Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

http://d4u.co.il/li/jQNPq

Status: finished
Submission Time: 2020-05-19 20:00:46 +02:00
Malicious
Phishing
Miner

Comments

Tags

Details

  • Analysis ID:
    231548
  • API (Web) ID:
    359386
  • Analysis Started:
    2020-05-19 20:00:46 +02:00
  • Analysis Finished:
    2020-05-19 20:06:08 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
212.25.105.44
 Israel
212.29.245.8
 Israel
45.60.52.233
 United States
Click to see the 7 hidden entries
212.179.26.135
 Israel
103.91.64.101
 Malaysia
212.179.26.107
 Israel
64.233.166.155
 United States
212.29.245.55
 Israel
212.179.26.47
 Israel
212.179.26.77
 Israel

Domains

Name IP Detection
accessibilitys.bankleumi.co.il
 212.179.26.135
grecotechnology.com
 103.91.64.101
stats.l.doubleclick.net
 64.233.166.155
Click to see the 8 hidden entries
widget.bankleumi.co.il
 212.179.26.107
sdc.bankleumi.co.il
 212.25.105.44
cache.bankleumi.co.il
 212.179.26.47
content.leumi.co.il
 212.179.26.77
d4u.co.il
 45.60.52.233
hb2.bankleumi.co.il
 212.29.245.8
appdynlib.bankleumi.co.il
 212.29.245.55
stats.g.doubleclick.net
 0.0.0.0

URLs

Name Detection
http://d4u.co.il/li/jQNPq
https://cdn.appdynamics.com
http://www.leumi.co.il/Articles/9612/
Click to see the 82 hidden entries
http://appdynlib.bankleumi.co.il
https://hb2.bankleumi.co.il/OOmh3k/?id=le&c=ss&phg=p0NT1Bx1S14h);
https://hb2.bankleumi.co.il
https://grecotechnology.com/index.phpN
https://hb2.bankleumi.co.il/OOmh3k/?id=le&c=im&phg=siNeNGVdC3sD
https://content.leumi.co.il/LoginPromotion/37570/?referer=bankleumi
https://hb2.bankleumi.co.il/internalSit
https://grecotechnology.com/#Login.html?blga=219053826.1584281560&fbclid=IwAR397fR5-UuVsghbrwMkIfia-
https://cache.bankleumi.co.il/nlogin/images/15Sstyle/help.png
https://accessibilitys.bankleumi.co.il/loader/head
http://cdn.appdynamics.com
https://hb2.bankleumi.co.il/internalSitj
https://192.168.60.47/api/v2/web/
http://cache.bankleumi.co.il
https://oobstg.bankleumi.co.il
https://accessibilitys.bankleumi.co.il/CommFrame/Activation?ver=2.1.14.0#https%3A//grecotechnology.c
https://hb2.bankleumi.
https://cache.bankleumi.co.il
https://cache.bankleumi.co.il/nlogin/scripts/leumi/js.js?ver=3.2.0.0
https://oob1.bankleumi.co.il
https://grecotechnology.com/%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D
https://hb2.bankleumi.co.il/internalSite/CustomUpdate/Leumi/vgn_iframeRes.html
https://www.leumi.co.il/Lobby/privacy_policy/42231/
https://cache.bankleumi.co.il/nlogin/images/Leumi/favicon.ico
https://grecotechnology.com/index.phpRoot
https://hb2.bankleumi.co.il/H/Login.html?blga=219053826.1584281560&fbclid=IwAR397fR5-UuVsghbrwMkIfia
https://cache.bankleumi.co.il/nlogin/images/user1st_mobile.png
https://cache.bankleumi.co.il/adrum.js
https://www.leumi.co.il/SunExternalArticle/35127/
https://www.leumi.co.il/ForgotPasswordUserRenewal/40966
http://col.eum-appdynamics.com
http://www.live.com/
https://content.leumi.co.il/LoginPromotion/46628/?referer=bankleumi
https://content.leumi.co.il/LoginPromotion/46628/
https://grecotechnology.com/#
http://www.wikipedia.com/
https://hb2.bankleumi.co.il/InternalSite/CustomUpdate/bimage.asp);
http://www.youtube.com/
https://appdynlib.bankleumi.co.il
https://www.google.%/ads/ga-audiences
https://cache.bankleumi.co.il/nlogin/images/VeriSign.png
https://accessibilitys.bankleumi.co.il/CommFrame/Activa6.1584281560&fbclid=IwAR397fR5-UuVsghbrwMkIfi
http://www.leumi.co.il
https://oob.bankleumi.co.il
https://cache.bankleumi.co.il/nlogin/css/Leumi/Typograph.css
https://cache.bankleumi.co.il/nlogin/images/15Sstyle/LogoLeumi.png
https://cache.bankleumi.co.il/nlogin/images/15Sstyle/icon_mobile.png
https://content.leumi.co.il/LoginPromotion/37570/?referer=bankleumiR
http://www.twitter.com/
https://content.leumi.co.il/LoginPromotion/37570/
https://cache.bankleumi.co.il/nlogin/css/Leumi/loginResStyle2.css?ver=3.2.0.0
https://hb1.bankleumi.co.il
https://hb2.bankleumi.y.com/index.phpco.il/H/Login.html?blga=219053826.1584281560&fbclid=IwAR397fR5-
https://col.eum-appdynamics.com
https://cache.bankleumi.co.il/nlogin/css/Leumi/loginResStyleHE.css
http://www.amazon.com/
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
https://accessibilitys.bankleumi.co.il:443/Scripts/ActivationFrameScripts?ver=2.1.14.0
https://www.leumi.co.il/home01/secure_site_guarantee/8993
https://widget.bankleumi.co.il/web/5082C47B-F64E-663C-ED1A-F62FF53F7F52;recordScrolls=true;recordMou
https://cache.bankleumi.co.il/nlogin/scripts/webtrends.js
http://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/njs.gif?dcsuri=/nojavascript&WT.js=No&
https://grecotechnology.com/index.php
https://accessibilitys.bankleumi.co.il/CommFrame/Activation?ver=2.1.14.0
http://www.nytimes.com/
http://www.glassboxdigital.com
https://trustsealinfo.websecurity.norton.com/splash?form_file=fdf/splash.fdf&dn=hb2.bankleumi.co.il&
https://www.leumi.co.il/pay_b?utm_source=leumi&utm_medium=banner_login&utm_campaign=PAY_campaign
http://www.apache.org/licenses/LICENSE-2.0
https://grecotechnology.com/index.phpl
https://hb2.bankleumi.co.il/OOmh3k/?id=le&c=im&phg=Q3d5U07GKU8y
https://accessibilitys.bankleumi.co.il/CommFrame/Activation?ver=2.1.14.0#https%3A//hb2.bankleumi.co.
https://cache.bankleumi.co.il/adrum-xd.64575a4f0ccc435ef3de4778c280c647.html
https://grecotechnology.com/
http://www.reddit.com/
https://hb2.bankleumi.co.il/Ftr4mmH0Morwm2uox.html?t=1589911301552
https://widget.bankleumi.co.il/detector-dom.min.js
https://stats.g.doubleclick.net/j/collect
https://cache.bankleumi.co.il/nlogin/scripts/GeneralFunctions.js
https://github.com/krux/postscribe/blob/master/LICENSE.
http://www.leumi.co.il/home03/30265
https://cache.bankleumi.co.il/nlogin/scripts/jquery-3.4.1.min.js

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\ActivationFrameScripts[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\help[1].png
 PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\gray-bg3[1].png
 PNG image data, 223 x 28, 8-bit/color RGBA, non-interlaced
 #
Click to see the 80 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\detector-dom.min[1].js
 UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\adrum[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\adrum-ext.64575a4f0ccc435ef3de4778c280c647[1].js
 ASCII text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\LogoLeumi[1].png
 PNG image data, 250 x 72, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Login[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\LEST628-2B-Pay-Business-Campaign-239x178-v1[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 239x178, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\GeneralFunctions[1].js
 UTF-8 Unicode (with BOM) text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\BEWXhbavHTta9EH8D[1].htm
 HTML document, ASCII text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\icon_mobile[1].png
 PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\08ee5f016dab18008acf319f83e51e9da65a1b2dc67d05f2a730e7dc817070bf[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\tipografregularwebfont[1].woff
 Web Open Font Format, TrueType, length 27704, version 1.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\tipografboldwebfont[1].woff
 Web Open Font Format, TrueType, length 26872, version 1.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\index[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\head[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\form_state_manager[1].js
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\fbtypographeng-regularwebfont[1].woff
 Web Open Font Format, TrueType, length 25828, version 1.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\fbtypographeng-boldwebfont[1].woff
 Web Open Font Format, TrueType, length 25812, version 1.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\fbtypographeng-boldwebfont[1].ttf
 TrueType Font data, 20 tables, 1st "FFTM", 17 names, Macintosh, type 1 string, \177FbTypographEng Bold Bold Webfont\177
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\fbtypographeng-boldwebfont[1].eot
 Embedded OpenType (EOT), FbTypographEng Bold family
 #
C:\Users\user\AppData\Local\Temp\~DFC443311B34E9AC41.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DFA8A12CE860AC7B7A.TMP
 data
 #
C:\Users\user\AppData\Local\Temp\~DF3624195BA877DB56.TMP
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\webtrends[1].js
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\loginResStyle2[1].css
 assembler source, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\js[1].js
 UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\jquery[1].js
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\jquery-3.4.1.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\fbtypographeng-regularwebfont[1].ttf
 TrueType Font data, 20 tables, 1st "FFTM", 17 names, Macintosh, type 1 string, \177FbTypographEng Regular Regular Webfont\177
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\fbtypographeng-regularwebfont[1].eot
 Embedded OpenType (EOT), FbTypographEng Regular family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\fbtipografen-regular-webfont[1].eot
 Embedded OpenType (EOT), Fb Tipograf family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\fbtipografen-bold-webfont[1].eot
 Embedded OpenType (EOT), Fb Tipograf family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\etypogrphwebfont[1].eot
 Embedded OpenType (EOT)
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\etypogrphboldwebfont[1].eot
 Embedded OpenType (EOT)
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\VeriSign[1].png
 PNG image data, 61 x 28, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\Typograph[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\Ftr4mmH0Morwm2uox[1].htm
 very short file (no magic)
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\46628[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\37570[1].htm
 HTML document, UTF-8 Unicode text, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\tipografregularwebfont[1].ttf
 TrueType Font data, 19 tables, 1st "FFTM", 14 names, Macintosh, type 1 string, \177Fb Tipograf Regular Webfont\177
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Activation[1].htm
 HTML document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\8pWiRdYdFDQr[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\5082C47B-F64E-663C-ED1A-F62FF53F7F52[1].txt
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\37570[1].htm
 HTML document, UTF-8 Unicode text, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\v8bxa9r\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Loader[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BFD55B89-99FA-11EA-AAE6-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B93A4BED-99FA-11EA-AAE6-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B93A4BEB-99FA-11EA-AAE6-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\LRHL3KQR\hb2.bankleumi.co[1].xml
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\BHYH095B\accessibilitys.bankleumi.co[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\6UFAM8ZJ\cache.bankleumi.co[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\tipografregularwebfont[1].eot
 Embedded OpenType (EOT), Fb Tipograf family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\dcs[2].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\dcs[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\adrum-xd.64575a4f0ccc435ef3de4778c280c647[1].htm
 HTML document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Q3EX8RYO.htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Init[1].js
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\58VsWr89fa3OuSI[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\46628[2].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\46628[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\123img-desktop[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x673, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\233F11ZL\grecotechnology[1].xml
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\tipografboldwebfont[1].ttf
 TrueType Font data, 19 tables, 1st "FFTM", 15 names, Macintosh, type 1 string, \177Fb Tipograf Bold Webfont\177
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\tipografboldwebfont[1].eot
 Embedded OpenType (EOT), Fb Tipograf family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\phone_desktop[1].png
 PNG image data, 17 x 19, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\leumi_promotionNewBG[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\i[1].png
 PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\gtm[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\dcs[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\analytics[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Typograph[1].css
 ASCII text, with CRLF line terminators
 #