Analysis Report COVID19open_closedPodsVACCINE_LETTER2B.docx
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 60% |
Signatures
Classification
Analysis Advice |
---|
No malicious behavior found, analyze the document also on other version of Office / Acrobat |
Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis |
Startup |
---|
|
Malware Configuration |
---|
No configs have been found |
---|
Yara Overview |
---|
No yara matches |
---|
Sigma Overview |
---|
No Sigma rule has matched |
---|
Signature Overview |
---|
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Compliance: |
---|
Uses new MSVCR Dlls | Show sources |
Source: | File opened: |
Uses secure TLS version for HTTPS connections | Show sources |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Memory has grown: |
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Window detected: |
Source: | Initial sample: |
Source: | Key opened: |
Source: | File opened: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | Path Interception | Process Injection1 | Masquerading1 | OS Credential Dumping | File and Directory Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Encrypted Channel2 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Extra Window Memory Injection1 | Process Injection1 | LSASS Memory | System Information Discovery1 | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Non-Application Layer Protocol2 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Extra Window Memory Injection1 | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Application Layer Protocol3 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Ingress Tool Transfer1 | SIM Card Swap | Carrier Billing Fraud |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | ReversingLabs |
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
No Antivirus matches |
---|
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.dhhs.state.nh.us | 199.192.8.2 | true | false | unknown | |
www.app-support.nh.gov | 199.192.8.2 | true | false | high | |
www.nh.gov | 199.192.8.2 | true | false | high | |
www.dhhs.nh.gov | unknown | unknown | false | high |
Contacted URLs |
---|
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| low | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high |
Contacted IPs |
---|
General Information |
---|
Joe Sandbox Version: | 31.0.0 Emerald |
Analysis ID: | 353581 |
Start date: | 16.02.2021 |
Start time: | 16:20:44 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 7m 27s |
Hypervisor based Inspection enabled: | false |
Report type: | light |
Sample file name: | COVID19open_closedPodsVACCINE_LETTER2B.docx |
Cookbook file name: | defaultwindowsofficecookbook.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Run name: | Potential for more IOCs and behavior |
Number of analysed new started processes analysed: | 30 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.winDOCX@4/132@4/2 |
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
No simulations |
---|
Joe Sandbox View / Context |
---|
IPs |
---|
No context |
---|
Domains |
---|
No context |
---|
ASN |
---|
No context |
---|
JA3 Fingerprints |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
9e10692f1b7f78228b2d4e424db3a98c | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
37f463bf4616ecd445d4a1937da06e19 | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Dropped Files |
---|
No context |
---|
Created / dropped Files |
---|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 33368 |
Entropy (8bit): | 1.868265279767621 |
Encrypted: | false |
SSDEEP: | 96:rCZ1Zp2+WCGdtCCbfC7/oKMChgqCVmQCHgqCJLtC1/363:rCZ1Zp2+WCCtCSfC7VMC9CtCjCFtC1y3 |
MD5: | 42A0AB8DE54E258342487B9218ADE23E |
SHA1: | 5984C2CD478753F749287760ADED00EAF91D8E9E |
SHA-256: | BFB6FF9519CA36127D57DD9D01E43CD8BD1BE7FECE6B4C347CD6C2984FC05E85 |
SHA-512: | ADEE2D130E84EE061D85E42643B169C723BB0C5F04F599155EFA8FDCAD223965F5B6A8D66EE5C1FF6A38AB216A8ED98B5342FC0A99C082DC0FE8C3FCD79D09BE |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 159906 |
Entropy (8bit): | 2.3997698519945723 |
Encrypted: | false |
SSDEEP: | 384:rdxPX+eeiWRdZkDTjA302AG2o0vAPW92iul9GpAt1rFLo2AM2cKsu41KGlIpoPMH:UukEdduo |
MD5: | 329087A4C531477131744CEBE0328D8F |
SHA1: | 62547710FE4E15C1DA6421066ABE3BF2B0B3F915 |
SHA-256: | EDACB9F3D6A803566D4229DFA709321AE6F3037E8FFF1C514BDD5A2BE491AC08 |
SHA-512: | 53124A2D9740CFE86052760F76538350F49F5814EAE390F8C56EA10CCD0969AD3CAF923F07E7F1A5FA4A7B397BAE30FD36EED1D040DFD622D181BB07851B33B7 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16984 |
Entropy (8bit): | 1.5632254934354755 |
Encrypted: | false |
SSDEEP: | 48:IwjGcpr2GwpayG4pQOGrapbS/GQpKqG7HpROTGIpG:rZZuQC6ABSpAFTqA |
MD5: | 6921D435197A19C623F97E1B0001CCCC |
SHA1: | 19516D3DE53FC4098F6964480AA828CA5D9FF8BD |
SHA-256: | 4A6BACF4C66F52429392F06989BAE695CEE45A6DFF4CC293C3C21BDADB882302 |
SHA-512: | 4218F15C68896CB49153C643BD4C43B2706E28B48EA7444F88D5602A9804AE9768B3F1FF6C750702A1976E8619F7421A2B7CD9D1618DF57C9CA5DB8FF546DE26 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 657 |
Entropy (8bit): | 5.04756477364833 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxOEu+g+JnWimI002EtM3MHdNMNxOEu+g+JnWimI00ONVbkEtMb:2d6NxO5+g+JSZHKd6NxO5+g+JSZ7Qb |
MD5: | E34B5BD82676E71C134828C22A67B1C5 |
SHA1: | C6150EFDDE584BF3B6F4DA4F1E140B73E44B445E |
SHA-256: | 157619DC8B11D67F57CF6B7022709273EEC61B96F1D422B605CE935644EB13AC |
SHA-512: | 1B87CCA74026B7F344DEAE3721A68F111298B7781A99C0713873743C178ABD6BAC320227E339862354DC6E253AEAA40B50CE553E567141C31ED41506624E8CDE |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 654 |
Entropy (8bit): | 5.100875853335666 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxe2kk+y+JnWimI002EtM3MHdNMNxe2kk+O0nWimI00ONkak6EtMb:2d6NxrSdJSZHKd6NxrSO0SZ72a7b |
MD5: | 4A6660DCFB060AC3733117D0DC240B1C |
SHA1: | 33F89FEB0CEE025D3B8F787D1169A84A33A43271 |
SHA-256: | 3F09E5FD3B9EF3F99FC508AB2E70DEB052014960CBE67322A135E230EF729EC2 |
SHA-512: | BA9EAEC4149C08B1175C0A60D660291C462519AC668749E539571E0A6EA4D7D75D6DC92E92A71AA3A758489C24F3AC2CF11DA432709A84A5F802B00A6DE2E259 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 663 |
Entropy (8bit): | 5.077923439738975 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxvLbnWimI002EtM3MHdNMNxvLbnWimI00ONmZEtMb:2d6Nxv3SZHKd6Nxv3SZ7Ub |
MD5: | 605D31B35D0B2A3466232CA81A01B2AA |
SHA1: | 3470F7586C02C8EC4A5D77A0694A7BBC7BFDB495 |
SHA-256: | 22389A004CD7639C25973D018C1D7659E4A55BF2BCD8A7BD522560B7B6DF9623 |
SHA-512: | A6E40C2016B7390ADA7A1895BA5F03037371B096AA92DC84D2604C52619A65EA1F75228B829C841F79C6BD4DF55FE2F4A044064D1AFA2770AA6F1126815EA8F4 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 648 |
Entropy (8bit): | 5.05344037103215 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxiIcRc0nWimI002EtM3MHdNMNxiIcRc0nWimI00ONd5EtMb:2d6NxhOVSZHKd6NxhOVSZ7njb |
MD5: | 0DFA09664BD868B28A94D6A188BA8774 |
SHA1: | EAABE783B4724D93AD60B4900F34C77741D5EE51 |
SHA-256: | 2CFBA8BD6DA410E72A97685D6EB6F1D97D8CBE2F981B804FEB74A182CD46B181 |
SHA-512: | D2FC7A8E8027CBCC8980E52995E17CCA518B3798AAD021844820932ADAE61A95627D03C5E99A1D6C2D76264E1229E55CBDBD949B813A82FA4066A7123213672F |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 657 |
Entropy (8bit): | 5.115787784840534 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxhGwpnWimI002EtM3MHdNMNxhGwpnWimI00ON8K075EtMb:2d6NxQgSZHKd6NxQgSZ7uKajb |
MD5: | CFB25D44F764B3F971411044DD884F63 |
SHA1: | DD3CF0D65A13D61E195FC23902A3E75F884E2846 |
SHA-256: | CE9AE1851BB182A0B9794D4B0D0344041E07743630BBB164F515790468EB3EF1 |
SHA-512: | D6576E879FD002CB19226F986B687CDD23AF3896FA6EE0D6AA8DD86E226DDC03B7265473541D730083ABEA29FEC81DDBD7FE6CD550021E131705439A46C4C257 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 654 |
Entropy (8bit): | 5.04855201827873 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNx0nu+g+JnWimI002EtM3MHdNMNx0nu+g+JnWimI00ONxEtMb:2d6Nx0u+g+JSZHKd6Nx0u+g+JSZ7Vb |
MD5: | 511996E48300E7E2B9B45DDCF6FFF08F |
SHA1: | 977A1C3022756BC5CF26F8BB467DB41DCD0799CC |
SHA-256: | 70C98F121061784D2918820FFFA82601AB9588C7CCE766FE2340C66E4EA1A69F |
SHA-512: | 3EBB4E4743BC06429E6CA8532F2EE9DFEDA933AE5720F360B20310684D035569FC39DD8A54D2D8EDE2F80ABD6586C4DA5BE5D96055FB0CA5483AC6FC80E50101 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 657 |
Entropy (8bit): | 5.133466678209735 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxx5V8VknWimI002EtM3MHdNMNxx5V8VknWimI00ON6Kq5EtMb:2d6NxjSZHKd6NxjSZ7ub |
MD5: | C33903FF0BF413B9EE18E3B3B6F57ECA |
SHA1: | 9CB1370452503A7DCAC02BD06AE2F3E1BB12EB67 |
SHA-256: | C4EF70ACBB336326E99005488F49200B1DB38D5A2EF1D109D7ED0D737544EE49 |
SHA-512: | F966AB14C9482922459CD5C30F257BB8EF042E841F0D84C19595F497B51511DCF91A2E391D178EA9E9502B36A98F175B021ECA648F698AC85912B56EE04E5284 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 660 |
Entropy (8bit): | 5.063953523101619 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxchnWimI002EtM3MHdNMNxchnWimI00ONVEtMb:2d6NxoSZHKd6NxoSZ71b |
MD5: | 4A4B08B27CA317B7FF04E4EFD694D224 |
SHA1: | B8918B5C097552775663EEBD84E8EF3369E23782 |
SHA-256: | 7C33DE9B7ED2F4EE76A453FB5D9C5F3839A6DE1392900B5B617DF0BA14A4378B |
SHA-512: | 43C5F7F7747C48746FAF81CB22B0E0C595CD3626197A52A95B666C38462C4CE0CBEEC99018AE986FFE50D79FA664FC50A15A36B3156D62AE535C854234F913F2 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 654 |
Entropy (8bit): | 5.042926777601526 |
Encrypted: | false |
SSDEEP: | 12:TMHdNMNxfnhnWimI002EtM3MHdNMNxfnLnWimI00ONe5EtMb:2d6NxJSZHKd6NxDSZ7Ejb |
MD5: | 90CF02B24D3EFB9F40B38DA560B2C4B0 |
SHA1: | 40B94BE4BAB87740ECF573F2F80263674DFB3807 |
SHA-256: | 06ACC1E729FF06353F6D48415543BE8C33235E4DC828C5420A32B02146B57AC9 |
SHA-512: | 9BB3FB2CCA65694FA9BA414CAEE350C7B138C14D9CB694422EC5BA29119484B873029E08A1FFD0F119BE62D9A78E66C3CEA2068BA9F629BD14E94BA219F9E549 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3860 |
Entropy (8bit): | 5.934351382476207 |
Encrypted: | false |
SSDEEP: | 48:4vla4sBnR9IO65JbMY715WtkSavlaZp0whXeBkCoW5nUbcmZvpy24ZZuk78+zAnp:bt6bYY7X9O0wVjcyvpx4GW8oAnUyu5od |
MD5: | 997FD32E31F6C6D35B962DE5F07771E7 |
SHA1: | FD6D04AB5DA7986EE49EC53D3FAA7B3D8B9877DD |
SHA-256: | A4A748973F701AB3472497F7F4DB7C641217BB6E727A2E01A78A939023002D30 |
SHA-512: | 6A5F0B5F615F6890731B8F1BF85F1A5B79B3BAD1931850F5B4FA0FFBDB7187BF8028A0220B0B7134584A8C1123CA78A41707856569164F7AFA20E3852DA7D8B3 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 132453 |
Entropy (8bit): | 5.3757764325974575 |
Encrypted: | false |
SSDEEP: | 1536:OcQceNquBXA3gBw+pQ9DQW+zA9H34ZldpKWXboOilXNErLKzEh:8DQ9DQW+z0XiT |
MD5: | 203CCAB7FA4B3C142E948D7BFCB56DC5 |
SHA1: | 0C657B6B569BE54CC5F28AA1941B48376006C146 |
SHA-256: | 78CAEC1ABD673D53059FFD502352BF7003B61D9BCD7163312C74EA97CAD8A9C5 |
SHA-512: | 4DF1CDD0A2823C88FBD6242F78731C91DF6FA588E8DF6E98795DC305D46608FC06DF557E4E4CE4CE7A1462BACEB153D39AFA6DC6F1FFA6F64470E19BD0506D18 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 6897 |
Entropy (8bit): | 7.961710048383538 |
Encrypted: | false |
SSDEEP: | 192:C/va+mFRJNG78dpYUIMa3LXA53yBndb4h8HuyHAcD:C0FRJNtdpzUbXA530bw0uBE |
MD5: | DA0E31545E3B38505B7318C64BDEC26B |
SHA1: | 48C54C0AA75AAB40686252301EA47FAB74B1190A |
SHA-256: | EBC4D461F08B5EFAF6A44B314B4DDBA9025D6D6FB6614FED17A5A03010C68330 |
SHA-512: | A6257BD4DCAA72AC63DF003A2E1FBB2048DBB0EE7A894D93D238BFC7CF545757D8D0B96C840B9F7D3DA49F73408938843AF172E73CC103E117B81EAE244B150F |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 1024 |
Entropy (8bit): | 0.05390218305374581 |
Encrypted: | false |
SSDEEP: | 3:ol3lYdn:4Wn |
MD5: | 5D4D94EE7E06BBB0AF9584119797B23A |
SHA1: | DBB111419C704F116EFA8E72471DD83E86E49677 |
SHA-256: | 4826C0D860AF884D3343CA6460B0006A7A2CE7DBCCC4D743208585D997CC5FD1 |
SHA-512: | 95F83AE84CAFCCED5EAF504546725C34D5F9710E5CA2D11761486970F2FBECCB25F9CF50BBFC272BD75E1A66A18B7783F09E1C1454AFDA519624BC2BB2F28BA4 |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 2 |
Entropy (8bit): | 1.0 |
Encrypted: | false |
SSDEEP: | 3:X:X |
MD5: | 32649384730B2D61C9E79D46DE589115 |
SHA1: | 053D8D6CEEBA9453C97D0EE5374DB863E6F77AD4 |
SHA-256: | E545D395BB3FD971F91BF9A2B6722831DF704EFAE6C1AA9DA0989ED0970B77BB |
SHA-512: | A4944ADFCB670ECD1A320FF126E7DBC7FC8CC4D5E73696D43C404E1C9BB5F228CF8A6EC1E9B1820709AD6D4D28093B7020B1B2578FDBC764287F86F888C07D9C |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 8648 |
Entropy (8bit): | 3.9088978163461343 |
Encrypted: | false |
SSDEEP: | 96:v8DY16W2/Zx7P5154V1lGcAxW5aGpphPqWoFIA0y9Y4UnPwl/lBEM8m/+:QRv7e7lG/vGpp34UnYFHzm |
MD5: | 90D64E86C16A1DE41068701C702A394A |
SHA1: | 294170381818D2CE67FB86B25F0AE1BD3D237A78 |
SHA-256: | 541B4E4DE318973D77F071E3869B4A3FE52993B06CB911EF1A7DE2ABE9E1782E |
SHA-512: | 28551CF3DFFB31FEA858D99F224897FF93E6D071F633B0529596C1598E9321D49A673C25F71EDA40FEE51F02DCFF0BAF0F3C65C4ECDFEF65CCF08910F24D98E1 |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3455 |
Entropy (8bit): | 7.723531087767753 |
Encrypted: | false |
SSDEEP: | 48:5nlnNANz4PIt65pH87mCYGZG9LFLBxYkjshyV7t0A28qK4JldIQPueht:5n1Yr4pH8KCYGqFLQkjTJrxehPzj |
MD5: | C242FCDA1B5DAA99D53BAD09E619D169 |
SHA1: | 36C3FA7B2EFDD718550348B7E3E445782C912341 |
SHA-256: | 90E1AE9F18C3A094D16CC4ED11AC93E3561ABB41308B0FEB0B30C166DC15D130 |
SHA-512: | 995BD2A3B5DB4B2FF05D6796BBF1ED9014ED501E58BD118E8F4886F2EC5FF827B174E365D7D36CEE5A82120693C69B8DF1D709D93EDE78B8D3F0341AE31CD6A3 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/400x25officialsite.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1105 |
Entropy (8bit): | 6.192290130492558 |
Encrypted: | false |
SSDEEP: | 24:UKr1he91WwylZ82lYSqMHYPNV+W2T3byJCpkrsGn8UdY:dqQinNuI0KJpQnZ |
MD5: | 664946890B46D3F72816050F1600FAD0 |
SHA1: | 21D7E29B5B89E50FA6AE15FF2A903F947FEC4DEF |
SHA-256: | A631A85CACBB5FA0C7F80F957EF2B327AE912324915B4D2B8CDE3A3F903760E0 |
SHA-512: | 13CA53EEA65B3290F7C513DA5FF92D5168887F1092AA0BFABE951C772CDE72C34E38E07B5E1312D5866D58CA9EFEE6D1C2653B2B0FCDBADE62CAD8B043C5C1B7 |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/a-large.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 57 |
Entropy (8bit): | 4.359205803638424 |
Encrypted: | false |
SSDEEP: | 3:Cd/lfl02fLt+En:OO24En |
MD5: | 481110EE043514D98BD1293AF5C9AB25 |
SHA1: | 3E578D2A402635332D857D4A5C3FD007A4A9AEEB |
SHA-256: | 5A25D796794B161D9F544F007A2BF016CF724D9EA39E3DF0EA704CCC3768843E |
SHA-512: | 270EC8E231006A3BC1AECD0BDB9AACD290D5F84198899FAB75E99E40F550EF67D525B8911ABC22BD66FDB76225162D4CE2C2D1CBFF7C12F5AC6F14A1F14049A3 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/arrow_ltblue.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 384 |
Entropy (8bit): | 6.006467429758594 |
Encrypted: | false |
SSDEEP: | 6:6v/lhPKRxWnDsin14xbG6Qt39OdUMfLNilody3m9n3c8/N/bp:6v/7SRxRi1ki6QF1Mhin29n3c8/N/1 |
MD5: | 719E71300729BDA463838DA2B60552D5 |
SHA1: | 7636C163A0D1EE130E07ABD02CAD0918BBC3E1C4 |
SHA-256: | A24D2929B0151300C46BCF87D1AF44B08166DDCA0F5BAE7AF0B818B4684245F7 |
SHA-512: | B4E62CF1AEDBD591558B8059966167DD097D794F97F9657D614AED2AC3D7561FD1D6306B969EAA425DE44A69D176B453F432E7139EEE00AFBBF880E6E0E75ACA |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/background-hi-lite.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 8648 |
Entropy (8bit): | 5.113242529210202 |
Encrypted: | false |
SSDEEP: | 96:vR4ayh44eZhS2NlGEN2qRh8L7aaPpI+n/3z9Ge048XhFJy85tB/P/JBQvOPtS50b:vRpyhT8Si/2FLq48XlyUFgn6BFaRxUIa |
MD5: | F4AA7DC965F75669BA81E2FCADB6C90C |
SHA1: | ED92B90179E71ED3FB69524E04E4CB4F3C0BE012 |
SHA-256: | D618BD7BB0D1C11CAC61D9C0B4EA612A48489373A6438E22605B084B15CFEDD1 |
SHA-512: | 8B3208282A6AA989C4A9023D1D4D7E079A90E671FFBF666D0A35504CE1482F59FAECAB6A0F1115A1502A24770CC3185046029B8F1F356C13D8916DC6B6F83716 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/contribute.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 249009 |
Entropy (8bit): | 5.477400514029805 |
Encrypted: | false |
SSDEEP: | 3072:uXpL1f/XaqZ4pmoNGUkaUeH/ktyU2cfRwv+9g5LydY4SeJ/5Hn:u5n/KUef8yU2cfSvCQydBJ/5H |
MD5: | 92DFFCE3439552F9ACEC893F2868D717 |
SHA1: | 5C9896BAC2ECE31D9AC9EB06F987868305BBC294 |
SHA-256: | 86207A548361E9FCDC830F7CCA9540C7C93FF4132DDE2A72FB38D23151BD46A4 |
SHA-512: | ED64C2CEC4BB25119747F97370E9ACF905647820F64C80F590C52694975BAD507D1085D4460E53EE26514AA32B24B8CC187A13BD9897BC23034A34D69150ABA6 |
Malicious: | false |
IE Cache URL: | https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 45170 |
Entropy (8bit): | 7.975705424400901 |
Encrypted: | false |
SSDEEP: | 768:2JkGcmrkzxN4vhummv4CZgIz91xUUeFSFLBHN7/VWaJj+jB3Z6+JZJ:Z0Dhnmv4Ctz5OFSLHN/VbjYp6+t |
MD5: | C60B197F794D1EB6EF8D8A73033E969D |
SHA1: | 4AF6B6DAA296BC4CDC72EDB6A268EF335A5CD8CC |
SHA-256: | BFD7FE7E41D9E55BD6BF4B0D9914AC28A93260F09F6D932ED2177BA2178F8956 |
SHA-512: | EB6584956A6BC9F796502A3BE0C848A02FF9D71271520A2944AB1A130167D2227B7EEFDF8ED97CC9A7C7F894F1F4A1FC3047D92C16EFD18EB7FEE6A76C809C85 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/emergency.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2907 |
Entropy (8bit): | 7.775139824223661 |
Encrypted: | false |
SSDEEP: | 48:OiQfywiU9qoIZgTtchHBui2qZE2JXeAV1s4exJKzo70BAcophyU:LQgoc+cTuyE2JXeAVe1yzTBAcWyU |
MD5: | CEFACB60C7B755E1A53603D7CEAB1BB3 |
SHA1: | 435E52E63BEC97DCC13C2B42A25D5AE761B346A4 |
SHA-256: | 258CC7FC6046B5AB054B2072DE33F2911711C33F49E69651E6012BE6AE33C27C |
SHA-512: | 535F4720AD534264EAF62DFB619B0EE190D978A8096D1C43CA2A7113F943CBEE25ECF79D532434DF3C9E3C88A497402D071A45419B67ADE444EDA1A0D673EBB1 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/flags.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 50879 |
Entropy (8bit): | 7.969332347625548 |
Encrypted: | false |
SSDEEP: | 768:78I+pJaYV+EgGXseX0Dw4uG8uq6UgI4MTaFk9kO2oT3mP+t1KkBTz//cIJuWioYJ:ILaggGXpXCw4u3LEQsqmoX//PtYk9w |
MD5: | C6E205CAA1F6106D3F67425E4C6E8E70 |
SHA1: | 4FA3F989BE28B335B08F71A84F9B9DC13172A76E |
SHA-256: | 4D07033D5B68191D651197A33C485FE6C650B1B01F8D1588F7B82BD8B12AB432 |
SHA-512: | 320FCADF1A76D42EA443A80B900F4050F779ED9CA69F2E3BB66C1FDB0EE872B89C8CD8B7A6E8EEE47F4EF2A5B08A6A63BDC165C4329D4B22C5DFC03552AF869A |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/flu-fighters.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 910 |
Entropy (8bit): | 7.7455040862049085 |
Encrypted: | false |
SSDEEP: | 24:do/cXeTrHaRodw+UWNhsGzRSIhAugV7unmH4ifkx08v5:K/cXeqadLUWNhNzRSMXgV7unbisx08B |
MD5: | EFA6BB2BFE459BC6F4BDAFA3DB0383F6 |
SHA1: | 52D15CE52FE50643E542C17812DE43F4ED1B6EE0 |
SHA-256: | 6318394F737C66F0E2CCFCD88E3935C6667633A1B95FA29FBA2B75431D55EEF2 |
SHA-512: | E23C04D8997F5C2F92070E09261B7EE50D9DF8753F45CF66F604F0874FFA8D99E947C97C528EC02A2C3FBE8E43D840B343A7D0225532980D5DA95031216415B7 |
Malicious: | false |
IE Cache URL: | https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9409 |
Entropy (8bit): | 7.917091441614061 |
Encrypted: | false |
SSDEEP: | 192:d7F8bw8x4bUUmPrdRlYTKJDt/+FXS+8jUNe4rd9KvzxqBYJNmWHYMtT9jv:dK084UUQrtVRUS+e4rdsv8BYJNpHHtJ |
MD5: | 6C3A8F80884C06933EAFB4EC5FA06097 |
SHA1: | E76940F48B89C65B91384FB2F13BBBDE7897C419 |
SHA-256: | 6494DEFEDB24BDCFA6D32AD4DEBC58BB064ADB5A55F03E3A6DE2DE7CEF24D04A |
SHA-512: | 40C3DE8DA0D3757FB76239838DBB25484C64B87EFF3BFAF3202D57921373483A3017F7EB623CB6F1460D97CF727306B4A36D1D14CE30FB5A5404CFAF9B52FFEE |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/granite-advantage.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 604 |
Entropy (8bit): | 6.242982454000789 |
Encrypted: | false |
SSDEEP: | 6:6LlShNn2Hveq2Qu79OzUV8e+gToqyj1D00UsR1HjBewOi27SPksum0frmmYxx5W1:2HUQg9x8e+g8j1ZzHtewOdsutrcxhOPN |
MD5: | E102D568E8974BB0951E4196BA687BFF |
SHA1: | 4D019064F21C2322E537DE510F1649418FF573CA |
SHA-256: | 67DC276FFF422D3FD9A118EC00E8375CBD3BC036BB31507CFD5DF3D4B479D4C6 |
SHA-512: | 5D5AEC096F090DBE608BC1381772FDBACABBC029FC95249EB359FFE91651B1A9B414CBF0395BEB2278CDADDFBB0A30EFFB6D5FB5B82E49E8FC6B85E021B1EC17 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon-twitter-bird.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 299 |
Entropy (8bit): | 5.303426088371302 |
Encrypted: | false |
SSDEEP: | 6:6liaaRbZtZNf2jOWxlrt+F5d/bsF2Wt0n/n:6vaRbZf8OWPcxQF2//n |
MD5: | 5A98EE12BAD5586737424F8F3F58EDB6 |
SHA1: | 1CC67DA5C621209969D0EE01EDAEDBC505187B0D |
SHA-256: | 43707815C4248E0946B2DB9117290955CB5EB684F8C8D3D45EA467C88EECB197 |
SHA-512: | 2D43F687EB11C6DAA47E465CB746641C05EDAE9292E146A283F313016C71C9D19A5876F5546797D4DBB5BF092A50193CE7F3DC9ADD70DB6AC2AD386A94D4C09A |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/mediumA.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5072 |
Entropy (8bit): | 7.8154030612201995 |
Encrypted: | false |
SSDEEP: | 96:l236UtdSb7k5nQMataaEtDfpYB/+TAj+ZrNmDIWgNS:yxA/qQ/twrqBmTA6ZrEss |
MD5: | 62503F5C9E724CE0B0FD8DAE92EEDE35 |
SHA1: | 05C0EC56843E278D8D58907922D5BBC08DE8F7B7 |
SHA-256: | 3945CF14451E5306AD82AE641F105BD4EBDEBBD65F1CB0FD6F865D1F39BE7571 |
SHA-512: | C0E5EADE4CCCF69415D2AB1D0CCDEF85982F41B7C4F2D58F254F87F9C2AF187C6321C8040C40C0707E4C2068B332AA2166FA21A31253BC83E88368CB8CCC23AF |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/nheasy-sm.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 65060 |
Entropy (8bit): | 7.992093389930961 |
Encrypted: | true |
SSDEEP: | 1536:Vl4UBHdlaBzNVuEusOn6twV8qiKdsoK2Ua5FtvYgWC7YEf/N9zCcg:Vl9HdwBzNVuZLndV8fKl+alkEfVUr |
MD5: | 64CF197914FC96C7B92E54BFB7379EE9 |
SHA1: | 255689E40B8AB1C03264425D5F5C8959E9561929 |
SHA-256: | 259B8272F9578583660384E665AE905BAA908E6D076BBFE9D1CDCABE1E3DD15A |
SHA-512: | 02015DD5D42E1CF9D5EE4A82B702F4498FD83E062776648C5CEC9593132640BAC49746A7803E923A1AD6EE08E7A01B005F5DFA2345FE540633651BEB339B0037 |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/open-sans/opensans-bold-italic.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 70188 |
Entropy (8bit): | 7.992855179836391 |
Encrypted: | true |
SSDEEP: | 1536:BlFGuO/z18Niu+LxlinBDCBbPdk+A4wt5ORBjSmAaYL:BlUucz1PwnIBrmd5yBlM |
MD5: | 2DCB93D58BA4D53D72CD2B63D3681A08 |
SHA1: | 981CD70798F1E7DB1C764BBACCCEED57FE3FA938 |
SHA-256: | 7C556BCEB86172609B85B74001EEC2D961DA6D8D9D6CEF9F6AF67184D9DA2300 |
SHA-512: | 258439CD092A49B4CC40F0C8A31C59CB6E61181D4BD3A6D77875FF06BE5BD69D3129D5811536525F0384644F024C217824029D0D1568C69ECAF39D7C8E2272CD |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/open-sans/opensans-bold.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 65184 |
Entropy (8bit): | 7.992075893557577 |
Encrypted: | true |
SSDEEP: | 1536:Cl9CBqDrD0fq12v0nMkFlQfoMSbbj2zZpoYR9zCi:ClQUDrD0S1nMKeRqbKoqUi |
MD5: | 7629C4119ABAE5C1279C38F4F332173D |
SHA1: | 910B6E1DDFD18DF34F93B88C3D3704C718F2851E |
SHA-256: | A58FA6273D7383BEFF16D521694E65A5CA67A4D1D0A7617A387740848DD52411 |
SHA-512: | CD0C61D70A52DDAF82A4BEAB2E3B96EFEA3429FAFB040774BF9221A5F9DF8F36EC90352769E663CE1C7774FF0CE6043875DB1193CE7F8CC064488827A251F5AB |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/open-sans/opensans-italic.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 65888 |
Entropy (8bit): | 7.99154426632837 |
Encrypted: | true |
SSDEEP: | 1536:YlNP3dgTYjSOjOzkRjFdktmP3qf1nLcZDhU9zCj:YlhqgjOWlP3qdLcZDSUj |
MD5: | CC9039BD213ED3300C8D067F6B70F162 |
SHA1: | F15AB088A7FCED99FEE5ED257250534B170653E3 |
SHA-256: | 248D23B4B49EB98435BAD3D34DF8872165E16654C2A79472DCFD28B08B06B78A |
SHA-512: | 8409B4FD4E38BC9E46A9452F3F2372A87395A36DFD66181F623B9160024FEAFE6160E3C7E533CF833E12A3859BC420453C76CD0B7AA388BFF25595D0CDFBB038 |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/open-sans/opensans-semibold-italic.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 69884 |
Entropy (8bit): | 7.991788037606492 |
Encrypted: | true |
SSDEEP: | 1536:+llniJWBUUrv4ZNp5+gmeOAWg0OZSr6WFVvGg/1KFhYG:+lyWmUrv4fpAteeOAvFVN1Ex |
MD5: | 39534C858FE20A3FC1AAFB039B83352F |
SHA1: | 7ED8ECCB0B2105E1A9329B233D70EEAB879E8926 |
SHA-256: | 1210A816BFF3871F1F998C24A681256C0965253D3309979C6A38AA18C33D13F5 |
SHA-512: | ACF65CF393959B9C5CD123D30368AF0A44F7A60DAD478CDF48B2751026838AFDED35F8F99E9C380335FD9121605626616852887BB1F45528C9589E5054F5CDE3 |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/open-sans/opensans-semibold.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 67524 |
Entropy (8bit): | 7.992783189415623 |
Encrypted: | true |
SSDEEP: | 1536:pJl+Wp+Zxz8HN2jBMgUQ9xTOL/l4YN0cUADypY7:pJl/p+ZxQHYBQQ9C4YNoADypw |
MD5: | 81B753A6C202063E3BBE940D13562737 |
SHA1: | F60C0A7A5795B8DB8FB8B9045C63239BA61D24E3 |
SHA-256: | 163D36DD2444B0D0EAC30D110DDB2E18BE4741EB6BAEC32FFBD3A4C479E74DDC |
SHA-512: | E53DAD1D7E5673CC98E3D0EE37703E7ADA29628C2847D6570E6B7CE758351D445C51CCCEECAA66B3A8226059E16E229E38889C3DCBF03CEBF660CB9A3F6453C5 |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/open-sans/opensans.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 28522 |
Entropy (8bit): | 5.17542403704878 |
Encrypted: | false |
SSDEEP: | 768:Hx6uVUQyb/S8MtU2xjJ0aJj48DqWp5hQV6rJnJAJIOadL05pbknJ9dZ5IJX0zw4e:/o |
MD5: | AF5C8F644AC17AC040DBA5348C6F1551 |
SHA1: | 277C9549B4CC6D7D8A1FF99B02BBAD1D2A560F42 |
SHA-256: | 07BFC685C04932BF25EF8506BE79F3B0539B46E55741C90129F3CFB66F87EACA |
SHA-512: | C7F46CAA4FB5B923422F0C9C7CBE729C0B1FD3B674D77016BF483CC4AF302DAC999D636CEF289A99F197344C8735C014D16E685E83513474AB3E3FD99532159F |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/print.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 910 |
Entropy (8bit): | 7.633264256069046 |
Encrypted: | false |
SSDEEP: | 24:D2egDtS1EkJikc4dccRmREbM5tHjx7Lf1BvAaEKc:CeUQ1EVXQWRtDxHzAa+ |
MD5: | A1A1172B6955F3F06DCB37F463A2761F |
SHA1: | 52E918EDA5F91F36A686D2D28D57E85EDBBCF7CA |
SHA-256: | BB5C7B2B21EB3601FE8E001E6454A33C959C9C7187BA1D864A0BA466D90D8DA0 |
SHA-512: | C5EF377A97127DCAEF1A6057AF03CDB457F327A76ACA08C02CDEB45955DC533477535CA8D4D263CC70A02AEA30EA0DA949979BCD78FD627CF37C8E2F692CBBCC |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/search-btn.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10721 |
Entropy (8bit): | 7.9222857327358 |
Encrypted: | false |
SSDEEP: | 192:n7FuknE1nfULiWFwwlfoy5jtVA/wAkZ1tsMW+kLbY0sspgKtZuKchTKr2aaJdJBN:nfn08LBfRjA49psTLbY0xgiuwr3aJo7y |
MD5: | C258A4DB13A03F1076CBD63293759F48 |
SHA1: | D710F07E70044D66A5021F9FC5A1D72DD7856670 |
SHA-256: | 1482933B0E678AAB9D19132EE458E09FCB16A01712D9755BBA31A74B4A76FEE7 |
SHA-512: | 9308FE2CB30AF1A309E7CDE9562A698D3D7BC67A7415318A0F2A88405B9B036A54420E86DE99521B48BCE2BA69DF4A00109DF95A9F1E772119C6E9CE7C3BAE85 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/the-doorway.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 43 |
Entropy (8bit): | 3.292508224289396 |
Encrypted: | false |
SSDEEP: | 3:CUkw0Bl/Hh/:G/ |
MD5: | BF7D3E1972B3FE5BFE8C119FEE05E89D |
SHA1: | 081AF0BCFECBA29D5C4AC9025A3AEBADF79032A5 |
SHA-256: | 5B4B97B224D9827C01D7A887A722F4C2A680195C4A66108559BAA0C65220DF90 |
SHA-512: | 69B7926725CC19180618609A92BD27CEEC465BAF3DCE01CB6AA05C6A0EBB057DCA62AD2E5DC57FCE75F5B8B2C3B67E456EC880D6DE2B3F3C2581DB78FD6E8D7F |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/trans.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1847 |
Entropy (8bit): | 7.840750948954508 |
Encrypted: | false |
SSDEEP: | 48:0BUfsw9mAtN6tl4XZACwezLhPa0V7dHy+1pqWv33z:0iT8+6QJcmLddquz |
MD5: | BFA09D19AEA98592C45CE0A814F0EB2C |
SHA1: | 5DB965A451D9B6B3A5156836182ABE8240D4A0DE |
SHA-256: | 5FE03BFD95A2D4E640ED7D04DCB08EF991C327A5AB6F6FDB9EB06E1EFC76AF30 |
SHA-512: | 65FCB486B6E1120FE47897BCFE75E310AC72D23213A72754729EFE89E019A431E700202A879A94407F46277ADFAF3B03B5248775645555EB5F8698AA0FE4913B |
Malicious: | false |
IE Cache URL: | https://www.gstatic.com/images/branding/product/2x/translate_24dp.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 825 |
Entropy (8bit): | 7.704648162446466 |
Encrypted: | false |
SSDEEP: | 24:ssHKYGXsIPtbm+dBUWkhweNeFb6wfO2GNzj/4vs:ssq/rldTDNd6wfoJ/5 |
MD5: | 55FF382A8B09329E3230A1797EB8F5FD |
SHA1: | 026AE089006A674DA7DCC9BF6B986C5D59E75478 |
SHA-256: | 1BB2279AED6BC1438D2B17A5FFCBAC9D37864582AEDEEEC8D301EAB162B2C213 |
SHA-512: | E787C75CD8F6796DE116FDBE0D7B8A3707BB09E02FE3D9F3FA15E5D783931023DBD62344D5178F547E401DBA160F0382A1204DB09EFB322273C7525E592EDD79 |
Malicious: | false |
IE Cache URL: | https://www.gstatic.com/images/branding/product/1x/translate_24dp.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 25487 |
Entropy (8bit): | 5.083554954745144 |
Encrypted: | false |
SSDEEP: | 384:SGunySC4SJLM/Ex1v2xiJgDc0hAtgn5uB+ec2zgrjeAhiN:SGuFyLMMx1ux/Zh6gn5uB+deAhe |
MD5: | 5E7BD12E328C4AE593734E1AE2AB3317 |
SHA1: | 5E1CF57202212E5A99323A7728FD8D2B5489C244 |
SHA-256: | D0E97980D5E7C8609F31EDD59D321A0F9A22E44464929387251959EAEFF56069 |
SHA-512: | 962C34614EBC31A9680FAB8DF4CCFF71B9C5B57E9D012B84CA7FBFA1BE466958B2DD3083CD6171DE1D45886269DD07AD9B52FC3B326565BB99738F32CD074CC8 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/ |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 56 |
Entropy (8bit): | 4.564221148126157 |
Encrypted: | false |
SSDEEP: | 3:CEaiQEllIpbjuE:zaiQElyb |
MD5: | 8B3611F88D6E07154DFE8D4A742873E1 |
SHA1: | 614D6285952ECF50A5F0F1440E9D21BBAFD1CB2E |
SHA-256: | A3933D871CF7DAD771954B3BF4FB984C0212903943C88873F0E3439E85285F06 |
SHA-512: | 5905DA1FB768EA3B2C5AFC29601BD6A78A68C94E79373AF8B826795839F6E986D85459209D3C96713E29FABA92C4C041A450F47FA61A89138077C311C458B165 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/arrow_blue0.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 48 |
Entropy (8bit): | 4.381328385912461 |
Encrypted: | false |
SSDEEP: | 3:Ct/00lIh3uJT+H:Ac0ydUTm |
MD5: | D7A4D95354A5FFDF666AFFE4F7516A0E |
SHA1: | E65484EB06115E888D29C35C3864981BE8EC9D42 |
SHA-256: | 3F4D9CC02EB84C4BC1BF181F3452386B2FFC1D64E62FDA21E03F3B6D94CF0866 |
SHA-512: | EEE1B4350B08CAB3FEF1ADD3DB67F90F527F289BF64C3EA8D22804A297EA2A830A8426F17348B123E39EA9D6F44E055DC0D334816311BD9D4B0BD41447F52FE7 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/arrow_gold0.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 48 |
Entropy (8bit): | 4.381328385912461 |
Encrypted: | false |
SSDEEP: | 3:Cpr3lIh3uJT+H:43ydUTm |
MD5: | FBD0E6E9B04C2C0F0DE3B9B372EB91FF |
SHA1: | FF07B76F9896AF9DCFD72E2DB5167C5C7064B0C9 |
SHA-256: | 595D5753D57518C1235FAE639F2665608B8639BB8E12D12DE33339EC4CC9760A |
SHA-512: | 2D513B0C0A2A18CDB51BC04E8AC900A9B34C378CBFE70A3A0D764D92358F25F34EAEE2CA56AB80F3A314A4E8BBF347117EC05FBCA5C7E04FCDF2E132071E827B |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/arrow_green0.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 14621 |
Entropy (8bit): | 7.825199065619867 |
Encrypted: | false |
SSDEEP: | 384:yTq9/R62zTbh9Nj5Jg8mf5FBh5R4xJWEEpRO/PK48:aq9gKI8mRFBSdf8 |
MD5: | BCF9D8B990427A3FD6076D8B828DC634 |
SHA1: | 249E51075BA8E049CF92373FB31175F03950A54F |
SHA-256: | 2CADB2795C254C1BC18A7FC3E766D5AB760C9566F323E2DA3A60629E8028A88C |
SHA-512: | 910AE8C8A959BC19AB332916CFE338999121DA1D7450F0AE4BC1224DE1CC66030D92282DA0F4B6FE3B976C25B456286984E443DFC038E9104E04833BFBB51E3D |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/button-sysc.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 129790 |
Entropy (8bit): | 7.890919421015789 |
Encrypted: | false |
SSDEEP: | 3072:ie2ke28EzJw9Hew+CLsGU+/7jX94hXGLVjFrRk0:i1k18EzJGHew+CLso7jXOh2ZRrRV |
MD5: | C83AD720C9E8C9FF4099CD8A74F63990 |
SHA1: | EB99ADBE8DC292769D7550A97A0236BDC2F46592 |
SHA-256: | 176E7581B8833A56D160D6CA01B0C29D4951086689BB1293C767DC6F30725181 |
SHA-512: | 55E9CA1348F7065B1D6495CEF4343106DB6ABE7C0DFE13EE216B2004711FD03AF7ABBC67D3A7F0EAAB5518753C987B5352BBECC52B4DC017A15523F237B85395 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/carbon-monoxide.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 54750 |
Entropy (8bit): | 7.970078713308231 |
Encrypted: | false |
SSDEEP: | 768:dnY8WF3kuJcWl0OdwWFu9cWU6C+YQFgLVKwZLPpnyw60Ma5qbTRNliAQV2OXVB:/WleYwiu351F2JRnywTMbAPJf |
MD5: | 956167D6912A4B6EFC08FE7C6A8C1EDB |
SHA1: | 1B2D9ABD46E8F6CFC2F40D236592149A63AF6439 |
SHA-256: | AFD9A3BD4278B33407F7064C304320416ADF34F1C4CF0FE8198CCCDFD4803001 |
SHA-512: | 8898335B7A458594C8521EE1BC591C61E4D58624513F8C171901568913AB4D3F45405F02CF65413C332F13843F085CDBECDB870587728BEBF561DD68F8ACE8F3 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/coronavirus.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 235 |
Entropy (8bit): | 5.136589458286182 |
Encrypted: | false |
SSDEEP: | 6:pn0+Dy9xwol6hEr6VX16hu9nPjL8y+KqD:J0+ox0RJWWP0T |
MD5: | 8AB10AA878C6260D9465F86284A645E9 |
SHA1: | A3AECE8220D35AB422B15A254D976576CAD5221F |
SHA-256: | D8C83817C808A1D7CD8CA3EF9D291C728FF566D3277718641AF8306E492D421A |
SHA-512: | D31733023270C2C7715C2E71B925C59B95A98A4A732A2D80A530364882CB7EDDD446AC5C48D84AF6BA18A77B87A7AA9FA020178E9B02985E3C3A4A4740384A5A |
Malicious: | false |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 53362 |
Entropy (8bit): | 7.993417790305679 |
Encrypted: | true |
SSDEEP: | 1536:7wjcii1HaGZ+xJqtUrNut7m1ktLSkBV9uN9Nsvm:scjZbZ+/qtUwwktLS0nyLsO |
MD5: | B2A76796AD77608C8BB5C335A8BA63A9 |
SHA1: | CE5BA1744FE032CD0240612BB9251FA37929E6FD |
SHA-256: | 5B49CEB3EF060B51549A47694A8D59F61F72240E21CF1EDD34C27ECFAC7E1C18 |
SHA-512: | CA1010040FD21C4257A82336D5FE5E8CC7A290547998BB36EB1FEA7413CA42F8ADEB96484E25CAA44DC4052FCC167916DB69E838D2C7D73B4DE76C587EB1BC0A |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/graphics/current-map-small.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 70596 |
Entropy (8bit): | 7.992124290610587 |
Encrypted: | true |
SSDEEP: | 1536:uHsmb+/BmrCSStlF8kfpKhtTJvAiEK3rcwKcRK/9kS48:u3b+aAHF8yKhtFvAi13+2AiSr |
MD5: | 1CA756A9691BD7FAB6B37D5B4CFCD1CF |
SHA1: | 8762A8E359C72FCFF098468821E70B3240C2CF10 |
SHA-256: | 795CCCA3255FA08FCDF3F55BE7D69D9D8D87234D5EA653C0074F7AB48676A382 |
SHA-512: | 8B214F2827D0191185DFF85B929D0D0BE1804642ACB4540EA23DB47AF884EF3D990E2B27AB07BA84272E2CF1D7551EC919690268CA5192784ACC095D7226BB45 |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/encode-sans/encodesanscondensed-bold.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 38518 |
Entropy (8bit): | 7.9666917785850115 |
Encrypted: | false |
SSDEEP: | 768:8CZFzY4kWAMvZ52+a+yUXBfYKBEOnguKIieeHSg75ncf:J3zY4kWA+pafKBEOgcix7Ra |
MD5: | 138058CA58F83B75F25F09454E7BF9BA |
SHA1: | AD842387E5B44D3B08EB30A63E34D558AF87BF83 |
SHA-256: | F677978867311882735247A034E6A16E237992510302412FC3F1FEC723586246 |
SHA-512: | BFF4792ED6174E3CD7739300F460F66BDE930587202D11E26BFE21E8551DB7576C098210455F76A96124EBF3FA5DA65C80A7CE0D146CC061DCD523E6A356D116 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/heart-month.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 607 |
Entropy (8bit): | 6.150874141816269 |
Encrypted: | false |
SSDEEP: | 12:+4fBVm3RLxgpY2CRBs1XGeozZtLTnsO6RSORKPwcXxBmG:+WBMhL+psRy1luXHvs04CBh |
MD5: | F39970CEE0E709A2C6225C686E877E23 |
SHA1: | 37193D45B1BD8C7B81F2B50B5BAF80DC3DFA998D |
SHA-256: | 74F8DF3D7341D6CD60F342F3EFD6433FEA89B34AB60BEBEE6EA17AD728B05360 |
SHA-512: | BA3AF5CD5A886530C2AB81B7EC6457FE3ECB842F9A552A199D55120F340F705AEDF1759C90203ABFF2B97FC7297B5FDBC98A6C11A3EA473E514E238E78C25E56 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon_flash.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 55805 |
Entropy (8bit): | 5.229448793359489 |
Encrypted: | false |
SSDEEP: | 768:0csXS2yYCzATBLK88E1o2z33c8yrtz0GBU3+ySk+f1:0cs1ySToR2T3Fyrt0GBG+Nk+t |
MD5: | 3D5C23458FF980BD76BEE32E76FAAC86 |
SHA1: | FE16C08BCEF433F057A253330C3548F46F2DFECF |
SHA-256: | FF8FE30E152C0EDDAABEB0738FD227DABB8BF538773A7D5E58875C49B53A4A25 |
SHA-512: | 872FCF4EC4BC114CFCECB16DF3352DA7E9D28B0249A7950183DE8CD90D99BDC4103B126976E22CC3D711019058AEC4282D12A4E3489F2111C68CF0F79637EEC0 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/js/jquery-1.2.6.min.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 6579 |
Entropy (8bit): | 5.228753253129017 |
Encrypted: | false |
SSDEEP: | 192:O10Rasp42ZbGDt2rflgINP/iVxQTA39KyJArB:g4pjZiu3/iv1t8B |
MD5: | AF1015158867ECB3BC8B923ABA626215 |
SHA1: | DE5FB1BB2BF305F070A706DFBEFF57249753ECF3 |
SHA-256: | F40473668CB3C72EF3AC8EDDC7945A672DFF271BF54351F639E704FDE2101237 |
SHA-512: | FB6BE27AA9899FA322A971C11E8BFE248D5E66B7FDA37952372E45E0F7859FE26CB80444B63850E55BA70943FAC3E0CA39838114F3166D01EDAE0519617EB26D |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/js/jquery.jshowoff.min.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3468 |
Entropy (8bit): | 5.130714868268042 |
Encrypted: | false |
SSDEEP: | 96:gxhTzrJZwi5n3ao8FZpNNNisHrymo4dG4QjRk1:6TvJKi93ao8OHez |
MD5: | EA8F627844489B0D84EA383588E13730 |
SHA1: | D86649EC726D7009B075FEA0DD76C87B73F28857 |
SHA-256: | 28BBAE52F137499A252D25447764FB3A84EE0E6A1C46406C3A62B5E494A6BBBE |
SHA-512: | F43F917A7B1E9B32D77017E1A37BD46B463CA829E304C7DAC29459ACC624E22FD7BBB7DA1F34AA211A499621BE92094B92BCD0DFB72132950DD39065E0498787 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/jshowoff.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 44485 |
Entropy (8bit): | 5.189370576255165 |
Encrypted: | false |
SSDEEP: | 768:Xx6ueLyHrZ8gibyGuNDxM5471agocPo8/XJNrJuJeM8vpozzClIQFigfR5pjlrkD:gCiH8zoCW3 |
MD5: | DAD356F86F56E708A1C5FD5E7CB84AD8 |
SHA1: | FE76597102EC78611A459C7FCA92EA8CE25CB8F3 |
SHA-256: | 982D717A4E58C664E5FAC75EE42D3DF8C7944A91F9075614FA5738E0477960DB |
SHA-512: | 2C8ED8F722D97FF144ED2BDCB6E36A5BE61A8F72A9227BBAA5D051AAF73504DEBAC7D566125AF77F47FE58792F7DDCC57991C50664A38E7E94D0D77559193AE5 |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/lg-screen.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17436 |
Entropy (8bit): | 7.969509409078188 |
Encrypted: | false |
SSDEEP: | 384:EqoYu66PdIkt3rziZM3jzl9sQ3YRYsAfSjebHrm2eG0bUNs/WxZfzCIC:9UPdIcrzyM3jzPICfSCi20oGexlzCP |
MD5: | E561CBE87F6A44380263CA3ABB7C1E2C |
SHA1: | DDD632CDD5F527DDE481A3FED8A2888E08D59045 |
SHA-256: | AFB1AB303CA752AEF90361ABF3F0357B6A84E7B99FD6A8540314A8B737BB9285 |
SHA-512: | AA4A0E08183659214E004A633FB88145F4ABF672A758F5C50107E368DB077D545FB1AEA91061D47075EF0E31A112DA0B8A9AA9FB1B3E5C90F29001753DA2643C |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/mcm-logo.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1725 |
Entropy (8bit): | 6.010293208125424 |
Encrypted: | false |
SSDEEP: | 48:2/6r11L4knA9WIiRw5V/c0871a3h3b4HHRy387KVH6p9bs9:2SB6knmWIiK5V/wCVsHR+VH6p9I9 |
MD5: | 79F1FE2A0BC31410409C9DFCC2F7E76E |
SHA1: | 0927D2E088597BC195FCBC2C4638151B5F4A425A |
SHA-256: | 53C79F3AAE1173AD214BF0D3AADD33D3D83A595BAA45332B4C94110416B884DA |
SHA-512: | 8051C3A6B20B4ED91F45F02E785971E524C57A07C18D562E3F356BE8211F279095D43999572B79AAE1A96CB545CE70F7525738C1801B3A9379FF28EEF84F4FDB |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/menu-triangle.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16557 |
Entropy (8bit): | 7.956386766435145 |
Encrypted: | false |
SSDEEP: | 384:4/65fha80xWNegyyZioAFikUkJarKhSH/PiLwO9l2u6pb:1tU8yWNegXivF/UGITBO9h6pb |
MD5: | D8CDC6D6E056F4A1FEED452196E47D89 |
SHA1: | E10CE7AB1ED5ED55BBE46EE18C2BF9DCBAEDAB32 |
SHA-256: | D803225F1F2A6E5B267C8DCF448605D5F7122DD30FF37FAAAC185E044FA291C2 |
SHA-512: | 281DE0385296DC0C319ABF5FBE691BB346953DB1058726BFB631C4D4EFB11FADD77DCA2583BC21D177E85E3DE0028083B3CE4CE10646C4DDD2607E96F83F47D0 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/about/graphics/office.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1015 |
Entropy (8bit): | 5.201179617626621 |
Encrypted: | false |
SSDEEP: | 24:Po1/EPH0dRU5PNRxYIpm5t16DRW3BT/jmHTnhcJ1DA4hipBf+v:PoqUdS5FXg1D3B+HTGLAK4p+v |
MD5: | 32C7EB2120D98C96C282E7A824E7694E |
SHA1: | 7CDB846962FC7D84DEDE41B922AF71AB8E652134 |
SHA-256: | 9136B91FAF455180E6E18CB97C04C2B79E812DA891B83EB84E30DE87E7BC108F |
SHA-512: | 7A210A3F212E7059D24174C35D4C265B5834CA820F34D51369FC194C21F3994CEC16A3D8A13978EA9D4A055E94B3104480BE3AA949128B5108B77568B2E6D7FE |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/print.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 36845 |
Entropy (8bit): | 5.191778062616621 |
Encrypted: | false |
SSDEEP: | 768:cx6u65i3b2rZOcDGoiXVGudMsi71agocPH8/KXEaIJNrJuJmM8vpozzClIQVDGeY:XiS8nokclL |
MD5: | 110D28B964599E5C1D4374333CCD4A28 |
SHA1: | 3ED13E84CB7C8592C5F6F4FFE46C4C4F7D526A4F |
SHA-256: | 3F16367310BDE403841A1B9789F42936DE4B27A113821BBDA9921114B00B2C72 |
SHA-512: | 78B69D8F6AC604AD07C52F5E13A7CE0F3270FC42023DD3E49EC901D36CCDD61460DFED35021A8D215CFCF63FBEC8597D66F971B95F67D2E520040A0B9771C8DC |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/sm-screen.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 176189 |
Entropy (8bit): | 7.995265529394209 |
Encrypted: | true |
SSDEEP: | 3072:Zg6TSbZaVpaMWowoFTELiokiPI2emGUhu30Y0gYl8kSpECwHImBwLP+IgLsIE7hl:ZDTSKaJoT/HiPI2WKxsQ1BO+Igrio0 |
MD5: | 0B20ADAA7A352B28E7094F9CBD58B18B |
SHA1: | 0F8210B0491CDB022CA8E150A15E6F5793CBAA65 |
SHA-256: | E39A2FA14D90DE7F6FC614EFFBA41A5A523295DE9497F28949FAD44F30985FDF |
SHA-512: | F40C9708761F96816167290255CD1E4C25E6764FA31544ABEC0CC5BEE8A2AA8EFE89705436CC2784619BF2351493FC1B69C9427C3C157FF1909F924B05F7C6DC |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/state-seal-20perc.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 104636 |
Entropy (8bit): | 7.994372920279513 |
Encrypted: | true |
SSDEEP: | 3072:UFMAyAJh4p6VbL0JGHXmAIaYH1lgIReZK:rAyAf4p6VHMG3FfYVpReZK |
MD5: | B319D127DA5E19FFB74114611F565BA3 |
SHA1: | E679B91CB5E993D3F22FC6157DCE53961E29625E |
SHA-256: | 69CFCC5923557F154D05913A99D8A42349473C90591FCBB014E2D4049C1303B6 |
SHA-512: | C3B82228A2F0B36B43E8AF5AD5F986CF8B2631EEA96AB20C3DB4D1325CB86B39629A83426AE76430FB323EBC309C00BEBA66479B6453A010C2D3F017DA4D1CEB |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/trirong/trirong-bold-italic.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 92188 |
Entropy (8bit): | 7.994132078924214 |
Encrypted: | true |
SSDEEP: | 1536:oj63PgyTzsCtGbDFZy+62kHiyk1QVeomuttkSV5j6rmLW2y7Mvqmy6BimyqCDgzc:oWthABZy+Ebk1QJmunvWysoqmDQmUgzc |
MD5: | D06A96C19D63EEB1ECED3019275A55C3 |
SHA1: | 2D67881AB1B55AFE06F30C3A319D1A171BDA9D00 |
SHA-256: | D00B15BE78ED504B4A71B0EB09A634C79D8722FD7D35487B4E4B50DD8619FEEE |
SHA-512: | E17224EF3B7E323888E041B2DE4C5CE8F7BB457D8D66AA1582BFA3D292ED83EE9FB852ED6446FF9E71B2644D67370D6BAFF23634B09D79DB248FD77DDA646150 |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/trirong/trirong-bold.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 97836 |
Entropy (8bit): | 7.992812856165301 |
Encrypted: | true |
SSDEEP: | 1536:oztrIeRrHfnKXXlmskBvETVgmHT/TKzCcOmbhSszaetnPO+MyaRw4WT6z0YN/S:otEeR/neXrkq/THclzaetG+MRZOY0YN6 |
MD5: | 8B9E98B92DCF4E9A700678A91745C669 |
SHA1: | 6B40C2B9268FB260AFB3C294E77AF47968FE7356 |
SHA-256: | F9B1A7B8D47D2D7324A13B088BD6CCA6ED4B8BB105545F0F2E00D0FAA46484E8 |
SHA-512: | 0473F5F4EBF3532DA731759A4364E2CED367D1713A05A6A244AF39C520CD1A53F7E43778DB9B36E174BCE51ED646F9F26E49AB9FF898EDB364882402F5A4D529 |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/trirong/trirong-italic.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 91200 |
Entropy (8bit): | 7.99415993124143 |
Encrypted: | true |
SSDEEP: | 1536:8cemqsJMY88ViCR23M/yu4EUfM7gss4QOaRAUYQZJthAVA8Pu1Y2PxcFWE:8cemq8Vx23OyAUfM7gstQOjAHth4AQuO |
MD5: | E69DE951CFE0745B7DD409C22361ABAB |
SHA1: | EF6600CB946058DE66822725CFC60F536925E9DF |
SHA-256: | FE728B3EF76B93A90F08C48B3CBEA9E3652F70DEDA41192120AB87DB4EB3C207 |
SHA-512: | 58486D3D089DCB5BC216036C402D5FDA723296BFDA25E7937A2565B84E1A3E2BEF839BA66A4FBE2297AEA8D19D3FF6922877998E6FDE909F4B9E2D4B03904895 |
Malicious: | false |
IE Cache URL: | https://www.app-support.nh.gov/nhgov-fonts/trirong/trirong-regular.woff |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1060 |
Entropy (8bit): | 6.5523064400854745 |
Encrypted: | false |
SSDEEP: | 12:WnfJ2E8aiGIb63CYUEbTzgCO7adD7qfDXSct4SmgoM5DnElf37Zan8wmD5MGznIw:UAtf0RX1O7atS1fhDEF37ZsEINS5zTq+ |
MD5: | 3DBE760EAE2C284187D535C8A88D4AA3 |
SHA1: | 512CFF45B5F642A453EB5E8FFCFC855E4CF8A587 |
SHA-256: | ACEB0FFCA43ED21666E999200E07E44CD3C3EF35BCC899393BC47A06825CA6B6 |
SHA-512: | E938AD3A944D45579E7EB1C1184DFCD3F55E5ADFECF2962512E6239C0AAB2FB470B4BDBA356C434F865AD54AECA4D5C3A2B78A59B24C98DAB5748FF33353FF60 |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/graphics/xls-icon.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17925 |
Entropy (8bit): | 7.961742262047726 |
Encrypted: | false |
SSDEEP: | 384:OnDrAMst9mJecX6TYfTLSNyB+bNU0fxhy4dZXHmHdNvh:Ovzst9uXz7uEB+bD7Lavh |
MD5: | 5A2DC4F484EF0A7390493900283BF3EE |
SHA1: | 051CBC0963BB50413B4D30F156B4C4356A82F924 |
SHA-256: | 6BBDA937684C997DDE4E58722C1E6A3EF7850689E47F774E8B36FA02E5ED10F9 |
SHA-512: | E58C1CF2F2F30C11E8FC017A40B3B66E670B73B3BB88779D8A8235AC53FEC3A93679E09F949B4C522D82C34440311034EA38D116F3B9021FB803E227936EBC2D |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/1000x100-jpg-header06.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16961 |
Entropy (8bit): | 7.722181974036868 |
Encrypted: | false |
SSDEEP: | 384:0afxFf87Kr6PQeaKHSYheY+oLey9TuVnCLQoWql8cr0a5mI:tf7f82r41hevQru1o5rbUI |
MD5: | C39C3037DA3701E35E53688A1BE5D566 |
SHA1: | D7CEF2CF7147252F060E80939F18B4557903129A |
SHA-256: | 1DAE627C236A85D5A1C4E0B5BDC8E8D086A0A4BD613670E75A9AC6FB04D702A2 |
SHA-512: | 4C8A2B3AD40AA7B58D97D68E0946506D7C899A70F6B592564D651B677C2D0A4F8D527549C89DCEF8F08A05702450A29F022F6FBE13AA9D60F61D2B379066155F |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/button-glencliff.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13794 |
Entropy (8bit): | 7.8213130255442085 |
Encrypted: | false |
SSDEEP: | 192:DYx89BJjCA890Z/K0B9Ljs7LtGGv/atK++BELUzaYIoSJ82s02Wkv9M29kAL3g:D6aJjC7wPjWLtD/h++BEgIvq2sMkvn7g |
MD5: | 8DF72335578FD65D2DA9759530E147FB |
SHA1: | 140CC7ACE1A5883659674FA2679C47F89B744412 |
SHA-256: | 2790E88A1BF3D336DBDD2200DF5D072A6B7B9BC64EA577AFF2739DAC924FC840 |
SHA-512: | C4D02AFCF99CF0CF50487F3DFF71153E634B2F0A0CB88E8F95DA535EF54C2E7199E3CFF898168AA2DEFA72221186A07C446E9AB6A9CD67E6E9984563D13BF9F8 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/button-nhh.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13037 |
Entropy (8bit): | 7.9638596412762785 |
Encrypted: | false |
SSDEEP: | 384:7UUVbS3J79HLEmDVxE+i+HGWAXg0eV+V1fJkm1bT:gkbSTrDZx2+HJug0Y+ym9 |
MD5: | 6452F1EC1866D5ED498BAC41660565B5 |
SHA1: | B1232C23FCC3A911400E6E6AB9437C14D20D72DD |
SHA-256: | 87D61DAD66681572B3AC12B40CC346BB37D0FFDB9BB83CCF9482C55CED44386C |
SHA-512: | 96281ADF7AAFB026E0824671ED1E6F04466CF919F772A78B1623F33C67609BEB9AC941548BE4D329FE1BFAFAE554B92AFA0B8D9E067DCCA2C87D86145712ABE4 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/calendar-graphic.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 143308 |
Entropy (8bit): | 7.973656679323932 |
Encrypted: | false |
SSDEEP: | 3072:5Jja7cG6rjN0cASdhuaCN0d4GetkLDUD2eMoLr6/3cRh3sSuBKN3KFZ:y7cz/N0cDdhuBN0d4GekNeMoL2/2h3sh |
MD5: | 26C0D88A73DDAF3A968D1843E51C6089 |
SHA1: | 92500765685752564704229DDB3DB920F017C295 |
SHA-256: | 4580309A26E683FFC37F95E1C0F2B5A7F9CB3F786E9E03BACB0A69F7C6E1CCAB |
SHA-512: | AEAB175551D97FF2F50B5406AAEAB71916EDFF6D817F3BB1E06E39F675F32A4F3D40620EF76A99FB770C0E9E25396A0997F43B9E4A71AD66B3E0740E6C36063E |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/graphics/covid-19-collage.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 21687 |
Entropy (8bit): | 5.047664886846948 |
Encrypted: | false |
SSDEEP: | 384:uhnOw8I44Wq6yzCjAO9eF3SofwQRLcPbDjNlCy:uFOU5zCjAOQQQWDvCy |
MD5: | 0B60D9DC633A3261EC79768E730832BA |
SHA1: | BEA2EFD5CB5389E478190C74DC952C6B26D66E8C |
SHA-256: | 3658E067B02ACE6D9E8150C278C7CDC593332EBC6D083D774F00DEDCFD9CF7D0 |
SHA-512: | A076A11F12BA66D6AC04FDB93D8E11F7BFF49AF319AD5FEA52A2FCECA6EB4B36871C2E351C27351F728BD982F8BCDF95EDCB1234AF9A3058B0BCDB2508E51C98 |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/ |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 73630 |
Entropy (8bit): | 7.993771788542376 |
Encrypted: | true |
SSDEEP: | 1536:bqWhE2FDOvSxWE08YCmDcsh1HfqgSUd5dUopmtN9w4sthdO01nD:425OvSoEWCOcsagxUoEtAm+ |
MD5: | F4B170A46A69188BAC5F80B18592576B |
SHA1: | 2617C9F08505320375D737A8D3B2DA57A93243DE |
SHA-256: | 4EBD24BAC47AFF2EECFFA9C724898BC23931EFB9443520287A5C4FB984BFF45C |
SHA-512: | DD55310011D9B9C483C6C451AB7552BC4E45B24189CB89B40F24C74CD884F755894AAB7325388DA4C7794AA638591797299F853BF0CB46F6387EDB51E790EF94 |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/graphics/cumulative-map-small.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 41 |
Entropy (8bit): | 3.4960271529727103 |
Encrypted: | false |
SSDEEP: | 3:CWoflBlll1nE:ow |
MD5: | 45FAFCED0B565CC5670032533B890B13 |
SHA1: | 91CE14BEAE79694AC4E4BAA8961E92F8BA54A2CE |
SHA-256: | 7DF51310F47487A4B39B74D302FCDE64FE1AAFCA56299E3D05280965FC659C5F |
SHA-512: | C083B8EFF67F31D5D8A77E522A1E04DE0AFED525F1FEBE53DF9B8F88E46741CD05235007143D43286003F25624E7DF45E866317D0EA8874F62912D6E16E5275E |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/ds.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1051 |
Entropy (8bit): | 7.784068898473082 |
Encrypted: | false |
SSDEEP: | 24:g5+eqQVZSnL0wOkwS9VmIAcIKSrT1lW2dsuL:g8nQswSi1cWT1tFL |
MD5: | 6248318A2E3768B22BC34535B7E4AEF1 |
SHA1: | FB41113AB2C8D731648039C78D9C956DC73C6B05 |
SHA-256: | 7B7E5063A7E9A1A8ACC87AC9529D33A27EF1299E08FE7E792704F824E19C39B9 |
SHA-512: | D4E8F7B6CEF0B4624FC9A0EB6C9D5283702FB34EC9A8DF332D2C3818AFA50AADB3DD45E20014315882C2AEFE886395BB9E77A71ADDDA994517C4351D3E664C26 |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/facebook-btn.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3638 |
Entropy (8bit): | 6.009925075904024 |
Encrypted: | false |
SSDEEP: | 96:Ojt6bYY7X9x0wVjcyvpx4GW8oAnUyu5o:OobYY7P0wVI8xL/Uyu |
MD5: | 819BA8DE904F2B86056DCC32A92874A4 |
SHA1: | 5128B5AC8EC1CE19E81A928A516FDEE3C1DDA332 |
SHA-256: | 5762EB82D249E88BAE39E8B719EB5F577EEA6C611313332721D7D3079C1ABB7D |
SHA-512: | 30A17BD3631201641F5D4AC42B327E7A18114ECD8CF54E56768BC0EFEE31FD11856BDFE13464FD69FAD1312F9FD6749B7BC63CE5A7EDBA640EA7E670AFBD3B60 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/favicon.ico |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 936 |
Entropy (8bit): | 7.566861187240718 |
Encrypted: | false |
SSDEEP: | 24:uDFM0rnx1/PBYjz8hxGmhKAKIqlIxL7Lqpg7NVzOQSAAo7fZv:uZMm1/PBYzgJ0AK9lenLqoNJpfzfV |
MD5: | 3EF0AE339337F22320D8CCAC504A8449 |
SHA1: | C747754A317B308869186DEBB10DDB77E756D7E5 |
SHA-256: | 33A14A6CB3939700FE78DEAAFD649992667C7247A84639E627B7168902557367 |
SHA-512: | 2D4B7D0FB58E8EB2A7AC364DACF57B2456317133CB3F24CBA9EFB005C9664486A63DE488326E0839FD5CBD04D3C22B53F02DCF81BD9D605806C647CFB9E3246C |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/footer_seal.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4342 |
Entropy (8bit): | 7.896707732925293 |
Encrypted: | false |
SSDEEP: | 96:dXLzANaWDn78v5e76bppPbea/wjGn36TBY9P3rBU:tLsNdn7K5i6bTfB3QBe3rBU |
MD5: | 07C2F782572AD5329109465D24EBD913 |
SHA1: | 225F2226243AFFAF4BD532E5F648B2EFB7FA5ACF |
SHA-256: | 395DD501874DA9003C8A81010C9F8ABF42EAA7E4BE9BFB2012292777B6C088DD |
SHA-512: | E29FD2215EDA48B98A8E9B6E8C4A775C2C21B17C056A078AB03B1C5F17B3C742DD91CDABFE06E314A5E0B2C181F5D883F9393BA25CC2C59E6C27BA99ED95E88E |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/dcbcs/bds/graphics/gcd-seal.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1461 |
Entropy (8bit): | 7.587767048114994 |
Encrypted: | false |
SSDEEP: | 24:R/MmkxSj6vKf4EQtdZ2VWN3+Qj5dejWfSZgDBsWgLhNk7pavk9HzU49t9iIo/E+n:cSjfytOVi++GC9CDLhNigigIo/31 |
MD5: | E8DFCB236B83526AF6EB96348B06F0C9 |
SHA1: | B741A536E0D2AE5C828D55DED39E17A60D5E1FA3 |
SHA-256: | 614EB76A4DD29D91EA72883E702C609CE3E2AE3E12C2E5F96B2FCD32AA87860D |
SHA-512: | 4A64AB2C2A3B3705CB93D80ADF95A96EA5E257166C979972320884BA1105EFF25F1CD6FA15CBAAC7D31240F2FF09A5BCA8B93F6B5527F63D7631D9BF915194F8 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon-fb-like.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 62 |
Entropy (8bit): | 4.478946144941852 |
Encrypted: | false |
SSDEEP: | 3:Cq//Rewltxlu3uXU1xn:T2KU1xn |
MD5: | BE84D93A3126CAFBBA9E92D25F139F7B |
SHA1: | 55F18DA72A71AC3F4CF7B4A6FB3053ED0169FFA1 |
SHA-256: | B264D426F9B80C2C02B49123C628B62AC446AAEAD5F4874780F900AB024228AA |
SHA-512: | 98089AA6627FFEA2E2B302B1E5B29CB8B64518183D124B66FA731A1B9B40D771C4E5882E3B7350AE547AAA6EF73BF55E32BED5CB3738464FDC2E88220FB36DB7 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon-sp.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 603 |
Entropy (8bit): | 6.298893633281494 |
Encrypted: | false |
SSDEEP: | 12:U6LzEJau3+MTkA0iZzRnwAjM3s9RR0KoRxW:U6SLbh9HAsaK0xW |
MD5: | 47FD53FA9278B645A64B42C31F0A7068 |
SHA1: | E4293C1BA08413FBCCCA5CC67733F2A972A31869 |
SHA-256: | 72293FE33F7F462A579E0297AB625D20AA53470ABF7A77B5E0AE5112FADA4F4C |
SHA-512: | 92D277ABA7A5B8F8BCEE6285285B055C5E1CD7125651EDEBF33955665B5483E6FF4A481A312A57CDFF438D78AC8964CE8B895FF273CA7DE281652B5AD645D244 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/icon_pdf.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 936 |
Entropy (8bit): | 7.566861187240718 |
Encrypted: | false |
SSDEEP: | 24:uDFM0rnx1/PBYjz8hxGmhKAKIqlIxL7Lqpg7NVzOQSAAo7fZv:uZMm1/PBYzgJ0AK9lenLqoNJpfzfV |
MD5: | 3EF0AE339337F22320D8CCAC504A8449 |
SHA1: | C747754A317B308869186DEBB10DDB77E756D7E5 |
SHA-256: | 33A14A6CB3939700FE78DEAAFD649992667C7247A84639E627B7168902557367 |
SHA-512: | 2D4B7D0FB58E8EB2A7AC364DACF57B2456317133CB3F24CBA9EFB005C9664486A63DE488326E0839FD5CBD04D3C22B53F02DCF81BD9D605806C647CFB9E3246C |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/iconseal.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 11358 |
Entropy (8bit): | 5.081230966440111 |
Encrypted: | false |
SSDEEP: | 96:1AAl6lD3R0m3BGTvVrGNI643LJ7jIWqqyapxC8bB4/fxvLLmyySbxo93ILPlUIiK:SaMR0m3mz9oRHa9R54uEBukeX2oK |
MD5: | 7FAC353FD6E72A2C75820F2276D522D5 |
SHA1: | DEEC13C8F8CFB6A44E92FE15A5BBB4D18D1EB539 |
SHA-256: | B8FF55F1551A2611F3890196A3E6EA69D579D2DF441AA6AD6141F84F39511238 |
SHA-512: | CFF7AEA083A5B873FEB9F8D122BF4C02705FF7FE21135F7D13AAE5AC79A57879E2F56F07A22D5938B8B2C12B6B504E2381A5789347D5F5C2677837C802F1DE81 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/about/index.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 33303 |
Entropy (8bit): | 7.974316717561031 |
Encrypted: | false |
SSDEEP: | 768:0Oqj4xMlnGpUqpxt29uVPD/4M7DWXM5Vz2fWQhVhz:a4elnGLtCy/3OXeqvz |
MD5: | 96D4920CFCAF9ABFDCAA8522656A3137 |
SHA1: | 7B2B2F6ED65D0F633DE370711A2F762D18D9AE59 |
SHA-256: | 18F1A2D6CB258D5F92E9EC463EC03D785EBDAC35A24A63B213FAB634871D7570 |
SHA-512: | E4A4DFB75D01B676383026B81A826C90CAE51AAF64257FC12093A806FAB2D96531A4126537F35B13503B349C312BFCC4B7A9164D99260972343C5FAD0C24E016 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/mental-health.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1302 |
Entropy (8bit): | 6.880653223666133 |
Encrypted: | false |
SSDEEP: | 24:8Sal1he91WwylZ82lYSqMHY1yVUNT3byJvGY8Rov+P:iqQinNuWy6NKJvL8yv+P |
MD5: | 0E58756A31693898401D549A6FD8747F |
SHA1: | 6AE148BAE1D9B4EA9CF8353B5A563FD96C2DB62F |
SHA-256: | 733985E128D61935A5CBFC671CB6A8A055952FFF6503A69DE543BF98F980DF2A |
SHA-512: | 87F4FBEE7AE08899B26BED3EEC36E72B205BA5A69AC2E90CB93F25CAF63641A4625E2E836970C8DC5491D67082374F747BAD8ACC38A34C29416F540930C68E8F |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/graphics/pdf-icon.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10253 |
Entropy (8bit): | 7.972468978592324 |
Encrypted: | false |
SSDEEP: | 192:eMFTvtFRw3WygedNX9P9+5z51HN4diI0c7aQWIAhCRdBnthIsTb4BVsECF7:1FLtPYWwHW9HmtaQnAhavzIsb44Ei |
MD5: | 4E5DEEFA8F279F99BB93C9EBECFC7B11 |
SHA1: | C335E28675D5623D124DB3C6874E09DFCA2E4C0F |
SHA-256: | 51A3393B9B1D0D215CBE3AECC4B772679AFF02C9581B07DF09035B1D0AA2C651 |
SHA-512: | 627CE68930400103E8D3DFBB0FF91F504609442192732D431AB98DF9815B478D8EDB2C2F313F89F8009FC5915F8B4F279DA25D1AA3B43B9907C8263A8C200DA5 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/school-safety.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13573 |
Entropy (8bit): | 4.988504258614964 |
Encrypted: | false |
SSDEEP: | 96:1AAN6R0m3BGTvVrGNI643LJ7DoWK3aS6pxVHbh4DfxvLLmyySOLrgneinOI6VHtt:SnR0m3mz8Y8RH+/EUh1ymGDb242oK |
MD5: | 884814DBA14EF841EC18FADE7145DDF7 |
SHA1: | F8B9924FD70BA0B42959DF852C0FDB2F6B6980B3 |
SHA-256: | D2A61C184CC788FC32DCE676C1E0D8FB6DE2EA465981069C875E50A60812EA76 |
SHA-512: | 584E41FDC4A54866B919A5802A19632C6CA36B108C86C5F93043B4456CD43AAA3BA9EF2581712D4FD76B672BE3593D556836361227E3A75ECFBC58C37D85AFFB |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/foryou/seniors.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 185 |
Entropy (8bit): | 6.185375227859527 |
Encrypted: | false |
SSDEEP: | 3:CxatOa/FA2P/OOlllMJRfyazQy38lDKKNkaaaRrExZd/7S17/Johi13sdvaDw3rR:ZtOW/OKQRfyyYDK18pExZde17Bohi9s9 |
MD5: | 6F8CB4A1EFB4DF5320B6E70E53577E59 |
SHA1: | 22845864135E6938A5DD1B7CE5C7AA44624F1318 |
SHA-256: | 0C45128E99EE08762E4CBB4333C5FFB0C95149B8C3BCCED7A84FB37423CE8C33 |
SHA-512: | BAADE3D47511B8FC9BFE0EAB9C60AAF9104749544B7A24C7A8BE076B1F3F4DD4C2CDAF9902E8C096907CED9B7FDA11CABF6951A45BB758947DFD429498A94BE7 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/css/graphics/smallA.gif |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12135 |
Entropy (8bit): | 5.0121308162835 |
Encrypted: | false |
SSDEEP: | 96:1AA1GR0m3BGTvVrGNI643LJ7DoWK3aS6pxVHbh4DfxvLLmyySCM5hlAea2c9Wcy0:SLR0m3mz8Y8RHNvkth62oK |
MD5: | 2705710F50F1FCD80BBE013CFAF39709 |
SHA1: | 31A4D90A2A00B3C49F16FB0997601E47C2B53E01 |
SHA-256: | 7DDE0955645983167AD367FA1C4997027D8DC8743E7DD25556DFAB48C8FF680F |
SHA-512: | 6A108689C5B6C5A1295BCFA241E49A0801493D57A76CFA9DF08B2D6C15C91DE97AFE0FB1F65C0EF002C54ADDC126F1529066FCDDAF85E8623BFCBA290CADC6A5 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/foryou/teens.htm |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9400 |
Entropy (8bit): | 5.085927853718149 |
Encrypted: | false |
SSDEEP: | 192:0VKJv9DBzBv6YMTFQOln1aCj9ZWL270OLyodQXtK2PYvC8RrR0Y3UpHqsh:0VKJlDlV6YMxhEKbOEyodQXtK8n |
MD5: | FA5AFDC96A59C9AA5A98DF57BC45A39F |
SHA1: | 5E596B4E91600A002A11F7CA90B8D55CC9FBE0DA |
SHA-256: | 656F1D9D07AAB96BAD6BF14A06A823837AD32C79F94B4082AE01221E233B26BD |
SHA-512: | 1D059FB79C04E90F56B1309C92500EEEF1922683BE8334F7A9F4DEE6A8978F6E61F59CCD457CB90180054374C449FFF453F1A9864F9BC75F2953DDDDFD573B8A |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/scripts/textsizer2.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5219 |
Entropy (8bit): | 5.046059813833912 |
Encrypted: | false |
SSDEEP: | 96:8IRZqnvtiIkyEwmNeYMvAxerL5J6B82o231/BgYrCDgZrSvJLj0zE3bdCAHEsh:8IRZsv0E5mNofr6rF3Ra8CpR0Y34AHE2 |
MD5: | 62BC4FEA155137DB1B998918DD1E30BF |
SHA1: | D91108573500AD5AF21159209A97A4C097B43737 |
SHA-256: | 6C4417DE30F53EB52ED26D95EB080F7A14F9F3DA1E522901443A8EAC5B3A8F0D |
SHA-512: | 1F714211545A997C483622B23D54AC2BD8AFEF12223ACBD5DF9427D860DDAD9C82A8EECC9BF4E59539F66A76C6005FD673F17EA8E006C2C1D27743387AEFE2B6 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/scripts/textsizer.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 38861 |
Entropy (8bit): | 7.965890707861492 |
Encrypted: | false |
SSDEEP: | 768:0E0ydRJvF/yLfSRIrdGXij8NNLSwfNM5YFv1eMa:Xja2pSjGZHfG29a |
MD5: | 0EE5FD39F46045C84BB6EBECBF8035D6 |
SHA1: | 8BC1DEF29E22D9F2480272E0948644564F6480F9 |
SHA-256: | 79B552F5C7B43E7184AE479DE4E41DFDF311D326400FAC2AA60A895C02C0E3E9 |
SHA-512: | 9E431D5D89D3B7966838A0F9BE231400B0DA798B7600C83D09C9923607C029B00C04F51523BCAD5BDD304A048409B8E473C4A3AE51B0671968E933CC1A0AA0EA |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/graphics/slider/1095b.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1101 |
Entropy (8bit): | 6.1898529070992145 |
Encrypted: | false |
SSDEEP: | 24:UKr1he91WwylZ82lYSqMHYmV0+T3byJCpkrsGp+qqxk:dqQinNuLu+KJpQiq+ |
MD5: | 2198620B55C9E0808BD423C218843660 |
SHA1: | B1976497D135C384A95412550A6579FF96459935 |
SHA-256: | 5E51CC6743CA4A799CF3C90E5B39563AFEFBA89216DB4937CA127068E6260810 |
SHA-512: | 631A13D759EBB57E77F4053B70338E299B0F513F9E9EC0E7ACCED6614CFB9BD8393297307B4615E0E71E679C25E6AA747122A77DAD997AD917A62D879043EB2A |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/a-med.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1119 |
Entropy (8bit): | 6.171306254385598 |
Encrypted: | false |
SSDEEP: | 24:UKr1he91WwylZ82lYSqMHYjAQqV1Q+T3byJCpkrsG5vlM94b9:dqQinNu3zTDKJpQl94b9 |
MD5: | 185F7A43C690C8A0D73568B61A751161 |
SHA1: | FB523EDD5FB90035890C85AE341A6F1661410D97 |
SHA-256: | F8A7A8A27A10AAB2211459D24E83D801F3FE140D898E47417A85E00A8E3DA5B0 |
SHA-512: | 8EA917CEFE5ACAA3C1C0F8406AA2748130C8F6EA02B1AC850CDED26CE7785A84860036FE35BE54359CCE0E47440D76CEFBD4F87914FB2F14FDD10D8E2664DD32 |
Malicious: | false |
IE Cache URL: | https://www.nh.gov/covid19/css/graphics/a-small.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12691 |
Entropy (8bit): | 5.051305468378174 |
Encrypted: | false |
SSDEEP: | 96:1AAzGR0m3BGTvVrGNI643LJ7DoWK3aS6pxVHbh4DfxvLLmyyS4MRc/jl0Meqm7mM:S/R0m3mz8Y8RHvksqjBT3T2oK |
MD5: | 85B0F79695E7ED054B29DB8302CA25D5 |
SHA1: | 658F62645B373DFDBEC811C65C03EC4C86251468 |
SHA-256: | 191244EEE601C101C32E698C4D89F0AF93254DD857A98C205EC63F68985FEEA1 |
SHA-512: | EE9AC9A00284C15B5983E0E47FAB8095D6F085E24A47CAFE1F0C6DC9C6094CE80681976B4A707522254FB1FAE8B7946F4D14B7AA4EC45351AB98BE1D36F73FA3 |
Malicious: | false |
IE Cache URL: | https://www.dhhs.nh.gov/foryou/adults.htm |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 7.5515864823583705 |
TrID: |
|
File name: | COVID19open_closedPodsVACCINE_LETTER2B.docx |
File size: | 22673 |
MD5: | e65769cca6ce8214adf674a8001d83b4 |
SHA1: | d3800da27e0aa660f04da269b5392fb3f4c26eb5 |
SHA256: | b0ecb837f4df662ff941ce2cdb64cea78b07c22b1e9ad0d328229aa9dd9f1996 |
SHA512: | 4fb1b69222aa92bd97145eb707a9249ea97a9dfd535cb4adbd0b0debc6c5ca715534d1409db3046d922281187e76eb215e540141d2cbc7a2db444aa9150537a6 |
SSDEEP: | 384:T18xovaJhkQ80FRJNtdpzUbXA530bw0uBGM/xhQl9lce0DIdPuO:BcMaJhkQ9T1eXwEbwZxhQlwe0kd/ |
File Content Preview: | PK..........!.i...o...........[Content_Types].xml ...(......................................................................................................................................................................................................... |
File Icon |
---|
Icon Hash: | 74fcd0d2d6d6d0cc |
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 16, 2021 16:22:12.025783062 CET | 49723 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:12.026664972 CET | 49724 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:12.174304008 CET | 80 | 49723 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:12.174515963 CET | 49723 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:12.175271034 CET | 80 | 49724 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:12.175415993 CET | 49724 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:12.611895084 CET | 49723 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:12.764082909 CET | 80 | 49723 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:12.764265060 CET | 49723 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.104409933 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.252722979 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.252826929 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.263142109 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.415457964 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.415497065 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.415649891 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.415676117 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.415740013 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.653018951 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.661058903 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.807749033 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.807909966 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.823383093 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.823434114 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.823455095 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.823474884 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.823494911 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.823512077 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:13.823714018 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.823772907 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:13.983458996 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.000679016 CET | 49727 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.002768993 CET | 49726 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.057692051 CET | 49724 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.058132887 CET | 49723 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.124123096 CET | 49728 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.125866890 CET | 49729 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.126341105 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.126430988 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.127008915 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127039909 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127062082 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127079964 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.127088070 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127113104 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127121925 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.127134085 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127150059 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127187967 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.127213001 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.127314091 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127338886 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127362013 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127365112 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.127399921 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127410889 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.127424955 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127449989 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.127453089 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.127499104 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.128088951 CET | 49730 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.145584106 CET | 443 | 49726 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.145872116 CET | 49726 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.147062063 CET | 443 | 49727 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.147326946 CET | 49727 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.199623108 CET | 80 | 49724 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.199675083 CET | 80 | 49723 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.199862003 CET | 49724 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.199923038 CET | 49723 | 80 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.270086050 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.270126104 CET | 443 | 49729 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.270144939 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.270308018 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.270359039 CET | 49729 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.270360947 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.270649910 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.270685911 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.270708084 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.270728111 CET | 443 | 49725 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.270735979 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.270798922 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.271720886 CET | 443 | 49728 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.271858931 CET | 49728 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:14.276675940 CET | 443 | 49730 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:14.276870966 CET | 49730 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.399796009 CET | 49730 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.400649071 CET | 49727 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.401540041 CET | 49728 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.403879881 CET | 49729 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.405005932 CET | 49726 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.407011986 CET | 49731 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.407972097 CET | 49732 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.433610916 CET | 49725 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.541562080 CET | 443 | 49730 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:15.541749001 CET | 49730 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.542059898 CET | 443 | 49729 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:15.542177916 CET | 49729 | 443 | 192.168.2.5 | 199.192.8.2 |
Feb 16, 2021 16:22:15.543102026 CET | 443 | 49727 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:15.543135881 CET | 443 | 49726 | 199.192.8.2 | 192.168.2.5 |
Feb 16, 2021 16:22:15.543224096 CET | 49727 | 443 | 192.168.2.5 | 199.192.8.2 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 16, 2021 16:21:28.131097078 CET | 62060 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:28.180052996 CET | 53 | 62060 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:28.544234991 CET | 61805 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:28.592845917 CET | 53 | 61805 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:28.710880041 CET | 54795 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:28.759525061 CET | 53 | 54795 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:28.892354965 CET | 49557 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:28.941030979 CET | 53 | 49557 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:29.845263004 CET | 61733 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:29.893956900 CET | 53 | 61733 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:30.836529970 CET | 65447 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:30.888127089 CET | 53 | 65447 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:31.821074009 CET | 52441 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:31.854044914 CET | 62176 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:31.869800091 CET | 53 | 52441 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:31.913322926 CET | 53 | 62176 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:33.086740017 CET | 59596 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:33.138250113 CET | 53 | 59596 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:34.419207096 CET | 65296 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:34.470812082 CET | 53 | 65296 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:35.419163942 CET | 63183 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:35.478086948 CET | 53 | 63183 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:36.419938087 CET | 60151 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:36.480293989 CET | 53 | 60151 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:38.013650894 CET | 56969 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:38.074920893 CET | 53 | 56969 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:38.718040943 CET | 55161 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:38.779277086 CET | 53 | 55161 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:39.733527899 CET | 55161 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:39.793543100 CET | 53 | 55161 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:40.512177944 CET | 54757 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:40.563683033 CET | 53 | 54757 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:40.734600067 CET | 55161 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:40.806994915 CET | 53 | 55161 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:42.734707117 CET | 55161 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:42.796477079 CET | 53 | 55161 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:46.735449076 CET | 55161 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:46.786978006 CET | 53 | 55161 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:21:53.062922955 CET | 49992 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:21:53.123383999 CET | 53 | 49992 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:05.905042887 CET | 60075 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:05.953649044 CET | 53 | 60075 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:09.147198915 CET | 55016 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:09.205722094 CET | 53 | 55016 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:11.948128939 CET | 64345 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:12.005139112 CET | 53 | 64345 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:15.669120073 CET | 57128 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:15.734307051 CET | 53 | 57128 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:17.736448050 CET | 54791 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:17.804577112 CET | 53 | 54791 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:18.391002893 CET | 50463 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:18.452732086 CET | 53 | 50463 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:23.981286049 CET | 50394 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:24.038399935 CET | 53 | 50394 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:25.465296030 CET | 58530 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:25.522521019 CET | 53 | 58530 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:26.797080994 CET | 53813 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:26.855427027 CET | 53 | 53813 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:39.140122890 CET | 63732 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:39.188878059 CET | 53 | 63732 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:40.138379097 CET | 57344 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:40.146007061 CET | 63732 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:40.187081099 CET | 53 | 57344 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:40.194535017 CET | 53 | 63732 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:41.151881933 CET | 57344 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:41.153476954 CET | 63732 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:41.200995922 CET | 53 | 57344 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:41.202064037 CET | 53 | 63732 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:42.166739941 CET | 57344 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:42.215450048 CET | 53 | 57344 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:43.161668062 CET | 63732 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:43.210333109 CET | 53 | 63732 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:44.162380934 CET | 57344 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:44.214438915 CET | 53 | 57344 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:46.466605902 CET | 54450 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:46.529272079 CET | 53 | 54450 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:47.163561106 CET | 63732 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:47.212179899 CET | 53 | 63732 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:22:48.207211018 CET | 57344 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:22:48.255954981 CET | 53 | 57344 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:22.715972900 CET | 59261 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:22.773077011 CET | 53 | 59261 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:26.959098101 CET | 57151 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:27.016474009 CET | 53 | 57151 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:28.360130072 CET | 59413 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:28.655316114 CET | 53 | 59413 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:33.064213991 CET | 60516 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:33.153119087 CET | 53 | 60516 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:34.064987898 CET | 51649 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:34.126828909 CET | 53 | 51649 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:34.983330965 CET | 65086 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:35.045672894 CET | 53 | 65086 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:35.891943932 CET | 56432 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:35.951744080 CET | 53 | 56432 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:37.687438011 CET | 52929 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:37.736282110 CET | 53 | 52929 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:38.429588079 CET | 64317 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:38.478140116 CET | 53 | 64317 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:39.342247009 CET | 61004 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:39.390860081 CET | 53 | 61004 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:39.630076885 CET | 56895 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:39.681757927 CET | 53 | 56895 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:40.224020958 CET | 62372 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:40.291549921 CET | 53 | 62372 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:40.358491898 CET | 61515 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:40.423881054 CET | 53 | 61515 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:41.419723988 CET | 56675 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:41.479847908 CET | 53 | 56675 | 8.8.8.8 | 192.168.2.5 |
Feb 16, 2021 16:23:42.253778934 CET | 57172 | 53 | 192.168.2.5 | 8.8.8.8 |
Feb 16, 2021 16:23:42.311949968 CET | 53 | 57172 | 8.8.8.8 | 192.168.2.5 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Feb 16, 2021 16:22:11.948128939 CET | 192.168.2.5 | 8.8.8.8 | 0xfe31 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 16, 2021 16:23:22.715972900 CET | 192.168.2.5 | 8.8.8.8 | 0x8993 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 16, 2021 16:23:26.959098101 CET | 192.168.2.5 | 8.8.8.8 | 0x4606 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 16, 2021 16:23:28.360130072 CET | 192.168.2.5 | 8.8.8.8 | 0x949b | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Feb 16, 2021 16:22:12.005139112 CET | 8.8.8.8 | 192.168.2.5 | 0xfe31 | No error (0) | www.dhhs.state.nh.us | CNAME (Canonical name) | IN (0x0001) | ||
Feb 16, 2021 16:22:12.005139112 CET | 8.8.8.8 | 192.168.2.5 | 0xfe31 | No error (0) | 199.192.8.2 | A (IP address) | IN (0x0001) | ||
Feb 16, 2021 16:23:22.773077011 CET | 8.8.8.8 | 192.168.2.5 | 0x8993 | No error (0) | www.dhhs.state.nh.us | CNAME (Canonical name) | IN (0x0001) | ||
Feb 16, 2021 16:23:22.773077011 CET | 8.8.8.8 | 192.168.2.5 | 0x8993 | No error (0) | 199.192.8.2 | A (IP address) | IN (0x0001) | ||
Feb 16, 2021 16:23:27.016474009 CET | 8.8.8.8 | 192.168.2.5 | 0x4606 | No error (0) | 199.192.8.2 | A (IP address) | IN (0x0001) | ||
Feb 16, 2021 16:23:28.655316114 CET | 8.8.8.8 | 192.168.2.5 | 0x949b | No error (0) | 199.192.8.2 | A (IP address) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.5 | 49723 | 199.192.8.2 | 80 | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Feb 16, 2021 16:22:12.611895084 CET | 1266 | OUT | |
Feb 16, 2021 16:22:12.764082909 CET | 1267 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 199.192.8.2 | 80 | 192.168.2.5 | 49724 | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Feb 16, 2021 16:22:14.199623108 CET | 1298 | IN |
HTTPS Packets |
---|
Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
---|---|---|---|---|---|---|---|---|---|---|
Feb 16, 2021 16:22:13.415649891 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49725 | CN=dhhs.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 17:39:02 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 20:01:06 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:23:23.071377039 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49749 | CN=dhhs.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 17:39:02 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 20:01:06 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0 | 37f463bf4616ecd445d4a1937da06e19 |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:23:27.320533037 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49750 | CN=nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BE | CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Thu Jan 07 16:51:01 CET 2021 Wed Nov 21 01:00:00 CET 2018 | Thu Sep 09 14:46:05 CEST 2021 Tue Nov 21 01:00:00 CET 2028 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Wed Nov 21 01:00:00 CET 2018 | Tue Nov 21 01:00:00 CET 2028 | |||||||
Feb 16, 2021 16:23:27.322099924 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49751 | CN=nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BE | CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Thu Jan 07 16:51:01 CET 2021 Wed Nov 21 01:00:00 CET 2018 | Thu Sep 09 14:46:05 CEST 2021 Tue Nov 21 01:00:00 CET 2028 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Wed Nov 21 01:00:00 CET 2018 | Tue Nov 21 01:00:00 CET 2028 | |||||||
Feb 16, 2021 16:23:28.950881958 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49760 | CN=app-support.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 16:41:10 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 14:51:11 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:23:28.951427937 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49761 | CN=app-support.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 16:41:10 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 14:51:11 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:23:28.952521086 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49762 | CN=app-support.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 16:41:10 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 14:51:11 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:23:28.959393978 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49764 | CN=app-support.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 16:41:10 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 14:51:11 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:23:28.970336914 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49763 | CN=app-support.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 16:41:10 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 14:51:11 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:23:28.971134901 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49765 | CN=app-support.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 16:41:10 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 14:51:11 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:23:29.259805918 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49767 | CN=app-support.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 16:41:10 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 14:51:11 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 | |||||||
Feb 16, 2021 16:23:29.261260033 CET | 199.192.8.2 | 443 | 192.168.2.5 | 49766 | CN=app-support.nh.gov, O=State of New Hampshire, L=Concord, ST=New Hampshire, C=US CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Mon Jan 14 16:41:10 CET 2019 Tue Aug 02 12:00:00 CEST 2011 | Sat Mar 13 14:51:11 CET 2021 Tue Aug 02 12:00:00 CEST 2022 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE | CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 | Tue Aug 02 12:00:00 CEST 2011 | Tue Aug 02 12:00:00 CEST 2022 |
Code Manipulations |
---|
Statistics |
---|
Behavior |
---|
Click to jump to process
System Behavior |
---|
General |
---|
Start time: | 16:21:35 |
Start date: | 16/02/2021 |
Path: | C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xfb0000 |
File size: | 1937688 bytes |
MD5 hash: | 0B9AB9B9C4DE429473D6450D4297A123 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
General |
---|
Start time: | 16:22:07 |
Start date: | 16/02/2021 |
Path: | C:\Program Files\internet explorer\iexplore.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff63cb80000 |
File size: | 823560 bytes |
MD5 hash: | 6465CB92B25A7BC1DF8E01D8AC5E7596 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
General |
---|
Start time: | 16:22:08 |
Start date: | 16/02/2021 |
Path: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x50000 |
File size: | 822536 bytes |
MD5 hash: | 071277CC2E3DF41EEEA8013E2AB58D5A |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Disassembly |
---|