Analysis Report COVID19open_closedPodsVACCINE_LETTER2B.docx
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 60% |
Signatures
Classification
Analysis Advice |
---|
No malicious behavior found, analyze the document also on other version of Office / Acrobat |
Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis |
Startup |
---|
|
Malware Configuration |
---|
No configs have been found |
---|
Yara Overview |
---|
No yara matches |
---|
Sigma Overview |
---|
No Sigma rule has matched |
---|
Signature Overview |
---|
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Compliance: |
---|
Uses new MSVCR Dlls | Show sources |
Source: | File opened: |
Uses secure TLS version for HTTPS connections | Show sources |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | JA3 fingerprint: |
Source: | File created: | Jump to behavior |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Window detected: |
Source: | Initial sample: |
Source: | Key opened: |
Source: | File opened: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | Path Interception | Process Injection1 | Masquerading1 | OS Credential Dumping | File and Directory Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Encrypted Channel2 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Process Injection1 | LSASS Memory | System Information Discovery1 | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Non-Application Layer Protocol2 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Application Layer Protocol3 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Ingress Tool Transfer2 | SIM Card Swap | Carrier Billing Fraud |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | ReversingLabs |
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
No Antivirus matches |
---|
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.dhhs.state.nh.us | 199.192.8.2 | true | false | unknown | |
www.dhhs.nh.gov | unknown | unknown | false | high |
Contacted URLs |
---|
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| low | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high |
Contacted IPs |
---|
General Information |
---|
Joe Sandbox Version: | 31.0.0 Emerald |
Analysis ID: | 353581 |
Start date: | 16.02.2021 |
Start time: | 16:12:35 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 7m 0s |
Hypervisor based Inspection enabled: | false |
Report type: | light |
Sample file name: | COVID19open_closedPodsVACCINE_LETTER2B.docx |
Cookbook file name: | defaultwindowsofficecookbook.jbs |
Analysis system description: | Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2) |
Number of analysed new started processes analysed: | 6 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.winDOCX@4/90@2/3 |
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
No simulations |
---|
Joe Sandbox View / Context |
---|
IPs |
---|
No context |
---|
Domains |
---|
No context |
---|
ASN |
---|
No context |
---|
JA3 Fingerprints |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
7dcce5b76c8b17472d024758970a406b | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Dropped Files |
---|
No context |
---|
Created / dropped Files |
---|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 237 |
Entropy (8bit): | 6.1480026084285395 |
Encrypted: | false |
SSDEEP: | 6:6v/lhPIF6R/C+u1fXNg1XQ3yslRtNO+cKvAElRApGCp:6v/7b/C1fm1ZslRTvAElR47 |
MD5: | 9FB559A691078558E77D6848202F6541 |
SHA1: | EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31 |
SHA-256: | 6D8A01DC7647BC218D003B58FE04049E24A9359900B7E0CEBAE76EDF85B8B914 |
SHA-512: | 0E08938568CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCFB74437DE520395234D0009D452FB96A8ECE236B |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 33368 |
Entropy (8bit): | 1.8715052925267142 |
Encrypted: | false |
SSDEEP: | 48:IvSGcpU9fGwp0nlmG/apnnsltGIpHns6bxGvnZpEns6PaaGolVqpqns6PlaEQGoq:MmKXKOpoJ0as0hzV3HBlFyuazC3 |
MD5: | 0918AB22B611EEF104CECACA7B22E8C9 |
SHA1: | 9E80332E5617430D6C0DDCB65630EEB1228DBEF5 |
SHA-256: | FB3E5A3AA1F52681A52E5A3EA325DCDE344F89B058B7F5DE333830AB08F05B86 |
SHA-512: | 4FC7CCF6AB23EED37B5EF9E2D1AC7A63388C5B999140158F45F3DFCCBD3714ADDC8629D6ED2A35813E40AC4D9432E2E06328F2D9D5E3F9EFBD828E42AA240344 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 159666 |
Entropy (8bit): | 2.4086007737325374 |
Encrypted: | false |
SSDEEP: | 384:M0JfTErnr0ec2rpE43P1HMEYxE0ikkN3p5a4n9tWcCNN07glMgpF0taTcyFYAM5N:cog/1iHg |
MD5: | 71AEAA2C5B76D051DC481B9413F06413 |
SHA1: | 24A3F0A6DC6F4055E54F0DEA763E2FC9D2BA4EAB |
SHA-256: | 3C15D8C313D0D428900A3C54EA274B2C85ABB7F6EB7DD7177D7D71A9EFD6708C |
SHA-512: | F39A25A3BB42982D2FED1A1B254724524FD09A6EA81F12B185456922DC0DD119C7EEBD8508FBFFBE4CE03DEB8EC4221FC9EA390CC939727B5B0C925338DE6B0E |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16984 |
Entropy (8bit): | 1.5675252823130243 |
Encrypted: | false |
SSDEEP: | 48:IvTdGcpUZWGwpNMG4pPAGrapgSNGQpZVG7HpCiTGIpG:MTDKZObMJeeS3/E02A |
MD5: | 9F0B533C3B760EB3EE6FF716CA3D9654 |
SHA1: | DA15809DD9A45921169EB8B1B7D1D12132C59F1A |
SHA-256: | 002BAD70688470D152254BA8108BE6646AF4007240F4E856DC4F2F2473F67B2A |
SHA-512: | 979ED740AC5B8C73CD4F55BFBE5E16F03459CD1BEAA88E14AFF9F1485448E072F832A5C7D1C977BA5FDD74CB4FBE82CF27956B4ACB3A3107E88A80E3BED18E65 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3860 |
Entropy (8bit): | 5.93674098813162 |
Encrypted: | false |
SSDEEP: | 48:4vla4sBnR9IO65JbMY715WtkSCvlaZp0whXeBkCoW5nUbcmZvpy24ZZuk78+zAnh:bt6bYY7X9O0wVjcyvpx4GW8oAnUyu5ol |
MD5: | 92E9CE310D6E921325AFCFFF5EBF6FCA |
SHA1: | 18BB4F0B83994025410D19A3868ACC8C8545D4B4 |
SHA-256: | 33D739327DFAC015E56168CD9041B36F83DE17D739A703BD92E4BFEA433064C5 |
SHA-512: | D573FB8F3A5F1CD08FD1373207F0A4FF9EEDE672D3BB6D02A02477646D8BFF693C220CE6E3661926ACD759B81B09B6B107F35720A7AC0F0846A80069A5B7B794 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1310 |
Entropy (8bit): | 4.810709096040597 |
Encrypted: | false |
SSDEEP: | 24:5Y0bn73pHIUZtJD0lFBohpZlJiHqw87xTeB0yVFaFG:5b73HJq0TJiHp89TOwU |
MD5: | CDF81E591D9CBFB47A7F97A2BCDB70B9 |
SHA1: | 8F12010DFAACDECAD77B70A3E781C707CF328496 |
SHA-256: | 204D95C6FB161368C795BB63E538FE0B11F9E406494BB5758B3B0D60C5F651BD |
SHA-512: | 977DCC2C6488ACAF0E5970CEF1A7A72C9F9DC6BB82DA54F057E0853C8E939E4AB01B163EB7A5058E093A8BC44ECAD9D06880FDC883E67E28AC67FEE4D070A4CC |
Malicious: | false |
Reputation: | moderate, very likely benign file |
IE Cache URL: | res://ieframe.dll/NewErrorPageTemplate.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 56 |
Entropy (8bit): | 4.564221148126157 |
Encrypted: | false |
SSDEEP: | 3:CEaiQEllIpbjuE:zaiQElyb |
MD5: | 8B3611F88D6E07154DFE8D4A742873E1 |
SHA1: | 614D6285952ECF50A5F0F1440E9D21BBAFD1CB2E |
SHA-256: | A3933D871CF7DAD771954B3BF4FB984C0212903943C88873F0E3439E85285F06 |
SHA-512: | 5905DA1FB768EA3B2C5AFC29601BD6A78A68C94E79373AF8B826795839F6E986D85459209D3C96713E29FABA92C4C041A450F47FA61A89138077C311C458B165 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/arrow_blue0.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 57 |
Entropy (8bit): | 4.359205803638424 |
Encrypted: | false |
SSDEEP: | 3:Cd/lfl02fLt+En:OO24En |
MD5: | 481110EE043514D98BD1293AF5C9AB25 |
SHA1: | 3E578D2A402635332D857D4A5C3FD007A4A9AEEB |
SHA-256: | 5A25D796794B161D9F544F007A2BF016CF724D9EA39E3DF0EA704CCC3768843E |
SHA-512: | 270EC8E231006A3BC1AECD0BDB9AACD290D5F84198899FAB75E99E40F550EF67D525B8911ABC22BD66FDB76225162D4CE2C2D1CBFF7C12F5AC6F14A1F14049A3 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/arrow_ltblue.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16961 |
Entropy (8bit): | 7.722181974036868 |
Encrypted: | false |
SSDEEP: | 384:0afxFf87Kr6PQeaKHSYheY+oLey9TuVnCLQoWql8cr0a5mI:tf7f82r41hevQru1o5rbUI |
MD5: | C39C3037DA3701E35E53688A1BE5D566 |
SHA1: | D7CEF2CF7147252F060E80939F18B4557903129A |
SHA-256: | 1DAE627C236A85D5A1C4E0B5BDC8E8D086A0A4BD613670E75A9AC6FB04D702A2 |
SHA-512: | 4C8A2B3AD40AA7B58D97D68E0946506D7C899A70F6B592564D651B677C2D0A4F8D527549C89DCEF8F08A05702450A29F022F6FBE13AA9D60F61D2B379066155F |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/button-glencliff.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13794 |
Entropy (8bit): | 7.8213130255442085 |
Encrypted: | false |
SSDEEP: | 192:DYx89BJjCA890Z/K0B9Ljs7LtGGv/atK++BELUzaYIoSJ82s02Wkv9M29kAL3g:D6aJjC7wPjWLtD/h++BEgIvq2sMkvn7g |
MD5: | 8DF72335578FD65D2DA9759530E147FB |
SHA1: | 140CC7ACE1A5883659674FA2679C47F89B744412 |
SHA-256: | 2790E88A1BF3D336DBDD2200DF5D072A6B7B9BC64EA577AFF2739DAC924FC840 |
SHA-512: | C4D02AFCF99CF0CF50487F3DFF71153E634B2F0A0CB88E8F95DA535EF54C2E7199E3CFF898168AA2DEFA72221186A07C446E9AB6A9CD67E6E9984563D13BF9F8 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/button-nhh.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3638 |
Entropy (8bit): | 6.009925075904024 |
Encrypted: | false |
SSDEEP: | 96:Ojt6bYY7X9x0wVjcyvpx4GW8oAnUyu5o:OobYY7P0wVI8xL/Uyu |
MD5: | 819BA8DE904F2B86056DCC32A92874A4 |
SHA1: | 5128B5AC8EC1CE19E81A928A516FDEE3C1DDA332 |
SHA-256: | 5762EB82D249E88BAE39E8B719EB5F577EEA6C611313332721D7D3079C1ABB7D |
SHA-512: | 30A17BD3631201641F5D4AC42B327E7A18114ECD8CF54E56768BC0EFEE31FD11856BDFE13464FD69FAD1312F9FD6749B7BC63CE5A7EDBA640EA7E670AFBD3B60 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/favicon.ico |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9409 |
Entropy (8bit): | 7.917091441614061 |
Encrypted: | false |
SSDEEP: | 192:d7F8bw8x4bUUmPrdRlYTKJDt/+FXS+8jUNe4rd9KvzxqBYJNmWHYMtT9jv:dK084UUQrtVRUS+e4rdsv8BYJNpHHtJ |
MD5: | 6C3A8F80884C06933EAFB4EC5FA06097 |
SHA1: | E76940F48B89C65B91384FB2F13BBBDE7897C419 |
SHA-256: | 6494DEFEDB24BDCFA6D32AD4DEBC58BB064ADB5A55F03E3A6DE2DE7CEF24D04A |
SHA-512: | 40C3DE8DA0D3757FB76239838DBB25484C64B87EFF3BFAF3202D57921373483A3017F7EB623CB6F1460D97CF727306B4A36D1D14CE30FB5A5404CFAF9B52FFEE |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/granite-advantage.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 8714 |
Entropy (8bit): | 5.312819714818054 |
Encrypted: | false |
SSDEEP: | 192:xmjriGCiOciwd1BtvjrG8tAGGGHmjOWnvyJVUXiki3ayimi5ezxiV:xmjriGCi/i+1Btvjy815HmjqVUXiki3g |
MD5: | 3F57B781CB3EF114DD0B665151571B7B |
SHA1: | CE6A63F996DF3A1CCCB81720E21204B825E0238C |
SHA-256: | 46E019FA34465F4ED096A9665D1827B54553931AD82E98BE01EDB1DDBC94D3AD |
SHA-512: | 8CBF4EF582332AE7EA605F910AD6F8A4BC28513482409FA84F08943A72CAC2CF0FA32B6AF4C20C697E1FAC2C5BA16B5A64A23AF0C11EEFBF69625B8F9F90C8FA |
Malicious: | false |
IE Cache URL: | res://ieframe.dll/httpErrorPagesScripts.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 936 |
Entropy (8bit): | 7.566861187240718 |
Encrypted: | false |
SSDEEP: | 24:uDFM0rnx1/PBYjz8hxGmhKAKIqlIxL7Lqpg7NVzOQSAAo7fZv:uZMm1/PBYzgJ0AK9lenLqoNJpfzfV |
MD5: | 3EF0AE339337F22320D8CCAC504A8449 |
SHA1: | C747754A317B308869186DEBB10DDB77E756D7E5 |
SHA-256: | 33A14A6CB3939700FE78DEAAFD649992667C7247A84639E627B7168902557367 |
SHA-512: | 2D4B7D0FB58E8EB2A7AC364DACF57B2456317133CB3F24CBA9EFB005C9664486A63DE488326E0839FD5CBD04D3C22B53F02DCF81BD9D605806C647CFB9E3246C |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/iconseal.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 11358 |
Entropy (8bit): | 5.081230966440111 |
Encrypted: | false |
SSDEEP: | 96:1AAl6lD3R0m3BGTvVrGNI643LJ7jIWqqyapxC8bB4/fxvLLmyySbxo93ILPlUIiK:SaMR0m3mz9oRHa9R54uEBukeX2oK |
MD5: | 7FAC353FD6E72A2C75820F2276D522D5 |
SHA1: | DEEC13C8F8CFB6A44E92FE15A5BBB4D18D1EB539 |
SHA-256: | B8FF55F1551A2611F3890196A3E6EA69D579D2DF441AA6AD6141F84F39511238 |
SHA-512: | CFF7AEA083A5B873FEB9F8D122BF4C02705FF7FE21135F7D13AAE5AC79A57879E2F56F07A22D5938B8B2C12B6B504E2381A5789347D5F5C2677837C802F1DE81 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/about/index.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3468 |
Entropy (8bit): | 5.130714868268042 |
Encrypted: | false |
SSDEEP: | 96:gxhTzrJZwi5n3ao8FZpNNNisHrymo4dG4QjRk1:6TvJKi93ao8OHez |
MD5: | EA8F627844489B0D84EA383588E13730 |
SHA1: | D86649EC726D7009B075FEA0DD76C87B73F28857 |
SHA-256: | 28BBAE52F137499A252D25447764FB3A84EE0E6A1C46406C3A62B5E494A6BBBE |
SHA-512: | F43F917A7B1E9B32D77017E1A37BD46B463CA829E304C7DAC29459ACC624E22FD7BBB7DA1F34AA211A499621BE92094B92BCD0DFB72132950DD39065E0498787 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/jshowoff.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 309 |
Entropy (8bit): | 5.2708689646625055 |
Encrypted: | false |
SSDEEP: | 3:Cx9lyRTYgRO3p/o//nee63zyaaFij00Cjf/FYqtLy0yrtwlIqldJrDsFRkFcipcE:8lyR7c2eVyHTFt0rWIeLERkFTpcTzM |
MD5: | BD22ACECC5B91E4BC9207FC9D6EAD4AB |
SHA1: | C0503CC700CFBD52477ABBE82987B1A15E4C7AA7 |
SHA-256: | 3FB0331CA28F01CAA741C42F84B0ABED4928B3BD2EF108666C6A1CA08CDD323A |
SHA-512: | 6E0F48FD273EBCDC3F3FACDEF42DD0C6750F14DCBBEAE806FD7B6C85B433CE46799EAD0F7067670A37714A0B4B64FB179BDDB25B029A2A4FB5449E2FEB7D61DA |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/largeA.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1518 |
Entropy (8bit): | 6.996843137132655 |
Encrypted: | false |
SSDEEP: | 24:HTM8VEZ3al1hJIwWwylZ82lYSqMHYKq9VyJT3byJeyCZ+47aGY8eJsx:oKkNinNus94JKJeyCZl7aL8B |
MD5: | 5BE960805AA62A3CFB8CFDC14C115507 |
SHA1: | 32A3B1D41AC4289D2F5D20927049E5F14BB75250 |
SHA-256: | 48173769D629B75D62E6AF43347CFBAA504A8A40B96B01D59B81149775235B91 |
SHA-512: | EA7506A9414197E4626954B39979ABDEC0A3D5A8262B496522A40D7BC23B8B26B4E650EAB7474F7EBF4B7D1C1DE3F6AF452C0B98F8C61418E7279EA9B1D1AE3B |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/search-icon.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13573 |
Entropy (8bit): | 4.988504258614964 |
Encrypted: | false |
SSDEEP: | 96:1AAN6R0m3BGTvVrGNI643LJ7DoWK3aS6pxVHbh4DfxvLLmyySOLrgneinOI6VHtt:SnR0m3mz8Y8RH+/EUh1ymGDb242oK |
MD5: | 884814DBA14EF841EC18FADE7145DDF7 |
SHA1: | F8B9924FD70BA0B42959DF852C0FDB2F6B6980B3 |
SHA-256: | D2A61C184CC788FC32DCE676C1E0D8FB6DE2EA465981069C875E50A60812EA76 |
SHA-512: | 584E41FDC4A54866B919A5802A19632C6CA36B108C86C5F93043B4456CD43AAA3BA9EF2581712D4FD76B672BE3593D556836361227E3A75ECFBC58C37D85AFFB |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/foryou/seniors.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10721 |
Entropy (8bit): | 7.9222857327358 |
Encrypted: | false |
SSDEEP: | 192:n7FuknE1nfULiWFwwlfoy5jtVA/wAkZ1tsMW+kLbY0sspgKtZuKchTKr2aaJdJBN:nfn08LBfRjA49psTLbY0xgiuwr3aJo7y |
MD5: | C258A4DB13A03F1076CBD63293759F48 |
SHA1: | D710F07E70044D66A5021F9FC5A1D72DD7856670 |
SHA-256: | 1482933B0E678AAB9D19132EE458E09FCB16A01712D9755BBA31A74B4A76FEE7 |
SHA-512: | 9308FE2CB30AF1A309E7CDE9562A698D3D7BC67A7415318A0F2A88405B9B036A54420E86DE99521B48BCE2BA69DF4A00109DF95A9F1E772119C6E9CE7C3BAE85 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/the-doorway.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 18724 |
Entropy (8bit): | 5.0229050341109795 |
Encrypted: | false |
SSDEEP: | 384:Z6/FpzOTH+pUwFQQFzosq6yzGy60wQHZAOcUcmMt0wGq6K:Z4FxskUwFQdcUcmMp |
MD5: | DBC4C9FA52A475411EB75595DA532797 |
SHA1: | 099407F8C66BC19CC7DA10EFB2715EAE0373C966 |
SHA-256: | 6149F95C1EBDDE5391898E22A79821A810336F6BD74318291B4F49F23FBF0FA8 |
SHA-512: | 81EBE7593D3856D282F9C581BA3DE18B1F3F0E42D3B912235BB36ED80CDB7FCE08CB91A0FB537CC5BB751F7FA161635B380C78FD0905E4A5B0395A30A64C9E86 |
Malicious: | false |
IE Cache URL: | https://translate.googleapis.com/translate_static/css/translateelement.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13071 |
Entropy (8bit): | 4.9799957899156935 |
Encrypted: | false |
SSDEEP: | 96:1AAjGR0m3BGTvVrGNI643LJ7DoWK3aS6pxVHbh4DfxvLLmyySaM9xs/3lCseG9cU:SHR0m3mz8Y8RHV92Gk6h9rXdR72oK |
MD5: | 86AB93FC9FDDA269C5974261A1D1EB1E |
SHA1: | 3A0B4753FE80FD8D67F965DED7906DA9C996EBD1 |
SHA-256: | 57BBA8778C55549B83883E7750D4D5E2D18459E8F6C77106063B08ADE2C7B4A3 |
SHA-512: | 3533ECD1066C0C84F7A54EE3689559AC664520E82D483531F23257C3630272074D9476B84F1406124E26918084770F4C8AB1F5DF3706E42D4B613A6ECF744D4D |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/foryou/women.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3455 |
Entropy (8bit): | 7.723531087767753 |
Encrypted: | false |
SSDEEP: | 48:5nlnNANz4PIt65pH87mCYGZG9LFLBxYkjshyV7t0A28qK4JldIQPueht:5n1Yr4pH8KCYGqFLQkjTJrxehPzj |
MD5: | C242FCDA1B5DAA99D53BAD09E619D169 |
SHA1: | 36C3FA7B2EFDD718550348B7E3E445782C912341 |
SHA-256: | 90E1AE9F18C3A094D16CC4ED11AC93E3561ABB41308B0FEB0B30C166DC15D130 |
SHA-512: | 995BD2A3B5DB4B2FF05D6796BBF1ED9014ED501E58BD118E8F4886F2EC5FF827B174E365D7D36CEE5A82120693C69B8DF1D709D93EDE78B8D3F0341AE31CD6A3 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/400x25officialsite.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 25487 |
Entropy (8bit): | 5.083554954745144 |
Encrypted: | false |
SSDEEP: | 384:SGunySC4SJLM/Ex1v2xiJgDc0hAtgn5uB+ec2zgrjeAhiN:SGuFyLMMx1ux/Zh6gn5uB+deAhe |
MD5: | 5E7BD12E328C4AE593734E1AE2AB3317 |
SHA1: | 5E1CF57202212E5A99323A7728FD8D2B5489C244 |
SHA-256: | D0E97980D5E7C8609F31EDD59D321A0F9A22E44464929387251959EAEFF56069 |
SHA-512: | 962C34614EBC31A9680FAB8DF4CCFF71B9C5B57E9D012B84CA7FBFA1BE466958B2DD3083CD6171DE1D45886269DD07AD9B52FC3B326565BB99738F32CD074CC8 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/ |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 48 |
Entropy (8bit): | 4.381328385912461 |
Encrypted: | false |
SSDEEP: | 3:Cpr3lIh3uJT+H:43ydUTm |
MD5: | FBD0E6E9B04C2C0F0DE3B9B372EB91FF |
SHA1: | FF07B76F9896AF9DCFD72E2DB5167C5C7064B0C9 |
SHA-256: | 595D5753D57518C1235FAE639F2665608B8639BB8E12D12DE33339EC4CC9760A |
SHA-512: | 2D513B0C0A2A18CDB51BC04E8AC900A9B34C378CBFE70A3A0D764D92358F25F34EAEE2CA56AB80F3A314A4E8BBF347117EC05FBCA5C7E04FCDF2E132071E827B |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/arrow_green0.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 166 |
Entropy (8bit): | 5.033559159767338 |
Encrypted: | false |
SSDEEP: | 3:C8iX1oBbNTRPVZT4QQ3ZDpP8RalltLy0eFdBus9uYuaD2t/Ch:tikRTjt4FZgqtEdBus9FHD2Qh |
MD5: | 13124C1D196F71BFBDBF3B68247C2621 |
SHA1: | 23A19F2D059EE561894A7384CBE9CEA240365902 |
SHA-256: | AF96E242BC1EEA19BFBC52436761ACD8D1E7B4BA4307BD051D2EDD1E04C026AC |
SHA-512: | 613E32FF84EB6065B97BC39C28EEA7470B631F66D1F0295BF8C4CDF8A186864FC4955AA7A4B11D530C0067BFE5A9F7294BA52BFD2A39F9911DCA6EC5C520BFEF |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/bullet02.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 14621 |
Entropy (8bit): | 7.825199065619867 |
Encrypted: | false |
SSDEEP: | 384:yTq9/R62zTbh9Nj5Jg8mf5FBh5R4xJWEEpRO/PK48:aq9gKI8mRFBSdf8 |
MD5: | BCF9D8B990427A3FD6076D8B828DC634 |
SHA1: | 249E51075BA8E049CF92373FB31175F03950A54F |
SHA-256: | 2CADB2795C254C1BC18A7FC3E766D5AB760C9566F323E2DA3A60629E8028A88C |
SHA-512: | 910AE8C8A959BC19AB332916CFE338999121DA1D7450F0AE4BC1224DE1CC66030D92282DA0F4B6FE3B976C25B456286984E443DFC038E9104E04833BFBB51E3D |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/button-sysc.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13037 |
Entropy (8bit): | 7.9638596412762785 |
Encrypted: | false |
SSDEEP: | 384:7UUVbS3J79HLEmDVxE+i+HGWAXg0eV+V1fJkm1bT:gkbSTrDZx2+HJug0Y+ym9 |
MD5: | 6452F1EC1866D5ED498BAC41660565B5 |
SHA1: | B1232C23FCC3A911400E6E6AB9437C14D20D72DD |
SHA-256: | 87D61DAD66681572B3AC12B40CC346BB37D0FFDB9BB83CCF9482C55CED44386C |
SHA-512: | 96281ADF7AAFB026E0824671ED1E6F04466CF919F772A78B1623F33C67609BEB9AC941548BE4D329FE1BFAFAE554B92AFA0B8D9E067DCCA2C87D86145712ABE4 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/calendar-graphic.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 129790 |
Entropy (8bit): | 7.890919421015789 |
Encrypted: | false |
SSDEEP: | 3072:ie2ke28EzJw9Hew+CLsGU+/7jX94hXGLVjFrRk0:i1k18EzJGHew+CLso7jXOh2ZRrRV |
MD5: | C83AD720C9E8C9FF4099CD8A74F63990 |
SHA1: | EB99ADBE8DC292769D7550A97A0236BDC2F46592 |
SHA-256: | 176E7581B8833A56D160D6CA01B0C29D4951086689BB1293C767DC6F30725181 |
SHA-512: | 55E9CA1348F7065B1D6495CEF4343106DB6ABE7C0DFE13EE216B2004711FD03AF7ABBC67D3A7F0EAAB5518753C987B5352BBECC52B4DC017A15523F237B85395 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/carbon-monoxide.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9978 |
Entropy (8bit): | 7.955383730621116 |
Encrypted: | false |
SSDEEP: | 192:CtuvpBwiUiTYc7VcQVgkcBGQq7Pn0z4z9UwrazRNoBqR:boK7CQDwGF7P0zq2earR |
MD5: | 59B7681053FC2B1C2C65959FB27A4070 |
SHA1: | DB31AAE7E08B2094C011ACA0A5154440D65ACB83 |
SHA-256: | 7749ED0E11D5E9D973396ED23D5D430BEB9EE9A0211F5A6B341E716FD38A6C18 |
SHA-512: | 7E9F19A43A3C2C295661447A967C9720CD860C60C8649B2CDB104154976A2D7223AC942ADA2912B3B266D334C4C0563B6426A1767BDC72A5B84A16FE9E1AB302 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/covid-alert.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10146 |
Entropy (8bit): | 5.031839379944935 |
Encrypted: | false |
SSDEEP: | 96:1AAOeR0m3BGTvVrGNI643LJ7DoWK3aS6pxVHbh4DfxvLLmyySBa3Zej2kFQc+7Yy:SleR0m3mz8Y8RHgk7d2it2oK |
MD5: | 2E6BFC98C1A69CF7AF7CB106EEACF2C5 |
SHA1: | B63D9DA9EB752D4D9D796C52C4BC486649181B7D |
SHA-256: | 21391118F3550181965D8E741186A81F40D3C9D7F769FD2697D1399125914E48 |
SHA-512: | 1DE7B2D08AFCFBC685AC07DD62C213B31E292280170CD2D62731C6DED76B8BAB3C133B282D5CE8CF7EAA73C52DE0540E07920F62A17DFE22D9CB640E7A2A7A29 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/foryou/disabilities.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1857 |
Entropy (8bit): | 4.6050684780693905 |
Encrypted: | false |
SSDEEP: | 24:rCUcWh0sEimVM4mVMyIjyAV28EFySd8/k+C2E93vjqF4IAr4:uUjEiV4VtLV2lFjq29vjNRr4 |
MD5: | 73C70B34B5F8F158D38A94B9D7766515 |
SHA1: | E9EAA065BD6585A1B176E13615FD7E6EF96230A9 |
SHA-256: | 3EBD34328A4386B4EBA1F3D5F1252E7BD13744A6918720735020B4689C13FCF4 |
SHA-512: | 927DCD4A8CFDEB0F970CB4EE3F059168B37E1E4E04733ED3356F77CA0448D2145E1ABDD4F7CE1C6CA23C1E3676056894625B17987CC56C84C78E73F60E08FC0D |
Malicious: | false |
IE Cache URL: | res://ieframe.dll/dnserror.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3470 |
Entropy (8bit): | 5.076790888059907 |
Encrypted: | false |
SSDEEP: | 96:z9UUiqRxqH211CUIRHERyRyntQRXaR8RS6C87a/5/+mhPcF+5g+mOC53B5Fqs1qP:JsUOHaQyYX4yJQOWCbz1Qb5 |
MD5: | 6B26ECFA58E37D4B5EC861FCDD3F04FA |
SHA1: | B69CD71F68FE35A9CE0D7EA17B5F1B2BAD9EA8FA |
SHA-256: | 7F7D1069CA8A852C1C8EB36E1D988FE6A9C17ECB8EFF1F66FC5EBFEB5418723A |
SHA-512: | 1676D43B977C07A3F6A5473F12FD16E56487803A1CB9771D0F189B1201642EE79480C33A010F08DC521E57332EC4C4D888D693C6A2323C97750E97640918C3F4 |
Malicious: | false |
IE Cache URL: | res://ieframe.dll/errorPageStrings.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 14882 |
Entropy (8bit): | 4.996850145254629 |
Encrypted: | false |
SSDEEP: | 96:1AA26R0m3BGTvVrGNI643LJ7DoWK3aS6pxVHbh4DfxvLLmyyS3vM5s/9ml0GZGeg:S6R0m3mz8Y8RHUdoyGiZhl5+rs92oK |
MD5: | 0E04DAF9A1FBC9411CAA3AE7B492F94F |
SHA1: | 0D34BD0339F12ECCBDAAAA8ABD0A0059878F7035 |
SHA-256: | 5943A3D48401734486E22AA810F54D142DB12E3F94847981F80B416113B937CD |
SHA-512: | 348A779D9CCB41D3FB90A7B5D4B499D9FED3626B577D5322F328B9BE9E30606FD8F29AF7CBAB80389D47841E159848CD7918E5524CA5891A2181F84875A5F0F8 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/foryou/families.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 62 |
Entropy (8bit): | 4.478946144941852 |
Encrypted: | false |
SSDEEP: | 3:Cq//Rewltxlu3uXU1xn:T2KU1xn |
MD5: | BE84D93A3126CAFBBA9E92D25F139F7B |
SHA1: | 55F18DA72A71AC3F4CF7B4A6FB3053ED0169FFA1 |
SHA-256: | B264D426F9B80C2C02B49123C628B62AC446AAEAD5F4874780F900AB024228AA |
SHA-512: | 98089AA6627FFEA2E2B302B1E5B29CB8B64518183D124B66FA731A1B9B40D771C4E5882E3B7350AE547AAA6EF73BF55E32BED5CB3738464FDC2E88220FB36DB7 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon-sp.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 607 |
Entropy (8bit): | 6.150874141816269 |
Encrypted: | false |
SSDEEP: | 12:+4fBVm3RLxgpY2CRBs1XGeozZtLTnsO6RSORKPwcXxBmG:+WBMhL+psRy1luXHvs04CBh |
MD5: | F39970CEE0E709A2C6225C686E877E23 |
SHA1: | 37193D45B1BD8C7B81F2B50B5BAF80DC3DFA998D |
SHA-256: | 74F8DF3D7341D6CD60F342F3EFD6433FEA89B34AB60BEBEE6EA17AD728B05360 |
SHA-512: | BA3AF5CD5A886530C2AB81B7EC6457FE3ECB842F9A552A199D55120F340F705AEDF1759C90203ABFF2B97FC7297B5FDBC98A6C11A3EA473E514E238E78C25E56 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon_flash.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 6579 |
Entropy (8bit): | 5.228753253129017 |
Encrypted: | false |
SSDEEP: | 192:O10Rasp42ZbGDt2rflgINP/iVxQTA39KyJArB:g4pjZiu3/iv1t8B |
MD5: | AF1015158867ECB3BC8B923ABA626215 |
SHA1: | DE5FB1BB2BF305F070A706DFBEFF57249753ECF3 |
SHA-256: | F40473668CB3C72EF3AC8EDDC7945A672DFF271BF54351F639E704FDE2101237 |
SHA-512: | FB6BE27AA9899FA322A971C11E8BFE248D5E66B7FDA37952372E45E0F7859FE26CB80444B63850E55BA70943FAC3E0CA39838114F3166D01EDAE0519617EB26D |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/js/jquery.jshowoff.min.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16557 |
Entropy (8bit): | 7.956386766435145 |
Encrypted: | false |
SSDEEP: | 384:4/65fha80xWNegyyZioAFikUkJarKhSH/PiLwO9l2u6pb:1tU8yWNegXivF/UGITBO9h6pb |
MD5: | D8CDC6D6E056F4A1FEED452196E47D89 |
SHA1: | E10CE7AB1ED5ED55BBE46EE18C2BF9DCBAEDAB32 |
SHA-256: | D803225F1F2A6E5B267C8DCF448605D5F7122DD30FF37FAAAC185E044FA291C2 |
SHA-512: | 281DE0385296DC0C319ABF5FBE691BB346953DB1058726BFB631C4D4EFB11FADD77DCA2583BC21D177E85E3DE0028083B3CE4CE10646C4DDD2607E96F83F47D0 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/about/graphics/office.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1015 |
Entropy (8bit): | 5.201179617626621 |
Encrypted: | false |
SSDEEP: | 24:Po1/EPH0dRU5PNRxYIpm5t16DRW3BT/jmHTnhcJ1DA4hipBf+v:PoqUdS5FXg1D3B+HTGLAK4p+v |
MD5: | 32C7EB2120D98C96C282E7A824E7694E |
SHA1: | 7CDB846962FC7D84DEDE41B922AF71AB8E652134 |
SHA-256: | 9136B91FAF455180E6E18CB97C04C2B79E812DA891B83EB84E30DE87E7BC108F |
SHA-512: | 7A210A3F212E7059D24174C35D4C265B5834CA820F34D51369FC194C21F3994CEC16A3D8A13978EA9D4A055E94B3104480BE3AA949128B5108B77568B2E6D7FE |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/print.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12135 |
Entropy (8bit): | 5.0121308162835 |
Encrypted: | false |
SSDEEP: | 96:1AA1GR0m3BGTvVrGNI643LJ7DoWK3aS6pxVHbh4DfxvLLmyySCM5hlAea2c9Wcy0:SLR0m3mz8Y8RHNvkth62oK |
MD5: | 2705710F50F1FCD80BBE013CFAF39709 |
SHA1: | 31A4D90A2A00B3C49F16FB0997601E47C2B53E01 |
SHA-256: | 7DDE0955645983167AD367FA1C4997027D8DC8743E7DD25556DFAB48C8FF680F |
SHA-512: | 6A108689C5B6C5A1295BCFA241E49A0801493D57A76CFA9DF08B2D6C15C91DE97AFE0FB1F65C0EF002C54ADDC126F1529066FCDDAF85E8623BFCBA290CADC6A5 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/foryou/teens.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5219 |
Entropy (8bit): | 5.046059813833912 |
Encrypted: | false |
SSDEEP: | 96:8IRZqnvtiIkyEwmNeYMvAxerL5J6B82o231/BgYrCDgZrSvJLj0zE3bdCAHEsh:8IRZsv0E5mNofr6rF3Ra8CpR0Y34AHE2 |
MD5: | 62BC4FEA155137DB1B998918DD1E30BF |
SHA1: | D91108573500AD5AF21159209A97A4C097B43737 |
SHA-256: | 6C4417DE30F53EB52ED26D95EB080F7A14F9F3DA1E522901443A8EAC5B3A8F0D |
SHA-512: | 1F714211545A997C483622B23D54AC2BD8AFEF12223ACBD5DF9427D860DDAD9C82A8EECC9BF4E59539F66A76C6005FD673F17EA8E006C2C1D27743387AEFE2B6 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/scripts/textsizer.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17925 |
Entropy (8bit): | 7.961742262047726 |
Encrypted: | false |
SSDEEP: | 384:OnDrAMst9mJecX6TYfTLSNyB+bNU0fxhy4dZXHmHdNvh:Ovzst9uXz7uEB+bD7Lavh |
MD5: | 5A2DC4F484EF0A7390493900283BF3EE |
SHA1: | 051CBC0963BB50413B4D30F156B4C4356A82F924 |
SHA-256: | 6BBDA937684C997DDE4E58722C1E6A3EF7850689E47F774E8B36FA02E5ED10F9 |
SHA-512: | E58C1CF2F2F30C11E8FC017A40B3B66E670B73B3BB88779D8A8235AC53FEC3A93679E09F949B4C522D82C34440311034EA38D116F3B9021FB803E227936EBC2D |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/1000x100-jpg-header06.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12691 |
Entropy (8bit): | 5.051305468378174 |
Encrypted: | false |
SSDEEP: | 96:1AAzGR0m3BGTvVrGNI643LJ7DoWK3aS6pxVHbh4DfxvLLmyyS4MRc/jl0Meqm7mM:S/R0m3mz8Y8RHvksqjBT3T2oK |
MD5: | 85B0F79695E7ED054B29DB8302CA25D5 |
SHA1: | 658F62645B373DFDBEC811C65C03EC4C86251468 |
SHA-256: | 191244EEE601C101C32E698C4D89F0AF93254DD857A98C205EC63F68985FEEA1 |
SHA-512: | EE9AC9A00284C15B5983E0E47FAB8095D6F085E24A47CAFE1F0C6DC9C6094CE80681976B4A707522254FB1FAE8B7946F4D14B7AA4EC45351AB98BE1D36F73FA3 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/foryou/adults.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3561 |
Entropy (8bit): | 7.743642852097257 |
Encrypted: | false |
SSDEEP: | 96:gnvfnvfvH/y5xp3IzQhiLai5/ZbX+UQ5vPChVcfB4DmL:gnnnnnWHA2o/d+U2PChWWmL |
MD5: | 5DF60B7A94DFBA01BC3D5BA68D251FE8 |
SHA1: | E565D5D502D3D67A21BF6F1F9E548A8B001D31EC |
SHA-256: | 1EAC78A2FF61CA6D0C15A9F234AE8F7D9A3F5DB355CCC6ED6E076C8CE9DC63B1 |
SHA-512: | BCC6484286FB925954768DD840600F10CC617E731889836529E3F91F18556EB14BAF074C6284AFAE6610D04520EC4367A1234BFB7F02EC844E81E118A56F33AA |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/blkbk.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 8648 |
Entropy (8bit): | 5.113242529210202 |
Encrypted: | false |
SSDEEP: | 96:vR4ayh44eZhS2NlGEN2qRh8L7aaPpI+n/3z9Ge048XhFJy85tB/P/JBQvOPtS50b:vRpyhT8Si/2FLq48XlyUFgn6BFaRxUIa |
MD5: | F4AA7DC965F75669BA81E2FCADB6C90C |
SHA1: | ED92B90179E71ED3FB69524E04E4CB4F3C0BE012 |
SHA-256: | D618BD7BB0D1C11CAC61D9C0B4EA612A48489373A6438E22605B084B15CFEDD1 |
SHA-512: | 8B3208282A6AA989C4A9023D1D4D7E079A90E671FFBF666D0A35504CE1482F59FAECAB6A0F1115A1502A24770CC3185046029B8F1F356C13D8916DC6B6F83716 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/contribute.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 41 |
Entropy (8bit): | 3.4960271529727103 |
Encrypted: | false |
SSDEEP: | 3:CWoflBlll1nE:ow |
MD5: | 45FAFCED0B565CC5670032533B890B13 |
SHA1: | 91CE14BEAE79694AC4E4BAA8961E92F8BA54A2CE |
SHA-256: | 7DF51310F47487A4B39B74D302FCDE64FE1AAFCA56299E3D05280965FC659C5F |
SHA-512: | C083B8EFF67F31D5D8A77E522A1E04DE0AFED525F1FEBE53DF9B8F88E46741CD05235007143D43286003F25624E7DF45E866317D0EA8874F62912D6E16E5275E |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/ds.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 45170 |
Entropy (8bit): | 7.975705424400901 |
Encrypted: | false |
SSDEEP: | 768:2JkGcmrkzxN4vhummv4CZgIz91xUUeFSFLBHN7/VWaJj+jB3Z6+JZJ:Z0Dhnmv4Ctz5OFSLHN/VbjYp6+t |
MD5: | C60B197F794D1EB6EF8D8A73033E969D |
SHA1: | 4AF6B6DAA296BC4CDC72EDB6A268EF335A5CD8CC |
SHA-256: | BFD7FE7E41D9E55BD6BF4B0D9914AC28A93260F09F6D932ED2177BA2178F8956 |
SHA-512: | EB6584956A6BC9F796502A3BE0C848A02FF9D71271520A2944AB1A130167D2227B7EEFDF8ED97CC9A7C7F894F1F4A1FC3047D92C16EFD18EB7FEE6A76C809C85 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/emergency.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2907 |
Entropy (8bit): | 7.775139824223661 |
Encrypted: | false |
SSDEEP: | 48:OiQfywiU9qoIZgTtchHBui2qZE2JXeAV1s4exJKzo70BAcophyU:LQgoc+cTuyE2JXeAVe1yzTBAcWyU |
MD5: | CEFACB60C7B755E1A53603D7CEAB1BB3 |
SHA1: | 435E52E63BEC97DCC13C2B42A25D5AE761B346A4 |
SHA-256: | 258CC7FC6046B5AB054B2072DE33F2911711C33F49E69651E6012BE6AE33C27C |
SHA-512: | 535F4720AD534264EAF62DFB619B0EE190D978A8096D1C43CA2A7113F943CBEE25ECF79D532434DF3C9E3C88A497402D071A45419B67ADE444EDA1A0D673EBB1 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/flags.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 50879 |
Entropy (8bit): | 7.969332347625548 |
Encrypted: | false |
SSDEEP: | 768:78I+pJaYV+EgGXseX0Dw4uG8uq6UgI4MTaFk9kO2oT3mP+t1KkBTz//cIJuWioYJ:ILaggGXpXCw4u3LEQsqmoX//PtYk9w |
MD5: | C6E205CAA1F6106D3F67425E4C6E8E70 |
SHA1: | 4FA3F989BE28B335B08F71A84F9B9DC13172A76E |
SHA-256: | 4D07033D5B68191D651197A33C485FE6C650B1B01F8D1588F7B82BD8B12AB432 |
SHA-512: | 320FCADF1A76D42EA443A80B900F4050F779ED9CA69F2E3BB66C1FDB0EE872B89C8CD8B7A6E8EEE47F4EF2A5B08A6A63BDC165C4329D4B22C5DFC03552AF869A |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/flu-fighters.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 38518 |
Entropy (8bit): | 7.9666917785850115 |
Encrypted: | false |
SSDEEP: | 768:8CZFzY4kWAMvZ52+a+yUXBfYKBEOnguKIieeHSg75ncf:J3zY4kWA+pafKBEOgcix7Ra |
MD5: | 138058CA58F83B75F25F09454E7BF9BA |
SHA1: | AD842387E5B44D3B08EB30A63E34D558AF87BF83 |
SHA-256: | F677978867311882735247A034E6A16E237992510302412FC3F1FEC723586246 |
SHA-512: | BFF4792ED6174E3CD7739300F460F66BDE930587202D11E26BFE21E8551DB7576C098210455F76A96124EBF3FA5DA65C80A7CE0D146CC061DCD523E6A356D116 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/heart-month.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1461 |
Entropy (8bit): | 7.587767048114994 |
Encrypted: | false |
SSDEEP: | 24:R/MmkxSj6vKf4EQtdZ2VWN3+Qj5dejWfSZgDBsWgLhNk7pavk9HzU49t9iIo/E+n:cSjfytOVi++GC9CDLhNigigIo/31 |
MD5: | E8DFCB236B83526AF6EB96348B06F0C9 |
SHA1: | B741A536E0D2AE5C828D55DED39E17A60D5E1FA3 |
SHA-256: | 614EB76A4DD29D91EA72883E702C609CE3E2AE3E12C2E5F96B2FCD32AA87860D |
SHA-512: | 4A64AB2C2A3B3705CB93D80ADF95A96EA5E257166C979972320884BA1105EFF25F1CD6FA15CBAAC7D31240F2FF09A5BCA8B93F6B5527F63D7631D9BF915194F8 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon-fb-like.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 604 |
Entropy (8bit): | 6.242982454000789 |
Encrypted: | false |
SSDEEP: | 6:6LlShNn2Hveq2Qu79OzUV8e+gToqyj1D00UsR1HjBewOi27SPksum0frmmYxx5W1:2HUQg9x8e+g8j1ZzHtewOdsutrcxhOPN |
MD5: | E102D568E8974BB0951E4196BA687BFF |
SHA1: | 4D019064F21C2322E537DE510F1649418FF573CA |
SHA-256: | 67DC276FFF422D3FD9A118EC00E8375CBD3BC036BB31507CFD5DF3D4B479D4C6 |
SHA-512: | 5D5AEC096F090DBE608BC1381772FDBACABBC029FC95249EB359FFE91651B1A9B414CBF0395BEB2278CDADDFBB0A30EFFB6D5FB5B82E49E8FC6B85E021B1EC17 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon-twitter-bird.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 603 |
Entropy (8bit): | 6.298893633281494 |
Encrypted: | false |
SSDEEP: | 12:U6LzEJau3+MTkA0iZzRnwAjM3s9RR0KoRxW:U6SLbh9HAsaK0xW |
MD5: | 47FD53FA9278B645A64B42C31F0A7068 |
SHA1: | E4293C1BA08413FBCCCA5CC67733F2A972A31869 |
SHA-256: | 72293FE33F7F462A579E0297AB625D20AA53470ABF7A77B5E0AE5112FADA4F4C |
SHA-512: | 92D277ABA7A5B8F8BCEE6285285B055C5E1CD7125651EDEBF33955665B5483E6FF4A481A312A57CDFF438D78AC8964CE8B895FF273CA7DE281652B5AD645D244 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon_pdf.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 25487 |
Entropy (8bit): | 5.083554954745144 |
Encrypted: | false |
SSDEEP: | 384:SGunySC4SJLM/Ex1v2xiJgDc0hAtgn5uB+ec2zgrjeAhiN:SGuFyLMMx1ux/Zh6gn5uB+deAhe |
MD5: | 5E7BD12E328C4AE593734E1AE2AB3317 |
SHA1: | 5E1CF57202212E5A99323A7728FD8D2B5489C244 |
SHA-256: | D0E97980D5E7C8609F31EDD59D321A0F9A22E44464929387251959EAEFF56069 |
SHA-512: | 962C34614EBC31A9680FAB8DF4CCFF71B9C5B57E9D012B84CA7FBFA1BE466958B2DD3083CD6171DE1D45886269DD07AD9B52FC3B326565BB99738F32CD074CC8 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/index.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4053 |
Entropy (8bit): | 5.401733199652954 |
Encrypted: | false |
SSDEEP: | 96:RBJabc3cCahrQN0JxlehAJdQceRExLASPjfm6u2M8tmV+:R2bC7apiaxleh0dQJ1SLfm6u2Rm4 |
MD5: | 8399EAE5D919815405DAECDA2A1C379E |
SHA1: | AC81F99AC35067FDAE2A27EAE6DDD46DB00ECB95 |
SHA-256: | D42383B5324502731C01F9F7A3E006A19287ABD6035519E3DA33F9861FEF1C24 |
SHA-512: | C4187970DF792A8290A5F4EB32BDB2AB033C2984304B531AE7CA326F115C4E158B1F74F22252A223A1DD54489329A6A8817277E2B7B7144B04540B70D1944C75 |
Malicious: | false |
IE Cache URL: | https://translate.googleapis.com/translate_static/js/element/main.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 299 |
Entropy (8bit): | 5.303426088371302 |
Encrypted: | false |
SSDEEP: | 6:6liaaRbZtZNf2jOWxlrt+F5d/bsF2Wt0n/n:6vaRbZf8OWPcxQF2//n |
MD5: | 5A98EE12BAD5586737424F8F3F58EDB6 |
SHA1: | 1CC67DA5C621209969D0EE01EDAEDBC505187B0D |
SHA-256: | 43707815C4248E0946B2DB9117290955CB5EB684F8C8D3D45EA467C88EECB197 |
SHA-512: | 2D43F687EB11C6DAA47E465CB746641C05EDAE9292E146A283F313016C71C9D19A5876F5546797D4DBB5BF092A50193CE7F3DC9ADD70DB6AC2AD386A94D4C09A |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/mediumA.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 185 |
Entropy (8bit): | 6.185375227859527 |
Encrypted: | false |
SSDEEP: | 3:CxatOa/FA2P/OOlllMJRfyazQy38lDKKNkaaaRrExZd/7S17/Johi13sdvaDw3rR:ZtOW/OKQRfyyYDK18pExZde17Bohi9s9 |
MD5: | 6F8CB4A1EFB4DF5320B6E70E53577E59 |
SHA1: | 22845864135E6938A5DD1B7CE5C7AA44624F1318 |
SHA-256: | 0C45128E99EE08762E4CBB4333C5FFB0C95149B8C3BCCED7A84FB37423CE8C33 |
SHA-512: | BAADE3D47511B8FC9BFE0EAB9C60AAF9104749544B7A24C7A8BE076B1F3F4DD4C2CDAF9902E8C096907CED9B7FDA11CABF6951A45BB758947DFD429498A94BE7 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/smallA.gif |
Preview: |
|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 1.6216407621868583 |
Encrypted: | false |
SSDEEP: | 3:PF/l: |
MD5: | FA518E3DFAE8CA3A0E495460FD60C791 |
SHA1: | E4F30E49120657D37267C0162FD4A08934800C69 |
SHA-256: | 775853600060162C4B4E5F883F9FD5A278E61C471B3EE1826396B6D129499AA7 |
SHA-512: | D21667F3FB081D39B579178E74E9BB1B6E9A97F2659029C165729A58F1787DC0ADADD980CD026C7A601D416665A81AC13A69E49A6A2FE2FDD0967938AA645C07 |
Malicious: | false |
IE Cache URL: | https://r20swj13mr.microsoft.com/ieblocklist/v1/urlblockindex.bin |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 38861 |
Entropy (8bit): | 7.965890707861492 |
Encrypted: | false |
SSDEEP: | 768:0E0ydRJvF/yLfSRIrdGXij8NNLSwfNM5YFv1eMa:Xja2pSjGZHfG29a |
MD5: | 0EE5FD39F46045C84BB6EBECBF8035D6 |
SHA1: | 8BC1DEF29E22D9F2480272E0948644564F6480F9 |
SHA-256: | 79B552F5C7B43E7184AE479DE4E41DFDF311D326400FAC2AA60A895C02C0E3E9 |
SHA-512: | 9E431D5D89D3B7966838A0F9BE231400B0DA798B7600C83D09C9923607C029B00C04F51523BCAD5BDD304A048409B8E473C4A3AE51B0671968E933CC1A0AA0EA |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/1095b.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 48 |
Entropy (8bit): | 4.381328385912461 |
Encrypted: | false |
SSDEEP: | 3:Ct/00lIh3uJT+H:Ac0ydUTm |
MD5: | D7A4D95354A5FFDF666AFFE4F7516A0E |
SHA1: | E65484EB06115E888D29C35C3864981BE8EC9D42 |
SHA-256: | 3F4D9CC02EB84C4BC1BF181F3452386B2FFC1D64E62FDA21E03F3B6D94CF0866 |
SHA-512: | EEE1B4350B08CAB3FEF1ADD3DB67F90F527F289BF64C3EA8D22804A297EA2A830A8426F17348B123E39EA9D6F44E055DC0D334816311BD9D4B0BD41447F52FE7 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/arrow_gold0.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 23278 |
Entropy (8bit): | 5.176641778480364 |
Encrypted: | false |
SSDEEP: | 384:UfbUInNntQDokhteIDViTVckNj+3MZh5+l33q7mSB/mm6U23gqK4Gg4R3Va1LhgM:1InNntQfhEIDUTmkNj+3MZh5+5q7mSBW |
MD5: | 13E2FB1DBE808B94F25CFD15AEE41B5C |
SHA1: | E45D3AC77A426E9D1109B2646733F7CC42FCA786 |
SHA-256: | 84DB1D2BE46F6A48520BFC629BF41A4CD1142AD91387836B4764E328F1922233 |
SHA-512: | DB13392584C1090A7EEEC8B65ADC02836ADAF1AA85A6E02B4B4982E756644541A81C936F4CC68E64C8E1F7F9107280B953DF0D7246959A45BC383A25BAE90732 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/base.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 54750 |
Entropy (8bit): | 7.970078713308231 |
Encrypted: | false |
SSDEEP: | 768:dnY8WF3kuJcWl0OdwWFu9cWU6C+YQFgLVKwZLPpnyw60Ma5qbTRNliAQV2OXVB:/WleYwiu351F2JRnywTMbAPJf |
MD5: | 956167D6912A4B6EFC08FE7C6A8C1EDB |
SHA1: | 1B2D9ABD46E8F6CFC2F40D236592149A63AF6439 |
SHA-256: | AFD9A3BD4278B33407F7064C304320416ADF34F1C4CF0FE8198CCCDFD4803001 |
SHA-512: | 8898335B7A458594C8521EE1BC591C61E4D58624513F8C171901568913AB4D3F45405F02CF65413C332F13843F085CDBECDB870587728BEBF561DD68F8ACE8F3 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/coronavirus.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 35871 |
Entropy (8bit): | 7.9589827305889225 |
Encrypted: | false |
SSDEEP: | 768:0GKo2aQAaXODyURhlL9Cz1xp/ZlAVLAo1GP54XOdh/Fo:LNTnRhK7/ZlAVEeMdo |
MD5: | ECFB185FF12D8F7DE124CF7E8BF0D634 |
SHA1: | 8B2B7B850D1DAFAE39EDF206B31ABB0521A3917C |
SHA-256: | BDAFEB1081CA5605A9A4CA075B8D2265D1240EBDE0C68975456C9A99DE9955B9 |
SHA-512: | 248DEBFCE25100EED319ACEAC5965B2F15223C081043D3014F81176092D1E74334597E661499DE17AF8C1EA658825C6ED94366314C08C6762DEAA1920A13B217 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/december-hours.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 249009 |
Entropy (8bit): | 5.477400514029805 |
Encrypted: | false |
SSDEEP: | 3072:uXpL1f/XaqZ4pmoNGUkaUeH/ktyU2cfRwv+9g5LydY4SeJ/5Hn:u5n/KUef8yU2cfSvCQydBJ/5H |
MD5: | 92DFFCE3439552F9ACEC893F2868D717 |
SHA1: | 5C9896BAC2ECE31D9AC9EB06F987868305BBC294 |
SHA-256: | 86207A548361E9FCDC830F7CCA9540C7C93FF4132DDE2A72FB38D23151BD46A4 |
SHA-512: | ED64C2CEC4BB25119747F97370E9ACF905647820F64C80F590C52694975BAD507D1085D4460E53EE26514AA32B24B8CC187A13BD9897BC23034A34D69150ABA6 |
Malicious: | false |
IE Cache URL: | https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js |
Preview: |
|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 237 |
Entropy (8bit): | 6.1480026084285395 |
Encrypted: | false |
SSDEEP: | 6:6v/lhPIF6R/C+u1fXNg1XQ3yslRtNO+cKvAElRApGCp:6v/7b/C1fm1ZslRTvAElR47 |
MD5: | 9FB559A691078558E77D6848202F6541 |
SHA1: | EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31 |
SHA-256: | 6D8A01DC7647BC218D003B58FE04049E24A9359900B7E0CEBAE76EDF85B8B914 |
SHA-512: | 0E08938568CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCFB74437DE520395234D0009D452FB96A8ECE236B |
Malicious: | false |
IE Cache URL: | http://www.bing.com/favicon.ico |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 42156 |
Entropy (8bit): | 7.979736476744958 |
Encrypted: | false |
SSDEEP: | 768:0xrv7jn9kM+2bzi5DXC9HuWyrevaEDqUYw3mZqFi6V16hFn7mLkaQmAa:k9kMZaebKeitUYw3m1v7mLkTmAa |
MD5: | 6FE5C99F3AD40EBE00993B05EC5D7F32 |
SHA1: | E860C4ABE558DE616D9397EE7CFE998350E8E3D8 |
SHA-256: | 96D49E04118C68C4A484AF79321C1A5A2971BB7CF9D999087907D482DED392AC |
SHA-512: | 3FB3441153120265D3B318560470A1DB68FC8A88D99F4743C652494FD115EF925BB8246C632F1BB978BC3720152002094B8390A54F323AE55C2FF964E227972C |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/fostercare.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4342 |
Entropy (8bit): | 7.896707732925293 |
Encrypted: | false |
SSDEEP: | 96:dXLzANaWDn78v5e76bppPbea/wjGn36TBY9P3rBU:tLsNdn7K5i6bTfB3QBe3rBU |
MD5: | 07C2F782572AD5329109465D24EBD913 |
SHA1: | 225F2226243AFFAF4BD532E5F648B2EFB7FA5ACF |
SHA-256: | 395DD501874DA9003C8A81010C9F8ABF42EAA7E4BE9BFB2012292777B6C088DD |
SHA-512: | E29FD2215EDA48B98A8E9B6E8C4A775C2C21B17C056A078AB03B1C5F17B3C742DD91CDABFE06E314A5E0B2C181F5D883F9393BA25CC2C59E6C27BA99ED95E88E |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/dcbcs/bds/graphics/gcd-seal.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1049 |
Entropy (8bit): | 6.541958901655976 |
Encrypted: | false |
SSDEEP: | 24:X8dIcGQ8m5JNsX3kwqfh6fTGVRTuCX7TE:sdIc18EJWvqfsxSw |
MD5: | 55CD44DE3D9F59E354724A9B8F596480 |
SHA1: | E7475B120C2BFA0C2FCA178A529CCAE8CA59C79A |
SHA-256: | ED67A9A6C7C62F034582E52E78B5D49CD905C7F74826515EB57EF8DE44FE0E9E |
SHA-512: | 03691100D2C1A6391EC1E5709C0BAF19616A34E48DD2F0168B321F5E0BCAD25B6E206DDC3812936FCD2E4CBAEF85A402BD2431BF1969B15A9584C7A5D30FA723 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon-html5.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 55805 |
Entropy (8bit): | 5.229448793359489 |
Encrypted: | false |
SSDEEP: | 768:0csXS2yYCzATBLK88E1o2z33c8yrtz0GBU3+ySk+f1:0cs1ySToR2T3Fyrt0GBG+Nk+t |
MD5: | 3D5C23458FF980BD76BEE32E76FAAC86 |
SHA1: | FE16C08BCEF433F057A253330C3548F46F2DFECF |
SHA-256: | FF8FE30E152C0EDDAABEB0738FD227DABB8BF538773A7D5E58875C49B53A4A25 |
SHA-512: | 872FCF4EC4BC114CFCECB16DF3352DA7E9D28B0249A7950183DE8CD90D99BDC4103B126976E22CC3D711019058AEC4282D12A4E3489F2111C68CF0F79637EEC0 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/js/jquery-1.2.6.min.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17436 |
Entropy (8bit): | 7.969509409078188 |
Encrypted: | false |
SSDEEP: | 384:EqoYu66PdIkt3rziZM3jzl9sQ3YRYsAfSjebHrm2eG0bUNs/WxZfzCIC:9UPdIcrzyM3jzPICfSCi20oGexlzCP |
MD5: | E561CBE87F6A44380263CA3ABB7C1E2C |
SHA1: | DDD632CDD5F527DDE481A3FED8A2888E08D59045 |
SHA-256: | AFB1AB303CA752AEF90361ABF3F0357B6A84E7B99FD6A8540314A8B737BB9285 |
SHA-512: | AA4A0E08183659214E004A633FB88145F4ABF672A758F5C50107E368DB077D545FB1AEA91061D47075EF0E31A112DA0B8A9AA9FB1B3E5C90F29001753DA2643C |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/mcm-logo.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 33303 |
Entropy (8bit): | 7.974316717561031 |
Encrypted: | false |
SSDEEP: | 768:0Oqj4xMlnGpUqpxt29uVPD/4M7DWXM5Vz2fWQhVhz:a4elnGLtCy/3OXeqvz |
MD5: | 96D4920CFCAF9ABFDCAA8522656A3137 |
SHA1: | 7B2B2F6ED65D0F633DE370711A2F762D18D9AE59 |
SHA-256: | 18F1A2D6CB258D5F92E9EC463EC03D785EBDAC35A24A63B213FAB634871D7570 |
SHA-512: | E4A4DFB75D01B676383026B81A826C90CAE51AAF64257FC12093A806FAB2D96531A4126537F35B13503B349C312BFCC4B7A9164D99260972343C5FAD0C24E016 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/mental-health.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 6776 |
Entropy (8bit): | 7.898236158393633 |
Encrypted: | false |
SSDEEP: | 96:fEHKyVthL/7zY31KiN1+/SDE8uLYe60p2sm8eMWwpxPqBOw9JadyE7WWVd6:fwKWjz41K+E8uLY90gshxPqqdRpVd6 |
MD5: | B0C94593EF1C63C0CEAA714BE26132A6 |
SHA1: | 95B1CC7C6E2BE75109866570C9BD0431567A1720 |
SHA-256: | 0B25A99E9C77709FF905B89C867095AE8E2572FE981F1C15D6C402D9F01F8A29 |
SHA-512: | CB28616424C93E976D2C861A7D08C2FF79429B0CFEFD362EDD11EC32984AE54D3C9E79583D3BF857FF2735B494615D7CDEC066B13842BDC659D98155C386D873 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/nh-carepath-logo.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5072 |
Entropy (8bit): | 7.8154030612201995 |
Encrypted: | false |
SSDEEP: | 96:l236UtdSb7k5nQMataaEtDfpYB/+TAj+ZrNmDIWgNS:yxA/qQ/twrqBmTA6ZrEss |
MD5: | 62503F5C9E724CE0B0FD8DAE92EEDE35 |
SHA1: | 05C0EC56843E278D8D58907922D5BBC08DE8F7B7 |
SHA-256: | 3945CF14451E5306AD82AE641F105BD4EBDEBBD65F1CB0FD6F865D1F39BE7571 |
SHA-512: | C0E5EADE4CCCF69415D2AB1D0CCDEF85982F41B7C4F2D58F254F87F9C2AF187C6321C8040C40C0707E4C2068B332AA2166FA21A31253BC83E88368CB8CCC23AF |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/nheasy-sm.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10253 |
Entropy (8bit): | 7.972468978592324 |
Encrypted: | false |
SSDEEP: | 192:eMFTvtFRw3WygedNX9P9+5z51HN4diI0c7aQWIAhCRdBnthIsTb4BVsECF7:1FLtPYWwHW9HmtaQnAhavzIsb44Ei |
MD5: | 4E5DEEFA8F279F99BB93C9EBECFC7B11 |
SHA1: | C335E28675D5623D124DB3C6874E09DFCA2E4C0F |
SHA-256: | 51A3393B9B1D0D215CBE3AECC4B772679AFF02C9581B07DF09035B1D0AA2C651 |
SHA-512: | 627CE68930400103E8D3DFBB0FF91F504609442192732D431AB98DF9815B478D8EDB2C2F313F89F8009FC5915F8B4F279DA25D1AA3B43B9907C8263A8C200DA5 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/school-safety.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 43 |
Entropy (8bit): | 3.292508224289396 |
Encrypted: | false |
SSDEEP: | 3:CUkw0Bl/Hh/:G/ |
MD5: | BF7D3E1972B3FE5BFE8C119FEE05E89D |
SHA1: | 081AF0BCFECBA29D5C4AC9025A3AEBADF79032A5 |
SHA-256: | 5B4B97B224D9827C01D7A887A722F4C2A680195C4A66108559BAA0C65220DF90 |
SHA-512: | 69B7926725CC19180618609A92BD27CEEC465BAF3DCE01CB6AA05C6A0EBB057DCA62AD2E5DC57FCE75F5B8B2C3B67E456EC880D6DE2B3F3C2581DB78FD6E8D7F |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/trans.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 44153 |
Entropy (8bit): | 7.96830520540272 |
Encrypted: | false |
SSDEEP: | 768:2GYdZ9YOhSRJYGw8kLwAQa2+oljqrenGSDYA8P5xzg8MsizwPGJ0C0t:JYXhciLRQa2+dCntCZMF07 |
MD5: | BBCCABB443E88E5AFA596CDF3FC323AB |
SHA1: | D8CFB0DD1C1E2691C6011D6316EE9B51104A799E |
SHA-256: | 36E3C7459F9614AE918519CCB7C020AAC80C58F3C69300BF5B04ACD3E17F9C3E |
SHA-512: | E73C184836E1E1CF8A63F6435C9296D4E6625DC5E750BF01D3B2C83FAC9439824B7DF25D2061524F5CDDB3226F470BF35B8B7622DB164EE724C3A0279F5F30C6 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/vape.jpg |
Preview: |
|
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 6897 |
Entropy (8bit): | 7.961710048383538 |
Encrypted: | false |
SSDEEP: | 192:C/va+mFRJNG78dpYUIMa3LXA53yBndb4h8HuyHAcD:C0FRJNtdpzUbXA530bw0uBE |
MD5: | DA0E31545E3B38505B7318C64BDEC26B |
SHA1: | 48C54C0AA75AAB40686252301EA47FAB74B1190A |
SHA-256: | EBC4D461F08B5EFAF6A44B314B4DDBA9025D6D6FB6614FED17A5A03010C68330 |
SHA-512: | A6257BD4DCAA72AC63DF003A2E1FBB2048DBB0EE7A894D93D238BFC7CF545757D8D0B96C840B9F7D3DA49F73408938843AF172E73CC103E117B81EAE244B150F |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 8648 |
Entropy (8bit): | 3.9086550011900165 |
Encrypted: | false |
SSDEEP: | 96:v8DY16W2/Zx7P5154V1lGcAxW5aGEFhPqWoFIA0y9Y4UnPwl/lBEM8m/+:QRv7e7lG/vGEF34UnYFHzm |
MD5: | BBF0ACE5B4E6E263E81E31E609B5B25E |
SHA1: | 93F118AA66A0E2F7FEEDA09E548D3D3E23AAF754 |
SHA-256: | F1848420F03FFE83F59A4F2A4D779ACC906F0E90E733EC8AA010A526FC27C885 |
SHA-512: | 89FA2A2A1187B794A11B17738D4976335ADFB11CF02BD7838098AA3FF0A8D542E04F63831419DF4DF7F352953080671AAA23C5D8E5BDEA47D9DABB744EF3B764 |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 2 |
Entropy (8bit): | 1.0 |
Encrypted: | false |
SSDEEP: | 3:X:X |
MD5: | 32649384730B2D61C9E79D46DE589115 |
SHA1: | 053D8D6CEEBA9453C97D0EE5374DB863E6F77AD4 |
SHA-256: | E545D395BB3FD971F91BF9A2B6722831DF704EFAE6C1AA9DA0989ED0970B77BB |
SHA-512: | A4944ADFCB670ECD1A320FF126E7DBC7FC8CC4D5E73696D43C404E1C9BB5F228CF8A6EC1E9B1820709AD6D4D28093B7020B1B2578FDBC764287F86F888C07D9C |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 1024 |
Entropy (8bit): | 0.05390218305374581 |
Encrypted: | false |
SSDEEP: | 3:ol3lYdn:4Wn |
MD5: | 5D4D94EE7E06BBB0AF9584119797B23A |
SHA1: | DBB111419C704F116EFA8E72471DD83E86E49677 |
SHA-256: | 4826C0D860AF884D3343CA6460B0006A7A2CE7DBCCC4D743208585D997CC5FD1 |
SHA-512: | 95F83AE84CAFCCED5EAF504546725C34D5F9710E5CA2D11761486970F2FBECCB25F9CF50BBFC272BD75E1A66A18B7783F09E1C1454AFDA519624BC2BB2F28BA4 |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 140241 |
Entropy (8bit): | 1.5157362342413974 |
Encrypted: | false |
SSDEEP: | 384:LyDvO94tV7J17q1DXiLp2L8TgprppmWE0IWFIN1lFIFUN0i8UUUoH9VN9MM0gM+y:U1yA1l2kF |
MD5: | E3CE05837CB55C58B3293AD894902DF4 |
SHA1: | 6C25423C1E7AA7CC3F258049BEAFF8904C8C858D |
SHA-256: | DB5995599C1B4C840CEECD815C6B5147E97248CEA7C664F5344E26EFFB164307 |
SHA-512: | CE43AE2EABD15EE3C7D3B11E552AC1E4B8FA6D6349F273E9D7AEBA7F06C47897E407D55527C034D0CD3ED62FFFCE704B486704E79999C409220425D01D061DFA |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 13077 |
Entropy (8bit): | 1.4572348747643993 |
Encrypted: | false |
SSDEEP: | 24:3NlLONlLJ84NlIkNlI/G8G4NlonqXNlon6G864NlWnTQ6Pl6hByhMyhQElEo:LyJ8v/GNnqIn6Gfns6Pl6h0hnhQElEo |
MD5: | E78B4254B78A3F39978945C7993F9946 |
SHA1: | 4746A8D439D229D7BCFB29411828C00B7D0AFDD1 |
SHA-256: | E635A1059CAB03DF170FAC1461A677BF54F5F5A59D0CA3C66B8A262004BD33AC |
SHA-512: | 436E85643F56AD0A4F521C127346188F3EC2C432EBAD317186C213501EEB09024EAC63B10D652FFF59FD664F4322F879BB2C30384BEF051FF2508D1D986E22FD |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 25441 |
Entropy (8bit): | 1.9778877695136603 |
Encrypted: | false |
SSDEEP: | 48:LyrdGF79lxxNqyaW8VYvUGF79lxxNqyaW8VhxmGGF79lxxNqyaW8Vjwei79lxxNv:LyrgAfYvJAfh4jAfjwHAfCSaSsl |
MD5: | AB93A7D98D5A18E80893085CDDE2CAB4 |
SHA1: | 37A38BA403D2A2E4542E632DE9E698D7D0A009E2 |
SHA-256: | 00971DAE2943F1EBA5F9FF80DFC51710033F344D8293544FC8693375C79264D0 |
SHA-512: | 74AA8EBC27F3CCC91CAFEB8D805555BA77927FDFE3A07266DA5852126EE172DAD374D9F1BE5B4DB5117B7CB66FC9AD3292EE4C55CF94ABF920A8F43C6A16414E |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 2318 |
Entropy (8bit): | 4.583339459513804 |
Encrypted: | false |
SSDEEP: | 48:86/XTFGqIRVTKPxSVTh3Qh26/XTFGqIRVTKPxSVTh3Q/:86/XJGqIRVTq4VTh3Qh26/XJGqIRVTq/ |
MD5: | D8C6EDA74E20B7DF7096E133CE02E0E7 |
SHA1: | B73E972D36B411DC8F2F4F6D3B5FFCDB4B15DB80 |
SHA-256: | 4BA8FBE7A2CBC1D505234F41F41D981D0364F87065789FE95BD5EE2708D9DC32 |
SHA-512: | 533D776E70DE443ACB844F5402D6FBD2D9B8322695B41D3C4686D005DD79C9BEBFB75579F7071697558BB96CD5013E0B6D3735E9F8273AC362DBA5F55DF5BB3A |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 154 |
Entropy (8bit): | 4.977349550230721 |
Encrypted: | false |
SSDEEP: | 3:Htq97PbkK0C0xg3XLBVo+07PbkK0C0xg3XLBVomxWtq97PbkK0C0xg3XLBVov:HtPVjg3X3dVjg3X3ePVjg3X3y |
MD5: | F90450B9BEDBBE7298CFA132E86C4FED |
SHA1: | 4B3F0F9887698DDFB7C58973F52068A1ADB56F34 |
SHA-256: | 268B002D9E13BBA709B6533A2E3B276022AACB56D0CB130A2837E2E12A47BEB9 |
SHA-512: | 0BC9C4A3A5FA87743BEBC043892EEDE80638B4FD4EDB054A4D111F9BF50FDDA9A73B59EFA9BCC8CBBCD1A7853ED78F8AE0FFB3EBAD785D8BA2C4085077247272 |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 162 |
Entropy (8bit): | 2.431160061181642 |
Encrypted: | false |
SSDEEP: | 3:vrJlaCkWtVyokKOg5Gll3GwSKG/f2+1/ln:vdsCkWtW2IlID9l |
MD5: | 39EB3053A717C25AF84D576F6B2EBDD2 |
SHA1: | F6157079187E865C1BAADCC2014EF58440D449CA |
SHA-256: | CD95C0EA3CEAEC724B510D6F8F43449B26DF97822F25BDA3316F5EAC3541E54A |
SHA-512: | 5AA3D344F90844D83477E94E0D0E0F3C96324D8C255C643D1A67FA2BB9EEBDF4F6A7447918F371844FCEDFCD6BBAAA4868FC022FDB666E62EB2D1BAB9028919C |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 2 |
Entropy (8bit): | 1.0 |
Encrypted: | false |
SSDEEP: | 3:Qn:Qn |
MD5: | F3B25701FE362EC84616A93A45CE9998 |
SHA1: | D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB |
SHA-256: | B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209 |
SHA-512: | 98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84 |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 85 |
Entropy (8bit): | 4.419817259969787 |
Encrypted: | false |
SSDEEP: | 3:Fg1QRCkkJXv7YePl2Q8fTcf21l/n:FdRIlUQ87cO1Vn |
MD5: | 6AF9372C72304891BF9A894EFCAEDA00 |
SHA1: | 0ADC9038572F1A6AFA729EE87E8B5E573FEE1080 |
SHA-256: | A25D6EC557C20FA2F9133B27FCEFD5AEA90DDFEF4DD08711D63D969483945184 |
SHA-512: | 030DC633563F73F4A13C2623A0806AAC5EFCFC81D57C2D1BE2671DF3B67F4BF991A969B06E9BC6E73BC5E1490543DE87B32B4E0E561D5C9DD74CFF5462A7F05E |
Malicious: | false |
IE Cache URL: | google.com/ |
Preview: |
|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5026 |
Entropy (8bit): | 3.11048159870444 |
Encrypted: | false |
SSDEEP: | 48:IdmnvZYdIc9GroIGAS6xLdmnvZYdIr683GroIaIxYdmnvZYdIL9GroI3qxL:xvZ6b9S7nxUvZ6Y3SpxBvZ6s9SaxL |
MD5: | 8A3AB1299008C9A803D3975B0DF5DE11 |
SHA1: | 89986181966C0723C063200ECAC01F5D5D4DFC8C |
SHA-256: | E043D3D794B0F5E38C8D8633BA0807A349C82139A79536951F2998894B73D0CA |
SHA-512: | 55F2E2BBF6257CAD8A850ABD84D7C0EA48AA5DDC3BBF34A471F1D18E26183F007BCAFDF8F5C340E1D98AB3C3F0150EE5E3DF8B5FEFCDC0E7DC8651E156F657A1 |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 162 |
Entropy (8bit): | 2.431160061181642 |
Encrypted: | false |
SSDEEP: | 3:vrJlaCkWtVyokKOg5Gll3GwSKG/f2+1/ln:vdsCkWtW2IlID9l |
MD5: | 39EB3053A717C25AF84D576F6B2EBDD2 |
SHA1: | F6157079187E865C1BAADCC2014EF58440D449CA |
SHA-256: | CD95C0EA3CEAEC724B510D6F8F43449B26DF97822F25BDA3316F5EAC3541E54A |
SHA-512: | 5AA3D344F90844D83477E94E0D0E0F3C96324D8C255C643D1A67FA2BB9EEBDF4F6A7447918F371844FCEDFCD6BBAAA4868FC022FDB666E62EB2D1BAB9028919C |
Malicious: | false |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 7.5515864823583705 |
TrID: |
|
File name: | COVID19open_closedPodsVACCINE_LETTER2B.docx |
File size: | 22673 |
MD5: | e65769cca6ce8214adf674a8001d83b4 |
SHA1: | d3800da27e0aa660f04da269b5392fb3f4c26eb5 |
SHA256: | b0ecb837f4df662ff941ce2cdb64cea78b07c22b1e9ad0d328229aa9dd9f1996 |
SHA512: | 4fb1b69222aa92bd97145eb707a9249ea97a9dfd535cb4adbd0b0debc6c5ca715534d1409db3046d922281187e76eb215e540141d2cbc7a2db444aa9150537a6 |
SSDEEP: | 384:T18xovaJhkQ80FRJNtdpzUbXA530bw0uBGM/xhQl9lce0DIdPuO:BcMaJhkQ9T1eXwEbwZxhQlwe0kd/ |
File Content Preview: | PK..........!.i...o...........[Content_Types].xml ...(......................................................................................................................................................................................................... |
File Icon |
---|
Icon Hash: | e4e6a2a2a4b4b4a4 |
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 16, 2021 16:13:55.041014910 CET | 49167 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.041687965 CET | 49168 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.180689096 CET | 80 | 49168 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:55.180797100 CET | 49168 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.181325912 CET | 49168 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.184403896 CET | 80 | 49167 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:55.184525967 CET | 49167 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.329905033 CET | 80 | 49168 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:55.330050945 CET | 49168 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.344153881 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.486013889 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:55.486162901 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.504636049 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.654863119 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:55.654892921 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:55.654910088 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:55.655029058 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.662765026 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:55.808024883 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:55.811505079 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.037740946 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.208489895 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.208534956 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.208563089 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.208587885 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.208604097 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.208614111 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.208636999 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.209345102 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.275883913 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.278312922 CET | 49170 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.280425072 CET | 49171 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.282579899 CET | 49172 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.285931110 CET | 49167 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.286587954 CET | 49173 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.287264109 CET | 49168 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.287894964 CET | 49174 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.433811903 CET | 443 | 49170 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.434022903 CET | 443 | 49172 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.434564114 CET | 49170 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.434777021 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.434820890 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.434837103 CET | 49172 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.434860945 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.434902906 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.434941053 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.434981108 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435019016 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435066938 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435111046 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435148954 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435169935 CET | 443 | 49171 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435298920 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435349941 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435393095 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435431004 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435471058 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435509920 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.435527086 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.436553955 CET | 49171 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.437552929 CET | 80 | 49168 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.437654972 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.437833071 CET | 443 | 49173 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.438487053 CET | 49168 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.438519001 CET | 49173 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.439172029 CET | 443 | 49174 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.439481020 CET | 49174 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.440767050 CET | 80 | 49167 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.441538095 CET | 49167 | 80 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.511817932 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.517498016 CET | 49172 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.519073009 CET | 49171 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.519838095 CET | 49174 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.520489931 CET | 49170 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.527468920 CET | 49173 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.587305069 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.587362051 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.587567091 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.592834949 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.666800022 CET | 443 | 49174 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.667069912 CET | 49174 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.667716980 CET | 443 | 49172 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.667831898 CET | 49172 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.669681072 CET | 443 | 49171 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.671456099 CET | 443 | 49170 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.674001932 CET | 443 | 49173 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.675606012 CET | 49171 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.675715923 CET | 49173 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.675729036 CET | 49170 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.681552887 CET | 49172 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.718056917 CET | 49172 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.745925903 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.745969057 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.746009111 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.746045113 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.746077061 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.746119976 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.746155024 CET | 443 | 49169 | 199.192.8.2 | 192.168.2.22 |
Feb 16, 2021 16:13:56.746593952 CET | 49169 | 443 | 192.168.2.22 | 199.192.8.2 |
Feb 16, 2021 16:13:56.805172920 CET | 49171 | 443 | 192.168.2.22 | 199.192.8.2 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 16, 2021 16:13:54.078649044 CET | 52197 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:13:54.137164116 CET | 53 | 52197 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:13:54.974581003 CET | 53099 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:13:55.034760952 CET | 53 | 53099 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:13:56.629239082 CET | 52838 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:13:56.694978952 CET | 53 | 52838 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:13:57.545371056 CET | 61200 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:13:57.613547087 CET | 53 | 61200 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:05.773835897 CET | 49548 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:05.775418043 CET | 55627 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:05.795949936 CET | 56009 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:05.811722040 CET | 61865 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:05.816446066 CET | 55171 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:05.820010900 CET | 52496 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:05.823937893 CET | 53 | 55627 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:05.825252056 CET | 53 | 49548 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:05.847436905 CET | 53 | 56009 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:05.863111973 CET | 53 | 61865 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:05.864984989 CET | 53 | 55171 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:05.871367931 CET | 53 | 52496 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:06.003070116 CET | 57564 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:06.051568985 CET | 53 | 57564 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:06.262244940 CET | 63009 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:06.321316004 CET | 53 | 63009 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:24.859730005 CET | 59319 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:24.919985056 CET | 53 | 59319 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:25.865617037 CET | 59319 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:25.925713062 CET | 53 | 59319 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:27.473854065 CET | 59319 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:27.564975977 CET | 53 | 59319 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:29.485455036 CET | 59319 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:29.547612906 CET | 53 | 59319 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:33.494574070 CET | 59319 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:33.554501057 CET | 53 | 59319 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:36.787620068 CET | 53070 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:36.848195076 CET | 53 | 53070 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:54.585242033 CET | 59770 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:54.642560959 CET | 53 | 59770 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:55.585988998 CET | 59770 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:55.634979010 CET | 53 | 59770 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:56.600142956 CET | 59770 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:56.648740053 CET | 53 | 59770 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:14:58.612855911 CET | 59770 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:14:58.661590099 CET | 53 | 59770 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:15:02.622845888 CET | 59770 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:15:02.682971001 CET | 53 | 59770 | 8.8.8.8 | 192.168.2.22 |
Feb 16, 2021 16:15:06.250782967 CET | 61523 | 53 | 192.168.2.22 | 8.8.8.8 |
Feb 16, 2021 16:15:06.307936907 CET | 53 | 61523 | 8.8.8.8 | 192.168.2.22 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Feb 16, 2021 16:13:54.974581003 CET | 192.168.2.22 | 8.8.8.8 | 0x32df | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 16, 2021 16:15:06.250782967 CET | 192.168.2.22 | 8.8.8.8 | 0xfb1a | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Feb 16, 2021 16:13:55.034760952 CET | 8.8.8.8 | 192.168.2.22 | 0x32df | No error (0) | www.dhhs.state.nh.us | CNAME (Canonical name) | IN (0x0001) | ||
Feb 16, 2021 16:13:55.034760952 CET | 8.8.8.8 | 192.168.2.22 | 0x32df | No error (0) | 199.192.8.2 | A (IP address) | IN (0x0001) | ||
Feb 16, 2021 16:15:06.307936907 CET | 8.8.8.8 | 192.168.2.22 | 0xfb1a | No error (0) | www.dhhs.state.nh.us | CNAME (Canonical name) | IN (0x0001) | ||
Feb 16, 2021 16:15:06.307936907 CET | 8.8.8.8 | 192.168.2.22 | 0xfb1a | No error (0) | 199.192.8.2 | A (IP address) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.22 | 49168 | 199.192.8.2 | 80 | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Feb 16, 2021 16:13:55.181325912 CET | 0 | OUT | |
Feb 16, 2021 16:13:55.329905033 CET | 1 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 199.192.8.2 | 80 | 192.168.2.22 | 49167 | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Feb 16, 2021 16:13:56.440767050 CET | 37 | IN |
HTTPS Packets |
---|
Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
---|---|---|---|---|---|---|---|---|---|---|
Feb 16, 2021 16:13:55.654910088 CET | 199.192.8.2 | 443 | 192.168.2.22 | 49169 | CN=dhhs.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 17:39:02 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 20:01:06 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,0 | 7dcce5b76c8b17472d024758970a406b |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:15:06.593494892 CET | 199.192.8.2 | 443 | 192.168.2.22 | 49189 | CN=dhhs.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 17:39:02 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 20:01:06 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,0 | 7dcce5b76c8b17472d024758970a406b |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 |
Code Manipulations |
---|
Statistics |
---|
Behavior |
---|
Click to jump to process
System Behavior |
---|
General |
---|
Start time: | 16:13:35 |
Start date: | 16/02/2021 |
Path: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x13f8a0000 |
File size: | 1424032 bytes |
MD5 hash: | 95C38D04597050285A18F66039EDB456 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
General |
---|
Start time: | 16:14:05 |
Start date: | 16/02/2021 |
Path: | C:\Program Files\Internet Explorer\iexplore.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x13f850000 |
File size: | 814288 bytes |
MD5 hash: | 4EB098135821348270F27157F7A84E65 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
General |
---|
Start time: | 16:14:05 |
Start date: | 16/02/2021 |
Path: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x280000 |
File size: | 815304 bytes |
MD5 hash: | 8A590F790A98F3D77399BE457E01386A |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Disassembly |
---|