50C7F80BE80
SHA-256:	13D18692905176813129EC2F4F221F57FD9DC8FEB134A08E99682734D03C2504
SHA-512:	E253BC1ECF209C6921869C9466D4E82106FAB92040F37815A5F92A1F28D53CB232CA8564943A39F8FED0D420907664675767F845D21AFB74E21704AF1EEA8480
Malicious:	false
Reputation:	low
URL:	https://dh5.cntv.cdn20.com/asp/h5e/hls/main/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/main.m3u8?maxbr=2048&contentid=15120519184043
Preview:	#EXTM3U.#EXT-X-STREAM-INF:PROGRAM-ID=1, BANDWIDTH=460800, RESOLUTION=480x270./asp/h5e/hls/450/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/450.m3u8.#EXT-X-STREAM-INF:PROGRAM-ID=1, BANDWIDTH=870400, RESOLUTION=640x360./asp/h5e/hls/850/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/850.m3u8.#EXT-X-STREAM-INF:PROGRAM-ID=1, BANDWIDTH=1228800, RESOLUTION=1280x720./asp/h5e/hls/1200/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/1200.m3u8.#EXT-X-STREAM-INF:PROGRAM-ID=1, BANDWIDTH=2048000, RESOLUTION=1280x720./asp/h5e/hls/2000/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/2000.m3u8.

Chrome Cache Entry: 245

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	730
Entropy (8bit):	5.067657987391232
Encrypted:	false
SSDEEP:	12:+20x/YEYEeQ98Ymrny8Xw3L8ICEpFQrMESLbtFwpYm0hSJUfspuRP0LD6tXfu3mn:+bwEv98Ymy8A3X7VvLbPwpYV0JGspume
MD5:	745D80F2A67167C9CE3ED8A506E0CEFF
SHA1:	E264326ECEA25A201969919316AD3717998B2384
SHA-256:	DB0BDA87A99744DD985C231D7B48BAF91561706A927FFF46D216E0259ACA44EB
SHA-512:	08F386104E40C54B287BCA651804691458D3990937B35A06A2C10B7B8545F42668B03F674B89535E7D90412CD4EE36A707BE84F5584292DBB5D070D4B16B738C
Malicious:	false
Reputation:	low
URL:	https://r.img.cctvpic.com/photoAlbum/templet/common/TPTEb9d46l9PrknkCbJF7vpo201225/getArea.js
Preview:	let country_code = ''..function get_cntv_whereis(cntv_whereis){. var chunwan_areaInfo = eval('(' + cntv_whereis.replace(/(^\s)\|(\s$)/g, "") + ')');. country_code = chunwan_areaInfo.country_code;. //video_player_box();. setCookie_tvzhibo("country_code",country_code);.}.function setCookie_tvzhibo(name, value) {. var Days = 0.25;. var exp = new Date();. exp.setTime(exp.getTime() + Days * 24 * 60 * 60 * 1000);. document.cookie = name + "=" + escape(value) + ";expires=" + exp.toGMTString().}..function getArea() {. return country_code.toLocaleUpperCase().}..// let areaEl = document.createElement('script').// areaEl.src = '//ip.apps.cntv.cn/whereis?client=html5'.// document.head.appendChild(areaEl).

Chrome Cache Entry: 246

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x450, components 3
Category:	dropped
Size (bytes):	24760
Entropy (8bit):	7.899851235011195
Encrypted:	false
SSDEEP:	768:NviO2ymdgSiOU7OS9A2+uMvumBdu+poxK:NviO2T3iqiV+J5dWK
MD5:	60DEAC9A206D83D7E2EBCB24EB714EB8
SHA1:	E28FB94EF0090F415CD4FA4C93D636F21CC6D445
SHA-256:	A892E25EF2170FF54971A99561419A7F1B5E7C92CC3A7C1A3213218161D0A189
SHA-512:	BEF50A8C2B29CD5C45D53F45EF44BB6A92217BA5D15308120AC723B6693873F6A514C1B6BF29FA99BFEFB38FBA00900BD840AE1E8B1E8DC9E1A8AFDC97106592
Malicious:	false
Reputation:	low
Preview:	......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222........ .."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..z1.){T\....R..CIKI..$.Pz.I@.zSM:.I....5....k\.F......z...s..W...6Q.]....j..O......(.d..$.%.................'......f...AP.r.j..*1.=I....N.}).G.O...`...u.`......W`Ep.....G....q...=3P..Gkj\......O..}.{.v.....l-..Qq..Ker..W.!..6.p..\|.F..mM.Zh.y6....G5._k.3..w.8#5kL...In6A..nf......W.d.m.j....s..9i.....n...h.x..........y.-..MH.S]...z....-$.Y...y..K..-.....k.<

Chrome Cache Entry: 247

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 39 x 39, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	815
Entropy (8bit):	7.570483818536742
Encrypted:	false
SSDEEP:	24:2thN8eGX9l3w7hA8iS0X8Y1FERLeuoDYU:2t0eG4CSc8Y1FE5e7YU
MD5:	31896F59D62F4B17F836B6247E6D088D
SHA1:	FA2D770ABAD351B24A204A2C65776364A110C789
SHA-256:	AE0CDE415A5103707213A3550DA4FD759FF271FA358584650D90D4FDD6F2FB07
SHA-512:	CFFBAD7218AF38EFEB46D706A762978CF5B9C7B7B746CAF361DFE5B43A85261382C32D10A4DC6F101D735D05D8C1745962269E25BEFCA968A292BAD99E480A25
Malicious:	false
Reputation:	low
URL:	https://p5.img.cctvpic.com/photoAlbum/page/performance/img/2021/12/27/1640578430802_655.png
Preview:	.PNG........IHDR...'...'.......Q5....sBIT....\|.d.....pHYs..........+......tEXtSoftware.www.inkscape.org..<.....IDATX..M..Q......?%b1...[..lfd..))K...eg%.$."....+)..a!#Y.)$.DQ4..woMc.....{...~.}.9.w.9o0.u.p.......yF.A.6p%"~...nV.l-UuS.).b.c`...."~.=.."..5...R....W.j....V.Gd...:.,j..$..:F..h3..b..9...._.%@w..6.oMl.w...yV.w..<R.5..H.../!vQ..T.P....y......J}. .J-,.u.zU......R0.g....[.[...".O...=".....F.......V...oO.C.P..-C..:+'A.z..$Qgk..."..9.S......%E.....].FA.1..."b$E.l.+..........1%.h..... 3.mIQ.K.z:..9.hJ...Q.L....y.=@.z.".OA,..e.Ha.......Y..eU.b..z..R..L..S.5!.>,...\..j..&v..$e..1uv..\|...1m..~.n..k>.O...1.(.....I............T.c..X.PM...x.<.....Q`!....z.]...B..[..."......9.V..V[.0P.........R...#.(..?......./....b+.Rk..-..@y.........BVV.d.._./..%.....-.....IEND.B`.

Chrome Cache Entry: 248

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (460), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	21189
Entropy (8bit):	4.935795662416669
Encrypted:	false
SSDEEP:	192:HoLmvD6YcWXOLrhTON3jmi8JNov2QLpouMYkGMNKkgnN2tWB/ynu5RZRp1F:HoLmvDlpXQrhTOZjdWov2QL+FgnN2gZ
MD5:	3AD9F21D24F6A1BE5679F14843C34C34
SHA1:	CD4C4841741B2A9183EDAE0EAAD90B4FC4EE1854
SHA-256:	4858C43293EF27100033E47497105983379506CD9EC12721AC7BEE88F899C45C
SHA-512:	DA02774556443798DB6524ED27EBD4792B83479955F2521786170FAEF210C1E2BAEA3CCDDC9A887E75EB0E51054FDE5BDB961B880655EA40B9D9DE8907F4D258
Malicious:	false
Reputation:	low
URL:	https://r.img.cctvpic.com/newcctv/global/topcontain/style/style.css?3ad9f21d24f6a1be5679f14843c34c34
Preview:	.header-box {max-width:1200px;height:100%;margin:0.auto;padding:0;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row;-webkit-box-pack:justify;-ms-flex-pack:justify;justify-content:space-between;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}...header-box .sidebar-menu {position:fixed;left:0;top:0;right:0;bottom:0;z-index:99;background-color:#00000080;visibility:hidden;opacity:0;-webkit-transition:opacity..3s,visibility .3s;-o-transition:opacity .3s,visibility .3s;transition:opacity..3s,visibility .3s;}...header-box .sidebar-menu .sidebar-menu-list {width:240px;height:100vh;max-width:100vh;-webkit-transform:translate(-240px,0);-ms-transform:translate(-240px,0);transform:translate(-240px,0);-webkit-transition:-webkit-transform..3s;transition:-webkit-transform .3s;-o-transition:transform..3s;transition:transform .3s;transition:transform .3s,-webkit-transform..3s;backg

Chrome Cache Entry: 249

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	362611
Entropy (8bit):	7.994350276982179
Encrypted:	true
SSDEEP:	6144:Y8osNcHRJEnFTQD1SdGPD+VFPTDoIfbba6GbxK7tYqKEZn:Y8os4ND1rK3TDo+KbxK7GqKun
MD5:	9E3A55B72DA94D6F40C19CD73577E8A2
SHA1:	BAFEF0F4C774579732FDF6247B8CE809618A9757
SHA-256:	A639AD357E1326C403D08255755EDD712E44FCC0179CB807E542E1CE156F1363
SHA-512:	84FF18F2F9752B79A5880AD4DFA768812E0285F96739BA08D7EE31350DEF3CB1DE70B425E4151AAB9E1197877B0F901B0D5CC87265500178E9455BFAD3800E47
Malicious:	false
Reputation:	low
URL:	https://p5.img.cctvpic.com/photoAlbum/page/performance/img/2025/2/6/1738826185032_318.png
Preview:	.PNG........IHDR..............}.V.. .IDATx..y.....H)"..V......i.....?.=...^nm.......c!.."......).+.........WO...@.R.!......c?.y..s...WS..&.....j.w..M\..._.o.v...z..s2.?W..1.J..Z.1..F./.M#?...k..U....a.t\//Si-?......E~=8'.%.,u....YyoK.:....~.......?..;.Tvx@]...^.....9....=3..9.........%.......................S.9R^.WA.K.t..T........<]-.. (.....D.K._....;..................G.g..u..w..GM.u.:..5.}....G...\|.......<.0......q..........P..yG.q)."..Z.u..g...i.eA....Ui.VZ............._........=.C.....pG@..........&8.#c^..=..^...O.....^~,.)-.....;...T.....I].....b%..O..7(....\|.;.j1.v......\.Px........................:.....IX..M..:/n@..R]......B.E:U....g.o..[r..\.2.H.....@P<-#..............Q.K..~....%.Px....<.}^S..w........p2.. .%....7Q..&.o.\....U...\|.Qt(.u.}.gR.o..4...(......%..<#......pu. .n....q$.!..i..3_..&aP.^......vS.m..h.46l...................<......I...../...N.9..=..........o...^p.......OW...[..i.;S1.v.u*.v.X.{.%.M+'.......-.M..,....5.K.U....W..

Chrome Cache Entry: 250

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32015)
Category:	downloaded
Size (bytes):	87669
Entropy (8bit):	5.356107361206808
Encrypted:	false
SSDEEP:	1536:9a01kzuDClkRFagnCzk5X5eIuc7cJlbH0nbhowJCCUkPhH6r6:9NSuDNFBX5eIlwJCbGgE6
MD5:	5F9AF7975B91CE25237B8F07AF45D094
SHA1:	F4E6D2358DDEC66A35BF68470BA3BE18EC83589B
SHA-256:	6A42B2AD087DE2AFA8A66F0D18A7573E2EAEA31D27CF4B21A22EAD31E3001634
SHA-512:	5BC6547A8C10AF45FE01A603689DA8E37E85D9CAC95F8CD28462407B1D65ED4F373461C0A2A1E83AF464514F37CE9420938B8162966B0D1F1BA3C7EE76517418
Malicious:	false
Reputation:	low
URL:	"https://js.data.cctv.com/__aplus_plugin_cctv.js,aplus_plugin_aplus_u.js"
Preview:	/! 2021-01-12 21:25:53 v8.10.5 /.!function(e){function t(a){if(o[a])return o[a].exports;var n=o[a]={exports:{},id:a,loaded:!1};return e[a].call(n.exports,n,n.exports,t),n.loaded=!0,n.exports}var o={};return t.m=e,t.c=o,t.p="",t(0)}([function(e,t,o){"use strict";!function(){var e=window.goldlog\|\|(window.goldlog={});e._aplus_plugin_cctv\|\|(e._aplus_plugin_cctv={status:"complete"},o(1).run())}()},function(e,t,o){"use strict";function a(){var e=l.getCookie("userSeqId");if(e){var t=document.getElementById("tb-beacon-aplus")\|\|document.getElementById("beacon-aplus");if(t){var o=t.getAttribute("exparams"),a="uidaplus="+e;o=o?o.replace(/&aplus&/,"&"+a+"&aplus&"):a+"&aplus&sidx=aplusSidex",t.setAttribute("exparams",o)}}return e}function n(){var e={};try{var t=goldlog.getMetaInfo("aplus-rhost-g-map");"string"==typeof t?e=JSON.parse(t):"object"==typeof t&&(e=t)}catch(t){e={}}return e}function r(e,t){var o=n();return o&&o[t]?"//"+o[t]+t:e}var s=o(2),l=o(3);t.run=function(){var e="";try{e=a()}catch

Chrome Cache Entry: 251

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, baseline, precision 8, 800x452, components 3
Category:	dropped
Size (bytes):	63059
Entropy (8bit):	7.979587982128859
Encrypted:	false
SSDEEP:	1536:OQV3jioVktr9CvyMmBXSxBkG3qQJZu7WUUS:OA3Dk/CvyMmdKBf9ZHUF
MD5:	0753D9EE34FC8F515F4D93694AA073F3
SHA1:	B3899B95BAC3EA77D1F2D20F161EFDE80E823C51
SHA-256:	848623570D8E8A2B4963CD869A939FD11D26BD92AF4039562ECADBDB6ECF7D6E
SHA-512:	B5F21A3677F18044E719AA8AC3252F7A21EEF5A9546307ECB8429DBD5788EE8ADE027F1749ECC7B32D016900AE5F43EC54215873D230664512CBC120BC9BE940
Malicious:	false
Reputation:	low
Preview:	........................................................"!!!"&&&&&&&&&&........... ... &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&.....d....Adobe.d............. ........................................................................................!1.A."Qa.2q..B..#R....3b...$r.Cc...Ss.........................!.1.A"Q.a.2qb................?.A.....QU.b.k..%";..KG...Q.\(......cu9..(..x.s3PHPnqe....j}wZe.k....u'........L6..)"..Qv....\V.=.e.k.c..z+...3[p. s..=E'....%?U........B_..{"....P<B......vQ..S,l...rsbQ....V..#.y\|.8..y...@..."-k...sO.Y.et...$7nS..V..\.D.U.......2.....B..!.#h..GG..."J...UE.l.M)..c .M.......d..6P\|..x.Ra2..4.U= &"BV.b.B..y\.P.1.\.L>EF.)...w.FD.T.e.....Q.cJL.&.....*ax)2n.%....d3....c...0.A./+.s.4.\|\|g......[...w@.`\Z.....O./...K[..u...T.{>Rlv\.....U.....A....<.W.V>k..N...q...u.g!...7.\|.//...]A...>?.9...6.u.<^.K3-.Tk..".v+.h..=y,O^.h..-s...0..wx...2....]..d..j..Z.6.F={.O&.i.\.0.......G..&....U.<......a17.u..UC....Eu..J..}ni..c

Chrome Cache Entry: 252

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1550941
Entropy (8bit):	7.977923298330864
Encrypted:	false
SSDEEP:	24576:kYScge+cUZdB7UiufoP/AyymnvofgBXK9w7zeeON6utapZPE4ph7BVMP6Z8mmQUD:k/1Zr1/vof/uzcN6ut2ZPrphDtBmQY8u
MD5:	CB8FE9B79E8B066D60EA5AED7B698375
SHA1:	8C6241225EF80DECC2543C4FB452AFB8B0F8CD58
SHA-256:	3593EC5C89953218D7A2BAEAC3352338A3E8859A890CC8C719C0CE5C69134EE4
SHA-512:	719A449D05AF2E7597AE1FEFC6EC4D7D72DD9C0EF024F008B5C80A524841565B3D321A4BEA344F2FE760ED850D708D9E31872968DFE77D52506FED4978D092C8
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............}.V....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^..u..W..{.Os.I.,Y.X`fff..-.,..bff(.H.....\b..{w.3w.{.<s.....+2bed.$.ro..y."."3.R..............F....n../o........4C....t..,n....d..xD...$~.u...\.4l.Xn. ..>...2.w...;...n.{...2.7...AW..W_.G\..?.k...n.....\|...p..~....g\w...c....?...ur.U.......t......\.;.o..A...........g...x.~^Cn......2..........r...cC.k....."...s.MC..n.Q3\|....0.\.'...E.z...D>O.6T.=..t.f.P.n.Fa.?.....!... .7l._l...J...b.M....B\|f&7.......a..k6.y..>!7_}A\...a7..NP.G...2D.=\..u...z..n.fv.l6.F.]ig..!C.....m..:.w.S......\|....[....0........%..]......z..?....3.W.S.W.ms?...q..oa......;~.M.2..?.J.[h2.fZ.g.....g.Ul.k,n..Z..u.9.Z..6..Al..A.!n..#..Q..F^...Z3.j.p..p..z5\|. ....`1j.`.........#....i...E..z..o.u...C=.;.&.:z$..7...y....r....N..........<t..~.n<.....=...x.......g....=.g.../..<^z.%...x.....o..7...o..w.y............}..>..c\|..'...O..g.a..../.......'..8y.&.5.S......0...9G3k......._.9.

Chrome Cache Entry: 253

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (49213)
Category:	downloaded
Size (bytes):	366342
Entropy (8bit):	5.244344787849417
Encrypted:	false
SSDEEP:	3072:348st0AZnvwFp19My4vzOdI46LhdIwdRKUpqlFleY8o08JySl1uP++:348st0AZnvwPsy4rUwVslFh08Jz15+
MD5:	F7040CFE9E5770B3E27A5B1C4CCEA802
SHA1:	7C3AEB804ECCCD6D599DDB8437C6306B4FDCE544
SHA-256:	F9A75030EF7FF5ACA8A63CF28673C0A9A7701AA8A0A4D33225561B82BB694FD9
SHA-512:	176116ACAA1D9907D2C6AAA92A19A8654437B256A254A4B7A99FEE54F7BC6604B68AC2AA6AEE9D007B80D4A9D08BD15175E069573371F61BB965F51CFC470A86
Malicious:	false
Reputation:	low
URL:	https://player.cntv.cn/h5vod/video_novhs.min.js
Preview:	/*. CVP. * Copyright 2024 cctv.cn All rights reserved.. * CVP is made possible by the Video.js open source project and other open source software.. * @license. * Video.js 7.20.3 <http://videojs.com/>. * Copyright Brightcove, Inc. <https://www.brightcove.com/>. * Available under Apache License Version 2.0. * <https://github.com/videojs/video.js/blob/main/LICENSE>. . Includes vtt.js <https://github.com/mozilla/vtt.js>. * Available under Apache License Version 2.0. * <https://github.com/mozilla/vtt.js/blob/main/LICENSE>. */.!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e\|\|self).videojs=t()}(this,function(){"use strict";for(var e,u="2.2.1",c="24.07.15",d="7.20.3",n={},s=function(e,t){return n[e]=n[e]\|\|[],t&&(n[e]=n[e].concat(t)),n[e]},i=function(e,t){t=s(e).indexOf(t);return!(t<=-1)&&(n[e]=n[e].slice(),n[e].splice(t,1),!0)},p={prefixed:!0},t=[["request

Chrome Cache Entry: 254

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	100
Entropy (8bit):	4.500525755543261
Encrypted:	false
SSDEEP:	3:YNQjGf/XdUkkcsHGnSYtUkGTTVK/xClyVSlXKg:YOG3dUkBxSc+6Ilf6g
MD5:	7595F803769F5B8CB6EF0AB207C1ACFF
SHA1:	D5CD704DB1388E09B4CD67AB45534B9A23A578D8
SHA-256:	F573021CCDEA06724466CA48A7B7A6172C98A13CF754C34920447F7DD7E7B1FC
SHA-512:	4ACE38070EC8C96B96331E9144A4C7DD7DD9A40E2D1C005A6700C06FAC5FD9F7775A0531454CA38D6C81CE7F6F95BDAAE3070D993BD8006668B4461968DA8C74
Malicious:	false
Reputation:	low
Preview:	{"h5player":{"ver":20190904,"md5":"c7ed5a71dbe4dee1a2ba171f660ee98d","BTime":"2019-09-04-20:25:10"}}

Chrome Cache Entry: 255

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1491 x 839, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	772224
Entropy (8bit):	7.983201726170908
Encrypted:	false
SSDEEP:	12288:2KmV9Ar1vR/z0kLzQOutbscjDvcQ5VVQPAeO13q+kLkmWFO9vCD5kk7hqICkAHvQ:2Ka9ArIk3QntbseIQ5VcVQ3KWFOY5k4L
MD5:	B23AA9A25DD7A0428E8B6DB4996A5B40
SHA1:	1646AA6434C2FE3DAF4AD763FFFA0B2557E8ABB6
SHA-256:	A23C65259EABAB6C8F232C3E1E947FD87EF6FF93FA3EBABFB7823B3D891235AE
SHA-512:	E216E52CC45D35F5C31D9FF0ED5E9DC4F157B34E6BCD73A0AC2B54F77FB0D183094BB7B601851F90D03E70D3CEFB5365B48DD56AE32E596DA68E2D43084E2628
Malicious:	false
Reputation:	low
URL:	https://p4.img.cctvpic.com/fmspic/2024/12/10/5e697954518c48c580e45c00f6d7bc26-1.png
Preview:	.PNG........IHDR.......G.....R-S.....pHYs..........+......iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 7.1-c000 79.eda2b3f, 2021/11/14-12:30:42 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 23.1 (Windows)" xmp:CreateDate="2024-12-10T15:30:37+08:00" xmp:ModifyDate="2024-12-10T15:31:39+08:00" xmp:MetadataDate="2024-12-10T15:31:39+08:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:2a542598-3b47-084e-b4e7-57e8e3d849c4" xmpMM:DocumentID="xmp.did:2a542598-3b47-084e-b4e7-57e8e3d849c4" xmpMM:OriginalDocumentID="xmp.did:2a542598-3b47-084e-b

Chrome Cache Entry: 256

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=II*], baseline, precision 8, 960x1080, components 3
Category:	downloaded
Size (bytes):	357847
Entropy (8bit):	7.977341573483653
Encrypted:	false
SSDEEP:	6144:4nBFQ6bq9ook1UYsK8tPiFLX4Lk/CjmNcT2aV+EWmmdBAFAfU4FO7yU2Qao:4nLnAooksU+OCjmm+EWLmy5U2Ro
MD5:	CE2EE03149F9333074512D62930DD2F9
SHA1:	B108063A1C106641B9320F32BA0036F5568463D6
SHA-256:	2FF8D10E410FC339873B7954BB7EED1537D9E9D5E873F6B9BB715F46409A83E8
SHA-512:	FB73640A805DB1B325A76BC359DE604C66798EAB608755F4928D1DDDF883A6D36AEC93F78FC5E5345A875E57DED5141E65433D5DC9E0E931E6FC06B9692233BA
Malicious:	false
Reputation:	low
URL:	https://p1.img.cctvpic.com/photoAlbum/page/performance/img/2025/2/10/1739173539901_473.jpg
Preview:	.....$Exif..II*.............................Ducky.......K......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 116.164766, 2021/02/19-23:10:07 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:92AAA987E78211EF8BD1ACE364086E5A" xmpMM:InstanceID="xmp.iid:92AAA986E78211EF8BD1ACE364086E5A" xmp:CreatorTool="ACDSee ...."> <xmpMM:DerivedFrom stRef:instanceID="B63518E044D05F792E23FCD505315E7F" stRef:documentID="B63518E044D05F792E23FCD505315E7F"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...HPhotoshop 3.0.8BIM..........Z...%G........8BIM.%............x/4b4.Xw.....Adobe.d....................................................................

Chrome Cache Entry: 257

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	111615
Entropy (8bit):	5.069042199643561
Encrypted:	false
SSDEEP:	1536:Rr0K6PkruQ+hfuKJ0MuvcwmXCYzGbIxqzSoGa8qMfZ3f+:90K6PkruQ+hfCvcwmSsGbUqzSBqMfZG
MD5:	6F020C42056BF901B5282C4058D82E4C
SHA1:	95A30FBF00406B71572A41D2F2A4E8286B7E236A
SHA-256:	5D000A01803173F41CE71F2CE0E65B7F871405DD00F70B35B6BF2A5A88321F53
SHA-512:	9EEA4C0AB287BB219CA5D0805C2A1E759E44A57E60939D3ADBC92F393C9661987C8B67E474CCFB256DCA84CEDE57B4E359146D65D5E96FB63CAA8D0804D89925
Malicious:	false
Reputation:	low
Preview:	!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports):"function"==typeof define&&define.amd?define(["exports"],e):e((t="undefined"!=typeof globalThis?globalThis:t\|\|self).BetterScroll={})}(this,function(t){"use strict";var s=function(t,e){return(s=Object.setPrototypeOf\|\|{__proto__:[]}instanceof Array&&function(t,e){t.__proto__=e}\|\|function(t,e){for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&(t[o]=e[o])})(t,e)};function e(t,e){function o(){this.constructor=t}s(t,e),t.prototype=null===e?Object.create(e):(o.prototype=e.prototype,new o)}var c=function(){return(c=Object.assign\|\|function(t){for(var e,o=1,s=arguments.length;o<s;o++)for(var i in e=arguments[o])Object.prototype.hasOwnProperty.call(e,i)&&(t[i]=e[i]);return t}).apply(this,arguments)};function i(t,n,h,l){return new(h=h\|\|Promise)(function(o,e){function s(t){try{r(l.next(t))}catch(t){e(t)}}function i(t){try{r(l.throw(t))}catch(t){e(t)}}function r(t){var e;t.done?o(t.value):((e=t.value)instanceof h?

Chrome Cache Entry: 258

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2080687
Entropy (8bit):	7.980663461148781
Encrypted:	false
SSDEEP:	49152:rllHejijN4akaVPTI3moVI7Nyiy7Y/Oah:3HtjnTI3moK7EiE9ah
MD5:	84DBB637ED678DA86B698AA36D023220
SHA1:	F1C030E826C43E0E6B9C142F0B9473DEADB4D20B
SHA-256:	4583CE38312535F8039C4B040B319ACA8423CA28F32A0CB67F20FC4E0986F2A2
SHA-512:	3F10D7B90236A37740992F1CD22758F1B71602964D47BDBB1AE638BAAA4C420600D0DA0BE758FA84D93699CC05DA524F8C5950C5F11EC0BAAD84360463E9425B
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............}.V....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^.u.$.u.-.c...I..M......V..l...q.ZI.Ziw........3;;....L...3.;..E.3.d..^............g..A......cS.........8; .l..G-.,y.oK.@.).4.@."..~...F+...%_...O.p.u0Z.....F.....`.......1V.I...O.........X..'..4.5~.F........m?...[a..q..x.F-..o...[..Y...x.....5..m..o..>G..........6f..t..V......7C............1.h.a{3.......1..Z...:.`......U...T.ZK.......Uz..Tz....1.....W..x......,A}.....gM.k...:.qV%..".q.......4..%..(.....Yp......{.Ip...{.q......a....{...X..2....>.f..[.n....K...3e....]...S.0..........I.....,.k....LG....Y...%.......:..3ri>c.z..E/d.1.xJ..:DG.<...F:/........q.=.G.vqJX#..Y....E/....+.k.......-gl...+.{.rA.~.q$.d...q$.blW.0...W.3u.cO.827.-s.X3..%{.X...#./8...;...."..........S.[qVPy...t.\._-N.c...D..!........j...&...e.=x..T.Cwe.JOy,x./.....s.3.4r....QA.a.Up.\|%..s......U.........0.x.F...X.!.w....a....q.i...3..&..s..q.q..@y...3...a...`."...m!..#L..0.[# ....f.wd....2._e.a....=F

Chrome Cache Entry: 259

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	2468
Entropy (8bit):	5.520449670368299
Encrypted:	false
SSDEEP:	48:YAkuAVxHlGicIolWolVolMol/sG1QYFDD9ZEeudHyfO:YuAjHlZcIolWolVolMol/kYFXLCy2
MD5:	2568C7A6590BCFB11155A64FD82C8948
SHA1:	9FBC5DE80769B665B072F3FE6F8FABC759C32D17
SHA-256:	DBD0F2E71448BE34FF0A5F3B6EBBBC6F007F11CE9536692C57E5338386AB2C92
SHA-512:	DEDBBB17699421D49F95FEAC1EA2DAEF7024AA53125CB31A4A06A9CA12987A67D1C72661092FBE18FEC6C7FCECBC9ED4F69F24BBF3109B3BB69BBF701435040E
Malicious:	false
Reputation:	low
URL:	https://vdn.apps.cntv.cn/api/getHttpVideoInfo.do?pid=0c74829e770b484e8fee35d49cdbb63e&client=flash&im=0&tsp=1739494272&vn=2049&vc=E80F0E1DA4B78CC94C3C844055B8748C&uid=1CED69A06A6111C2A7E453A56A41CF89&wlan=
Preview:	{"ack":"yes","status":"001","is_preview":"0","tag":"... .. .. .. ..","title":"....._global","play_channel":"....","produce":"","editer_name":"ptjszx","produce_id":"jksz","column":"............","f_pgmtime":"2025-02-11 10:37:29","image":"https://p4.img.cctvpic.com/fmspic/2025/02/11/0c74829e770b484e8fee35d49cdbb63e-180.jpg","cdn_info":{"cdn_vip":"vod.cntv.cdn20.com","cdn_code":"VOD-MP4-CDN-WSSEA","cdn_name":"3rd...."},"video":{"totalLength":"103.21","chapters":[{"duration":"103.21","image":"https://p4.img.cctvpic.com/fmspic/2025/02/11/0c74829e770b484e8fee35d49cdbb63e-180.jpg","url":""}],"chapters2":[{"duration":"103.21","image":"https://p4.img.cctvpic.com/fmspic/2025/02/11/0c74829e770b484e8fee35d49cdbb63e-180.jpg","url":""}],"chapters3":[{"duration":"103.21","image":"https://p4.img.cctvpic.com/fmspic/2025/02/11/0c74829e770b484e8fee35d49cdbb63e-180.jpg","url":""}],"chapters4":[{"duration":"103.21","image":"https://p4.

Chrome Cache Entry: 260

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	1398156
Entropy (8bit):	7.935876951816237
Encrypted:	false
SSDEEP:	24576:IubxzxGC3QOCxq0Tyz2d/c+cFUhBmiciqul0pLBGnFO0exvNUV9WytPeKb4FmqmN:I4xVGC3S5TyC55jxcCeLBTM9WgGCqKN3
MD5:	59BE77355E3A757840EE92876B8C1C8C
SHA1:	D68405ABA36D0E86008714D88182E3800780BFC0
SHA-256:	EFE9F0F609DE65D8D103A5ACC81C8081313D4044614C3658E8CD00D48BC3749C
SHA-512:	8CE7A75565E43A3740664BB16477A09206ACE3E1025DBD77586094EBA375E8C0FC7CD2DA88F9048A388E3FB86C8AEBF55FB19DC7CCA4D4C56F7215047FDA6ADA
Malicious:	false
Reputation:	low
URL:	https://dh5.cntv.cdn20.com/asp/h5e/hls/1200/0303000a/3/default/0c74829e770b484e8fee35d49cdbb63e/0.ts
Preview:	G@...B.%.............H...FFmpeg.Service01w\|C................................................................................................................................................G@...............*..........................................................................................................................................................................GP...........................und..}.w.......................................................................................................................................................GA.0.P..{f~..........1.....................!.E...H..,. .#.. 9.16 headers ...............................gd......[... (................$.K4........h..!.....y......sU..N.pIJ.2E..Vv..G...D$4?Jvh...e.....0o....{.?k..T.l..uF.r.}`~...H:..iw...:....0.@#9 y...5..sU.%..Qs.w.w..".V.;+......f-._...He.}n....x..q......E.B_.!.w...5....99B.Sz..$.P..u.f...O.g........7.V...AG.....^O.......c8...c@.i.J.N.......A7..)1."W....[8K{...0...

Chrome Cache Entry: 261

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 594 x 94, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	29592
Entropy (8bit):	7.976978773511246
Encrypted:	false
SSDEEP:	768:OCox/BA7csiWFbOTfh8e0Q4dkKOgPguSPwTsRPIRFsC:A2QsiWFbOj2eZoIRPwoORFT
MD5:	E726F5D197306F32279372C037A9A0EE
SHA1:	B1BECA00A14F3B35E5F6D201E6917C1658334687
SHA-256:	9CEECBA19798FDD24BDD98ACDF233698F59B8C16BA8ED93AD7301F04E66D872C
SHA-512:	5A1EF9F3203760CC0175FC20EF09C2011266EAF04A1806FBCD9027A6DA805B4589CD1DC8466586C65221C22857C944DEE6E6D027A0473E372E3DD6E9616B902E
Malicious:	false
Reputation:	low
URL:	https://p3.img.cctvpic.com/photoAlbum/templet/common/TPTETdowvcN0ylAq0ygHSCRR211231/logo_03.png
Preview:	.PNG........IHDR...R...^.......!....sRGB.........sBIT....\|.d... .IDATx..w\|.U...wfw.+...P#UDB..%JQ@.y...;.AATD..k.Q.y.W..D.. ...RB...C.-@HB.l.9..........~>..;..{....s.=.AA./..[...l....P=.\|\|....p.BsV...EA..8.q...&...U.E..s..c..........~.V.CAAAA.....(.. ...,....}..W~.......<..YKtMI.....Fp..1HD ..0@....y....0..e\`H!i..<:......E:y..^...UPPPP..F1..n...r....=....Z..N....[qQ3x0p.....S...0....P..p... ....$.DH$..... .lP....].q.&wt......>Zp........?.bH)4'....j.....z.d/5..Y...o/..!. b...A....1...nr..D.7..........K..N.B$.1O.3._....uQ.C.2.V.IPPPPP..F1.....q.Z.g....O..R\|.....=\|`d.1...^.C...l...J.G....Q....C.nhU.t......@.#g....\..7.*.i.;p`....B.5.;V..PPPPP._F1......&..O..e..x^UX.N...`Q....05$..<...!. .$B%..8..Pa(..y.X.T1.g..p.A%{..@.<!..<x...0.A%.`e..8....5...m..Q?...=.v3t......bH)4....e........{p<.OOX..[........A.n... . ..x.#H.....2..R.t_e.@.T....T.T...`...8....A.%................~....n.........(..B.)...3.-............D......&5.......O.b..%.1.$.c..

Chrome Cache Entry: 262

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (32012)
Category:	downloaded
Size (bytes):	41727
Entropy (8bit):	5.768908156300457
Encrypted:	false
SSDEEP:	384:UrEM/rB0Qu6qlrCpBUgZLlgLtClXEnCobZUVgPgL8gxfhtxenq6E:y/uMpB7M00nCob+nxeqp
MD5:	99E01EA6112EDEF1F94E981103EA44AE
SHA1:	F25A9A25BAD050F33C3BF4F678EB72422632E3DF
SHA-256:	99160F82D220DC73585B4D7377CA4C90E7ED369E78AD9967E4BE3BFDAD513C8D
SHA-512:	729B0673DE758995B40F4ED02C2E55F287D9E4532914E712AAC27A51FE697A8AEA5EDA2DB93EFC2D78501803148083AACB23612F84B86FC47FA786F9C731AEE6
Malicious:	false
Reputation:	low
URL:	https://g.alicdn.com/dingding/open-develop/1.9.0/dingtalk.js
Preview:	(function(){"use strict";var e={},a=navigator.userAgent,n=a.match(/AliApp$\w+\/([a-zA-Z0-9.-]+)$/);null===n&&(n=a.match(/DingTalk\/([a-zA-Z0-9.-]+)/));var i=n&&n[1];e.ios=/iPhone\|iPad\|iPod/i.test(a),e.android=/Android/i.test(a),e.version=i,e.cfg={},e.extend=function(e,a){if(a)for(var n in a)e[n]=a[n];return e},e.isDingtalk=function(){return e.version},e.type=function(e){return Object.prototype.toString.call(e).match(/^\[object\s(.*)\]$/)[1]},"object"==typeof module&&module&&"object"==typeof module.exports?module.exports=e:"function"==typeof define&&(define.amd\|\|define.cmd)&&define(function(){return e}),"undefined"==typeof this.dd&&(this.dd=e),this.__dd=e}).call(window),function(e){"use strict";var a=["backbutton","online","offline","pause","resume","swipeRefresh","appLinkResponse","internalPageLinkResponse","networkEvent","hostTaskEvent","autoCheckIn"];e.extend(e,{events:a})}(window.__dd),function(e){"use strict";var a="1.9.0",n={device:[{namespace:"device.notification.alert",name:".

Chrome Cache Entry: 263

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, progressive, precision 8, 800x450, components 3
Category:	downloaded
Size (bytes):	98404
Entropy (8bit):	7.971906129618378
Encrypted:	false
SSDEEP:	1536:4pow1FV1CtcChrcgIh1lCsnJMceuBpTVjhlA/8Q/iqKa0lsULNKdvKRoFR8NJvN:4t1Ct3hc1ldJxXTVj0/8Q6q6WULN3Jl
MD5:	B13C46FA5FB9C806F064CF36AA9DB801
SHA1:	6F3E0B7A809A4CD6C441623E0A682408ED9218DB
SHA-256:	ED6DAECF254036F57646E8852F49E8BD3AA39DC7538E170616E8AE61915BC40F
SHA-512:	1D5A6FF990E89AB71863F9AD35EEC65C642666B42712B9F2DCDD8E8D916ECA7A5110F223004D6D38B7FD7D768CF1EBF82D742555F5A8DBB1C0473BF37A9183CB
Malicious:	false
Reputation:	low
URL:	https://p1.img.cctvpic.com/photoworkspace/2024/11/22/2024112210150936333.jpg
Preview:	.....XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........desc........IEC http://www.iec.ch............IEC http://www.iec.ch..............................................desc........IEC 61966-2.1 Default RGB colour space - sRGB............IEC 61966-2.1 Default RGB colour space - sRGB......................desc.......,Reference Viewing Condition in IEC61966-2.1...........,Reference Viewing Condition in IEC61966-2.1..........................

Chrome Cache Entry: 264

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32015)
Category:	dropped
Size (bytes):	87669
Entropy (8bit):	5.356107361206808
Encrypted:	false
SSDEEP:	1536:9a01kzuDClkRFagnCzk5X5eIuc7cJlbH0nbhowJCCUkPhH6r6:9NSuDNFBX5eIlwJCbGgE6
MD5:	5F9AF7975B91CE25237B8F07AF45D094
SHA1:	F4E6D2358DDEC66A35BF68470BA3BE18EC83589B
SHA-256:	6A42B2AD087DE2AFA8A66F0D18A7573E2EAEA31D27CF4B21A22EAD31E3001634
SHA-512:	5BC6547A8C10AF45FE01A603689DA8E37E85D9CAC95F8CD28462407B1D65ED4F373461C0A2A1E83AF464514F37CE9420938B8162966B0D1F1BA3C7EE76517418
Malicious:	false
Reputation:	low
Preview:	/! 2021-01-12 21:25:53 v8.10.5 /.!function(e){function t(a){if(o[a])return o[a].exports;var n=o[a]={exports:{},id:a,loaded:!1};return e[a].call(n.exports,n,n.exports,t),n.loaded=!0,n.exports}var o={};return t.m=e,t.c=o,t.p="",t(0)}([function(e,t,o){"use strict";!function(){var e=window.goldlog\|\|(window.goldlog={});e._aplus_plugin_cctv\|\|(e._aplus_plugin_cctv={status:"complete"},o(1).run())}()},function(e,t,o){"use strict";function a(){var e=l.getCookie("userSeqId");if(e){var t=document.getElementById("tb-beacon-aplus")\|\|document.getElementById("beacon-aplus");if(t){var o=t.getAttribute("exparams"),a="uidaplus="+e;o=o?o.replace(/&aplus&/,"&"+a+"&aplus&"):a+"&aplus&sidx=aplusSidex",t.setAttribute("exparams",o)}}return e}function n(){var e={};try{var t=goldlog.getMetaInfo("aplus-rhost-g-map");"string"==typeof t?e=JSON.parse(t):"object"==typeof t&&(e=t)}catch(t){e={}}return e}function r(e,t){var o=n();return o&&o[t]?"//"+o[t]+t:e}var s=o(2),l=o(3);t.run=function(){var e="";try{e=a()}catch

Chrome Cache Entry: 265

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, baseline, precision 8, 800x452, components 3
Category:	downloaded
Size (bytes):	63059
Entropy (8bit):	7.979587982128859
Encrypted:	false
SSDEEP:	1536:OQV3jioVktr9CvyMmBXSxBkG3qQJZu7WUUS:OA3Dk/CvyMmdKBf9ZHUF
MD5:	0753D9EE34FC8F515F4D93694AA073F3
SHA1:	B3899B95BAC3EA77D1F2D20F161EFDE80E823C51
SHA-256:	848623570D8E8A2B4963CD869A939FD11D26BD92AF4039562ECADBDB6ECF7D6E
SHA-512:	B5F21A3677F18044E719AA8AC3252F7A21EEF5A9546307ECB8429DBD5788EE8ADE027F1749ECC7B32D016900AE5F43EC54215873D230664512CBC120BC9BE940
Malicious:	false
Reputation:	low
URL:	https://p3.img.cctvpic.com/photoworkspace/2025/02/06/2025020613581254371.jpg
Preview:	........................................................"!!!"&&&&&&&&&&........... ... &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&.....d....Adobe.d............. ........................................................................................!1.A."Qa.2q..B..#R....3b...$r.Cc...Ss.........................!.1.A"Q.a.2qb................?.A.....QU.b.k..%";..KG...Q.\(......cu9..(..x.s3PHPnqe....j}wZe.k....u'........L6..)"..Qv....\V.=.e.k.c..z+...3[p. s..=E'....%?U........B_..{"....P<B......vQ..S,l...rsbQ....V..#.y\|.8..y...@..."-k...sO.Y.et...$7nS..V..\.D.U.......2.....B..!.#h..GG..."J...UE.l.M)..c .M.......d..6P\|..x.Ra2..4.U= &"BV.b.B..y\.P.1.\.L>EF.)...w.FD.T.e.....Q.cJL.&.....*ax)2n.%....d3....c...0.A./+.s.4.\|\|g......[...w@.`\Z.....O./...K[..u...T.{>Rlv\.....U.....A....<.W.V>k..N...q...u.g!...7.\|.//...]A...>?.9...6.u.<^.K3-.Tk..".v+.h..=y,O^.h..-s...0..wx...2....]..d..j..Z.6.F={.O&.i.\.0.......G..&....U.<......a17.u..UC....Eu..J..}ni..c

Chrome Cache Entry: 266

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1920 x 475, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	749783
Entropy (8bit):	7.997118697405864
Encrypted:	true
SSDEEP:	12288:kRY+YlaXU98Okhq63wEee8M5bhTUp82xOBcPDP2anuvSaclmTFL1EKRl:kWeOaq4eQ5bBUfOBxSdhlmZh/
MD5:	A74BB3376012C2F6AA90E9AFC57D2463
SHA1:	8621278F6C90FE43503AB962D0AEA095DBB7B823
SHA-256:	E27517284C4C8F5DCA6CC21F9A316D01E4DC4142FFB2AAC399C7C8FC3B322A74
SHA-512:	63AADFF39A6A4DACF6E065866189204CCFD07F6130277A25B99321562D176649C47225254CDDC28883052A73E42B7EB4B90EB2F4F54605D8060CF71FD79DAFDF
Malicious:	false
Reputation:	low
URL:	https://p2.img.cctvpic.com/photoAlbum/page/performance/img/2021/12/16/1639642349883_416.png
Preview:	.PNG........IHDR.............;.... .IDATx.....lIm.)%.cpac......}....~.7..[...2,..WNI.....'.Z......B......5"....ofa.....\9.\.....y6e...N..OO..lK:.....z>.~...~.t.)..wE~ob......-...C..\|....j.m...u.s.Z{\...,..uo...I>y...s....E...$.}...w~m.>e(M.wB.a\|.8............).C.i6...FB..zy<O......v=.+.....w.B+9.......b.......!.Mm...~h..d=..<...MZS7.."u...........<...`%....kL.....dh....\|..p...~a?....W.................:.M..Q..Ku ?QG.@..]...W.). ...w.Z..G!.~..G...WD.[...#....[.=....aBx.c9`q...#...w......K.nqT.A.r...<...~...vD......z.R..Dw.....{..a..h...WZ..d.}.%q.)~.~...8.N.....o....(.b..g..Q..S..K....-1..h#.....q...D.l..bQh..-_.N&.fS.F...'..\$^k.......b.'4...NC.v.A...@.0.:Y.`<..[..g8.j........c.0....r...G`!....j...40......E..m.g..M..qU^..%...cv.s.......%.y...._...'DH<&.=..2s.o...E...U...i..z.^I........pN.v-1....T... .T......q...^.Z...=........f..X..K....D.w,.....P<.....Y...........Sb(...vq.......<.{.OvZ......y.1..}.}GTT.6.....D..w..._v.~.cX.9.

Chrome Cache Entry: 267

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	730
Entropy (8bit):	5.067657987391232
Encrypted:	false
SSDEEP:	12:+20x/YEYEeQ98Ymrny8Xw3L8ICEpFQrMESLbtFwpYm0hSJUfspuRP0LD6tXfu3mn:+bwEv98Ymy8A3X7VvLbPwpYV0JGspume
MD5:	745D80F2A67167C9CE3ED8A506E0CEFF
SHA1:	E264326ECEA25A201969919316AD3717998B2384
SHA-256:	DB0BDA87A99744DD985C231D7B48BAF91561706A927FFF46D216E0259ACA44EB
SHA-512:	08F386104E40C54B287BCA651804691458D3990937B35A06A2C10B7B8545F42668B03F674B89535E7D90412CD4EE36A707BE84F5584292DBB5D070D4B16B738C
Malicious:	false
Reputation:	low
Preview:	let country_code = ''..function get_cntv_whereis(cntv_whereis){. var chunwan_areaInfo = eval('(' + cntv_whereis.replace(/(^\s)\|(\s$)/g, "") + ')');. country_code = chunwan_areaInfo.country_code;. //video_player_box();. setCookie_tvzhibo("country_code",country_code);.}.function setCookie_tvzhibo(name, value) {. var Days = 0.25;. var exp = new Date();. exp.setTime(exp.getTime() + Days * 24 * 60 * 60 * 1000);. document.cookie = name + "=" + escape(value) + ";expires=" + exp.toGMTString().}..function getArea() {. return country_code.toLocaleUpperCase().}..// let areaEl = document.createElement('script').// areaEl.src = '//ip.apps.cntv.cn/whereis?client=html5'.// document.head.appendChild(areaEl).

Chrome Cache Entry: 268

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (460), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	21218
Entropy (8bit):	4.934396832346898
Encrypted:	false
SSDEEP:	192:HoLmvD6YcWXOLrhTON3jmi8JNov2QLpouMYkGMNKkgnN2tWy+rynu5RZRp1F:HoLmvDlpXQrhTOZjdWov2QL+FgnN2g1
MD5:	663F9C943B97D55C28D126056C0650B3
SHA1:	DBDE781F5294B3FEE0E9E704936104DD68327967
SHA-256:	7FACA5D910FEEEB28023AFB3A0C986D2B5BF6346229088878C45642673906E56
SHA-512:	B1ED4A0A78F042A455C1C365B4FA053AC1486B56D8396FBF32C050F01175B153332D52F0F01ECA8889BBCBF59203FAC3633587ECC9717D20207245393DAD45E0
Malicious:	false
Reputation:	low
URL:	https://r.img.cctvpic.com/newcctv/global/topcontaindetail/style/style.css?663f9c943b97d55c28d126056c0650b3
Preview:	.header-box {max-width:1200px;height:100%;margin:0.auto;padding:0;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row;-webkit-box-pack:justify;-ms-flex-pack:justify;justify-content:space-between;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}...header-box .sidebar-menu {position:fixed;left:0;top:0;right:0;bottom:0;z-index:99;background-color:#00000080;visibility:hidden;opacity:0;-webkit-transition:opacity..3s,visibility .3s;-o-transition:opacity .3s,visibility .3s;transition:opacity..3s,visibility .3s;}...header-box .sidebar-menu .sidebar-menu-list {width:240px;height:100vh;max-width:100vh;-webkit-transform:translate(-240px,0);-ms-transform:translate(-240px,0);transform:translate(-240px,0);-webkit-transition:-webkit-transform..3s;transition:-webkit-transform .3s;-o-transition:transform..3s;transition:transform .3s;transition:transform .3s,-webkit-transform..3s;backg

Chrome Cache Entry: 269

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1669
Entropy (8bit):	7.7726507917649785
Encrypted:	false
SSDEEP:	24:1J5Mps1+3WUjF01P5EvdihS1W/2MHz/S1MXt3uoxL/xqUOxCi7T3ZZ0xR+UHocnW:1Hd8ZQ5Ev9Pe+Md3P/cLxC2LZZJU1mG6
MD5:	152BC1D32CAC51B6954CB29F4FD9B4DF
SHA1:	31EFC4CF4C8A8FA5B81385D7FFE2D625062765C3
SHA-256:	CC02B4A6D10B8828B24236AC630EDE7B73C20B0DB503B279AEE86F91531EBC7E
SHA-512:	8A37B5F5C9932C0631AFAAEB13A7252BEDE27B6B92CA947D1A1076DE8A11F2E32ABD8AA42BDF7E5D014130CD7EC172DECFDD3C044632ED9FA5115EF82D17B77D
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR................U....gAMA......a....8eXIfMM........i..............................................v.....IDATH..VklTE.>3..m...I...m.n[...B.4...m5... (U...1J....ED..@..`.....>tS1.bE...nk.n..<l.Zv...M.6K.-..f^.of.9.\F.Sr&.<,l..8.k.C)F...tE...]j..{.+.$..\..rYOJ.r(."bc.i.F.0+U..._.3.D.:....3.G#.BN~.\e.G...H.,.b..W...7....M...D........9zb.{t.....;i..-2.......L.u8..M....'..y....%..pk........q2.Z...8i..T.i.9=...=`~...].v..Z+U.$...5.e./.p..=.Y......w.HA.L..!b\|..XY....g.;..u....@2vL.H}Z...4.3.q.9.(,n.U.d.u.a_..v2n....Mrt..<.E~.z....h[..]cF\.RRl....#.+uf:...].`D.c.".$g.<.EiZo.L..d.87MR.7S...;ill.u..l'iod.!.x....C.m..Z..&wo.^..c.....,)..}....>..>.X.;[..VJ..P..?x+C.....}.@d.Z7vJq.c...z...R.w.n.K.u . .......,t............O..;..q.(D..utTuGZk.Kiog..S..C....!..{29),.?"4W..5..9H.L.l.1...nR..l..L.\..._I.g...`..~.....Al...9....0..-.-.[...(b.Z..y.pNG...[.z...3..h.M....nk.a.W T..@..C.#.;.m...U0f.........u.^_Q..RN{.....7V...!. ;CPB.....y.!.D..]......7.y\

Chrome Cache Entry: 270

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 37, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	995
Entropy (8bit):	7.5564824116825555
Encrypted:	false
SSDEEP:	24:7ojeqt4OVphHRWaGKVeSY2WPjWYT02JIXvYNmoK+v5kR1:7ojRrZvVe6AjWYAtvYN4qA
MD5:	2FAC660CAA56B491E4CEB1563CF8D71D
SHA1:	DCD89E1844ABFF76BC2F083CEDD4B8F98BD3A4BF
SHA-256:	20BC58245EA831C6691159E0AEECC0ED66ADE2FAAF6E43BB1DE1FB39D2531C57
SHA-512:	AC41F49E42C77AAA2AC5F5E630F8A84B3FA4A3F12F0D60FEDD08C2352CCA054C72CF0191A392CD7A2D9640B45165B3A1F17713AC03B22BF4C1B7A2F0E26E1148
Malicious:	false
Reputation:	low
URL:	https://p2.img.cctvpic.com/photoAlbum/templet/common/TPTERE93VfAfo34uSEe8veca211216/u309.png
Preview:	.PNG........IHDR.......%.....Qx......sRGB........DeXIfMM........i...................................................%......U...MIDATX..W.O.A..7.......T~.(R....W.b.B......2.?..41.$.......6.$.\.JqAs.5..8ng....CV.V...^...7.o.7..=R....Ak..L.&"..-.$c5..H..'...w..4p..~....&.s...H.....#X...+..+..x.J.&..~....<L\A...m......W..&E... .~w.~..)..l....y.h''...r....\.n$q........P..O. .....\[5...tN.j....>.6..G..K)hlh1..G3....Z...]...0_......8.......=...e.Jw`.0f....9..@wH....SN.W..`..k..2ZH....)....Z~..^,.8...q..jHZ.n.Q.I..n.!iu.%D5$M...C.......d..A)....:;=)..b......:.6HCB...r.T[].B...G.T......j.rQ...]..t..X0r^.%.CI#x.a....Htja....<.Ek#}...d..q...bm.E.R.VJ!B..y?..\|D..K\......P+...DjM......?..C..%..U.0..:...d..$nf.3.(n6\|....OH.7...]..t][2...QB:..Q....[.w....R..5.... m....O....r.RF.#...w....fg.K._\|..oA..k.........U..1Z..N..d.M.........s..=.J.b..!U...@{..rY.i....^...d..EQ...........n.j.'U.g9.1..f4..m.!.'....'..M.r..@.D.^5c^g.,+XAO..a.(......^.._...o>.&.K....IEND.B`.

Chrome Cache Entry: 271

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	2468
Entropy (8bit):	5.5077662822851075
Encrypted:	false
SSDEEP:	48:YAkuAVxHlGicIolWolVolMol/sG1QYFDD9ZENudHyfO:YuAjHlZcIolWolVolMol/kYFXYCy2
MD5:	96F49E25B06C69D1CC9A8DA30ACA8DC0
SHA1:	68B3220EF3F81E04889F193EEE62D24C7286958A
SHA-256:	4AC82766186DAD74063AEE07FC958252278FD54B7EB4317619E0C2CDA2509CB1
SHA-512:	76D60D7DF4FB3E3B40D019B6A22C1EFA1B334C0C4159D01DA3157B724310D37E27D4BE06B0858E92D37DECB4682AAC6916E913F2F47380391E3D53F19C5025BE
Malicious:	false
Reputation:	low
URL:	https://vdn.apps.cntv.cn/api/getHttpVideoInfo.do?pid=0c74829e770b484e8fee35d49cdbb63e&client=flash&im=0&tsp=1739494263&vn=2049&vc=192B9BBDADE2E309F67048E428940328&uid=1CED69A06A6111C2A7E453A56A41CF89&wlan=
Preview:	{"ack":"yes","status":"001","is_preview":"0","tag":"... .. .. .. ..","title":"....._global","play_channel":"....","produce":"","editer_name":"ptjszx","produce_id":"jksz","column":"............","f_pgmtime":"2025-02-11 10:37:29","image":"https://p4.img.cctvpic.com/fmspic/2025/02/11/0c74829e770b484e8fee35d49cdbb63e-180.jpg","cdn_info":{"cdn_vip":"vod.cntv.cdn20.com","cdn_code":"VOD-MP4-CDN-WSSEA","cdn_name":"3rd...."},"video":{"totalLength":"103.21","chapters":[{"duration":"103.21","image":"https://p4.img.cctvpic.com/fmspic/2025/02/11/0c74829e770b484e8fee35d49cdbb63e-180.jpg","url":""}],"chapters2":[{"duration":"103.21","image":"https://p4.img.cctvpic.com/fmspic/2025/02/11/0c74829e770b484e8fee35d49cdbb63e-180.jpg","url":""}],"chapters3":[{"duration":"103.21","image":"https://p4.img.cctvpic.com/fmspic/2025/02/11/0c74829e770b484e8fee35d49cdbb63e-180.jpg","url":""}],"chapters4":[{"duration":"103.21","image":"https://p4.

Chrome Cache Entry: 272

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 208 x 36, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	5724
Entropy (8bit):	7.688841949712854
Encrypted:	false
SSDEEP:	96:Ho7F8knmWIYq/+koHf7HpH06SZwGB4TSl90ovsCAfNUshxC8ItONEVvRJ5uUqyQf:I7F8knvT/7JDbk4w065uC8TN4/U/y+mS
MD5:	81CB192B6E3EA564BE9BC5DFDBC46E93
SHA1:	9EE9021E719CC1F87EFC2FC9F7E37CEA41165B37
SHA-256:	57E93544A7DD0982C163784073C7E7D123A0A24381A0606894BC5E8B1474EC76
SHA-512:	5FE7F996FD4DF7F48C5FED8B6F3A5745BD5FB6B3F05C4F83F576558A818B9A50C124E7E679CDAB46CD78CEFC7B50A2099A94E759D3B54C3FC67CE341A5182C1A
Malicious:	false
Reputation:	low
URL:	https://p3.img.cctvpic.com/photoAlbum/page/performance/img/2023/5/15/1684139438353_812.png
Preview:	.PNG........IHDR.......$........{....pHYs..........+......iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC (Windows)" xmp:CreateDate="2020-11-27T14:50:56+08:00" xmp:ModifyDate="2020-12-02T13:18:49+08:00" xmp:MetadataDate="2020-12-02T13:18:49+08:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:63841f97-dd18-b540-9767-47062e9bfb67" xmpMM:DocumentID="adobe:docid:photoshop:a9dc7d03-5055-704a-8bd3-d5dc4709016b" xm

Chrome Cache Entry: 273

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1080740
Entropy (8bit):	7.995140306766395
Encrypted:	true
SSDEEP:	24576:72CVzYqkofLxTwIp5hwV2b/B/RWwHRy21V1jG/SC0gEAaxSppZ4:9qqkofLFVyV8BZFHRyB0gEjxD
MD5:	EE3D3D7A9E21B6E33BFC791ACDD593C7
SHA1:	2EE1337923ED80E8E895286DF978C7D519B25942
SHA-256:	F089C72FFE3F5508192A36324B36945925CA8DEA6887715B133D3105A4449BC8
SHA-512:	7D38DD4CE053F68BF6074BC110B47EA98220FA3EBFED129B9D4872823276242A321F6515452C4EAAE7865D45F5DB31B9F7ECDC18C120952342BB8F078B743491
Malicious:	false
Reputation:	low
URL:	https://p4.img.cctvpic.com/photoAlbum/page/performance/img/2025/1/17/1737104633752_729.png
Preview:	.PNG........IHDR..............}.V.. .IDATx...$Ir..f...y..3@.C.$.Kb..9\...++....w...+.=.$.? 93...t.]y..nf+z..GD.U.53D{KtVFfz.....~..........Pk..."..PJ.RG~..}.w..a..G.:..!......../..{..~..W:.....1...7..?'g\|e.K.1....5.k.:.P...8B.... ..>....D.>N.....:...!..zD....%......".. ..v..m. -......^..'.<....W7k.n.0.L.....e.......:..~.....q..[..........}.w...Bw.!.!.....bZBH=}.^s.......3.J...*..!..}>.7P.+..5}..y...B...d....a..V+X,...Bi.W#..x.!...7...%...=...\|.%.X.<u6.....#...1.\|]1.W._!.H1A..D...)2.v..........K.....P...x.9,`..r.P;....D./.!.\|,....}.[.....P6.l>B.}.0^C.p..!.7P.....~..U.......=.%..../.........`Zt.w..:..^..j.q.q9...}\|.....y.......1C..=..k...s7T...~...Y(lg.>..;{....%...O.k8..%.b.>.P...p..p.y......`.<...%,~...?z..g=.........R.!..7."....K`.......as......z.q...]...]../#te...z.@.kZs.l .5.qK..5.}.]+b....\|...e.\....h~............1%z.4n....3...wd[....}.4.}.6.].`.\B...u.$..n1YoQ._.y.8.].....km....~...c.>...<h..?.?.G.k(y.uDc..-. .:`Oh.V.7.z.x.._A.y.zZo%....^.....

Chrome Cache Entry: 274

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	142
Entropy (8bit):	4.7310037303723815
Encrypted:	false
SSDEEP:	3:qaSXAMOWVMA/sp7R4mAT4BA/OvajpHMtx1gXME2qk/XAM+/XAMq:qaXx8+d4mAcBA/qajpHdX32qhA
MD5:	CC42ECD49337CE363E0744C2E12E3763
SHA1:	408E9B656115297ED45841D247953206B8E7EAC9
SHA-256:	D41C504A9579D92949EA97CA8EC8D4F8AB90AE62406A1E0E7548867845873683
SHA-512:	1D5B4632E30B0E05D5156652811B2A55F8D0ABB53D36A510435032D893AB725BE2FC01321E7CD8C9665A73783299F865009D35A3A197B8FB1EF65023C7EEBDD4
Malicious:	false
Reputation:	low
URL:	https://ip.apps.cntv.cn/whereis?client=html5
Preview:	var cntv_whereis='{"isp_code":"10","city_code":"","province_code":"","country_code":"US","ip":"8.46.123.189"}';get_cntv_whereis(cntv_whereis);

Chrome Cache Entry: 275

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	776
Entropy (8bit):	7.368965347805799
Encrypted:	false
SSDEEP:	12:6v/74qPym25l2BjaQJDyHjvDdJR5aw4s50c4LIq8IQW5nYzDbfWdQKquvMEHYgme:8q5MBoTDdJfMy0rZizDbfWiKquLlme
MD5:	08E5CA96B736891E01BE30EEE4E0B731
SHA1:	B9967B8EDF42B69C64CDFC0CC30B34C391B47510
SHA-256:	430D32712B7DF3766EBAF125BA5CAD93A828FCB4E3800C7164AD80BC05560C4A
SHA-512:	2992C70139CCC5A7461A94B5DCB9A0A906135A93656161306FADD928532EE929D08DEBDF11E80619134DE34B9072FA0CE80858921662EDF885A82D1576C88FC8
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR................U....sRGB........DeXIfMM........i..........................................................T....rIDATH...;h.A....$>..C.. r.X.(. B..........6......V6...b...DD.E..'...........^..;w.w../7;..\|...D.R.v.P....f.V&....L2...ix.d..3.J...L\..#.UKi!h......8.....$.+8..Hs....=...N`IC.1a...!^....=N..!.......&......2.....SB&...x.'.9!.p.&..e3.k.3.......+k0..8....'+.....p..0...t..............naK.3P!..7D.&6....v.....>m...9..{....L.iNH..m..,~...P......a9..y&.<.p.....c..Q\|...:....1.q./..#..Ut..].....`....nl.u.F.t.......l.._..dQ.y.w8......H.D5X.s......L$..Hh`..~}..4.m&.V....p2.1.7nVs\|.._..........d.J.Ifl.P.z.T...y..RBgf...0~.....t\..&.r!...f^.....z....;&3.....t.~b\|93'I..-..Gd...J..A...E.(....>.S....._4p...j.....IEND.B`.

Chrome Cache Entry: 276

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x450, components 3
Category:	dropped
Size (bytes):	28549
Entropy (8bit):	7.910591106243806
Encrypted:	false
SSDEEP:	768:N/ky1BMWPQuIefO9VdyiNAwSSp2iRP60dn:Nb1yW4uIGO9VMpfKRP6i
MD5:	5A18D345D4C389C544CBFAFD91E567B9
SHA1:	5B4C4420A66718C7439B5A9EC118087AD93A8569
SHA-256:	4B27B042C7E13481EECA5660D53F95A26818A9DAF9621B372A99D77B7D1A04F3
SHA-512:	B2F36C9137B668E027728390287D8CFCEB2EB909BEB3D1B1BE1CD6C55FFFFDE55B3EF15CDD9AB200DFE62A997EF2B7A3787D1718CA77667B793759C62E5FF17A
Malicious:	false
Reputation:	low
Preview:	......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222........ .."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..(..faKF(...R..P0.4.u..Q.QF3@...R.....&.q....E0....`2..Q@.i..:.M.5...JsSOJB#......4.........e...4.."2=.3S0.....A..{.s[..] a..$s:....u.k...c.s^..F..?.^F....CK....y4P.E....).:.@..1@.u.....!.1...K..p..sV"\.b!.W ..j.#HDX.'.YH.h...VR.v.....(....:."#.XH}..Z.Yb..<..aa.yF.. .)........#D.(\T..:...a.Gzp....H...'.A.......)9.9=i...b.ZL...R....4.{TL.-5...2.-0.MJ.4.P.{=h

Chrome Cache Entry: 277

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x450, components 3
Category:	downloaded
Size (bytes):	192190
Entropy (8bit):	7.953197903705519
Encrypted:	false
SSDEEP:	3072:9vAmsa/hdZW7V1PjG33Q1UIb3U7vTZiNALWE+g4h7rr+3wYS4EN:9Ymsa/bwP6337ITUbmU1+gaC3wYnEN
MD5:	45C3F4E98664B33E472A41CE799C8D8F
SHA1:	646B8E5B20186D1D677099BEDBAFF92A64DF78F3
SHA-256:	39F426EB83DA1F25DCC4A0231C000CD4144F2CE86A74D12A59BF0625BF7E28E7
SHA-512:	3B076900E0886967577E682F337F4BFDB9385A7ED672B10CC8C4F355AF017CFD95D8BAE6686654EDC3A4478323CBF82632869585163B496862D4F3C72E403AB9
Malicious:	false
Reputation:	low
URL:	https://p4.img.cctvpic.com/fmspic/2023/01/10/3f313c879f1f4f358aed6ffc5d9ffd89-1.jpg
Preview:	......JFIF.....`.`.....C....................................................................C......................................................................... .."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..H.Q..>j.H...<..vF.w..}.>./.....=...j.....jy......?..T....{Q)ZW]......wWwO..?...D..........c.#?J.H..g...J....MK.j...%.....A.rO...2..c.eh....=....~..:.+...L.._w..n..}....1"z..\|.........s.L.....J.".b.d.<.)..7...}V.. .....B...Z$..".[kG.].kjc.l.h..8#..y<.-.'#.....g.i_....;.G.......QE....?..p..4.?1'.....R..~...X..SA.)...\|..SP.9..P.E..\|........@sYG._.....@=.>

Chrome Cache Entry: 278

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (32012)
Category:	downloaded
Size (bytes):	41727
Entropy (8bit):	5.768908156300457
Encrypted:	false
SSDEEP:	384:UrEM/rB0Qu6qlrCpBUgZLlgLtClXEnCobZUVgPgL8gxfhtxenq6E:y/uMpB7M00nCob+nxeqp
MD5:	99E01EA6112EDEF1F94E981103EA44AE
SHA1:	F25A9A25BAD050F33C3BF4F678EB72422632E3DF
SHA-256:	99160F82D220DC73585B4D7377CA4C90E7ED369E78AD9967E4BE3BFDAD513C8D
SHA-512:	729B0673DE758995B40F4ED02C2E55F287D9E4532914E712AAC27A51FE697A8AEA5EDA2DB93EFC2D78501803148083AACB23612F84B86FC47FA786F9C731AEE6
Malicious:	false
Reputation:	low
URL:	https://g.alicdn.com/dingding/open-develop/1.9.0/dingtalk.js
Preview:	(function(){"use strict";var e={},a=navigator.userAgent,n=a.match(/AliApp$\w+\/([a-zA-Z0-9.-]+)$/);null===n&&(n=a.match(/DingTalk\/([a-zA-Z0-9.-]+)/));var i=n&&n[1];e.ios=/iPhone\|iPad\|iPod/i.test(a),e.android=/Android/i.test(a),e.version=i,e.cfg={},e.extend=function(e,a){if(a)for(var n in a)e[n]=a[n];return e},e.isDingtalk=function(){return e.version},e.type=function(e){return Object.prototype.toString.call(e).match(/^\[object\s(.*)\]$/)[1]},"object"==typeof module&&module&&"object"==typeof module.exports?module.exports=e:"function"==typeof define&&(define.amd\|\|define.cmd)&&define(function(){return e}),"undefined"==typeof this.dd&&(this.dd=e),this.__dd=e}).call(window),function(e){"use strict";var a=["backbutton","online","offline","pause","resume","swipeRefresh","appLinkResponse","internalPageLinkResponse","networkEvent","hostTaskEvent","autoCheckIn"];e.extend(e,{events:a})}(window.__dd),function(e){"use strict";var a="1.9.0",n={device:[{namespace:"device.notification.alert",name:".

Chrome Cache Entry: 279

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, baseline, precision 8, 1920x1080, components 3
Category:	dropped
Size (bytes):	1711958
Entropy (8bit):	7.982068607563131
Encrypted:	false
SSDEEP:	49152:tf7wXaqhjlsigXrTztO6/OhOYWaKvwn1tWZY:tf7QaghRgXrT7/Ojdywn1Ii
MD5:	3C59A5C15C32355C733F0D8E525F2697
SHA1:	67ADDC9A1D710FEE8FD21974612521EA123D3667
SHA-256:	C6EB3B9D9D7BE2E2369CEE5051610EDC0FA00A2740076808F287F74A6BB5189E
SHA-512:	2870923A3DB3A8C8A2AA2776E6743ACC4A5F524EBA25F553B73B4C68601DC902217E9F8AC9477EC6E3F7CAA0CC7D9E9C94D73F90CF8A5AE8BA08968F971BF049
Malicious:	false
Reputation:	low
Preview:	......Lavc58.134.100....C......................................................................................................................................................!..1.".A.aQ.2q...B..#.....R.b..3$4r%s..C7St..&.56..........8.DFTVc.duv9.'E...................1!...aAQ..q............"2B.R..#3br.......CS......T4c.d$.Ds.......8........................?.q.Lq....O..e.JX.]..B..+._.t?...o....i....b.I$..pu...$.K.~.z;.O.....(.W.F#\|......0......6...q......OU..b..@.......R4.K2F#H?.;g.Fy.#*.er.......0.FKr\|>.1..;.Z.."j-...~._..=..:...CN.,_C...P.O]........d.\|....b...^~:._....!.Vg.>.%........<~.Ok...pN..h. .0..9...(.b?F./...~.n0I:zc.\|q.v5.Z0..\.......=..^...I^..9:=....Gs..3"[..4........ch..0q.?wm.lx...p.`..t.\:.h2N....:).~........$.....Z..s........o.G_..{"...}.o5..`{..p@........D"v."j4..=..+LP.....I.!..7C2.}%.Ev......P...-#B{.....-.Q...5...Nn.c..5 ..1.........7.t..T...\|Wu.i../...fA:.HS.....tH=........F..5.m..$.).O...%?1<..k..U.;%.MC....O.}..'+.m...wQ...[..

Chrome Cache Entry: 280

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	126
Entropy (8bit):	4.987778115753083
Encrypted:	false
SSDEEP:	3:hiARJAWREaaZU4T2pyfGmpHWXdXAqTSDnLAeBXDtiqqe:h5ROWiHjTGyfGmp2lAoSfJiRe
MD5:	354E8A1AEF4C35735B5B55B17F5D8105
SHA1:	466509507B9CE96546F61159A41133223ECD3564
SHA-256:	C736F4EEA19C8276201A9A56A919A12C456B7BE6275C59DF88ADE670FBD3AE0C
SHA-512:	C4DD4B27CD59DD7CE70481B124D8C5CD8CA380A38E4092162467ABA28F72E5BA6F14FBC578AE260708BDC69EAB880E96D9852B9B9826829ADF45D1E79EC77EFF
Malicious:	false
Reputation:	low
URL:	https://api.cntv.cn/list/getWeiXinSignature?t=jsonp&cb=cb1&appid=newstiket&serviceId=cmsty&url=https%25253A%25252F%25252Fmm-2.uxr919zm.eu.org%25252F
Preview:	cb1({"data":{"timestamp":"1739491200","nonceStr":"Wm3WZyTPz0wzccnw","signature":"4a67f8f4780ee89d2f0b742698b9bed9c799af3e"}});

Chrome Cache Entry: 281

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (32077), with escape sequences
Category:	dropped
Size (bytes):	1373369
Entropy (8bit):	5.511222281258457
Encrypted:	false
SSDEEP:	6144:3xKCMVxgdSBUjbDpRESssWJejyPOWh+BgNXva3eyVQU/chg06TEPPQyAP58besQz:hKCglgRESs8sX8chWEhVQkvZPeh
MD5:	46515EB358BFCB137AE93ECF3EF0D185
SHA1:	C0BE44D2E112ECB6F84DA122B967435395033746
SHA-256:	9B168BFBDCD1CB553A67166C6DAF7BD3783E507D2FF138E8FC6521A46A408D27
SHA-512:	B14C6F9BC32595C8CA463B5A83DABFAC71E4079230C51868D5DF700605F7C840B00C565101D83F54D7166122A9A92CB99CE675079E5D624A70C717BBC28CFD32
Malicious:	false
Reputation:	low
Preview:	!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.Babel=t():e.Babel=t()}(this,function(){return function(e){function t(i){if(r[i])return r[i].exports;var n=r[i]={exports:{},id:i,loaded:!1};return e[i].call(n.exports,n,n.exports,t),n.loaded=!0,n.exports}var r={};return t.m=e,t.c=r,t.p="",t(0)}(function(e){for(var t in e)if(Object.prototype.hasOwnProperty.call(e,t))switch(typeof e[t]){case"function":break;case"object":e[t]=function(t){var r=t.slice(1),i=e[t[0]];return function(e,t,n){i.apply(this,[e,t,n].concat(r))}}(e[t]);break;default:e[t]=e[e[t]]}return e}([function(e,t,r){"use strict";function i(e){if(e&&e.__esModule)return e;var t={};if(null!=e)for(var r in e)Object.prototype.hasOwnProperty.call(e,r)&&(t[r]=e[r]);return t.default=e,t}function n(e,t){return g(t)&&"string"==typeof t[0]?e.hasOwnProperty(t[0])?[e[t[0]]].concat(t.slice(1)):void 0:"string"==typeof t?e[t]:t

Chrome Cache Entry: 282

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 640 x 360, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	446592
Entropy (8bit):	7.9837445327107
Encrypted:	false
SSDEEP:	12288:XCKyoI4VR4wT3BY0z5AJ9U5TfBAZccZPgfJX2m:XTzVR7zBPeJ9U5CccZgJXp
MD5:	07C2977E1CFCB6336948844FD31372A3
SHA1:	BA12280A399E2371EC1C4E19CC67E6B84E06AFFF
SHA-256:	92E8448FE7F3A1E4E5BA515B3E0C0EAAD9C811529584F8C4B768B02FE35E19D8
SHA-512:	4BD5394A4EDD261F0CC3E2CC545287B0A4A3347591B46D417CE7FB008743F1694A26F45C8A0E51FDF46A7D841286B7AA1BE7F5339EB1D9A3BD6DD97988A8CA06
Malicious:	false
Reputation:	low
URL:	https://p1.img.cctvpic.com/fmspic/2024/12/10/d4a8974e2a1f4959ae5d94bc510a884c-1.png
Preview:	.PNG........IHDR.......h.....HP......pHYs..........+......iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 7.1-c000 79.eda2b3f, 2021/11/14-12:30:42 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 23.1 (Windows)" xmp:CreateDate="2024-12-10T15:30:52+08:00" xmp:ModifyDate="2024-12-10T15:31:54+08:00" xmp:MetadataDate="2024-12-10T15:31:54+08:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:17b9b962-0e9d-ef40-a8c9-07d1fa2b5dd9" xmpMM:DocumentID="xmp.did:17b9b962-0e9d-ef40-a8c9-07d1fa2b5dd9" xmpMM:OriginalDocumentID="xmp.did:17b9b962-0e9d-ef40-a

Chrome Cache Entry: 283

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0950611313667666
Encrypted:	false
SSDEEP:	3:CUMllRPQEsJ9pse:Gl3QEsJLse
MD5:	AD4B0F606E0F8465BC4C4C170B37E1A3
SHA1:	50B30FD5F87C85FE5CBA2635CB83316CA71250D7
SHA-256:	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
SHA-512:	EBFE0C0DF4BCC167D5CB6EBDD379F9083DF62BEF63A23818E1C6ADF0F64B65467EA58B7CD4D03CF0A1B1A2B07FB7B969BF35F25F1F8538CC65CF3EEBDF8A0910
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........L..;

Chrome Cache Entry: 284

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 37 x 31, 8-bit gray+alpha, non-interlaced
Category:	downloaded
Size (bytes):	1296
Entropy (8bit):	7.6763576141498095
Encrypted:	false
SSDEEP:	24:JaeEo2bXXrZredFwl2nKoDfGXerdFo/ntYvnNzIBjEz7TLL0sAF3E:JaBPHrZredFwQnKIZnVzIBgPT0sAF3E
MD5:	02CE706A773C3DABCA9FD16FFBF145CF
SHA1:	F7B4B38395816329DC3A7DE915E08801959D23FD
SHA-256:	EE71BFB23F66574E942A0D1162E6CF225FEA153A593DACC8D42F2938EF3F4AE0
SHA-512:	BED3BA8DBEDA7139D925AE27F2977A03E753CF69AB958B2D34841382534B8BCEBAEF44187F9AABDB331DD7121DCC371120100D28EE6CC0B583A5FDBE21CE9C64
Malicious:	false
Reputation:	low
URL:	https://p5.img.cctvpic.com/photoAlbum/page/performance/img/2021/12/17/1639725024967_844.png
Preview:	.PNG........IHDR...%..........v.C....sRGB........DeXIfMM.*.......i.......................................%................{Y.(...zIDAT.....L....................r..1S..iS..ktX..ev.5...,...Y.2-...\F.&......G.x...../B...>...(n.'].'..x.>t..G...H.[..!.r.g..tv..n..ed2.L..E.}..[.....<V .)..4....._e.S....J.}.2.c5..C,....eo.SLh.c2H f..i....n...6{.\..........\..t..7N.n..].......$.J...K..c..E$J.g.g..m...=.............~3DJY..3...V-...\?zC%O......-..... .m..`NK..l0fY4>.v.X.Xo...\..6..`v..%.B......7Nq._.[Mq.Q.n.9...>. .}.r5...u(.b.w...!.8q.'..Un6.R..`OW.U....y.Rw9y..,XBi...9.R_.Z.t.#\i.6.=.)...jw....E.`.Z.......h..&.......V.Q7z..F]....``..':...j.)..].}'.b.2.8_..v.e..b.uv.......2..]...Z....Z...56.s(..Y.xF...0l.vza./.nx.7..\...#.u...o...Y.mvh.K.....N..H)...">..=.D..s.OY..Tx7..\|k...].R.m..:{.^....UDG[j..U6.....&.H...?.).i.v..";.O...9.c..Vc.....^z.\|b.....k[...h...%/.("...n....s\|.w._..\>d#3.K.>d.Z.Y.`...E.Ypb...M... r.\z.T.iC.$.J.#....g).b.../]w.Y....#............J

Chrome Cache Entry: 285

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x450, components 3
Category:	downloaded
Size (bytes):	56949
Entropy (8bit):	7.9752072853846165
Encrypted:	false
SSDEEP:	768:Nce/uh5J8JwNlrcrbtvrMIWh9EUimzT2rf1mYj9pgD5YJEpAybOXXiZlH49CpbRw:NUBzc3tvrMIWhnimPu1pgyEpbhlYYRvY
MD5:	3511101A55CCF049927E73B4E23DCB84
SHA1:	ADC41F55F0C8B898F12A65D7408380675B893850
SHA-256:	BFDF33638B7731A2D1D47A1C7B247F93E6F97ADA969F07A36F2018FDDDDAF86F
SHA-512:	74278E2AC08339BCE41051EA05CA5DD4C8790988307A06F82BC543B43A4163E65AD13348858A2EAA32093B94138A758BE337497F6687597B9B4A04485351A6DE
Malicious:	false
Reputation:	low
URL:	https://p4.img.cctvpic.com/fmspic/2025/02/12/3c0ee33548c7423e877d78ca0a1223e6-1.jpg
Preview:	......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222........ .."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..}&.kI.h..!.H.g......<2+........y....?..`U.Y..d.-.H.ex.)#....P..S.'pC.+.^8.......F.N*..I..1Hrrr9>..Ge.?`A5HQW..\...M.....y.0.$..[_...$.HJ..;..2.;.(.B1...U..$.. ..s..1p<.4-WR...i,..!k6.+....`.M...8".....:..o....N9.+..l!..F...09.R..k.I.t.NKk..##...G5..>$..m.W+...6.sY>..o..LYXF.R3........o%..-.N......5..]...L3."..?.....$Z..3)a.cX^...~.r-...N.n.<_1.....Q.Y..R..

Chrome Cache Entry: 286

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	747
Entropy (8bit):	4.966984005591321
Encrypted:	false
SSDEEP:	12:YWGN0Bh/W/VhajDsVjSDd8T3XrqEd81Xa3Lk/0PSOzMZv2sSiG97F8bqS1Cpiy:YvMZWthasuR8TLqmY/WS0wlrBbqWCAy
MD5:	74611A2ACEE67899607C912E20ADC9AD
SHA1:	8D439FA81B805A9F988365A403D14919D5B99628
SHA-256:	74D6C750D7DB67C13B41676203E1BE293908405D74A3D23AF408370E480D0F81
SHA-512:	25D7B3498B8559BB163B3418D790E9E62EDA65EA9A434D4A1B0F496EFBB79CA7D9DF71F83F9ECC09DAF973C65D87ED887D4624ECF1E64F4C376F874364D36AF9
Malicious:	false
Reputation:	low
Preview:	{"scene":"cctv","analyticAliHeatbeat":20,"positionSyncInterval":120,"barrage":{"color":["#ffffff","#ff5353","#42ebff","#fad400","#ff7f01","#7ff75b"],"colorSelf":"#ffffff","bgColorSelf":"#ff5353","paddingSelf":10,"borderRadius":40,"fontSize":17,"lineHeight":35,"marginTop":9,"maxlines":3,"showTime":10,"vodLoadInterval":300,"followRate":false,"liveLoadInterval":60,"liveShowIntervel":4,"liveLoadNum":45},"configversion":"2.0","updated":"2024-02-06T03:22:26.119Z","quality":{"qualityVersion":"cctv1","uniquelabel":true,"labels":["LD","STD","HD","SD","SHD","SD2","BD"],"divide":[200000,500000,1000000,1500000,2300000,4000000,6000000,10000000],"enabled":[true],"permissionLevel":[0],"needPermission":[0,0],"startQuality":["VDN_D_S","HD","STD","SD2"]}}

Chrome Cache Entry: 287

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, baseline, precision 8, 1920x1080, components 3
Category:	downloaded
Size (bytes):	1615895
Entropy (8bit):	7.984561122087916
Encrypted:	false
SSDEEP:	24576:eCQiMPYP+guyyZpnJYLCjtK9g/fr6RCiWNPEbKp7vTQOdlLjbJNnN0wa789+QIny:eCQ9HgujZkOWR3cP9vFl3eQxwGSM
MD5:	C5BEC4D90FC4E05CAA9A2B744C9707B9
SHA1:	01FE3F7D9E86A1D070550EECC3899CDFCF6FD3DB
SHA-256:	476821513B2C517A4D31BEBDF3C3C0C62AFE9004A3D886CC4635B303CC2514EE
SHA-512:	616B9BD8C116C915E8FF4ACECC2E34886FE71DE738337B547D28716F45CBA0E69829F0924A9959CF79EDF29689BEC0637DA01EFC9E2BC6EA005B94C735733E29
Malicious:	false
Reputation:	low
URL:	https://p3.img.cctvpic.com/fmspic/2024/11/03/1cb1af9252224be98bd243af4592d594-1.jpg
Preview:	......Lavc58.134.100....C......................................................................................................................................................!1.."A.2.a#B.Q.qR.3...$..bCsSr4.%............Dw..&'56.7FTctuv8....................!1.A..qaQ..........."2.BR#.3.rb...C.S.$4...Dcs.%.......8........................?..=...D.L.\|"O..M.T..}9.\|5'......B.8..c....l..O_....D..Hoa..#..M.......7...=]E4R@Cv9.^...6).@)Fl.z..'!=.7V.........z.....qO..(..I.......?.\|..].X.U..6E..} ;Q..61y.8H......k.0Q.18.t.(&.\|>.^.?.j.k..w)...E<l@.CQ..}..2~.M*.W.....Y...G2.;\.c._.P.7?.3...I<.Q.P.M.OWGN..h..?..,..q.......N...c^........c-q.C..-j......9X......)}[)Qu}........W.`....m'........V......~..Qh.....H..t.MU5A......dG.d..Sg.mS....K..}...:[R..\....d...!n.S..5...{....L.UJ.X..8..'.+Q..9.(.....N.7.n>..).......u..q.-.d.+....ZiLtd..TKui..z....co.Z.h).....b7#..k....L.D`...0a..!....bl.tO..!E..._W..N..[uG.mF..,.Q......2....c.{pj.YmlJ......>s.......8.-...;.

Chrome Cache Entry: 288

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	M3U playlist, ASCII text
Category:	dropped
Size (bytes):	378
Entropy (8bit):	4.36205274988374
Encrypted:	false
SSDEEP:	6:PGfEOtUagOh/J49ILy99ovN9KLa399M9MLu9B49OLu96v399ALaNMjCVJ4q5:PGfn74CyENuaNSGykiuov39KuNMjCVy4
MD5:	6C4788BFA713F44EC480D12D48C6C87B
SHA1:	4D8B8C98980F351E59D956006092653BAEBAEFBB
SHA-256:	6BB05821A6E0E01DCA2934CD28968DF034D32E9CA0907C3AB16C224753BFC9E5
SHA-512:	7B88E560A743FDBD43BBE85BF2B87BD294B33B8BAAA0D69B50F69A898BE2A6FBF93547D64C8665E0D2055A1B10F16778959D9061D69251D3382417FB1EE2F5A1
Malicious:	false
Reputation:	low
Preview:	#EXTM3U.#EXT-X-VERSION:3.#EXT-X-TARGETDURATION:11.#EXT-X-MEDIA-SEQUENCE:0.#EXT-X-PLAYLIST-TYPE:VOD.#EXTINF:10.042000,.0.ts.#EXTINF:10.000000,.1.ts.#EXTINF:10.000000,.2.ts.#EXTINF:10.000000,.3.ts.#EXTINF:10.000000,.4.ts.#EXTINF:10.000000,.5.ts.#EXTINF:10.000000,.6.ts.#EXTINF:10.000000,.7.ts.#EXTINF:10.000000,.8.ts.#EXTINF:10.000000,.9.ts.#EXTINF:3.160000,.10.ts.#EXT-X-ENDLIST.

Chrome Cache Entry: 289

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 9 x 6, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1110
Entropy (8bit):	6.139163103955764
Encrypted:	false
SSDEEP:	24:B5W1hZYnrWwh82lYSKwMKh9Vrn9GT3LyJ3VBWcA8GIow+r:vcICvnLYNASJ3zF+r
MD5:	5FE2622BC3F2DAF1AFF86AD58F380E96
SHA1:	C863DC3E0D86116932E58A6B3CEF7FA9B7809CC6
SHA-256:	55E9F6E3684B32211768CDE1FF1DB3E9ECE2F86B6581817F0E0CEE9A3508139C
SHA-512:	D69AF660F81D6EDBC4F54F9C841576E55FBEE55B37219622D8A698F952D430630B803F4858D9474ED2345F80C7C8741380264BEB6D8BC8917F2CB779BFDF6065
Malicious:	false
Reputation:	low
URL:	https://p1.img.cctvpic.com/photoAlbum/templet/common/DEPA1565254619482142/jiantou.png
Preview:	.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<...viTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c132 79.159284, 2016/04/19-13:13:40 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:85fa4e29-109b-4449-bd41-3b76c5f100f8" xmpMM:DocumentID="xmp.did:BFB0420AA30611E991118ABBFA4ABD61" xmpMM:InstanceID="xmp.iid:BFB04209A30611E991118ABBFA4ABD61" xmp:CreatorTool="Adobe Photoshop CC 2015 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6cb1e9ef-8673-ac41-8980-21b6b44ee92c" stRef:documentID="xmp.did:85fa4e29-109b-4449-bd41-3b76c5f100f8"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.5\6...vIDATx.b.{w......a.\3..01004

Chrome Cache Entry: 290

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, baseline, precision 8, 800x452, components 3
Category:	downloaded
Size (bytes):	69123
Entropy (8bit):	7.9799495500972375
Encrypted:	false
SSDEEP:	1536:H867VxgrgvXx5hnAytGG1ylAb5/jKLP7kElJL7BGfDd:H8ysrux5hnjsl8/ObdFGfDd
MD5:	CF3E484751DBB20CD89993FF6D36FCA3
SHA1:	78E39AEB5778532256044760A53807F8612DB52D
SHA-256:	95226806A231EC30A6D984CDEC17749900D0DAD226D152AA9C10FD7349374B6E
SHA-512:	60072F50A5006BA118910A7851C651328FD390184FD67F63D96B7704B325BC346AA6F9E7601C06BB23813AD73E361DB8ADEB87ECFE2C9C0067C930D5C1CCD031
Malicious:	false
Reputation:	low
URL:	https://p4.img.cctvpic.com/photoworkspace/2025/01/22/2025012211055516232.jpg
Preview:	........................................................! !%%%%%%%%%%........... ... %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%.....d....Adobe.d............. ........................................................................................!.1A.."Qa.2q..#B....3Rbr......$4CD....Sc...%5Es..6T..........................!1..Q.A..2R"3aq.#B..4br...$..............?...j...&..w/....r..8...#....+M..#m.<..].\|.;.M.BcLs.~..d.+e\|.V.bQ...^T...jW....j....J.y..U= .. .@9......6H...j...G..X..f...j7I.N.j.....b>.....%5g.@]..S;.....E.!..J!X(g...Vv&.n..;T[D.pP...#JEl.I.p(.6..'x.A....S.-^.0.F09UZS.qE.3...v.Dq.1g..54..K....).N9Z=X#...W..$.!.....<;...+`.$\|.V.....W.]X.9,........&..T.....py`.F.\<.....4.2{..M.n..G.....Y.Eh##..k(..K..q.F.DKw+dm....u..{W..Sg'.V:...^..c.GC.C....N..rv.E:.z.+F....CK;.&F.......Xe..`... .V..z3h.... ...t<F..Gw<....D..4/M.....5tTQ...w.4.b....3G.H...dt=3U.,.g..w..3\..!..F.B.W.;..z>...oC...x.=.....%.R.2M..C....o......\|O...G.._..<<..&O.....^.......

Chrome Cache Entry: 291

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 208 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	5724
Entropy (8bit):	7.688841949712854
Encrypted:	false
SSDEEP:	96:Ho7F8knmWIYq/+koHf7HpH06SZwGB4TSl90ovsCAfNUshxC8ItONEVvRJ5uUqyQf:I7F8knvT/7JDbk4w065uC8TN4/U/y+mS
MD5:	81CB192B6E3EA564BE9BC5DFDBC46E93
SHA1:	9EE9021E719CC1F87EFC2FC9F7E37CEA41165B37
SHA-256:	57E93544A7DD0982C163784073C7E7D123A0A24381A0606894BC5E8B1474EC76
SHA-512:	5FE7F996FD4DF7F48C5FED8B6F3A5745BD5FB6B3F05C4F83F576558A818B9A50C124E7E679CDAB46CD78CEFC7B50A2099A94E759D3B54C3FC67CE341A5182C1A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......$........{....pHYs..........+......iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf<

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://mm-2.uxr919zm.eu.org/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Networking

System Summary

Boot Survival

Malware Analysis System Evasion

Anti Debugging

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 238

Chrome Cache Entry: 239

Chrome Cache Entry: 240

Chrome Cache Entry: 241

Chrome Cache Entry: 242

Chrome Cache Entry: 243

Chrome Cache Entry: 244

Chrome Cache Entry: 245

Chrome Cache Entry: 246

Chrome Cache Entry: 247

Chrome Cache Entry: 248

Chrome Cache Entry: 249

Chrome Cache Entry: 250

Chrome Cache Entry: 251

Chrome Cache Entry: 252

Chrome Cache Entry: 253

Chrome Cache Entry: 254

Chrome Cache Entry: 255

Chrome Cache Entry: 256

Chrome Cache Entry: 257

Windows Analysis Report
http://mm-2.uxr919zm.eu.org/