Play interactive tour

Edit tour

Analysis Report https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq

Overview

General Information

Sample URL:	https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq
Analysis ID:	356834
Infos:
Most interesting Screenshot:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Classification

Startup

System is w10x64

iexplore.exe (PID: 580 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 5392 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:580 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus / Scanner detection for submitted sample

Show sources

Source: https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq

SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Antivirus detection for URL or domain

Show sources

Source: https://dy2ln.csb.app/

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Compliance:

Uses new MSVCR Dlls

Show sources

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Uses secure TLS version for HTTPS connections

Show sources

Source: unknown	HTTPS traffic detected: 185.235.236.201:443 -> 192.168.2.7:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.201:443 -> 192.168.2.7:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.197:443 -> 192.168.2.7:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.197:443 -> 192.168.2.7:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.200:443 -> 192.168.2.7:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.200:443 -> 192.168.2.7:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.26.114:443 -> 192.168.2.7:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.26.114:443 -> 192.168.2.7:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49743 version: TLS 1.2

Networking:

Source: unknown

DNS traffic detected: queries for: app.box.com

Source: preview[1].js.2.dr	String found in binary or memory: http://blog.stevenlevithan.com/archives/parseuri
Source: preview[1].js.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: core.min[1].js.2.dr	String found in binary or memory: http://rock.mit-license.org
Source: preview[1].js.2.dr	String found in binary or memory: http://www.box.com)
Source: {70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://app.box.c3tf7iumvvg3c3q6e7udjiq7o0yealqRoot
Source: {70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://app.box.cRoot
Source: {70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://app.box.chttps://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq
Source: {70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq
Source: {70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealqRGuardian
Source: {70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealqRoot
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/android-chrome-192x192-96i97M.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-114x114-busq-D.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-120x120-K-u4U5.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-144x144-va9pYs.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-152x152-r5tWgh.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-180x180-tV001c.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/favicon-16x16-_kQSW4.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr, imagestore.dat.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/favicon-96x96-XU7UE1.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/mstile-144x144-pllCM8.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-16x16-Ou5N87.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-32x32-brwW_W.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-96x96-TOQ9Kg.png
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-EHWWyP.ico
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/safari-pinned-tab-jyt2W4.svg
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/app.e93a3fd295.css
Source: messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd[1].css.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff)
Source: messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd[1].css.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2)
Source: messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd[1].css.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff)
Source: messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd[1].css.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2)
Source: 4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	String found in binary or memory: https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-woff.css
Source: MUI8VD1X.htm.2.dr	String found in binary or memory: https://codesandbox.io/static/browserfs12/browserfs.min.js
Source: MUI8VD1X.htm.2.dr	String found in binary or memory: https://codesandbox.io/static/js/common-sandbox.71780db40.chunk.js
Source: MUI8VD1X.htm.2.dr	String found in binary or memory: https://codesandbox.io/static/js/default~app~embed~sandbox.cc6bf977b.chunk.js
Source: MUI8VD1X.htm.2.dr	String found in binary or memory: https://codesandbox.io/static/js/sandbox-startup.788fc841a.js
Source: MUI8VD1X.htm.2.dr	String found in binary or memory: https://codesandbox.io/static/js/sandbox.ba8055760.js
Source: MUI8VD1X.htm.2.dr	String found in binary or memory: https://codesandbox.io/static/js/vendors~app~codemirror-editor~monaco-editor~sandbox.e68dd7bee.chunk
Source: MUI8VD1X.htm.2.dr	String found in binary or memory: https://codesandbox.io/static/js/vendors~app~embed~sandbox-startup.10f5f18b4.chunk.js
Source: MUI8VD1X.htm.2.dr	String found in binary or memory: https://codesandbox.io/static/js/vendors~app~sandbox.b5f1eee3a.chunk.js
Source: MUI8VD1X.htm.2.dr	String found in binary or memory: https://codesandbox.io/static/js/vendors~sandbox.4c1b5e5ac.chunk.js
Source: {70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://dy2ln.csb.app/
Source: content[1].pdf.2.dr	String found in binary or memory: https://dy2ln.csb.app/)
Source: {70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://dy2ln.csb.app/3tf7iumvvg3c3q6e7udjiq7o0yealq
Source: {70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://dy2ln.csb.app/4c3tf7iumvvg3c3q6e7udjiq7o0yealq
Source: imagestore.dat.2.dr	String found in binary or memory: https://dy2ln.csb.app/favicon.ico
Source: imagestore.dat.2.dr	String found in binary or memory: https://dy2ln.csb.app/favicon.ico~
Source: preview[1].js.2.dr	String found in binary or memory: https://feross.org
Source: preview[1].js.2.dr	String found in binary or memory: https://github.com/derek-watson/jsUri
Source: core.min[1].js.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: preview[1].js.2.dr	String found in binary or memory: https://support.box.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 185.235.236.201:443 -> 192.168.2.7:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.201:443 -> 192.168.2.7:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.197:443 -> 192.168.2.7:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.197:443 -> 192.168.2.7:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.200:443 -> 192.168.2.7:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.235.236.200:443 -> 192.168.2.7:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.26.114:443 -> 192.168.2.7:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.26.114:443 -> 192.168.2.7:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.22.207:443 -> 192.168.2.7:49743 version: TLS 1.2

System Summary:

Source: classification engine

Classification label: mal56.win@3/63@7/5

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{70671297-7640-11EB-90E6-ECF4BB82F7E0}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user~1\AppData\Local\Temp\~DF06DEECED06AE8102.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknown	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:580 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:580 CREDAT:17410 /prefetch:2

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Windows\SysWOW64\Macromed\Flash\ss.cfg

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq	0%	Virustotal		Browse
https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq	0%	Avira URL Cloud	safe
https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
dy2ln.csb.app	0%	Virustotal		Browse
cdn01.boxcdn.net	0%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label	Link
https://dy2ln.csb.app/	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-EHWWyP.ico	0%	Virustotal		Browse
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-EHWWyP.ico	0%	Avira URL Cloud	safe
https://dy2ln.csb.app/4c3tf7iumvvg3c3q6e7udjiq7o0yealq	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/app.e93a3fd295.css	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2)	0%	URL Reputation	safe
https://app.box.c3tf7iumvvg3c3q6e7udjiq7o0yealqRoot	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-144x144-va9pYs.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-144x144-va9pYs.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-144x144-va9pYs.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-16x16-Ou5N87.png	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/_assets/img/favicons/android-chrome-192x192-96i97M.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/android-chrome-192x192-96i97M.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/android-chrome-192x192-96i97M.png	0%	URL Reputation	safe
https://dy2ln.csb.app/favicon.ico	0%	Avira URL Cloud	safe
http://jedwatson.github.io/classnames	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/_assets/img/favicons/safari-pinned-tab-jyt2W4.svg	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/safari-pinned-tab-jyt2W4.svg	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/safari-pinned-tab-jyt2W4.svg	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-96x96-XU7UE1.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-96x96-XU7UE1.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-96x96-XU7UE1.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-152x152-r5tWgh.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-152x152-r5tWgh.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-152x152-r5tWgh.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-16x16-_kQSW4.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-16x16-_kQSW4.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-16x16-_kQSW4.png	0%	URL Reputation	safe
https://dy2ln.csb.app/favicon.ico~	0%	Avira URL Cloud	safe
https://app.box.chttps://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq	0%	Avira URL Cloud	safe
https://app.box.cRoot	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff)	0%	URL Reputation	safe
https://dy2ln.csb.app/)	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-woff.css	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-114x114-busq-D.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-114x114-busq-D.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-114x114-busq-D.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-96x96-TOQ9Kg.png	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-32x32-brwW_W.png	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-120x120-K-u4U5.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-120x120-K-u4U5.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-120x120-K-u4U5.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff)	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/mstile-144x144-pllCM8.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/mstile-144x144-pllCM8.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/mstile-144x144-pllCM8.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png	0%	URL Reputation	safe
http://www.box.com)	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-180x180-tV001c.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-180x180-tV001c.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-180x180-tV001c.png	0%	URL Reputation	safe
https://dy2ln.csb.app/3tf7iumvvg3c3q6e7udjiq7o0yealq	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
api.box.com	185.235.236.197	true	false		high
public.boxcloud.com	185.235.236.200	true	false		high
codesandbox.io	104.18.22.207	true	false		high
app.box.com	185.235.236.201	true	false		high
dy2ln.csb.app	104.18.26.114	true	false	0%, Virustotal, Browse	unknown
cdn01.boxcdn.net	unknown	unknown	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq	false		high
https://dy2ln.csb.app/	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-EHWWyP.ico	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://dy2ln.csb.app/4c3tf7iumvvg3c3q6e7udjiq7o0yealq	{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	true	Avira URL Cloud: safe	unknown
https://github.com/zloirock/core-js	core.min[1].js.2.dr	false		high
https://cdn01.boxcdn.net/enduser/app.e93a3fd295.css	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2)	messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd[1].css.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://codesandbox.io/static/js/sandbox-startup.788fc841a.js	MUI8VD1X.htm.2.dr	false		high
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2)	messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd[1].css.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://codesandbox.io/static/js/vendors~sandbox.4c1b5e5ac.chunk.js	MUI8VD1X.htm.2.dr	false		high
https://app.box.c3tf7iumvvg3c3q6e7udjiq7o0yealqRoot	{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-144x144-va9pYs.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://codesandbox.io/static/js/default~app~embed~sandbox.cc6bf977b.chunk.js	MUI8VD1X.htm.2.dr	false		high
https://codesandbox.io/static/browserfs12/browserfs.min.js	MUI8VD1X.htm.2.dr	false		high
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-16x16-Ou5N87.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://codesandbox.io/static/js/common-sandbox.71780db40.chunk.js	MUI8VD1X.htm.2.dr	false		high
https://codesandbox.io/static/js/vendors~app~codemirror-editor~monaco-editor~sandbox.e68dd7bee.chunk	MUI8VD1X.htm.2.dr	false		high
https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealqRoot	{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false		high
https://cdn01.boxcdn.net/_assets/img/favicons/android-chrome-192x192-96i97M.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://dy2ln.csb.app/favicon.ico	imagestore.dat.2.dr	true	Avira URL Cloud: safe	unknown
http://jedwatson.github.io/classnames	preview[1].js.2.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/safari-pinned-tab-jyt2W4.svg	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealqRGuardian	{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false		high
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-96x96-XU7UE1.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-152x152-r5tWgh.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-16x16-_kQSW4.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://dy2ln.csb.app/favicon.ico~	imagestore.dat.2.dr	true	Avira URL Cloud: safe	unknown
https://app.box.chttps://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq	{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	true	Avira URL Cloud: safe	unknown
https://app.box.cRoot	{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff)	messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd[1].css.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://codesandbox.io/static/js/vendors~app~sandbox.b5f1eee3a.chunk.js	MUI8VD1X.htm.2.dr	false		high
https://dy2ln.csb.app/)	content[1].pdf.2.dr	true	Avira URL Cloud: safe	unknown
http://blog.stevenlevithan.com/archives/parseuri	preview[1].js.2.dr	false		high
https://feross.org	preview[1].js.2.dr	false		high
https://github.com/derek-watson/jsUri	preview[1].js.2.dr	false		high
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-woff.css	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://support.box.com	preview[1].js.2.dr	false		high
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-114x114-busq-D.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://rock.mit-license.org	core.min[1].js.2.dr	false		high
https://dy2ln.csb.app/	{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-96x96-TOQ9Kg.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://codesandbox.io/static/js/sandbox.ba8055760.js	MUI8VD1X.htm.2.dr	false		high
https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-32x32-brwW_W.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-120x120-K-u4U5.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff)	messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd[1].css.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/mstile-144x144-pllCM8.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr, imagestore.dat.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.box.com)	preview[1].js.2.dr	false	Avira URL Cloud: safe	low
https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-180x180-tV001c.png	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://dy2ln.csb.app/3tf7iumvvg3c3q6e7udjiq7o0yealq	{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	true	Avira URL Cloud: safe	unknown
https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq	{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false		high
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico	4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://codesandbox.io/static/js/vendors~app~embed~sandbox-startup.10f5f18b4.chunk.js	MUI8VD1X.htm.2.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
185.235.236.200	unknown	Germany	33011	BOXNETUS	false
104.18.22.207	unknown	United States	13335	CLOUDFLARENETUS	false
185.235.236.197	unknown	Germany	33011	BOXNETUS	false
185.235.236.201	unknown	Germany	33011	BOXNETUS	false
104.18.26.114	unknown	United States	13335	CLOUDFLARENETUS	false

General Information

Joe Sandbox Version:	31.0.0 Emerald
Analysis ID:	356834
Start date:	23.02.2021
Start time:	17:33:42
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 5m 13s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	27
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.win@3/63@7/5
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: https://dy2ln.csb.app/
Warnings:	Show All Exclude process from analysis (whitelisted): taskhostw.exe, MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, ielowutil.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, wuapihost.exe TCP Packets have been reduced to 100 Excluded IPs from analysis (whitelisted): 52.255.188.83, 13.64.90.137, 23.211.6.115, 168.61.161.212, 104.42.151.234, 88.221.62.148, 104.18.103.56, 104.16.74.20, 23.218.208.56, 152.199.19.161, 51.104.139.180, 2.20.142.209, 2.20.142.210, 51.103.5.159, 92.122.213.247, 92.122.213.194, 52.155.217.156, 20.54.26.129 Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, arc.msn.com.nsatc.net, store-images.s-microsoft.com-c.edgekey.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, vip1-par02p.wns.notify.trafficmanager.net, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, e12564.dspb.akamaiedge.net, wns.notify.trafficmanager.net, go.microsoft.com, audownload.windowsupdate.nsatc.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, skypedataprdcolwus17.cloudapp.net, client.wns.windows.com, fs.microsoft.com, ie9comview.vo.msecnd.net, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, displaycatalog.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, skypedataprdcolcus17.cloudapp.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, ris.api.iris.microsoft.com, skypedataprdcoleus17.cloudapp.net, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, skypedataprdcolwus16.cloudapp.net, cdn01.boxcdn.net.cdn.cloudflare.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net, cs9.wpc.v0cdn.net Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\IUHEMSR9\dy2ln.csb[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.469670487371862
Encrypted:	false
SSDEEP:	3:D90aKb:JFKb
MD5:	C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
SHA1:	35E3224FCBD3E1AF306F2B6A2C6BBEA9B0867966
SHA-256:	B71E4D17274636B97179BA2D97C742735B6510EB54F22893D3A2DAFF2CEB28DB
SHA-512:	6BE8CEC7C862AFAE5B37AA32DC5BB45912881A3276606DA41BF808A4EF92C318B355E616BF45A257B995520D72B7C08752C0BE445DCEADE5CF79F73480910FED
Malicious:	false
Reputation:	low
Preview:	<root></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\T8DRMTJ1\app.box[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2785
Entropy (8bit):	5.0363616731661836
Encrypted:	false
SSDEEP:	48:0JQhEannQUEannQY9vQUEannQUEannQY95QUEannQUEa7QUEa7QlQUEa7QgQUEa/:EQfnQWnQ2QWnQWnQQQWnQYQYQlQYQgQ2
MD5:	5AFA9A71F2AC1B69A2EFA9E3A5F904CF
SHA1:	CFA76B5615C29101B11A61EDCF14151C32A51FE9
SHA-256:	D0EA4AEF47CDC50483AC7864BE7CFB357F394A024CCFE5962D999C36648B2FA3
SHA-512:	2CA9AAFEF4D6C6AE8B4B1B03AEF940B75C568DABFC7D5B915BA33F590C901153A49150EC7DB3A863E2F8D37392F8BAD74AE250958DA7AEDDA6561F5B7E943714
Malicious:	false
Reputation:	low
Preview:	<root></root><root></root><root><item name="key" value="value" ltime="888891472" htime="30870093" /></root><root></root><root></root><root></root><root></root><root></root><root><item name="localStore/0/bcu-uploads-reachability-cached-results" value="{}" ltime="913091472" htime="30870093" /></root><root><item name="localStore/0/bcu-uploads-reachability-cached-results" value="{}" ltime="913091472" htime="30870093" /><item name="__storage_test__" value="__storage_test__" ltime="930281472" htime="30870093" /></root><root><item name="localStore/0/bcu-uploads-reachability-cached-results" value="{}" ltime="913091472" htime="30870093" /></root><root><item name="localStore/0/bcu-uploads-reachability-cached-results" value="{}" ltime="913091472" htime="30870093" /><item name="__storage_test__" value="__storage_test__" ltime="930441472" htime="30870093" /></root><root><item name="localStore/0/bcu-uploads-reachability-cached-results" value="{}" ltime="913091472" htime="30870093" /></root><root><it

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{70671297-7640-11EB-90E6-ECF4BB82F7E0}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.8551481478600291
Encrypted:	false
SSDEEP:	192:riZ6ZP2jW8htVif6iozMDQBrWDQsfriljX:remeao6X0ovE
MD5:	AAB506CF0877F26AEB557A8BC24A0ABF
SHA1:	731DD0C26D9159C3ECD38E319A46D54554A0504D
SHA-256:	F8BA472D44A16490605382E62D651055738359EBE1F685E0AA7D32295CE4208D
SHA-512:	8315771ED147BCC16B78BE68AB89A058D054EA2EAC5F5812273E8B5F2A77FE3D6CBD2D58BD3503991243780F4E9365A7D5AC409450E2B0100394EFB10B10B798
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{70671299-7640-11EB-90E6-ECF4BB82F7E0}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	modified
Size (bytes):	38134
Entropy (8bit):	1.9946775442308353
Encrypted:	false
SSDEEP:	192:r/Z0Q96zk+j5X25/W5ZM5cF1zd1G1zu43Wazjs6za4TDBzQH6zkhr:rh9o44UU421K1/xfj5xg
MD5:	D251D974A21F4FB81203000FF88D46E3
SHA1:	8CA6F16A831A61A10D1544D22C1ADD0BEC3BD21A
SHA-256:	CE852C549DDB3FD153B5064F91D054F73029A2D39BD625BA67D61B1EA5C6ED5E
SHA-512:	1E6C30727B524CB2D1A8425EDE4384DFFCDB130177322ECF80E2FE2B60667F78E22FCAA4806017FC52A5C05B4AD36F05088B1D937EE14FB4739F7E1AEB3E17A5
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{76EEC4C1-7640-11EB-90E6-ECF4BB82F7E0}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.5641738956694302
Encrypted:	false
SSDEEP:	48:IwaGcprvGwpaiG4pQZGrapbStGQpKDG7HpRPTGIpG:reZZQS65BSXASTtA
MD5:	7E11CBBA0343B5307CBC080982338AE9
SHA1:	875D58D165FC0F9EC159A3A1E8536704E179A117
SHA-256:	1BC596B6198798CDEC04E8781EB2E43E895C723E712C58AD7BF77C808FE27F97
SHA-512:	55ECF638588A7C704BF184128C46B0A2BB455CFAF2BB6ED3F982851FE5EBDA364778DEEB0746B213843CBA4EB5EB7DCA16BDF75E114414C34091D1E23DA58F38
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\po60zt0\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	modified
Size (bytes):	16745
Entropy (8bit):	3.845796502921334
Encrypted:	false
SSDEEP:	96:kQvA3QENhkb4iKCu7lU82Gf4QnG3XhBraUN/OJna3Q9r/ba1QZ1r0daNA3BaACtJ:k6A36bmU8hfWr/g9aie61rPMNvp8
MD5:	6213F11D135332925B1218B499A917F2
SHA1:	02552F27626387F1A20F37E29ED903DFDDDC4361
SHA-256:	8612364AEF9DEAE7659E6F2CC74D1BE689FEA0D7BFA8E1F019A0FA8EB19DD032
SHA-512:	FA1667BBAFECACCFFAA9B6D45317A41432572224A93FEDE9C12A7E8E562918CF9F055325D68E397F74F1CC11B38BB3F422331A5D41DF784CF517AB4102404997
Malicious:	false
Reputation:	low
Preview:	F.h.t.t.p.s.:././.c.d.n.0.1...b.o.x.c.d.n...n.e.t./._.a.s.s.e.t.s./.i.m.g./.f.a.v.i.c.o.n.s./.f.a.v.i.c.o.n.-.3.2.x.3.2.-.V.w.W.3.7.b...p.n.g......PNG........IHDR... ... .....D.......gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....PLTE....a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..`.._.H..w...i....../~......2..._.1~..d..n..`..m..f..c..a....................!u..^."u............g...j......q.E....G.......................F......................g.,{.......U.....A...h..r............... u..h.:.....e.............b...]..j.......q.....}.....n.G...........b...d..v..r.. t....+{.i..z..\........z.......h..&x.@.......$w.c.....y........a...n.D.........t........a..p...j..%w.f...E...e..h.V.......=..Q..e../}...?...b..p.Y....tRNS... 78.-.....).....6...&..W.w....IDAT8.c```dbfa..X........\.X.../.##.#;..N .. .!....10..S .. *.O..(.+7>...)...@V^AQ...%e.9..T..5d!f..bW.....#+#....''...T&.o.W`hdlbjfnaiemckg....,....&

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\favicon-32x32-VwW37b[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1157
Entropy (8bit):	7.424718197664869
Encrypted:	false
SSDEEP:	24:hMkjvNSTHDyCbibxDx4fZ9qMfhkbOTKBN:hdjvA3bc9ENhkbb
MD5:	86AEDF25C0B3AE1224D92E32D80FFEF8
SHA1:	D75B54256BC48B27E6D7DF1C2A6F4635DE2FE5EE
SHA-256:	D1A4A65AC84A381199843B9722E6470470C8093885CF2A6481C2FF0DEF618C64
SHA-512:	13C4E0AF14577A4858D6E85D93E399186FD5F4AD4A836FA014D89C79673FF7E53EE9B06DE271374C70B3B15F72250075CB8F20E690AAAEE93C6698ABF7D68988
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png
Preview:	.PNG........IHDR... ... .....D.......gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....PLTE....a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..`.._.H..w...i....../~......2..._.1~..d..n..`..m..f..c..a....................!u..^."u............g...j......q.E....G.......................F......................g.,{.......U.....A...h..r............... u..h.:.....e.............b...]..j.......q.....}.....n.G...........b...d..v..r.. t....+{.i..z..\........z.......h..&x.@.......$w.c.....y........a...n.D.........t........a..p...j..%w.f...E...e..h.V.......=..Q..e../}...?...b..p.Y....tRNS... 78.-.....).....6...&..W.w....IDAT8.c```dbfa..X........\.X.../.##.#;..N .. .!....10..S .. *.O..(.+7>...)...@V^AQ...%e.9..T..5d!f..bW.....#+#....''...T&.o.W`hdlbjfnaiemckg....,....&.w..........{@`Pp..{hXxDd..BAtLl\\|BbRrJjZ.QFfVv.{.....y..r...E..2.Q%..e.....Y..22:N.Z22..U.5...u.p_h.7X.Y6F.75.....v..N....].=.}...#.b&N..<e

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\favicon[1].ico Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	15086
Entropy (8bit):	3.3068982983814266
Encrypted:	false
SSDEEP:	96:jzCu7lU82Gf4QnG3XhBraUN/OJna3Ur/ba1QZ1r0daNA3BaACtKpWXJq:jxU8hfWr/g9aWe61rPMNTpr
MD5:	0D12B0988F1DC712ABC372BA0C65F5B9
SHA1:	6F60EE69D91F6CD34C7C91006F0D9828DBF6AE2B
SHA-256:	CCD3CA64728E901AC38D851337946A53BB3D573CF39A075C8F367303B5CE673B
SHA-512:	8EBB4EE31EB956FC4540247B881A18290D40100D9C79BD3A06C254E9CB43A126AE4AD1FC4398425A1060FE731F2F200A935072051A9C84ECFDFF063C5864E418
Malicious:	false
Reputation:	low
IE Cache URL:	https://dy2ln.csb.app/favicon.ico
Preview:	......00.... ..%..6... .... ......%........ .h....6..(...0...`..... ......$............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	532
Entropy (8bit):	4.880037129828671
Encrypted:	false
SSDEEP:	12:sUNV0yu7JGW7QtiXMGiJyhXMGiJMQdUEu3WrmXMGMhXMGO:sQCQACJyhCJrdl1mshu
MD5:	F2129188D79DCC9425F90ABCCC0B59A7
SHA1:	7E59C068211D195C19C91FE2581BB359FEA828B8
SHA-256:	CBB9726F5F3DCA04530F69D2B6C0B60B22E79BA8A0800167EA6AB365B19C95A0
SHA-512:	EE40B6383A6394FB528C77C90366412A8BC2BF3FD6AE688FDA33521185680EDFA2232C3EFBC4074DC555976A5DADACC44C6B411A0AFF767B5C67CBAD6E5B0FB8
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/messagecenter~preview-components~uploads-manager-enduser.a1ab85c9dd.css
Preview:	@font-face{font-weight:400;font-family:Lato;font-style:normal;src:local("Lato Regular"),local("Lato-Regular"),url(https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff2) format("woff2"),url(https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff) format("woff")}@font-face{font-weight:700;font-family:Lato;font-style:normal;src:local("Lato Bold"),local("Lato-Bold"),url(https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff2) format("woff2"),url(https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff) format("woff")}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\pdf.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	330993
Entropy (8bit):	5.424757612418792
Encrypted:	false
SSDEEP:	3072:nFgCairre0QtIRq+VUCTBE3cxB9Bptk4RLpNKXOz:nFgKrXQMVUCtEaB9BptRRLpNKXq
MD5:	9A9AC5F2FB76274116C651226A647C95
SHA1:	EEDC500FC742C9762BF5789AE470132B2011AF77
SHA-256:	6CF4C965636CFA49500C3A95FDEF2C5F4722FD0367ED26D70A19F1A13DFFE173
SHA-512:	13132DAB411AEB5C8204171B3B350FE9B372B3ABA057F6BC3EABCE2BB5218212DDDA1A2020D9B00A986162AE5D85B88F7B3E1AAA4E7F8F7C4F63329DE48C760A
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf.min.js
Preview:	(function(c,d){"object"===typeof exports&&"object"===typeof module?module.exports=d():"function"===typeof define&&define.amd?define("pdfjs-dist/build/pdf",[],d):"object"===typeof exports?exports["pdfjs-dist/build/pdf"]=d():c["pdfjs-dist/build/pdf"]=c.pdfjsLib=d()})(this,function(){return function(c){function d(l){if(a[l])return a[l].exports;var n=a[l]={i:l,l:!1,exports:{}};c[l].call(n.exports,n,n.exports,d);n.l=!0;return n.exports}var a={};d.m=c;d.c=a;d.d=function(a,c,h){d.o(a,c)\|\|Object.defineProperty(a,.c,{enumerable:!0,get:h})};d.r=function(a){"undefined"!==typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(a,Symbol.toStringTag,{value:"Module"});Object.defineProperty(a,"__esModule",{value:!0})};d.t=function(a,c){c&1&&(a=d(a));if(c&8\|\|c&4&&"object"===typeof a&&a&&a.__esModule)return a;var h=Object.create(null);d.r(h);Object.defineProperty(h,"default",{enumerable:!0,value:a});if(c&2&&"string"!=typeof a)for(var n in a)d.d(h,n,function(h){return a[h]}.bind(null,n));return h};d.n=f

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\pdf_viewer.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	assembler source, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	7106
Entropy (8bit):	4.86865545119897
Encrypted:	false
SSDEEP:	48:HBSkOWlpuR/cRez1Zw+jkRgHGZooZeRWLxZEzpuDdZfcd7Zq0w5FFw6VFM6oFKoB:hFjp+5jwLzjmQp4LgXzQuWZqzIoSF5
MD5:	8CE5E0CD4EE723D76683E50A1A3A6C6B
SHA1:	43D9D8CEECAA52C55735CBBF46DA3AE27146018D
SHA-256:	5179C456D56674CA0C710DBC43C90DDF2710C716779D53B94BF2A018F31154DA
SHA-512:	C364D2829CE09DD139D3906BE765AD5692EFCB06570CF774A19B8B66370B2FA1B0085FAC889594CF822A67F542BDC13F11514F9BE40F0910684C395C2142963C
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf_viewer.min.css
Preview:	.textLayer{position:absolute;left:0;top:0;right:0;bottom:0;overflow:hidden;opacity:.2;line-height:1}.textLayer>span{color:transparent;position:absolute;white-space:pre;cursor:text;transform-origin:0 0}.textLayer .highlight{margin:-1px;padding:1px;background-color:#b400aa;border-radius:4px}.textLayer .highlight.begin{border-radius:4px 0 0 4px}.textLayer .highlight.end{border-radius:0 4px 4px 0}.textLayer .highlight.middle{border-radius:0}.textLayer .highlight.selected{background-color:#006400}.textLayer ::-moz-selection{background:#00f}.textLayer ::selection{background:#00f}.textLayer .endOfContent{display:block;position:absolute;left:0;top:100%;right:0;bottom:0;z-index:-1;cursor:default;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.textLayer .endOfContent.active{top:0}.annotationLayer section{position:absolute}.annotationLayer .buttonWidgetAnnotation.pushButton>a,.annotationLayer .linkAnnotation>a{position:absolute;font-size:1em;top:0;left:0;widt

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\pdf_viewer.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	102404
Entropy (8bit):	5.401114766957238
Encrypted:	false
SSDEEP:	1536:jvbatbmMCjHJYfcgL5VMCaPx0g6T/xiZVBkAi0VV:qV6jWfzL5VMzPx0g6LMtpi07
MD5:	C1B5589ABBA40B2ED3D3AE6EB0F45373
SHA1:	D3F971D2C68F79F055E986F687F5F259DAED3226
SHA-256:	8FC790E9167754C61FFCD21E2382D2B6F55903C708239A5CDC7A15748F864B1B
SHA-512:	A10AD32428C2BF3A815C5F594C390812CA8FF9B7FAE49591CB9D2DBC7BDBEF70199808B69687A259F785DA80C9D49EE8E2FB300BE63B837ACBBA133D4DFD251B
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf_viewer.min.js
Preview:	(function(q,f){"object"===typeof exports&&"object"===typeof module?module.exports=f():"function"===typeof define&&define.amd?define("pdfjs-dist/web/pdf_viewer",[],f):"object"===typeof exports?exports["pdfjs-dist/web/pdf_viewer"]=f():q["pdfjs-dist/web/pdf_viewer"]=q.pdfjsViewer=f()})(this,function(){return function(q){function f(h){if(m[h])return m[h].exports;var k=m[h]={i:h,l:!1,exports:{}};q[h].call(k.exports,k,k.exports,f);k.l=!0;return k.exports}var m={};f.m=q;f.c=m;f.d=function(h,k,m){f.o(h,k)\|\|.Object.defineProperty(h,k,{enumerable:!0,get:m})};f.r=function(f){"undefined"!==typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(f,Symbol.toStringTag,{value:"Module"});Object.defineProperty(f,"__esModule",{value:!0})};f.t=function(h,k){k&1&&(h=f(h));if(k&8\|\|k&4&&"object"===typeof h&&h&&h.__esModule)return h;var m=Object.create(null);f.r(m);Object.defineProperty(m,"default",{enumerable:!0,value:h});if(k&2&&"string"!=typeof h)for(var n in h)f.d(m,n,function(f){return h[f]}.bind(null,n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\preview-components~shared-file.058e604af1[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	192
Entropy (8bit):	4.777419992372014
Encrypted:	false
SSDEEP:	3:1t7EqFxF5MWTL3CEmElEWXanQ6LXsEWXanQ6LXnEDTfjKBF4UARpyEQ+EWXanQ6i:zEqFbS/6EzXsEzXzBF7ARI+EzTi
MD5:	0628C102A3DA83FE10C4AC340F055329
SHA1:	F290C0DC982CA76807C00EEAE59B3335983BBDC4
SHA-256:	B23D25ACC423D13F6DE5278961700C672B481E93EC189A8179BF27AE43824279
SHA-512:	C6A43F897F882A6DAC9585E2C66A1F3BF68012BE1E8870F5E9295B17877AC46751D23ADC9DC02828B837EDDFD28E74D46B6CDD3AE916CF25C72BA7D3AAF89E35
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/preview-components~shared-file.058e604af1.css
Preview:	.MaliciousBanner .icon-alert-circle{margin-right:5px}.EditClassificationButton,.EditClassificationButton:hover{margin-left:6px}@media (max-width:849px){.EditClassificationButton{display:none}}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\promise[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	17766
Entropy (8bit):	5.2198826239136595
Encrypted:	false
SSDEEP:	384:SIwhnclwyn6OjSJ78IWrwOJ/ugy+GxMfF/jXBsvfKzyducywYMC9XD0APEi:4cuyU8JwJ3mtjXBMfPlE0AMi
MD5:	B669DFC7109AB90A425DB6A9349E92F5
SHA1:	0EF23DF3B07C637DB6DDF6766EFC8A2A528C1C0E
SHA-256:	977A170836C79F74599A27B28F7A487ABB29EBB5E50EB0CD303FB70617A1CE13
SHA-512:	8E924EA1878D4DAF827B9D1B2DC901AE9E4EF8C2FC4301FA732F2EBA1DD4E4E668EE76FA43B490A43917BFB7529C71D0BB6B9EAC5C569FBBCB08C6178CC6ECF8
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/polyfills/core-js/2.5.3/es6/promise.js
Preview:	!function(t){function n(e){if(r[e])return r[e].exports;var o=r[e]={i:e,l:!1,exports:{}};return t[e].call(o.exports,o,o.exports,n),o.l=!0,o.exports}var r={};n.m=t,n.c=r,n.d=function(t,r,e){n.o(t,r)\|\|Object.defineProperty(t,r,{configurable:!1,enumerable:!0,get:e})},n.n=function(t){var r=t&&t.__esModule?function(){return t.default}:function(){return t};return n.d(r,"a",r),r},n.o=function(t,n){return Object.prototype.hasOwnProperty.call(t,n)},n.p="",n(n.s=326)}({0:function(t,n,r){var e=r(1),o=r(8),i=r(10),c=r(12),u=r(13),s=function(t,n,r){var f,a,p,l,v=t&s.F,h=t&s.G,d=t&s.S,y=t&s.P,m=t&s.B,x=h?e:d?e[n]\|\|(e[n]={}):(e[n]\|\|{}).prototype,_=h?o:o[n]\|\|(o[n]={}),g=_.prototype\|\|(_.prototype={});h&&(r=n);for(f in r)a=!v&&x&&void 0!==x[f],p=(a?x:r)[f],l=m&&a?u(p,e):y&&"function"==typeof p?u(Function.call,p):p,x&&c(x,f,p,t&s.U),_[f]!=p&&i(_,f,l),y&&g[f]!=p&&(g[f]=p)};e.core=o,s.F=1,s.G=2,s.S=4,s.P=8,s.B=16,s.W=32,s.U=64,s.R=128,t.exports=s},1:function(t,n){var r=t.exports="undefined"!=typeof window&&

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\shared-file.ae65917135[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	1351
Entropy (8bit):	4.746120327391164
Encrypted:	false
SSDEEP:	24:jDGA057Rq0S0RdG9yZe9W9VJjR855jVXVA03VJjVa5gqVp5gKEfh7AqLZ5XZVAOe:j6A057RF97Gc/f9y5lVXVA0l9VaOWpOM
MD5:	30DBAF1AA2461B67BD0FBA1F018B7A8F
SHA1:	EB99C8D6124599E57C219DA1591D0F90DE9A68B6
SHA-256:	7491367269A0C97C9EF859DBB361062FAB032FCF2F2807683A05ACA2A91245A8
SHA-512:	B6AB176319DF944978E0DE2E7D83EF811E7F526197802C87D77CE9D96DB4456E3461CDCC8255E0F502E34BDE4283BC9F7961552A333C494E8EA033C1C823E6BD
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/shared-file.ae65917135.css
Preview:	.shared-file-recents-link{max-width:300px;color:#909090;font-weight:400}.shared-file-recents-link .shared-file-name{font-weight:400}.shared-file-recents-link:active,.shared-file-recents-link:focus,.shared-file-recents-link:hover{color:#4e4e4e;text-decoration:underline;cursor:pointer}.shared-file-chevron{margin:8px 10px 6px 6px;transition:all .3s}.shared-file-page .header-logo{flex:0 1 auto}.shared-file-info{display:flex;align-items:center;min-width:0}.shared-file-icon{flex:none}.shared-file-name{overflow:hidden;font-weight:700;white-space:nowrap;text-overflow:ellipsis}.shared-file-menu-container{display:none}.shared-file-menu-container .shared-file-menu-toggle{display:flex;align-items:center;min-width:0}.shared-file-menu-container .toggle-arrow{flex:none;width:7px;height:4px;margin-left:5px}.shared-file-hideable-actions{display:flex;align-items:center}.shared-file-hideable-actions .download-icon{padding:8px 10px}.shared-file-overflow-btn{width:34px;height:32px;padding:0}@media (max-wid

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\uploads-manager-enduser.140e76ab37[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	96606
Entropy (8bit):	5.321045642954558
Encrypted:	false
SSDEEP:	1536:BcgaSb0h7ChcEF6QgNWCOn3gEyk2duSuzh7OZXBf6P:ch7CtYQgNWCMQEyTduSK7IXBf6P
MD5:	A40926DDD2EE529EF65963E50B2ADF6F
SHA1:	ECD0C7B65CEC8E04255B12FF3D8ADED1A291362D
SHA-256:	8FB30912A7F588D4570D710A7127B75689124D6C29187148939ABDAD35B69EAD
SHA-512:	8CE6CBBA63E2EDA5AC21B809606098EECFFE0467257B6F35C87BACA731F180711C02E5B26D6911B00570EF20C3CFB7ECEB6564DF2E660D4D37866F40C8749538
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/uploads-manager-enduser.140e76ab37.js
Preview:	/! For license information please see uploads-manager-enduser.140e76ab37.js.LICENSE.txt /.(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["uploads-manager-enduser"],{"/5QKqsbcTJ":function(e,t,n){"use strict";var r=n("q1tIBJhxTW"),o=n("DJuBjJIVWu");t.a=function(e){var t=e.className,n=void 0===t?"":t,a=e.color,i=void 0===a?"#000000":a,l=e.height,s=void 0===l?24:l,u=e.title,c=e.width,d=void 0===c?24:c;return r.createElement(o.default,{className:"icon-check ".concat(n),height:s,title:u,viewBox:"0 0 24 24",width:d},r.createElement("path",{d:"M0 0h24v24H0z",fill:"none"}),r.createElement("path",{className:"fill-color",d:"M9 16.17L4.83 12l-1.42 1.41L9 19 21 7l-1.41-1.41z",fill:i}))}},"2W6zXrfv2o":function(e,t,n){"use strict";var r=function(){};e.exports=r},"2rMqT+dBMw":function(e,t,n){var r;!function(){"use strict";var o=!("undefined"===typeof window\|\|!window.document\|\|!window.document.createElement),a={canUseDOM:o,canUseWorkers:"undefined"!==typeof Worker,canUseEventListeners:o&&!(!win

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\uploads-manager-enduser.e1818dd8a3[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	9240
Entropy (8bit):	4.950505849395374
Encrypted:	false
SSDEEP:	192:zhU05Wfn+YW3DZ87/8v8UT8S81/b80d8Fuflf0FfGI0bIUX0fXmvHpY6bXeGX9CZ:z6nauXA
MD5:	2736E5D199EFCFE06501B7F72B3F5DD2
SHA1:	B9B553FBB2DFE567111B7D51CF682EB72D9EB9C6
SHA-256:	6557DF16669DDFB8E5BF239CC8004991B1483568090013310857002CD051B85A
SHA-512:	7F175FB31672C46A14A8C666E835D85D8CD06C7AD41B07B833DB8FD56C8F6C7AFB02B47979C5E007E6BE189FC7C411D85C2C66E4911369F901CF4CF73850A2FB
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/uploads-manager-enduser.e1818dd8a3.css
Preview:	.bcu-item-label{max-width:300px;overflow:hidden;white-space:nowrap;text-overflow:ellipsis}.bcu-item-icon-name{display:flex;width:100%;height:50px;cursor:default}.bcu-item-icon{flex:0 0 50px;align-items:center}.bcu-item-icon,.bcu-item-name{display:flex;justify-content:center}.bcu-item-name{flex:1;flex-direction:column;align-items:flex-start;overflow:hidden;line-height:15px;text-align:left}.bcu-icon-badge .badges .bottom-right-badge{bottom:-4px;left:calc(100% - 16px)}.bcu-progress-container{z-index:201;width:100%;height:2px;margin-right:40px;background:#e8e8e8;transition:opacity .4s}.bcu-progress-container .bcu-progress{top:0;left:0;max-width:100%;height:2px;background:#0061d5;box-shadow:0 1px 5px 0 #e4f4ff;transition:width .1s}.bcu-item-progress{display:flex;align-items:center}.bcu-progress-label{min-width:35px}.bcu-item-action{width:24px;height:24px}.bcu-item-action .crawler{display:flex;align-items:center;justify-content:center;height:100%}.bcu-item-action button{display:flex}.bcu-ite

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\Lato-Bold[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 118272, version 1.0
Category:	downloaded
Size (bytes):	118272
Entropy (8bit):	7.99139950884202
Encrypted:	true
SSDEEP:	3072:EweDun1n2Uub4GgrWSPqJWREerzJmXVVoYckqW0:jb9ubaiSiJ4zYVmYv0
MD5:	AEBA3FDF0CDB79BC1D33688D3E39B592
SHA1:	E3A34C01880116194309B7225A9CBF8001D23407
SHA-256:	2D198961EFB291734102AC4281C4E004628960C80B7C378DD8E034D4B7425AD2
SHA-512:	E9024FABDEEE3BCC345FE51E461E80A1F898EEB17B9561D7DC0BBA4D85F28AD485BCB9C140276534C30047A1D8D8C36AA3989D2C29276D00AA3186219EA2C291
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Bold.woff
Preview:	wOFF..............m.........................FFTM............p.\MGDEF.......7...8.}..GPOS...........>...GSUB.......,...FA..sOS/2...<...`...`kQ..cmap...........x.!>cvt ...x...o....B...fpgm................gasp...............glyf.........K...<.head...(...2...6..qihhea...\...!...$....hmtx...........$KqKAloca...........(....maxp...x... ... .Q..name............&.Bpost..........(.[rK.prep...T........o.i:webf............`.V..........=........y.......x.c`d``..b...`b`e`dj..f.6.f.v.o.F..._.&.?.I...,`U..j%.H.x...\|L....9.M...UQ..U.U..UQTmmT{]mUUQ.U\WUU-....%B..XJ.1FBD.dD"&R%.!T}~.93m........x...3.........B.Bx.ab.p.......{....N...h3n...p...R.......#n.x...Q..!..'....o.&<Dc.Rx..l#:.n...$..1b..$..9.x.x.!..zOQ{.C.78......K.{.C>\.!.t...~....99.!...\....Y...N~...6..E;t."z.~h7L..c.o".v.M.....:K........b...;Z.r..h.'....a}...=.........m.A5....:G.g/.....{;...[G...A......vo....{O.~....v..>.}......s.../v_..}..f..........3..s.....W.W...p............G.G{.N..<zy....1.....=....1

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\Lato-Regular[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 119132, version 1.0
Category:	downloaded
Size (bytes):	119132
Entropy (8bit):	7.991532245734968
Encrypted:	true
SSDEEP:	3072:pECjkMzGFzkgGdoAiZzixFwotRAE9urcBQbtF0roFS:pECjVzIGYZ4Fpx9urUQbtFeoFS
MD5:	3E4A4FC6317C4C2CF35D7C77EC1789C3
SHA1:	40EA0D8678B92988824193587F707E3AEDC4591F
SHA-256:	607EC0A4A29F6A4607F6E0A3CF486E50322DDF66F1F1870150CB69A7061E978D
SHA-512:	F7D639520F4C3A3539AD7506EC1CEBED8107C2A264316FE0E98A15132ACCFE6212A22391F4A7203B6D8304B3222B603F0137BA9ACAC7478F217363EEF4556DED
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-Regular.woff
Preview:	wOFF.......\................................FFTM............p.\MGDEF.......7...8.x..GPOS.......z...b...GSUB...x...,...FA..sOS/2......_...`i...cmap............x.!>cvt .......r....?9..fpgm...T............gasp................glyf..........a..?.head.......1...6..qfhhea.......!...$....hmtx.............C.2loca..............-&maxp....... ... .L..name..............hpost..........'....)prep...........o.i:webf...T........`.V..........=........y.......x.c`d``..b...`b`e`dj..f.6.f.v.o.F..._.&.?.^.F...*..i..C.x...\|M......!.<.fEI.USS\TcVUTT.E.UUu.RUUWCM5W.U5....Ap".H"b.I.'!..j..g........o_..Yg...z.z...Jv\..!<. .p..{_....cG.......h1..q.E'.B.!..!...I.s.....W.).T......a.7QO4...x.-D[.Y....`1B....1M...1v...;E.D;..c.......b...........;........v^..^...M..&.F.f...u.]Eo..$....7.Vi...&W9]..au}F].T....[>.t.....+..Fj.X.^U...jzu}.._W...OS......M.;.].k.fQ..../.K.h.f..\.vr...... ..#]G..s..:.u.k..\.E..]W..s...u..!.c..\3]s\.\.....r..........-.-..[...n....w.........n...p.....nS..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\browserfs.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	237509
Entropy (8bit):	5.291495684516454
Encrypted:	false
SSDEEP:	3072:jndnVcQHdIHwhyXw5KrebPJXofuI+9JWmrtLXgqyDnhTxeIhFpRBdMkPNecZ3M2W:jdjqtXYxAVprTsk1yho+YE7
MD5:	E9385D9DB309577674B8639FA0B061C4
SHA1:	B2E1DB9126DC513C7113B27437E294BE24A5E9A7
SHA-256:	F71171D6AD30EED99E7680835128F8923C8EE43F70A316EB9F8E337A1E190080
SHA-512:	3AA743C5EADEC419DB8318213CE171AC97EC48ECF552ECCEECD1EDBCAFA7AC74B9A93C74E573F9A1C7655C2BDA36A803853E8F552B0443AC24DBFF0AC3CC41BB
Malicious:	false
Reputation:	low
IE Cache URL:	https://codesandbox.io/static/browserfs12/browserfs.min.js
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define([],e):"object"==typeof exports?exports.BrowserFS=e():t.BrowserFS=e()}(this,function(){return function(t){var e={};function n(r){if(e[r])return e[r].exports;var i=e[r]={i:r,l:!1,exports:{}};return t[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}return n.m=t,n.c=e,n.d=function(t,e,r){n.o(t,e)\|\|Object.defineProperty(t,e,{enumerable:!0,get:r})},n.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},n.t=function(t,e){if(1&e&&(t=n(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var i in t)n.d(r,i,function(e){return t[e]}.bind(null,i));return r},n.n=function(t){var e=t&&t.__esModule?function(){return t

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\content[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=1], baseline, precision 8, 723x1024, frames 3
Category:	downloaded
Size (bytes):	35065
Entropy (8bit):	6.7516710584371165
Encrypted:	false
SSDEEP:	768:Ff6h4Mil+Xex1BHBdpCrcFm6o22fWB/ZiwHS:ohTeqMBBdpCJ6AWnG
MD5:	E1524421E9480E1ED9FE2E41174FD5DB
SHA1:	7E231E260D47B89FF87BE133E008CB3EB1E83142
SHA-256:	8A9C6D4505199A9EC85ED1E93B5DD16E55FE523B9E8BF172395C6C24558A43FF
SHA-512:	B3BDAF692191A836A7819C556F9B5D6BC8C54CE40B50C0A8F9EAF047D9813E2B9E13B78972E22BD5696B2B7BE1B01636384384471DAB72BC37A606F36713FB85
Malicious:	false
Reputation:	low
IE Cache URL:	https://public.boxcloud.com/api/2.0/internal_files/778275590938/versions/831144199738/representations/jpg_1024x1024/content/?access_token=1!xzOKW_MkA24-S7Uw_WEqW-5FsdROVgQcqqNSZtS-Qnt97SaCEblKq97ElJ2TfD40F3J0MfNQ_ZK3r2xnxZbrDojoOYvRmbWe6f6aRZpVaKJ-SWc6dfS3ypC8jepARC3sNs7bnryffVwe5vhTPkVNjYnLIeEJXNGxwdf3rDoB50bYD9Ww7KLvNwERDxYbw3uXWuuINyJpSJnx4X-v-CebwAkR8fM0Dw1XTtVm-Ywoe6ZOWxIREoSpy_1aCQ5HqFVYWlKAi0OHc8D3yam_9pICwL7gApR2wS2It4dSa-aoFvVLQ_fmWroXuf36OJHsowBgaq7IQMUKlRJ-xrpcbG_OMrHIosaM14cylHbyuoIpGqGlKBedwDBrF5X8Yuui_R8XHVn-kth5uI9L5PV-V7CLvBY9rus6UFNZdPzEhmnVU0Q1rHbDRT4H-qOF_naLe6Pcnv9mZUx8y7FrJ9TG076lckFUMBaqgjOoWPHo9vC_L13qdDzPozJfTdL-t863MxPL6mVL2ChTKY0p42lUn8t-sPxKN-K5xHXX4TnFYUT3soHj10v3cqjgeXVutoyw5k8.&shared_link=https%3A%2F%2Fapp.box.com%2Fs%2F4c3tf7iumvvg3c3q6e7udjiq7o0yealq&box_client_name=box-content-preview&box_client_version=2.64.0
Preview:	......JFIF..............Exif..MM.*.................J...........R.(.......................i.........Z..............................0232...................9............0100................ASCII...pdfWidth:594.99pts,pdfHeight:842.00pts,numPages:1....C....................................................................C......................................................................................................................U............................!1.AQ..."a..2BXq.....#RVW....38btu...$56CTr...%..HSv..................................:.........................!1.Q.."AR..2Taq...#4...3.B.DS.r............?...........................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\content[1].pdf Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PDF document, version 1.5
Category:	downloaded
Size (bytes):	26518
Entropy (8bit):	7.919913488032836
Encrypted:	false
SSDEEP:	768:w6g9kn4CSq5m5tjCjht0PQEViXrSvkyJ9LUr17Adn:I9K4ChQCQmuVj
MD5:	7E701440DD24159471D391CC1EA39700
SHA1:	B57E4872715FE92BBF26C7716093A3CE60A8C110
SHA-256:	B2AC7A083C769B92BEFD961088A281C330AD579CB7838750A9CA789E1AD6FAEA
SHA-512:	17B281E48FD314B4074F85682E3B90EC46B6926E0688EBC0714A69D66F6F168D948B6409A5B0AC8EA2817A2125E333FB27E3D9C2FB70D507AAA13967F98DA345
Malicious:	false
Reputation:	low
IE Cache URL:	https://public.boxcloud.com/api/2.0/internal_files/778275590938/versions/831144199738/representations/pdf/content/?access_token=1!xzOKW_MkA24-S7Uw_WEqW-5FsdROVgQcqqNSZtS-Qnt97SaCEblKq97ElJ2TfD40F3J0MfNQ_ZK3r2xnxZbrDojoOYvRmbWe6f6aRZpVaKJ-SWc6dfS3ypC8jepARC3sNs7bnryffVwe5vhTPkVNjYnLIeEJXNGxwdf3rDoB50bYD9Ww7KLvNwERDxYbw3uXWuuINyJpSJnx4X-v-CebwAkR8fM0Dw1XTtVm-Ywoe6ZOWxIREoSpy_1aCQ5HqFVYWlKAi0OHc8D3yam_9pICwL7gApR2wS2It4dSa-aoFvVLQ_fmWroXuf36OJHsowBgaq7IQMUKlRJ-xrpcbG_OMrHIosaM14cylHbyuoIpGqGlKBedwDBrF5X8Yuui_R8XHVn-kth5uI9L5PV-V7CLvBY9rus6UFNZdPzEhmnVU0Q1rHbDRT4H-qOF_naLe6Pcnv9mZUx8y7FrJ9TG076lckFUMBaqgjOoWPHo9vC_L13qdDzPozJfTdL-t863MxPL6mVL2ChTKY0p42lUn8t-sPxKN-K5xHXX4TnFYUT3soHj10v3cqjgeXVutoyw5k8.&shared_link=https%3A%2F%2Fapp.box.com%2Fs%2F4c3tf7iumvvg3c3q6e7udjiq7o0yealq&box_client_name=box-content-preview&box_client_version=2.64.0&encoding=gzip
Preview:	%PDF-1.5.%.....2 0 obj.<</Length 3 0 R/Filter/FlateDecode>>.stream.x..T;O.0...+nF.{..RKZ.[!..b.PP...9.i..... ........AI.!...U....NC0$.7.y..g.Vo.y..^x.f...QC.....)..Z.Dyi.n..2...+1..R,a...S^F..udD.x.'.O.-.d.Wl.$Z..+1.\.....A].j.~..?I....#-RtC{..hN..j.T2-..........QH.".ie.8..y.d.7.q"T....,5..A.....!.`...........u.j[..gJ......g.x.1,P.VqSc.O.["..T=&]...rw.}(m.;..Fa.............uo.\..#[L.z.....2........>.w....endstream.endobj..3 0 obj.358.endobj..4 0 obj.<</Type/XObject/Subtype/Image/Width 300/Height 150/BitsPerComponent 8/Length 6 0 R./Filter/FlateDecode/ColorSpace[ /Indexed/DeviceRGB 36.<FFFFFF0F3A5E17406351708A365A781A4366496A85F4F6F7D8DFE59AACBBA5B5C2FBFCFCEFF2F4133D612E53731F4769889EAFB0BECA597790E0E6EABDC9D3446581E8ECF0264D6D8FA3B47891A5C5CFD88197AAD1D9E0385C7A2F54734F6F89708A9F617D9568839A718AA0A9B9C6>.].>>.stream.x..].b.:.&.,..*.B}.g.d..V{.~?..M>&...$...o....o..9...E.18E.E.)..`..Z.....3v........Z....E.jY6.4.+N..f..............,5..Pqc.?,..Rm...v...'..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\hub-details~messagecenter~uploads-manager-enduser.a7025cad8b[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	46620
Entropy (8bit):	5.263780717136582
Encrypted:	false
SSDEEP:	768:9j13k4lZZZsGcXQKxdk2S/4N2S/J67EKB3ipef8QScD8gtEwQThwdOwaleOFDX2g:Exdk2S/4N2S/J67EKB3ipef8QScD8g1o
MD5:	2D2D636787920B874760FCEA4456A79B
SHA1:	7032F038BBA06182B76A7EB157F7185AA62455DE
SHA-256:	FA967E9E25EEEE97D69789070A0664B8B7D74A49D19E18721A0296A4C726DD07
SHA-512:	B967AA199290ED07AD5C300968CE2EA18AAB63A84111E48D48660E0BD127125166780141B1FCC6D0EE7B060C277CCA29480BA5AB64664F2985DC8E46C8236DC9
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/hub-details~messagecenter~uploads-manager-enduser.a7025cad8b.js
Preview:	(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["hub-details~messagecenter~uploads-manager-enduser"],{"7G9T0A7Q2t":function(e,t,o){"use strict";var n=o("QbLZJtXF68"),r=o.n(n),i=o("Yz+Y0CAZeS"),l=o.n(i),a=o("iCc5sPGOWs"),s=o.n(a),c=o("V7oCdLSCTo"),d=o.n(c),u=o("FYw3c9QbSe"),h=o.n(u),f=o("mRg0wtBNeT"),S=o.n(f),p=o("q1tIBJhxTW"),m=o("m0AvLASv6a"),_=(o("17x9q+7QrQ"),function(e){function t(){var e,o,n,r;s()(this,t);for(var i=arguments.length,a=Array(i),c=0;c<i;c++)a[c]=arguments[c];return o=n=h()(this,(e=t.__proto__\|\|l()(t)).call.apply(e,[this].concat(a))),n.state={height:n.props.defaultHeight\|\|0,width:n.props.defaultWidth\|\|0},n._onResize=function(){var e=n.props,t=e.disableHeight,o=e.disableWidth,r=e.onResize;if(n._parentNode){var i=n._parentNode.offsetHeight\|\|0,l=n._parentNode.offsetWidth\|\|0,a=window.getComputedStyle(n._parentNode)\|\|{},s=parseInt(a.paddingLeft,10)\|\|0,c=parseInt(a.paddingRight,10)\|\|0,d=parseInt(a.paddingTop,10)\|\|0,u=parseInt(a.paddingBottom,10)\|\|0,h=i-d-u,f=l-s-c;(!t&

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\intersection-observer[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	7260
Entropy (8bit):	5.079928008915343
Encrypted:	false
SSDEEP:	192:siG99SlhMUrFC6Y/g7LNqkMAhDGgXdyDLK22FrRbO2+t6vFmtteS4c5q:USP1Y/g7RxpVhXdyX2FrRZ+GeteS5I
MD5:	498AAC0CA5A2544927FAF2681402DE59
SHA1:	39F0C1FBF7452CC5568E5E9C499C898272C285CE
SHA-256:	542FADAE21CB6CA75B99B8FC0A0FA8E300F18F679FAD27046D23C74C275F59EE
SHA-512:	FC6EB201EFCC38E3BD26926B264D867656A6471D43EA14F2D662E630728AAD6F190DDE8E510CDDEB52E6F97C4D785D63416F5976C80907BAA6DD1B25262D9145
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/polyfills/intersection-observer/0.5.0/intersection-observer.js
Preview:	!function(t){function e(r){if(n[r])return n[r].exports;var o=n[r]={i:r,l:!1,exports:{}};return t[r].call(o.exports,o,o.exports,e),o.l=!0,o.exports}var n={};e.m=t,e.c=n,e.d=function(t,n,r){e.o(t,n)\|\|Object.defineProperty(t,n,{configurable:!1,enumerable:!0,get:r})},e.n=function(t){var n=t&&t.__esModule?function(){return t.default}:function(){return t};return e.d(n,"a",n),n},e.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},e.p="",e(e.s=318)}({318:function(t,e){!function(t,e){"use strict";function n(t){this.time=t.time,this.target=t.target,this.rootBounds=t.rootBounds,this.boundingClientRect=t.boundingClientRect,this.intersectionRect=t.intersectionRect\|\|a(),this.isIntersecting=!!t.intersectionRect;var e=this.boundingClientRect,n=e.widthe.height,r=this.intersectionRect,o=r.widthr.height;this.intersectionRatio=n?o/n:this.isIntersecting?1:0}function r(t,e){var n=e\|\|{};if("function"!=typeof t)throw new Error("callback must be a function");if(n.root&&1!=n.root.nodeType)thro

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\messagecenter~preview-components~uploads-manager-enduser.3fdcd5d60c[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	258315
Entropy (8bit):	5.329571147025875
Encrypted:	false
SSDEEP:	3072:oe3JHdzVr1YHZvk8H2RDyUlBgxIhVfwYgONQqwQfbk03rzRGtwMNBw6iJGU0QIMh:oeugSiGoaXwS8q2
MD5:	6399A0AB5D82D764B68F3DC93E24FE27
SHA1:	B13872213745A5D3C0D3B7226CB89C233D6FE0AB
SHA-256:	16849FD80A3D6A797AE89EC1059CA697FFE16268592CE365FBED6A01DAE8D304
SHA-512:	D8C9427227646C30F2C2FBA528D4470ACA109E29CFB0A645577CF4AC0DE719E6982A02FBAB3026A26C35BE1D241EA21DE2690DA9B3B1667AFEF6B5E3473CDD48
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/messagecenter~preview-components~uploads-manager-enduser.3fdcd5d60c.js
Preview:	/! For license information please see messagecenter~preview-components~uploads-manager-enduser.3fdcd5d60c.js.LICENSE.txt /.(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["messagecenter~preview-components~uploads-manager-enduser"],{"03vecjQMf5":function(e,t,r){"use strict";var n=r("BSXSWhc9DH");function o(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable\|\|!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}var i=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this.memoryStore=new n.a;try{this.localStorage=window.localStorage,this.isLocalStorageAvailable=this.canUseLocalStorage()}catch(e){this.isLocalStorageAvailable=!1}}var t,r,i;return t=e,(r=[{key:"buildKey",value:function(e){return"".concat("localStore","/").concat("0","/").concat(e)}},{key:"canUseLocalStorage",value:function(){if(!this.localStorage)return!1;try{return this.localStorage.setItem(thi

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\preview-components.c15b965048[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	20090
Entropy (8bit):	4.989082656749395
Encrypted:	false
SSDEEP:	384:jvVY2bm2cD2cI252TTc//T4/fnsWsgeWegnWngwWwhsQsGeQeGnQnGwQwrE07Sg8:jvTorMh6qMD2RhO6tFZU
MD5:	9AF8E1B956E70CCEBD85A9D3160A6DDA
SHA1:	30D31CFBA084F6A1F1DA1C8842730B22FF2CBD2E
SHA-256:	040E778FE44D8F018644A17C4DE15DDDB65ABC85F2C81DE51DC10165F8911FC9
SHA-512:	A012F3C0838F18BEF267E8D48CD65E3EF4A994E51B36FE99134C9723888E6D7F365E229534233945DD43B1A57792CDA529BD9931A37975E6CE456B969A7C60A8
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/preview-components.c15b965048.css
Preview:	.error-mask{display:flex;flex-direction:column;align-items:center;padding:40px;overflow:hidden;border:1px dashed #909090;border-radius:3px}.error-mask .error-mask-sad-cloud{margin-bottom:20px}.error-mask h4{margin-top:-10px}.error-mask h4,.error-mask h5{width:100%;margin-bottom:0;color:#767676;text-align:center}.be .be-default-error{margin:8px}.bcpr .bcpr-notification{position:absolute;width:100%}.bcpr .bcpr-notification .notification>svg{display:none}.bcpr-FileInfo{display:flex;align-items:center}.bcpr-FileInfo-name{padding-left:5px;font-weight:700}.be-logo{padding-left:20px}.be-logo .be-logo-custom{max-width:80px;max-height:32px}.be-is-small .be-logo .be-logo-custom{max-width:75px}.be-logo .be-logo-placeholder{display:flex;align-items:center;justify-content:center;width:75px;height:32px;background-color:#e8e8e8;border:1px dashed}.be-is-small .be-logo .be-logo-placeholder{width:60px}.be-logo .be-logo-placeholder span{font-size:10px;text-transform:uppercase}.be-logo svg{display:block}.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\preview-components.fa55a1d652[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	356511
Entropy (8bit):	5.493095633122443
Encrypted:	false
SSDEEP:	6144:/+SLlLwu8TMlobc8ipOvnHUIWV9wRFh14W3OrRb/S:/zZMYloIM0z4PuRb/S
MD5:	68A9B37D94A4DBEE120E8D841D94051E
SHA1:	2D4B9A0BAA396D03F5FD7B24CE7C72019F035836
SHA-256:	1F93EED6583D22EFFFDB03D826886A64AB0E8B50038AD857C8ED12E904BE0AA6
SHA-512:	816FC0B6D250FD8FD629F20656E0F997A8099F07B3A0456D2F5660176ABD31FDAB8DA5F9FD05D677D8FF1B4687440155ECEF497DD4CF25C60DA03D59D9D8C241
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/preview-components.fa55a1d652.js
Preview:	(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["preview-components"],{"+BZej3U4u/":function(e,t,n){"use strict";var r=n("q1tIBJhxTW"),o=n("vN+2IcUykn"),a=n.n(o),i=n("8Wpvjplx0g"),c=n("dtRsU6L1/l");function l(e){return(l="function"===typeof Symbol&&"symbol"===typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"===typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e})(e)}function s(e,t){if(null==e)return{};var n,r,o=function(e,t){if(null==e)return{};var n,r,o={},a=Object.keys(e);for(r=0;r<a.length;r++)n=a[r],t.indexOf(n)>=0\|\|(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r<a.length;r++)n=a[r],t.indexOf(n)>=0\|\|Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}function u(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\4c3tf7iumvvg3c3q6e7udjiq7o0yealq[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	dropped
Size (bytes):	9346
Entropy (8bit):	5.282514582776099
Encrypted:	false
SSDEEP:	192:G8pRkAYOA7lkZkrjyBuDoPql3+z6GUBfo1eM7cu2cjd43qu7DBaNJyhNMm:G8jkAVApkZkrjyBuDoP+3+z6GUHuvjd6
MD5:	4EB3819C1DAD5D70772D2A4B5EF359BD
SHA1:	10F148C81EF62DD9243BD630EDE5298BE73D1250
SHA-256:	EC436F1ED66131B93089EA3435B349FBBCC0C74BAA24F9F474D4CAC60BAD4A2A
SHA-512:	9DA701DFE8765898D73780DA0DDB2CD9A5BBB3CDDF473825E9A280C1E9B5FAA4E7BA24365F22F79C05419A3B570048EB5F6DB564BD7B14A946976401BADF516F
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE html><html lang="en-US" data-resin-client="web"><head><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="robots" content="noindex, nofollow"><title>Box</title> <link rel="stylesheet" href="https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-woff.css"> <link rel="stylesheet" href="https://cdn01.boxcdn.net/enduser/app.e93a3fd295.css"> <link rel="apple-touch-icon" sizes="57x57" href="https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-57x57-fLlEpj.png">.<link rel="apple-touch-icon" sizes="60x60" href="https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-60x60-Uv0qzu.png">.<link rel="apple-touch-icon" sizes="72x72" href="https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-72x72-7aVqne.png">.<link rel="apple-touch-icon" sizes="76x76" href="https://cdn01.boxcdn.net/_assets/img/favicons/apple-touch-icon-76x76-ZVGnRV.png">.<link rel="apple-touch-icon" sizes="114x114" href=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\Lato-woff[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	271824
Entropy (8bit):	6.004035154725513
Encrypted:	false
SSDEEP:	6144:7iSn14Pe5e8PMyBdu/gFU7Eu2bzHB1v1e/OHjl0Cl:eS18e5eqMy7RbT/v1QODl0Cl
MD5:	E1E5023A4D0B29824C8A6937ED303B03
SHA1:	93159BA90E4ACA126C45282D047E4E1D544AD100
SHA-256:	80745E4A131F2F16302232F53845BFA223915A3465369A40A9AA777D2C0A30BD
SHA-512:	09A87AA0383D5E78FAF21CD63E4EE6EB875AC39F52AAF0805224DDFE39B56E91ECEEA743B811C2C8473A0113BDA678C472EAD4FECA207004A37699D051EA68B6
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/fonts/1.0.2/lato/Lato-woff.css
Preview:	@font-face {. font-family: 'Lato';. /* This is Base64 encoded from Lato-Regular.woff */. src: url('data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAdFcABMAAAADhOgAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABqAAAABwAAAAccNlcTUdERUYAAAHEAAAANwAAADgSeA2uR1BPUwAAAfwAANZ6AAGuYg7b1pNHU1VCAADYeAAAAywAAAtGQYaNc09TLzIAANukAAAAXwAAAGBp8+XGY21hcAAA3AQAAATZAAAGoHgSIT5jdnQgAADg4AAAAHIAAADqPzmz1GZwZ20AAOFUAAAFqAAAC5fkFNvwZ2FzcAAA5vwAAAAIAAAACAAAABBnbHlmAADnBAAAwI4AAWHYuL0/gWhlYWQAAaeUAAAAMQAAADYO+nFmaGhlYQABp8gAAAAhAAAAJBEGCeFobXR4AAGn7AAACQ4AABIS60ObMmxvY2EAAbD8AAAI5AAACR6IDi0mbWF4cAABueAAAAAgAAAAIAZMAeluYW1lAAG6AAAABQQAAA/ywsuuaHBvc3QAAb8EAAARqgAAJ+ABEAopcHJlcAAB0LAAAACiAAAAuW8KaTp3ZWJmAAHRVAAAAAYAAAAGYIZWjQAAAAEAAAAAzD2izwAAAADR6Kh5AAAAANKzEQR42mNgZGBg4ANiAwYQYGJgZWBkagLiZqY2BmamdhZvBkYWHxZfBiYWP5ZeBkYGFrAqBgBp7gRDAHjapL0JfE3X+v+/9t4h8zwPZkVJEVVTU1xUY1ZVVFTVRbVVVXXbolJVVVdDTTVXFVU1z5XEHMFBcCKVSCJizEkaJyGhqmr932ed0+a06t77/f1vX5/9WWedtdd69nrW86zPSnZcoQkhPMQg8YFw6dS5e18R8c/xY0eJBq

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\app.0c21638046[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	1374495
Entropy (8bit):	5.447439156290494
Encrypted:	false
SSDEEP:	24576:I39HrNBXfgL7sM+U8LRdfSJk5HFLDVphoomSXWqlGVHAtI9aMabpAYMay0UM:I3prNBXfgL7sM+UORdfSJk5HFLDVphoA
MD5:	368D2001179C2E4D916F22E727E463A7
SHA1:	7795BD93B5B707BF372F2A4CB373F0806079EA48
SHA-256:	939B2942A5946345DE61FEB1049F849A43A99EFD0A903A6EF0BBBB3BA5937767
SHA-512:	392EC05973037796CF75CEB1A1DAAC02D63D5CA9104236D87518A1A663AE8F39A08C4A7E054E6527266108723E20E0BB7948E56BBC4E7060D75540A2394F28AB
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/app.0c21638046.js
Preview:	(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["app"],{"+4HFvFfEZ0":function(e,t,n){"use strict";var r=n("q1tIBJhxTW"),o=n("1En/ASmD05"),a=n("4Whi4X5bOd");function i(){return(i=Object.assign\|\|function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var r in n)Object.prototype.hasOwnProperty.call(n,r)&&(e[r]=n[r])}return e}).apply(this,arguments)}t.a=function(e){return r.createElement(a.a,i({width:16,height:16,viewBox:"0 0 16 16"},e),r.createElement("path",{fill:o.bdlGray50,fillRule:"evenodd",d:"M14.119 3.176a.5.5 0 01.815.574l-.053.074-5.055 5.95a.502.502 0 01-.597.127l-.083-.05-3.553-2.649-3.703 4.611a.501.501 0 01-.628.127l-.075-.05a.501.501 0 01-.127-.628l.05-.075L5.116 6.2a.5.5 0 01.614-.134l.074.046 3.563 2.656 4.752-5.592z"}))}},"+5Szpi0raq":function(e,t,n){"use strict";var r=n("q1tIBJhxTW"),o=n("1En/ASmD05"),a=n("4Whi4X5bOd");function i(){return(i=Object.assign\|\|function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var r in n)Object.prototype

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\app.e93a3fd295[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	159997
Entropy (8bit):	5.027862220529007
Encrypted:	false
SSDEEP:	3072:4dyg6zSqfO6QAQlkkBh39AiDQyUyoTwTrhmvdhUhOSs/M9:4dyg6zSqfO6QAQlkkBh39AiDQyUyoTwN
MD5:	57A703EF257150F33A85AE8A21D5AE40
SHA1:	49472E68E82A4E4F449A4B6B02B64123D1BC6B1E
SHA-256:	2765561E9AF306BE3494B36767CC0CC6C0F6EA8156F5467F6FF999BE1F2E603E
SHA-512:	BB5427E3BC14F1C549290023B73619AA1804E3B26EA5B963DF8786653E7530F7851FC0164A86251DED5F94F6A570C8B3D06AA5C05587D7900ABC350C017F7552
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/app.e93a3fd295.css
Preview:	.flyout-overlay{font-family:Lato,Helvetica Neue,Helvetica,Arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;text-rendering:optimizeLegibility;font-weight:400;font-size:13px;color:#222;line-height:20px;letter-spacing:.3px;z-index:190;box-sizing:border-box}.flyout-overlay>div:not(.should-outline-focus):focus{outline:none}.flyout-overlay .overlay{padding:15px;border-radius:4px}.flyout-overlay.dropdown-menu-element-attached-center .overlay,.flyout-overlay.flyout-overlay-target-attached-left .overlay,.flyout-overlay.flyout-overlay-target-attached-right .overlay{animation:fade-in .15s cubic-bezier(0,0,.6,1)}.scroll-container{position:relative;display:flex;flex-grow:1;height:100%;overflow:hidden}.scroll-container .scroll-wrap-container{flex-grow:1;overflow-y:auto}.scroll-container .scroll-wrap-container:after,.scroll-container .scroll-wrap-container:before{position:absolute;display:block;width:100%;height:30px;border-radius:inherit;opacity:0;transition:opac

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\default~app~embed~sandbox.cc6bf977b.chunk[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	76950
Entropy (8bit):	5.325497327424251
Encrypted:	false
SSDEEP:	1536:0DhzdBDPheLd2AI1Q5FDCed/VcWUpve1sVd3S4ZRxpRJJZxR5RhpZxZJpxRxpxpd:GhFiFDq0EZRxpRJJZxR5RhpZxZJpxRx/
MD5:	4399CAB9773865CC0C80261ACAA8EB91
SHA1:	1FC5F22E6A621D5C2B7713BC56D8AFBB43E1D96A
SHA-256:	5E73C281D1AC1F7E71082B4732F092305EE0178C135614297FCEC42FD0B30E7B
SHA-512:	D27B7D4A307C92020CE862051342351A58CDDC2A529DA2F3EB80F675A8D7DEC5C8720A7CEB4C363ADCE53925C176CC48C0FF3EE887BE459652424AF5B47BB98A
Malicious:	false
Reputation:	low
IE Cache URL:	https://codesandbox.io/static/js/default~app~embed~sandbox.cc6bf977b.chunk.js
Preview:	(this.csbJsonP=this.csbJsonP\|\|[]).push([[3],{"../../standalone-packages/codesandbox-browserfs/dist/shims/fs.js":function(e,t){e.exports=BrowserFS.BFSRequire("fs")},"../codesandbox-api/dist/codesandbox.es5.js":function(e,t,n){"use strict";n.r(t),n.d(t,"Protocol",(function(){return u})),n.d(t,"transformError",(function(){return s})),n.d(t,"clearErrorTransformers",(function(){return r})),n.d(t,"registerErrorTransformer",(function(){return i})),n.d(t,"actions",(function(){return b})),n.d(t,"isStandalone",(function(){return y})),n.d(t,"iframeHandshake",(function(){return _})),n.d(t,"resetState",(function(){return O})),n.d(t,"dispatch",(function(){return S})),n.d(t,"listen",(function(){return P})),n.d(t,"notifyListeners",(function(){return k})),n.d(t,"registerFrame",(function(){return U})),n.d(t,"reattach",(function(){return R}));var o=[];function s(e,t,n){return o.map((function(o){return o(e,t,n)})).filter((function(e){return null!=e}))[0]}function r(){o.length=0}function i(e){o.push(e)}var

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\exif.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	10914
Entropy (8bit):	5.5397855270447085
Encrypted:	false
SSDEEP:	192:5p8x/dTa2Cuzp6HWcTz1AVrEgrzMer6Z6L57kpJq/RQ:+/c2Cuzp6HWwhA1xb5eJqJQ
MD5:	0DB669C9033252050E919900AD0BEFA0
SHA1:	23EDB95E1E737E0F23EE6C7CEF07D634236A52E3
SHA-256:	ADD547634768E8CE49D67775D02F958597EFD5E6DF2D1077EF4DFC8C0878B688
SHA-512:	C1BF384AEBA143964831F2F3A7A28566C635C253BC2A4A12C56C56EFC01847F6D39E774B136B8A9062652F9F7929673023C5B3AE13799E40F6754DE7860B294D
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/exif.min.js
Preview:	(function(){function v(a,c){c\|\|a.match(/^data\:([^\;]+)\;base64,/mi);a=a.replace(/^data\:([^\;]+)\;base64,/gmi,"");for(var b=atob(a),g=b.length,d=new ArrayBuffer(g),e=new Uint8Array(d),h=0;h<g;h++)e[h]=b.charCodeAt(h);return d}function w(a,c){var b=new XMLHttpRequest;b.open("GET",a,!0);b.responseType="blob";b.onload=function(a){200!=this.status&&0!==this.status\|\|c(this.response)};b.send()}function x(a,c){function b(b){var e=t(b);a:{var d=new DataView(b);if(255!=d.getUint8(0)\|\|216!=d.getUint8(1))b=.!1;else{for(var g=2,h=b.byteLength;g<h;){var k=d,f=g;if(56===k.getUint8(f)&&66===k.getUint8(f+1)&&73===k.getUint8(f+2)&&77===k.getUint8(f+3)&&4===k.getUint8(f+4)&&4===k.getUint8(f+5)){k=d.getUint8(g+7);0!==k%2&&(k+=1);0===k&&(k=4);var h=g+8+k,g=d.getUint16(g+6+k),l,d=h;b=new DataView(b);h={};for(k=d;k<d+g;)28===b.getUint8(k)&&2===b.getUint8(k+1)&&(l=b.getUint8(k+2),l in u&&(f=b.getInt16(k+3),l=u[l],f=q(b,k+5,f),h.hasOwnProperty(l)?h[l]instanceof Array?h[l].push(f):h[l]=[h[l],f]:h[l]=f)),k++;b

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5f597[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	18553
Entropy (8bit):	4.767569802615062
Encrypted:	false
SSDEEP:	96:4a/eFtQk31IQk31PGHEU5ZQk31IQk31Pa9rEHqQk31IQk31PDkdolQk31IQk31Pw:J/egEH7uEt6EtXElPiMs8sVAyfEtbim
MD5:	9BCCCA5979199B48DD2DCD6BAC31CDCA
SHA1:	380DBAED126862294356918B0AC8031C00BD492A
SHA-256:	860E3603A72F16B016D971C6FA67386D8C1398A44A896F896082B6F7CDF2CC78
SHA-512:	B352761E7A479C34F53E6694208EF5CA92DA2F43E3199305B3E383B4C42A1FFF3B6AA5084E9233879E17F7BD85FD329CA46642F1BBB0DEDB750E83BDBDC83B27
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5f597.js
Preview:	(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo"],{PTt16PTTsL:function(e,a,t){e.exports=function(){"use strict";return[{locale:"en",pluralRuleFunction:function(e,a){var t=String(e).split("."),o=!t[1],n=Number(t[0])==e,r=n&&t[0].slice(-1),i=n&&t[0].slice(-2);return a?1==r&&11!=i?"one":2==r&&12!=i?"two":3==r&&13!=i?"few":"other":1==e&&o?"one":"other"},fields:{year:{displayName:"year",relative:{0:"this year",1:"next year","-1":"last year"},relativeTime:{future:{one:"in {0} year",other:"in {0} years"},past:{one:"{0} year ago",other:"{0} years ago"}}},"year-short":{displayName:"yr.",relative:{0:"this yr.",1:"next yr.","-1":"last yr."},relativeTime:{future:{one:"in {0} yr.",other:"in {0} yr."},past:{one:"{0} yr. ago",other:"{0} yr. ago"}}},month:{displayName:"month",relative:{0:"this month",1:"next month","-1":"last month"},relativeTime:{future:{one:"in {0} month",other:"in {0} months"},past:{one:"{0} month ago",other:"{0} mo

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\lang-en-US.ebc1f6441d[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	520087
Entropy (8bit):	4.863440744088143
Encrypted:	false
SSDEEP:	12288:GyV20idedTsKge2YSYgoST7bF4TjdFjsjejQjehTUVZSAk:GyV20ided/hTgZSAk
MD5:	C766F88E4FCBD749AB2158B054FD3F6C
SHA1:	CB46C08E9E8BA1532C1A8B0F3FD0045AAB62BA1B
SHA-256:	6A2AF842418478CE8CE3E3675F283B8328162BC8210488D77EAAEE3EC21A43C3
SHA-512:	E5DF5F03154803DB318F60B358139A13412713F1E46D9D0A1C352466BF0997E4FB3A3CBE47370CE0DCBE2F7C64E13FDC2760DD6FFA05B652030CBAE746E3E671
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/lang-en-US.ebc1f6441d.js
Preview:	(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["lang-en-US"],{RGqkULYfOR:function(e,o,t){"use strict";t.r(o);var a=t("PTt16PTTsL"),r=t.n(a),n=t("pBVgBhjduU");function i(e,o){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);o&&(a=a.filter((function(o){return Object.getOwnPropertyDescriptor(e,o).enumerable}))),t.push.apply(t,a)}return t}function s(e,o,t){return o in e?Object.defineProperty(e,o,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[o]=t,e}t.d(o,"language",(function(){return l})),t.d(o,"locale",(function(){return d})),t.d(o,"messages",(function(){return u})),t.d(o,"reactIntlLocaleData",(function(){return r.a})),t.d(o,"boxCldrData",(function(){return n.a}));var l="en-US",d="en",u=function(e){for(var o=1;o<arguments.length;o++){var t=null!=arguments[o]?arguments[o]:{};o%2?i(Object(t),!0).forEach((function(o){s(e,o,t[o])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(t)):i(Object(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\loading[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 30 x 30
Category:	downloaded
Size (bytes):	851
Entropy (8bit):	5.9990571488582125
Encrypted:	false
SSDEEP:	12:3yV3DYBupPHJa3DUDYsHEDKBDfEDYOecS3Y4DuBDzEDYSecS3Y4DyBDYs/ln:3yGiPETNIL9XYv9bYgAln
MD5:	2E4AAFDC48FD2295ADE1A275F1BAE547
SHA1:	D35E3EB9261AEF6827067E9D8D0C8C7B796E0AFB
SHA-256:	B3A3C601451C06183AF82CBF2270C4D80F3D5D680EA9960ED0816B506FBB8C33
SHA-512:	8D0A2A583E165AD727F172F2FAD7C3879B5E214D2248628DF464184D1C51C694705D6BA2FD5E92478A1BDEC88E8AE26711213946B2D20470A15C54821AFBB17B
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/platform/preview/2.64.0/en-US/loading.gif
Preview:	GIF89a........<..a.......!..NETSCAPE2.0.....!..ImageMagick.gamma=0.45455.!.......,..........V.........Zeo.\..u\..be............~c}......M.2..../.L..D..:..p;....>..o9..:......#..!..ImageMagick.gamma=0.45455.!.......,.......................!..ImageMagick.gamma=0.45455.!.......,.....................V..!..ImageMagick.gamma=0.45455.!.......,.......................!..ImageMagick.gamma=0.45455.!.......,..........F......X...Ek. O{y.....X..,.m..q.......?3..:.iJ.p..5s..J\6.....(..!..ImageMagick.gamma=0.45455.!.......,.....................V..!..ImageMagick.gamma=0.45455.!.......,.......................!..ImageMagick.gamma=0.45455.!.......,..........F......X...Ek. O{y.....X..,.m..q.......?3..:.iJ.p..5s..J\6.....(..!..ImageMagick.gamma=0.45455.!.......,.....................V..!..ImageMagick.gamma=0.45455.!.......,.......................;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\pdf.worker.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	770438
Entropy (8bit):	5.63651891023521
Encrypted:	false
SSDEEP:	12288:/B8HgJ+hAaAZ9KBbYRhv1vxjvkcZjuMl68DXX:/B8AsqaA7KBE31vxwEuMl68Dn
MD5:	8F43F3A32DF23400F995137BD39B3E96
SHA1:	9F368C68F4788C9565EDEA054541683CB6791E3F
SHA-256:	1DFAD8C9B4B4981418A528C29A316683E17C222C0D27348264627C57580D2F37
SHA-512:	6000022D4694690E17324F449F090B49000BC7D043C81D6291DE595D98DB3D1FBA060A673A104DF12F71C05D1576861E39272FA14CF525AF172DF4EF58011AD0
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf.worker.min.js
Preview:	(function(q,g){"object"===typeof exports&&"object"===typeof module?module.exports=g():"function"===typeof define&&define.amd?define("pdfjs-dist/build/pdf.worker",[],g):"object"===typeof exports?exports["pdfjs-dist/build/pdf.worker"]=g():q["pdfjs-dist/build/pdf.worker"]=q.pdfjsWorker=g()})(this,function(){return function(q){function g(a){if(c[a])return c[a].exports;var w=c[a]={i:a,l:!1,exports:{}};q[a].call(w.exports,w,w.exports,g);w.l=!0;return w.exports}var c={};g.m=q;g.c=c;g.d=function(a,c,b){g.o(a,.c)\|\|Object.defineProperty(a,c,{enumerable:!0,get:b})};g.r=function(a){"undefined"!==typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(a,Symbol.toStringTag,{value:"Module"});Object.defineProperty(a,"__esModule",{value:!0})};g.t=function(a,c){c&1&&(a=g(a));if(c&8\|\|c&4&&"object"===typeof a&&a&&a.__esModule)return a;var b=Object.create(null);g.r(b);Object.defineProperty(b,"default",{enumerable:!0,value:a});if(c&2&&"string"!=typeof a)for(var l in a)g.d(b,l,function(b){return a[b]}.bind(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\runtime.fdaecdb86e[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	46397
Entropy (8bit):	4.9120201609680825
Encrypted:	false
SSDEEP:	768:kHsnRnRCGVKxdta9Uvxt6z/qMGV1JS8XQ6Cu08xHcCnRnRCGVKxdta9Uvxt6z/qv:PFRSxsz/qxQh6Ct8uCFRSxsz/qPvYhgJ
MD5:	C770B043F8FECCBFA79AEA8FFE684268
SHA1:	85535BE4D324CB7E2C469131C667370EAB9038F5
SHA-256:	A7085823936AC112DDBC20562A6B869406C19C6CEF923EC4F92E78CBB431CA5E
SHA-512:	40C314BDDB4DC778A2F40A7D634C1E3E2A78B78444B5BE28FE8980B923F1AEBBFB99FAB76D15F0CEE7FBA0C2AB014DFC1A90E161BA1D3604F0D82A1444038A09
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/runtime.fdaecdb86e.js
Preview:	!function(e){function a(a){for(var t,l,s=a[0],i=a[1],r=a[2],c=0,f=[];c<s.length;c++)l=s[c],Object.prototype.hasOwnProperty.call(d,l)&&d[l]&&f.push(d[l][0]),d[l]=0;for(t in i)Object.prototype.hasOwnProperty.call(i,t)&&(e[t]=i[t]);for(m&&m(a);f.length;)f.shift()();return n.push.apply(n,r\|\|[]),o()}function o(){for(var e,a=0;a<n.length;a++){for(var o=n[a],t=!0,l=1;l<o.length;l++){var i=o[l];0!==d[i]&&(t=!1)}t&&(n.splice(a--,1),e=s(s.s=o[0]))}return e}var t={},l={runtime:0},d={runtime:0},n=[];function s(a){if(t[a])return t[a].exports;var o=t[a]={i:a,l:!1,exports:{}};return e[a].call(o.exports,o,o.exports,s),o.l=!0,o.exports}s.e=function(e){var a=[];l[e]?a.push(l[e]):0!==l[e]&&{"access-stats-export-modal~activity-sidebar~as-account~as-diagnostics~as-integrations~as-notification~880dc16a":1,"access-stats-export-modal~classification-modal-v2~file-request-and-setting-modal~file-request-builde~0e8c2ec7":1,"access-stats-export-modal~activity-sidebar~edit-tags-modal~keywordless-search~multi-share-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\vendors~app.15f4043a47[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	939754
Entropy (8bit):	5.419623920098495
Encrypted:	false
SSDEEP:	6144:JoVhworv+GARNCvYpPqe5AkZG5tpCkRPlut2fQdJiVUpkHz98NBiLmhdopgnrrIs:yDwdRN45tpCifaWDmhdG6EprzBE
MD5:	50E9EF7DA6BC3D8BC754629CEE07A001
SHA1:	42BD7F0A0B05876C102B8293CEF39A88C8418FD3
SHA-256:	F397E9E436133209699121B8A66FDC47EE6741B09311C6E01FADAC16740862F1
SHA-512:	A9DDAA4DB59D337C19D23D7FC8BA6B4A34F8B2A4755AA8F7C3D6F509894DBA3AF9259D549F6BAA5B2828724051752B8D136D385F13AB9A60EDF9826DBDA5044C
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/vendors~app.15f4043a47.js
Preview:	/! For license information please see vendors~app.15f4043a47.js.LICENSE.txt /.(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["vendors~app"],{"+5jU5LlWGD":function(e,t,n){var r=n("HMbdZSjBQ4");e.exports=function(e,t){var n=Number(t);return r(e,-n)}},"+6+2nNgl5l":function(e,t,n){var r=n("yNUOxrtTnd");e.exports=function(e){var t=r(e);return t.setMinutes(0,0,0),t}},"+6XX5+lld6":function(e,t,n){var r=n("y1pIOgaOIe");e.exports=function(e){return r(this.__data__,e)>-1}},"+K+bU4dw7B":function(e,t,n){var r=n("JHRd0Wtpo2");e.exports=function(e){var t=new e.constructor(e.byteLength);return new r(t).set(new r(e)),t}},"+QkaJiEUcy":function(e,t,n){var r=n("fmRcAGUJsu"),o=n("t2Dn8I5vat"),i=n("cq/+ZHEllX"),a=n("T1AVtgJeLR"),u=n("GoyQGQ25b1"),s=n("mTTRHTH0TC"),c=n("itsjJeh/nX");e.exports=function e(t,n,l,f,p){t!==n&&i(n,(function(i,s){if(p\|\|(p=new r),u(i))a(t,n,s,l,e,f,p);else{var d=f?f(c(t,s),i,s+"",t,n,p):void 0;void 0===d&&(d=i),o(t,s,d)}}),s)}},"+c4WVrHK/K":function(e,t,n){var r=n("711d4qXG

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\vendors~app~codemirror-editor~monaco-editor~sandbox.e68dd7bee.chunk[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	25607
Entropy (8bit):	5.233043275268443
Encrypted:	false
SSDEEP:	384:CvighHwBfBOvdZjSiG3gXcBxJyqDY5rT2wn9+dTp9e8oedY4ymMm2Smb:qighofBOvfyJWChXuC899
MD5:	DFC22954A1CE21CA5607EA467A764325
SHA1:	BFDCEE2933EEB8E002B719A808E023F779EBC6D7
SHA-256:	2F6F6A9B071FA9524767820D3B6E454BC739BD6100558E4E8DB061D917BDAE6E
SHA-512:	505CCB2DB454C825A5DCAFACFE021868E55182A6881851B37D52F7558FF0075B69A7A0B0F0DCBA89B4957E3A505EB078FE58E96867772915776727BE96CA1250
Malicious:	false
Reputation:	low
IE Cache URL:	https://codesandbox.io/static/js/vendors~app~codemirror-editor~monaco-editor~sandbox.e68dd7bee.chunk.js
Preview:	(this.csbJsonP=this.csbJsonP\|\|[]).push([[0],{"../../node_modules/lodash-es/_ListCache.js":function(e,t,s){"use strict";var o=function(){this.__data__=[],this.size=0},n=s("../../node_modules/lodash-es/eq.js");var r=function(e,t){for(var s=e.length;s--;)if(Object(n.a)(e[s][0],t))return s;return-1},a=Array.prototype.splice;var u=function(e){var t=this.__data__,s=r(t,e);return!(s<0)&&(s==t.length-1?t.pop():a.call(t,s,1),--this.size,!0)};var d=function(e){var t=this.__data__,s=r(t,e);return s<0?void 0:t[s][1]};var c=function(e){return r(this.__data__,e)>-1};var i=function(e,t){var s=this.__data__,o=r(s,e);return o<0?(++this.size,s.push([e,t])):s[o][1]=t,this};function l(e){var t=-1,s=null==e?0:e.length;for(this.clear();++t<s;){var o=e[t];this.set(o[0],o[1])}}l.prototype.clear=o,l.prototype.delete=u,l.prototype.get=d,l.prototype.has=c,l.prototype.set=i;t.a=l},"../../node_modules/lodash-es/_Map.js":function(e,t,s){"use strict";var o=s("../../node_modules/lodash-es/_getNative.js"),n=s("../../n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\vendors~app~embed~sandbox-startup.10f5f18b4.chunk[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	16921
Entropy (8bit):	5.171360077851575
Encrypted:	false
SSDEEP:	192:OwBo/oT8uGsYaUf1luFWSLuJaH/zdH11Zfeq6oQw:OY1xYRmbm6pw7oQw
MD5:	086E4A580502FBE1864DD15D433F4DED
SHA1:	20FC820C3BB85D8F88F3884FB2080280E98B65FF
SHA-256:	609E2F20F79864FFF8817C010DF5562F24178785F2B5DD98CA38407E5527210A
SHA-512:	37C3EB7CBFE7EC5DA773945D7D9E9842D55A2FBDBF69A6450E50394ECAA4BB0AF05D5F216A2FEA77B8F1A68BC8E32041F13B8762B73236D0C355D04A37986529
Malicious:	false
Reputation:	low
IE Cache URL:	https://codesandbox.io/static/js/vendors~app~embed~sandbox-startup.10f5f18b4.chunk.js
Preview:	(this.csbJsonP=this.csbJsonP\|\|[]).push([[5],{"../../node_modules/console-feed/lib/Hook/index.js":function(e,t,r){"use strict";t.__esModule=!0;var n=r("../../node_modules/console-feed/lib/definitions/Methods.js"),o=r("../../node_modules/console-feed/lib/Hook/parse/index.js"),i=r("../../node_modules/console-feed/lib/Transform/index.js");t.default=function(e,t,r){void 0===r&&(r=!0);for(var a=e,s={pointers:{},src:{npm:"https://npmjs.com/package/console-feed",github:"https://github.com/samdenty99/console-feed"}},u=function(e){var n=a[e];a[e]=function(){n.apply(this,arguments);var a=[].slice.call(arguments);setTimeout((function(){var n=o.default(e,a);if(n){var s=n;r&&(s=i.Encode(n)),t(s,n)}}))},s.pointers[e]=n},f=0,l=n.default;f<l.length;f++){u(l[f])}return a.feed=s,a}},"../../node_modules/console-feed/lib/Hook/parse/GUID.js":function(e,t,r){"use strict";t.__esModule=!0,t.default=function(){var e=function(){return(65536*(1+Math.random())\|0).toString(16).substring(1)};return e()+e()+"-"+e()+"

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\vendors~app~sandbox.b5f1eee3a.chunk[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	58784
Entropy (8bit):	5.515170970952285
Encrypted:	false
SSDEEP:	768:sHrLoHfBDkEYkECYedn3MoRRkt4gptQgLOK1aeFW3VifHgjbSa0Ew:sHyfNNFn8M3sCVK
MD5:	8E457B950D9552EDB389A01B9CEA82D5
SHA1:	1C511D7516D346A01A5F972CD3102009873D9678
SHA-256:	6D5FA465593642814B127DC0E4D2CABE1C3D134D2F262629E939605B5180D38B
SHA-512:	322DA5C49ACFFF077BF5106F44F1CF9DCE706C727DE6A666C347B183EAA1A517DFEC783971C3CD4FAE85515F5FCCD2FE63147850649F04305DBD22F9338A6260
Malicious:	false
Reputation:	low
IE Cache URL:	https://codesandbox.io/static/js/vendors~app~sandbox.b5f1eee3a.chunk.js
Preview:	(this.csbJsonP=this.csbJsonP\|\|[]).push([[13],{"../../node_modules/@babel/runtime/helpers/construct.js":function(e,r,s){var n=s("../../node_modules/@babel/runtime/helpers/setPrototypeOf.js"),o=s("../../node_modules/@babel/runtime/helpers/isNativeReflectConstruct.js");function t(r,s,a){return o()?e.exports=t=Reflect.construct:e.exports=t=function(e,r,s){var o=[null];o.push.apply(o,r);var t=new(Function.bind.apply(e,o));return s&&n(t,s.prototype),t},t.apply(null,arguments)}e.exports=t},"../../node_modules/@babel/runtime/helpers/get.js":function(e,r,s){var n=s("../../node_modules/@babel/runtime/helpers/superPropBase.js");function o(r,s,t){return"undefined"!==typeof Reflect&&Reflect.get?e.exports=o=Reflect.get:e.exports=o=function(e,r,s){var o=n(e,r);if(o){var t=Object.getOwnPropertyDescriptor(o,r);return t.get?t.get.call(s):t.value}},o(r,s,t\|\|r)}e.exports=o},"../../node_modules/@babel/runtime/helpers/isNativeReflectConstruct.js":function(e,r){e.exports=function(){if("undefined"===typeof Re

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\vendors~sandbox.4c1b5e5ac.chunk[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	393215
Entropy (8bit):	5.573935019895943
Encrypted:	false
SSDEEP:	3072:Jrg79e5kM6/+pHhmU+qw9wiIYIJi7/OU4eUGkGeXFXd0+nEVUOtFEzKvG+QbMeQD:Jr69e5k7/+pLkB/OUt5pkjEusFNvGBY
MD5:	BA28DBB728A322AE3065FFF7190AA78B
SHA1:	BC858918CFC2FC0C901F51F0C66DC1DAFCB7C279
SHA-256:	47FA05A21D981EEDD1EB926071651E19DD2A8AF8DB196E13916957225013693F
SHA-512:	E722D161181D101ED694EDE09FB6F048B7F10CDA91D84FF99E15E5FAFC2BFA35E642632E1E4FBBF9EF12885684AA4F8EFEDC08DEAE2B558623934A4F471694CD
Malicious:	false
Reputation:	low
IE Cache URL:	https://codesandbox.io/static/js/vendors~sandbox.4c1b5e5ac.chunk.js
Preview:	(this.csbJsonP=this.csbJsonP\|\|[]).push([[65],{"../../node_modules/@babel/runtime/helpers/toArray.js":function(e,t,n){var r=n("../../node_modules/@babel/runtime/helpers/arrayWithHoles.js"),o=n("../../node_modules/@babel/runtime/helpers/iterableToArray.js"),u=n("../../node_modules/@babel/runtime/helpers/unsupportedIterableToArray.js"),i=n("../../node_modules/@babel/runtime/helpers/nonIterableRest.js");e.exports=function(e){return r(e)\|\|o(e)\|\|u(e)\|\|i()}},"../../node_modules/anser/lib/index.js":function(e,t,n){"use strict";var r=u(n("../../node_modules/babel-runtime/helpers/classCallCheck.js")),o=u(n("../../node_modules/babel-runtime/helpers/createClass.js"));function u(e){return e&&e.__esModule?e:{default:e}}var i=[[{color:"0, 0, 0",class:"ansi-black"},{color:"187, 0, 0",class:"ansi-red"},{color:"0, 187, 0",class:"ansi-green"},{color:"187, 187, 0",class:"ansi-yellow"},{color:"0, 0, 187",class:"ansi-blue"},{color:"187, 0, 187",class:"ansi-magenta"},{color:"0, 187, 187",class:"ansi-cyan"},{

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\MUI8VD1X.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	1555
Entropy (8bit):	4.9651341307839525
Encrypted:	false
SSDEEP:	24:0E01AZk6teGpqnw2JIE4MYgh1VCb1VAcw1V6OU1V/7O1V2i1VIO1VDW1I:0EGwZpCJn4gl8m6Og/7KlIKDB
MD5:	FF96236A2FD58AC76C9C735880615564
SHA1:	534DCA2011C69C1B36084C489EA5A84A05397B25
SHA-256:	EB02BD50FE009483957CECC8EA58FD55EF31B697CBDA2D1CECF1045300C1CE68
SHA-512:	2BD78E77F554F7666B66EC0BCCFA14BD5DE9373D311FCD29F6278F92857045E90FF4A695A94E04D17605CEBF4CD7E002D2E6AAC190ABC2ADF03040DC0957CE08
Malicious:	false
Reputation:	low
IE Cache URL:	https://dy2ln.csb.app/
Preview:	<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>Sandbox - CodeSandbox</title><link rel="manifest" href="/manifest.json"><link rel="shortcut icon" href="/favicon.ico"><link rel="mask-icon" href="/csb-ios.svg" color="#fff"><script src="https://codesandbox.io/static/browserfs12/browserfs.min.js" type="text/javascript"></script><script>window.process=BrowserFS.BFSRequire("process"),window.Buffer=BrowserFS.BFSRequire("buffer").Buffer</script></head><body><div id="csb-loading-screen"></div><script src="https://codesandbox.io/static/js/vendors~app~embed~sandbox-startup.10f5f18b4.chunk.js" crossorigin="anonymous"></script><script src="https://codesandbox.io/static/js/sandbox-startup.788fc841a.js" crossorigin="anonymous"></script><script src="https://codesandbox.io/static/js/vendors~app~codemirror-editor~monaco-editor~sandbox.e68dd7bee.chunk.js" crossorigin="anonymous"></script><script src="https://codesandbox.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\as-security~change-current-user-role-modal~collaborators~collection-detail-page~content-explorer-mod~2da256af.a0db8de5f2[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	41476
Entropy (8bit):	5.495168521800379
Encrypted:	false
SSDEEP:	384:p/CXDeUxEk4s4xb268LYhyqYvfGTW8QWoK7aHFIXZhq4f/RW94sPRugXhkUF5no7:pK6ls4xi6CcQ5SPq2iCBS3HTC
MD5:	A0A0AD79772308D2FA9C7FEB0D365E27
SHA1:	B6D6AD65CDE92616D62EB1593ED804FE9671ED48
SHA-256:	8F27FA13A51FAF0B5264DCCA894F10471640F4BC6DE092DB4D54137635308312
SHA-512:	68FE411A6FF74D2DB8BB44BF8274CCE0481CC4A22569636E3F49B706295CCE0064A0CB169D945B7EF851873393561EA2195D155A0D88B14F759C81D0D230146C
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/as-security~change-current-user-role-modal~collaborators~collection-detail-page~content-explorer-mod~2da256af.a0db8de5f2.js
Preview:	(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["as-security~change-current-user-role-modal~collaborators~collection-detail-page~content-explorer-mod~2da256af","redux-form"],{"+2+ffwlNqK":function(t,e,n){"use strict";var r=n("0HdwK5vH5Z");e.__esModule=!0,e.default=function(t){if((!o&&0!==o\|\|t)&&i.default){var e=document.createElement("div");e.style.position="absolute",e.style.top="-9999px",e.style.width="50px",e.style.height="50px",e.style.overflow="scroll",document.body.appendChild(e),o=e.offsetWidth-e.clientWidth,document.body.removeChild(e)}return o};var o,i=r(n("75K7zeGrYS"));t.exports=e.default},"+JPL/cuRJc":function(t,e,n){t.exports={default:n("+SFKZfGj63"),__esModule:!0}},"+SFKZfGj63":function(t,e,n){n("AUvmEmPtAX"),n("wgeUepA6S/"),n("adOz4zfAgb"),n("dl0quHMrQ4"),t.exports=n("WEpklf3dyC").Symbol},"+plKfkdWim":function(t,e,n){n("ApPDsGgrfM"),t.exports=n("WEpklf3dyC").Object.getPrototypeOf},"0HdwK5vH5Z":function(t,e){t.exports=function(t){return t&&t.__esModule?t:{default:t}}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\common-sandbox.71780db40.chunk[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	301952
Entropy (8bit):	5.338128313079919
Encrypted:	false
SSDEEP:	3072:ZZcS5ShFTw0SdvVvPevV1V1PrdgKZ8KFS4RJN90jI7Ia2fv7AjIelaE1li8NVFx9:x5SfufvmmAjIqlj3
MD5:	7A84D4394344E5E07063863F11656218
SHA1:	8B8D8EA4E0D5558CE4E336E165D0E43313769AB4
SHA-256:	0BFCD135154F3AA7DA46B0F0A7E6CC1BD3402D710D4CB2E958C2C9ABA7E21EA3
SHA-512:	860D97B411BF63A4CAB8B738398D3DB5A65DD0AC6F732BA729FE893BEB95BAD4F65EA7C7082E92CD2E7B793EDFB914379778105AB53C448BCD511DB2C62298A0
Malicious:	false
Reputation:	low
IE Cache URL:	https://codesandbox.io/static/js/common-sandbox.71780db40.chunk.js
Preview:	(this.csbJsonP=this.csbJsonP\|\|[]).push([[2],{"../../node_modules/@babel/polyfill/lib/index.js":function(e,o,t){"use strict";t("../../node_modules/@babel/polyfill/lib/noConflict.js");var r,s=(r=t("../../node_modules/core-js/library/fn/global.js"))&&r.__esModule?r:{default:r};s.default._babelPolyfill&&"undefined"!==typeof console&&console.warn&&console.warn("@babel/polyfill is loaded more than once on this page. This is probably not desirable/intended and may have consequences if different versions of the polyfills are applied sequentially. If you do need to load the polyfill more than once, use @babel/polyfill/noConflict instead to bypass the warning."),s.default._babelPolyfill=!0},"../../node_modules/@babel/polyfill/lib/noConflict.js":function(e,o,t){"use strict";t("../../node_modules/core-js/es6/index.js"),t("../../node_modules/core-js/fn/array/includes.js"),t("../../node_modules/core-js/fn/array/flat-map.js"),t("../../node_modules/core-js/fn/string/pad-start.js"),t("../../node_module

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\content-sidebar.0ff11d4a03[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	5630
Entropy (8bit):	5.020963614043702
Encrypted:	false
SSDEEP:	96:jcbFo3CeCC+i8DpMKfi5KCZe+jox8hm8wTy8E5fuG:IhDejSpMKfi0ClSUbL
MD5:	159F5E7E94AF878664C6490270CD2998
SHA1:	EFB4B60AF7A7BB6E543339B4016A60BDC78C7D41
SHA-256:	6E5D870B3EE59E9DAD6A378F1E264C193830BD895FAF1145383E709714A82D76
SHA-512:	C746CF7D3F795CEFAB5EBA4CAC86633563D9C8FF78BE867EB52721D8B55AC927662C5DB71EE80A82D3CB2DE0710329261BEBF1871BFC8EFFA82F462AC8DE5AC3
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/content-sidebar.0ff11d4a03.css
Preview:	.bdl-BackButton,.bdl-BackButton:focus,.bdl-BackButton:hover{display:flex}.bcs .bcs-NavButton{position:relative;display:flex;align-items:center;justify-content:center;width:59px;height:60px;background-color:transparent}.bcs .bcs-NavButton:before{position:absolute;top:0;bottom:0;left:-1px;display:block;width:3px;content:"";pointer-events:none}.bcs .bcs-NavButton.bcs-is-selected:before{background-color:#0061d5}.bcs .bcs-NavButton.bcs-is-selected svg .fill-color{fill:#0061d5}.bcs .bcs-NavButton:hover{background-color:#f4f4f4}.bcs .bcs-NavButton:hover:not(.bcs-is-selected) svg .fill-color{fill:#4e4e4e}.bdl-SidebarToggleButton{margin:0 3px;padding:4px;border-radius:4px}.bdl-SidebarToggleButton path{fill:#909090}.bdl-SidebarToggleButton:not(.bdl-is-disabled):hover,.bdl-SidebarToggleButton:not(.is-disabled):hover{background-color:#f4f4f4}.bdl-SidebarToggleButton:not(.bdl-is-disabled):focus,.bdl-SidebarToggleButton:not(.is-disabled):focus{border-color:#96a0a6;box-shadow:0 1px 2px rgba(0,0,0,.1)

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\content-sidebar.3947dacfa1[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	49949
Entropy (8bit):	5.387901178099782
Encrypted:	false
SSDEEP:	768:fs/VCjHEsHlmIG6LfBf/37FDvuMtvvzeKQ2rsr5HusUGp:71J/37FzumvwlHl
MD5:	8A1C89E8D11EDE23AE9A655603FDD326
SHA1:	A65C4BE8E894B920A766E9CE660B2110459DF461
SHA-256:	4DA8D1F20E6A74286DEBD45DEE625FF77FCF3C1E0E9EC2FA7C2F7A97A3A63EED
SHA-512:	05708E5C6303E2E82C0CA593A253C4DCFBC6D7E2622D04725A64DC4AEC6CAFC170EECDB37B87B45E338236269B76DCA3687280799DBB8B7FE92AD1DA9DF0E391
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/content-sidebar.3947dacfa1.js
Preview:	(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["content-sidebar"],{"+HTToFDsKF":function(e,t,n){"use strict";n.r(t);n("ls82xohDAq");var r=n("q1tIBJhxTW"),a=n.n(r),i=n("vN+2IcUykn"),o=n.n(i),c=n("56YHLNIoDA"),s=n.n(c),l=n("Jdck50bD+l"),u=n("9v9/QOdyjq"),d=n("NR/qkXUXgp"),f=n("TSYQbtd+U2"),p=n.n(f),b=n("mwIZSSbMl2"),h=n.n(b),y=n("mNz5hShaC3"),m=n.n(y),v=n("Ty5D64ufpF"),g=n("UroeuGWH9k"),S=n("03vecjQMf5"),O=n("JRPeW/Ew/U"),E=n("Amu/syeQX8"),I=n("mxNUbu5+54"),w=n("DJuBjJIVWu"),A=function(e){var t=e.className,n=void 0===t?"":t,a=e.color,i=void 0===a?"#999":a,o=e.height,c=void 0===o?24:o,s=e.title,l=e.width,u=void 0===l?24:l;return r.createElement(w.default,{className:"icon-doc-info ".concat(n),height:c,title:s,viewBox:"0 0 24 24",width:u},r.createElement("path",{className:"fill-color",d:"M19.41 7.41l-4.82-4.82A2 2 0 0 0 13.17 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8.83a2 2 0 0 0-.59-1.42zM13 16a1 1 0 0 1-2 0v-4a1 1 0 0 1 2 0zm-1-6a1 1 0 1 1 1-1 1 1 0 0 1-1 1z",fill:i}))},

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\core.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
Category:	downloaded
Size (bytes):	87635
Entropy (8bit):	5.293336083461073
Encrypted:	false
SSDEEP:	1536:k9NbTl2MRt0zxgAHAPHxC+OMH8obwNaWpbDlct:k99Tl2MjJ8cPW9lct
MD5:	8F402D83489BA25EF87CDFC67BF47932
SHA1:	EFBCAE4F111F6CECF56E1B88857F688EEECABAF1
SHA-256:	50DA66E885D183593100789E7376D6171310D22F64E798A1DDA6AD5940CF0967
SHA-512:	E650576C845A326539EA79A87E8D5421B19349E5F5F7FB3F6BA8AE7F0F1A4F909BE87C9AD94022C043F5109B4A85C6DEA54ECEE8075786CCFE2F761696A965DF
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/polyfills/core-js/2.5.3/core.min.js
Preview:	/*. core-js 2.5.3. * https://github.com/zloirock/core-js. * License: http://rock.mit-license.org. * . 2017 Denis Pushkarev. */.!function(t,n,r){"use strict";!function(t){function __webpack_require__(r){if(n[r])return n[r].exports;var e=n[r]={i:r,l:!1,exports:{}};return t[r].call(e.exports,e,e.exports,__webpack_require__),e.l=!0,e.exports}var n={};__webpack_require__.m=t,__webpack_require__.c=n,__webpack_require__.d=function(t,n,r){__webpack_require__.o(t,n)\|\|Object.defineProperty(t,n,{configurable:!1,enumerable:!0,get:r})},__webpack_require__.n=function(t){var n=t&&t.__esModule?function getDefault(){return t["default"]}:function getModuleExports(){return t};return __webpack_require__.d(n,"a",n),n},__webpack_require__.o=function(t,n){return Object.prototype.hasOwnProperty.call(t,n)},__webpack_require__.p="",__webpack_require__(__webpack_require__.s=129)}([function(t,n,e){var i=e(2),o=e(18),u=e(13),c=e(14),f=e(19),a="prototype",s=function(t,n,e){var l,h,p,v,g=t&s.F,y=t&s.G,d=t&s.P,_=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\preview-components~shared-file.8b8bb8ddac[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	31106
Entropy (8bit):	5.404444723561215
Encrypted:	false
SSDEEP:	768:1j6foykcFKC/uRMQK9QZWTx7mA44c2d5YdVywTI:xgHiC/cu95To+c2dMTI
MD5:	81A4E9BF376814968ADA78905E39D8DB
SHA1:	7A30C05118B8723C66EF6E7F8F5A2A5116E0D374
SHA-256:	D9912016553DA753EE9624D8CDD0D689100550CF27A821E3508129EA54B28339
SHA-512:	5B06652F9569031D54060406C84D28D148FBC65F1B8C2468D27FCB48429C84BEC8D09F92CC39C0B832115F6F24B7D70D142A63C8A5F94DEEFA052065BDE258A8
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/preview-components~shared-file.8b8bb8ddac.js
Preview:	(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["preview-components~shared-file"],{"0pk5DGk/OM":function(e,t,n){"use strict";var o=n("/MKjzBatqn"),r=n("q9wI8Vu9Ou"),i=n("zXsyuZZv6G"),a=n("q1tIBJhxTW"),s=n("JRPeW/Ew/U"),l=(n("JPcvh7FMFD"),n("VzvVVBGVbW")),d=n("ZEDLez+ZlJ"),u=n("DtrrBg37C6"),c=n("BBtKKuFpIS"),p=n("1En/ASmD05"),f=n("0sbS2nMEFU"),w=n("wnhEk9N3Ty");function b(){return(b=Object.assign\|\|function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}function v(e,t){if(null==e)return{};var n,o,r=function(e,t){if(null==e)return{};var n,o,r={},i=Object.keys(e);for(o=0;o<i.length;o++)n=i[o],t.indexOf(n)>=0\|\|(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(o=0;o<i.length;o++)n=i[o],t.indexOf(n)>=0\|\|Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var h=function(e){var t=e.anonymousDownload,n=e.canDo

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\preview[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	55663
Entropy (8bit):	5.022130019841686
Encrypted:	false
SSDEEP:	768:SSI0/vyIN136bUEcDefZYMki45g4vcqK7KOdUy7:BD36gETZV4RK7KOd3
MD5:	7AE9D873A308184A7B92E65BAF78118B
SHA1:	AF043306849A84645F8AADF500DF40720A500D35
SHA-256:	8E54B91D08B1193B9FB597DC92F7A993586DB33E90305846E79C8A0F0B186A45
SHA-512:	2A155177AFF6A3F8139F1FB50254CC04CAEFC885541D8BA08D34DF1258491C7CB542264FBECAACA31E6E17BC365C2506B144FDCA745716F88827D61C8A2A9F6F
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/platform/preview/2.64.0/en-US/preview.css
Preview:	/!. Box Content Preview. * . * Copyright 2019 Box, Inc. All rights reserved.. * . * This product includes software developed by Box, Inc. ("Box"). * (http://www.box.com). * . * ALL BOX SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED. * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF. * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.. * IN NO EVENT SHALL BOX BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.. * . * See the Box license for the specific language governing permissions. * and limitations under the licen

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\preview[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	680738
Entropy (8bit):	5.3539372538605035
Encrypted:	false
SSDEEP:	6144:EMZxuNuWoe1KFh0nbrdgziCa6UCCRORDvg7hDmrZAQG/YK:h+pd1+5zijCCRORDvqhDmrKB
MD5:	DE225488B7DEC3D8D1DBB7582A3E3A7D
SHA1:	8F07E5A9D8EB7F1A585A97EA19CC70833D66C8A2
SHA-256:	FDA0E2F087AB07302C76869E4EC36967C6480E13E65F03922E0960058DF09964
SHA-512:	8CB5AF67B7E41AC1736D435CEDB0A3425D3D48286A0E533031A113973FE88B0BC3A718EB73EFE4CE8397F96F5FACCEE45D93CCF88AF02C71B5D8C50DAF6E2A6B
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/platform/preview/2.64.0/en-US/preview.js
Preview:	/!. Box Content Preview. * . * Copyright 2019 Box, Inc. All rights reserved.. * . * This product includes software developed by Box, Inc. ("Box"). * (http://www.box.com). * . * ALL BOX SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED. * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF. * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.. * IN NO EVENT SHALL BOX BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.. * . * See the Box license for the specific language governing permissions. * and limitations under the licen

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\sandbox-startup.788fc841a[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	30573
Entropy (8bit):	5.275829113219818
Encrypted:	false
SSDEEP:	384:i/5lqAWG+6FjAtYaU+R/Wwh7xRyL0RCcY+gFMtT9Ij94YDFDfnY1Tfh/Lj8nfavT:ibp7+6ZAtYaU+hWYx0FMtxQFTq/8C3L
MD5:	6DD5F7A0D089D3A7352F99AE6C654A22
SHA1:	356B1A9B08442C712C1F130761B59B6AF5EB3163
SHA-256:	4639E1FFC804275C280FAED339C11CCCA77ED5989687351F9E9434F544F83F49
SHA-512:	89F0B3974023487F8A48DA9DFD33A24E26424165D9B82EFDB26CB783653A1C269EDF2075500135F9E4E1F38FB1442B183F22A39E986E03DA7F9E630186F0ED7B
Malicious:	false
Reputation:	low
IE Cache URL:	https://codesandbox.io/static/js/sandbox-startup.788fc841a.js
Preview:	!function(e){function t(t){for(var r,a,s=t[0],c=t[1],u=t[2],d=0,f=[];d<s.length;d++)a=s[d],Object.prototype.hasOwnProperty.call(o,a)&&o[a]&&f.push(o[a][0]),o[a]=0;for(r in c)Object.prototype.hasOwnProperty.call(c,r)&&(e[r]=c[r]);for(l&&l(t);f.length;)f.shift()();return i.push.apply(i,u\|\|[]),n()}function n(){for(var e,t=0;t<i.length;t++){for(var n=i[t],r=!0,s=1;s<n.length;s++){var c=n[s];0!==o[c]&&(r=!1)}r&&(i.splice(t--,1),e=a(a.s=n[0]))}return e}var r={},o={51:0},i=[];function a(t){if(r[t])return r[t].exports;var n=r[t]={i:t,l:!1,exports:{}};return e[t].call(n.exports,n,n.exports,a),n.l=!0,n.exports}a.e=function(e){var t=[],n=o[e];if(0!==n)if(n)t.push(n[2]);else{var r=new Promise((function(t,r){n=o[e]=[t,r]}));t.push(n[2]=r);var i,s=document.createElement("script");s.charset="utf-8",s.timeout=120,a.nc&&s.setAttribute("nonce",a.nc),s.src=function(e){return a.p+"static/js/"+({}[e]\|\|e)+"."+{75:"0a11a2b44",77:"37bb5be24"}[e]+".chunk.js"}(e);var c=new Error;i=function(t){s.onerror=s.onload

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\sandbox.ba8055760[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	298831
Entropy (8bit):	5.261017796332673
Encrypted:	false
SSDEEP:	3072:9WWvqMicXYbFLWDFrx0y8ORCxZrwisJxmVNm45+UonfUj7oSsTPJKuw303z2cN:PeWBrxaCCnmCj6Ko1
MD5:	D716E0ECCDC5C6C950EF8E5000239C2C
SHA1:	BB1B1D4F5E8C81DC21E04476EA7B7C799DF62306
SHA-256:	6C8F493A3270D8C5D58AC43376683AEF39E6CFBF7BE242BF8684F4C2B93BE2A6
SHA-512:	230E5A83934AEF1407FFCDF694E318578CFE39A921494EC5475B65A64873D6730163AEB9D910B709C44EDF5753B618929AA41701E0A0EB4AD5247FB1ACF6A2DC
Malicious:	false
Reputation:	low
IE Cache URL:	https://codesandbox.io/static/js/sandbox.ba8055760.js
Preview:	!function(e){function t(t){for(var r,i,a=t[0],l=t[1],c=t[2],d=0,p=[];d<a.length;d++)i=a[d],Object.prototype.hasOwnProperty.call(s,i)&&s[i]&&p.push(s[i][0]),s[i]=0;for(r in l)Object.prototype.hasOwnProperty.call(l,r)&&(e[r]=l[r]);for(u&&u(t);p.length;)p.shift()();return o.push.apply(o,c\|\|[]),n()}function n(){for(var e,t=0;t<o.length;t++){for(var n=o[t],r=!0,a=1;a<n.length;a++){var l=n[a];0!==s[l]&&(r=!1)}r&&(o.splice(t--,1),e=i(i.s=n[0]))}return e}var r={},s={50:0},o=[];function i(t){if(r[t])return r[t].exports;var n=r[t]={i:t,l:!1,exports:{}};return e[t].call(n.exports,n,n.exports,i),n.l=!0,n.exports}i.e=function(e){var t=[],n=s[e];if(0!==n)if(n)t.push(n[2]);else{var r=new Promise((function(t,r){n=s[e]=[t,r]}));t.push(n[2]=r);var o,a=document.createElement("script");a.charset="utf-8",a.timeout=120,i.nc&&a.setAttribute("nonce",i.nc),a.src=function(e){return i.p+"static/js/"+({6:"vendors~vue-loader~vue-selector~vue-template-compiler",15:"vendors~postcss-compiler~vue-style-compiler",16:"v

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\shared-file.e033e213bd[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	13621
Entropy (8bit):	5.274090314200574
Encrypted:	false
SSDEEP:	192:QQnwXvKIoruPBcZJymwC49/4TfiFSr5fkro0O9QwyY5F7rftcyFocuVy6:Qks8ueZJ0FtAiFYIpO9QwvtcyFej
MD5:	8638E4702A54C3F14D108C0577EDE6B4
SHA1:	A9BDA2BC73782504627CAE8803281BA9E2D5ED27
SHA-256:	BAAA4397909DA2A9B0C4ED52B1EE2BA3B44C3C1A1816A5F213C6A8180BB6EF59
SHA-512:	94DF2347E7EA555DF331F24AD29A813E5513CF28045896DB1CA0E49CE4DF081BE9A6BEDC3AF6DA9F2E16A1C1A64D3B9C1B8ACD1609251F764D696C946EB00E2D
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn01.boxcdn.net/enduser/shared-file.e033e213bd.js
Preview:	(window.webpackJsonp=window.webpackJsonp\|\|[]).push([["shared-file"],{"8bPKGyOoiP":function(e,t,n){},"9Nyd+vSxbR":function(e,t,n){},eNYSbZFTnr:function(e,t,n){"use strict";var r=n("mv074FmJXE");n.d(t,"a",(function(){return r.a}))},ge6f43AXgi:function(e,t,n){"use strict";n.r(t);var r,a=n("e7SQulcBac"),o=n("8Uoiwx9NYF"),i=n("ctmAoT7YrD"),l=n("jyz5Lsk3MC"),s=n("Iqkazkw3SQ"),c=Object(s.b)("sharedFilePage/GET",(function(e){return Object(l.c)("/app-api/enduserapp/item/".concat(e),{format:"sharedFilePreview"},{exclusiveGroup:i.g})}),{navigation:!0});function u(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function d(e){for(var t=1;t<arguments.length;t++){var n=null!=arguments[t]?arguments[t]:{};t%2?u(Object(n),!0).forEach((function(t){f(e,t,n[t])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDes

C:\Users\user\AppData\Local\Temp\datA757.tmp Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 119132, version 1.0
Category:	dropped
Size (bytes):	119132
Entropy (8bit):	7.991532245734968
Encrypted:	true
SSDEEP:	3072:pECjkMzGFzkgGdoAiZzixFwotRAE9urcBQbtF0roFS:pECjVzIGYZ4Fpx9urUQbtFeoFS
MD5:	3E4A4FC6317C4C2CF35D7C77EC1789C3
SHA1:	40EA0D8678B92988824193587F707E3AEDC4591F
SHA-256:	607EC0A4A29F6A4607F6E0A3CF486E50322DDF66F1F1870150CB69A7061E978D
SHA-512:	F7D639520F4C3A3539AD7506EC1CEBED8107C2A264316FE0E98A15132ACCFE6212A22391F4A7203B6D8304B3222B603F0137BA9ACAC7478F217363EEF4556DED
Malicious:	false
Reputation:	low
Preview:	wOFF.......\................................FFTM............p.\MGDEF.......7...8.x..GPOS.......z...b...GSUB...x...,...FA..sOS/2......_...`i...cmap............x.!>cvt .......r....?9..fpgm...T............gasp................glyf..........a..?.head.......1...6..qfhhea.......!...$....hmtx.............C.2loca..............-&maxp....... ... .L..name..............hpost..........'....)prep...........o.i:webf...T........`.V..........=........y.......x.c`d``..b...`b`e`dj..f.6.f.v.o.F..._.&.?.^.F...*..i..C.x...\|M......!.<.fEI.USS\TcVUTT.E.UUu.RUUWCM5W.U5....Ap".H"b.I.'!..j..g........o_..Yg...z.z...Jv\..!<. .p..{_....cG.......h1..q.E'.B.!..!...I.s.....W.).T......a.7QO4...x.-D[.Y....`1B....1M...1v...;E.D;..c.......b...........;........v^..^...M..&.F.f...u.]Eo..$....7.Vi...&W9]..au}F].T....[>.t.....+..Fj.X.^U...jzu}.._W...OS......M.;.].k.fQ..../.K.h.f..\.vr...... ..#]G..s..:.u.k..\.E..]W..s...u..!.c..\3]s\.\.....r..........-.-..[...n....w.........n...p.....nS..

C:\Users\user\AppData\Local\Temp\datA786.tmp Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 84396, version 2.983
Category:	dropped
Size (bytes):	84396
Entropy (8bit):	7.996116383259223
Encrypted:	true
SSDEEP:	1536:lhWk7aeOTww2X4owbcnRqvjFkw8cyW/fTJnh2r667bZ3fTyG/q+TBpMLB:lHdOk9ojj2a//rFoeutTyG/ZBC
MD5:	8A54EA1AEB67D07C751BD5F03068317B
SHA1:	CFBEE4F2FD7F359A2A60648BB6797CAC1FD4DA3E
SHA-256:	4230A20B841519BDBE4B0C154BAD414E017CF80B3918127D45C4F907EEA07280
SHA-512:	A3CA9E052DBB81A20C71DDD24962CE57E842134A8B30842328410DF3FCF76EED4367C3A5A1148DD11092CF0CF3E29B57040CF79D40AC6450D8234F27204D47E1
Malicious:	false
Reputation:	low
Preview:	wOF2......I.......m...I;........................?FFTM..8...>..F.`.. ..j...........\|.6.$..$..(.. ..Z.....9?webf.[/0..B%.^..m.m..[..F...&...v....!.......i.V]\.l....b.a..96....H.............J...../....3.H...X.g.*.j.....v.!p4.-.I....P..i..1vTS..}..&A.Z..FT}?([..j..[.....c..@...LmwV...B.A.9$!.....z..'..C.1.....$!...uu....>......4....R&..}9.h-.T../..Iz.....W>......7..u...z~...V...~2....b.>....{~e[..HP:qT.L.o..P.hF..B...U.w.+E..o..dV>.......,.U^L....... .............Y.pN......{1T...V.....\|.&.?/Q...\|4.I.k.... .v..T...;....7B..]..\|..R_.].\|..D.:b............%.....D../.!.@......;p.%.g...w..(\|...[.9......T...y.,... .N.i..L..AVe.>..B.e.H.O!?.@/..ku.f.......w...Xg..YR.gD....i=...\.$Y.iG.......F...CN.(\|.A.{\..K5x....>i!....."....N..0.R.y...G.A..jt.Lg.ML.`......3Y{=.m$..x....%..\|f.wvU..\...R.x......_...tl.NH._.Y......2....r.).J.....R..DLo.zG.U.xj.4..~..7G=!.......X&.(.a.-........$..;._qL.,.d..i..XJ5.P.-{......J.$o@b...l.h....r..5..i..Jx@..T..I.Nt/."7.z.K>2...\

C:\Users\user\AppData\Local\Temp\datC4E3.tmp Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	OpenType font data
Category:	dropped
Size (bytes):	1120
Entropy (8bit):	3.244000719331451
Encrypted:	false
SSDEEP:	12:+5M/r921oNY0p9b1IfSly/VAAc5EK/HU1qsG1bhCEo8+R5+ddmq0/gNV11Mp1V29:+Kr9fuUx1IfSljAP3G6M3B8P2jaAo/K
MD5:	37E1D6CA7B9B67BF3DD4FE8FE8575D42
SHA1:	B94DE65905112B4E6EEA8AC43E5C6A527E231A2F
SHA-256:	121EB290106B281FCF19391604B49F08698FBB275150F8349976773441F14A29
SHA-512:	5C232160B53C3548D1F12BA584DEBCF16E8916D03AE66678E8F7786EF73C64D56FF293EF82DA7B2C0F2A39AF2D2720C9C98CDC8253EE55F772C624EA5B6017C3
Malicious:	false
Reputation:	low
Preview:	OTTO.......0CFF ..x........FFTMe.6p........GDEF.......8....OS/2V.c.... ...`cmap.......4...Bhead..E........6hhea.d.........$hmtx.......X....maxp..P.........nameX.t~........post...3...x... .........Q.._.<....................<.......!.................!...Z............................P................................1..............................PfEd....... .8.Z.!............... . ................................................................................................................................................................................X.X......................<........... ...............................................................................................................................................................................................................................................................................................................2.............................X....!....................\|................!XXXlt16141304811390XXXXXXXX

C:\Users\user\AppData\Local\Temp\datC523.tmp Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	OpenType font data
Category:	dropped
Size (bytes):	1120
Entropy (8bit):	3.2432518438481743
Encrypted:	false
SSDEEP:	12:+5+921oNY0p9b1IfSly/VAAc5EK/HU1qsG1bhCEo8+R5+ddmq0/gNV11Mp1V2b9D:+E9fuUx1IfSljAP3G6M3B8P2GAo/K
MD5:	087A3AD3E3ACC6B97C9D29A36D4764CF
SHA1:	65751C20AB383C8F4581F1CBD70E300234A1D025
SHA-256:	3D1BF20FB4235798679BD7CD9DE77F2200F529A80A1FF005C4149B2F2F7324B1
SHA-512:	281E9C12468407F8EF8AD2551265082EEF98FE85D76F9B5FEF8E54DE1CEAE5CD247386ABD3D885736519127941055B47417D5143CA26B678364779344503A647
Malicious:	false
Reputation:	low
Preview:	OTTO.......0CFF ..y........FFTMe.6p........GDEF.......8....OS/2V.c.... ...`cmap.......4...Bhead..E........6hhea.d.........$hmtx.......X....maxp..P.........nameX.t~........post...3...x... .........Q.._.<....................<.......!.................!...Z............................P................................1..............................PfEd....... .8.Z.!............... . ................................................................................................................................................................................X.X......................<........... ...............................................................................................................................................................................................................................................................................................................2.............................X....!....................\|................!XXXlt16141304811941XXXXXXXX

C:\Users\user\AppData\Local\Temp\datC543.tmp Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	2005Cal
Category:	dropped
Size (bytes):	17540
Entropy (8bit):	6.634009335838607
Encrypted:	false
SSDEEP:	384:cQnHMuVhMOB9370zUhXNna4HLRMm8+8ioyhBBEFnTcY:ccsuVhMTUh7HLRI+8OAcY
MD5:	328715CC611F65D834B7946F3AE7EAA3
SHA1:	0623BDC78EBBD9AF61FBDD01388B9E531BE5A294
SHA-256:	B6642CCDB15668532C5FF0BEE45709326FA4FC0893212C4614978380ED9789F5
SHA-512:	8DD4BC3B8FD2A87B3E471F689D1C27A30D591DCB937BC7993D305BB9C2C9DB076510C7964F223DA9855E9958DD178233AF04E8CD487A73D1EDED9CA9E1033CF7
Malicious:	false
Reputation:	low
Preview:	...........POS/2..........`cmap...H...<...,cvt &./\...h....fpgm..B....\....glyfR..4...p...dhead"M...)....6hhea..........$hmtxg@....0...blocaK.Q.......4maxp.......... name2.........Vpost....../@... prep....../`..."...$.......................1..............................21...........d.%................................... .................... ................................................`.....................).............................................................................m.......................................&...................&.....................................?.....6...................................p.r.u.x.y.z.{.}.~......................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DF06DEECED06AE8102.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	13029
Entropy (8bit):	0.47968380417728784
Encrypted:	false
SSDEEP:	12:c9lCg5/9lCgeK9l26an9l26an9l8fRq29l8fRqm9lTqq2B:c9lLh9lLh9lIn9lIn9loq29loqm9lWqc
MD5:	8686B620BE166FAB955117EC102F465F
SHA1:	A43D2946395D0E39E03F6D35B11F328AE073EF72
SHA-256:	864F91DCB6601D90C5AEE79C34998C9D290679ADADE5C620734710A7657BC45B
SHA-512:	62FCFCE410F3E11ADF0915EAE9178D3CC3D43A2D3614348B77314F301C5D6E9060C6EA8AA00DF8BC439F629F7B6E1B63617FFF5ED2ED2F4BFA99F9CEC08AC997
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DF494EE8F4D493C88D.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	44697
Entropy (8bit):	0.5951417431156224
Encrypted:	false
SSDEEP:	192:kBqoxKAuqR+5l5L5p5Y57561ze4gzO4lz:kBqoxKAuqR+LFX+F41vgfl
MD5:	4BF43A43EA6A37416671EE28D1FC76B3
SHA1:	2CDBD6914136DA92C9214A69D9FBAC2B8438760D
SHA-256:	C546FCF063307B85813ED2EF3C450D0D2D498064D8964FC3C7BCFB96483F6AB7
SHA-512:	776CC885A9C319A330CDDF8EA8D7D9300494DA5B6C2818C001463D152264FF5E14FC3C15E614AE57BFF321AC5147810E193EE15072601686D19C9639CB348014
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DF7291DDFAB2583D8F.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	25441
Entropy (8bit):	0.27918767598683664
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laA:kBqoxxJhHWSVSEab
MD5:	AB889A32AB9ACD33E816C2422337C69A
SHA1:	1190C6B34DED2D295827C2A88310D10A8B90B59B
SHA-256:	4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA
SHA-512:	BD250855747BB4CEC61814D0E44F810156D390E3E9F120A12935EFDF80ACA33C4777AD66257CCA4E4003FEF0741692894980B9298F01C4CDD2D8A9C7BB522FB6
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Feb 23, 2021 17:34:33.361764908 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.362989902 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.409374952 CET	443	49710	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.409502983 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.410420895 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.410581112 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.414947033 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.414968967 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.462508917 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.462542057 CET	443	49710	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.463392973 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.463418961 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.463437080 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.463536024 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.463598013 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.463666916 CET	443	49710	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.463691950 CET	443	49710	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.463785887 CET	443	49710	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.463785887 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.463845968 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.463856936 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.497248888 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.497376919 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.503421068 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.543916941 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.544048071 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.544074059 CET	443	49710	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.544200897 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.591170073 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.828880072 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.828910112 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.829010963 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.938592911 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.938615084 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.938711882 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.939445972 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.989151001 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.989183903 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.989255905 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.989299059 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:33.989422083 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:33.989495039 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:36.192641020 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:36.238888025 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:36.703857899 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:36.703913927 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:36.703965902 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:36.704001904 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:38.135927916 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:38.149492979 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:38.160501957 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:38.182178974 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:38.196007967 CET	443	49710	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:38.206769943 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:38.371361017 CET	443	49710	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:38.371743917 CET	49710	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:38.429279089 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:38.429303885 CET	443	49711	185.235.236.201	192.168.2.7
Feb 23, 2021 17:34:38.429351091 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:38.429375887 CET	49711	443	192.168.2.7	185.235.236.201
Feb 23, 2021 17:34:38.665416002 CET	49723	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.665577888 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.711796999 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.711852074 CET	443	49723	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.711915016 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.711931944 CET	49723	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.712697983 CET	49723	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.712735891 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.758857012 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.758902073 CET	443	49723	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.759941101 CET	443	49723	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.759982109 CET	443	49723	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.760006905 CET	443	49723	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.760035038 CET	49723	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.760073900 CET	49723	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.760085106 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.760121107 CET	49723	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.760126114 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.760159016 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.760199070 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.760225058 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.760231972 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.767384052 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.767549992 CET	49723	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.768270969 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.814037085 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.814121962 CET	443	49723	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.814183950 CET	49723	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.814188004 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.854435921 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.957118988 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:38.957397938 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:38.960369110 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:39.006699085 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:39.006725073 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:39.285708904 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:39.285835028 CET	443	49722	185.235.236.197	192.168.2.7
Feb 23, 2021 17:34:39.285892010 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:39.285933971 CET	49722	443	192.168.2.7	185.235.236.197
Feb 23, 2021 17:34:40.090321064 CET	49725	443	192.168.2.7	185.235.236.200

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Feb 23, 2021 17:34:25.523946047 CET	53775	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:25.586258888 CET	53	53775	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:26.319173098 CET	51837	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:26.367799997 CET	53	51837	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:27.338810921 CET	55411	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:27.397228956 CET	53	55411	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:27.522945881 CET	63668	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:27.571695089 CET	53	63668	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:28.607732058 CET	54640	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:28.656579018 CET	53	54640	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:30.116202116 CET	58739	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:30.164916039 CET	53	58739	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:31.230516911 CET	60338	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:31.279315948 CET	53	60338	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:32.058725119 CET	58717	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:32.117221117 CET	53	58717	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:32.341723919 CET	59762	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:32.390523911 CET	53	59762	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:33.272686958 CET	54329	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:33.349843979 CET	53	54329	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:33.432142973 CET	58052	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:33.482352018 CET	53	58052	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:33.893155098 CET	54008	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:33.952980042 CET	53	54008	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:34.779544115 CET	59451	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:34.842516899 CET	53	59451	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:37.383419037 CET	52914	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:37.431998014 CET	53	52914	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:38.362992048 CET	64569	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:38.411604881 CET	53	64569	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:38.600826979 CET	52816	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:38.662314892 CET	53	52816	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:39.559777021 CET	50781	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:39.611366034 CET	53	50781	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:39.942424059 CET	54230	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:40.004379034 CET	53	54230	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:41.570923090 CET	54911	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:41.619817019 CET	53	54911	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:42.797440052 CET	49958	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:42.846128941 CET	53	49958	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:44.219409943 CET	50860	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:44.273561954 CET	53	50860	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:50.651259899 CET	50452	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:50.701179981 CET	53	50452	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:51.499074936 CET	59730	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:51.547714949 CET	53	59730	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:51.624329090 CET	59310	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:51.675880909 CET	53	59310	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:52.844353914 CET	51919	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:52.893101931 CET	53	51919	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:53.207192898 CET	64296	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:53.265981913 CET	53	64296	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:53.725886106 CET	56680	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:53.787962914 CET	53	56680	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:54.702631950 CET	58820	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:54.754514933 CET	53	58820	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:55.674323082 CET	60983	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:55.748915911 CET	53	60983	8.8.8.8	192.168.2.7
Feb 23, 2021 17:34:56.041503906 CET	49247	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:34:56.090053082 CET	53	49247	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:02.113430023 CET	52286	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:02.170684099 CET	53	52286	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:02.848093033 CET	56064	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:02.907850981 CET	53	56064	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:03.127924919 CET	52286	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:03.185523033 CET	53	52286	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:03.911535025 CET	56064	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:03.963079929 CET	53	56064	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:04.144829988 CET	52286	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:04.193541050 CET	53	52286	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:04.505709887 CET	63744	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:04.557292938 CET	53	63744	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:04.964864016 CET	56064	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:05.030185938 CET	53	56064	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:06.159156084 CET	52286	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:06.207928896 CET	53	52286	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:06.971637964 CET	56064	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:07.031850100 CET	53	56064	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:10.177625895 CET	52286	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:10.226815939 CET	53	52286	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:10.987587929 CET	56064	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:11.052845955 CET	53	56064	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:20.215601921 CET	61457	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:20.277112961 CET	53	61457	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:21.100434065 CET	58367	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:21.152172089 CET	53	58367	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:26.189568996 CET	60599	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:26.238486052 CET	53	60599	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:34.423613071 CET	59571	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:34.493535042 CET	53	59571	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:53.918519020 CET	52689	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:53.975642920 CET	53	52689	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:54.537215948 CET	50290	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:54.597125053 CET	53	50290	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:55.338042021 CET	60427	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:55.409497023 CET	53	60427	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:55.948885918 CET	56209	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:56.011356115 CET	53	56209	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:56.020072937 CET	59582	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:56.091608047 CET	53	59582	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:56.533797979 CET	60949	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:56.593643904 CET	53	60949	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:57.140882015 CET	58542	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:57.198438883 CET	53	58542	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:57.836462021 CET	59179	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:57.898653984 CET	53	59179	8.8.8.8	192.168.2.7
Feb 23, 2021 17:35:59.787012100 CET	60927	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:35:59.844037056 CET	53	60927	8.8.8.8	192.168.2.7
Feb 23, 2021 17:36:00.907361031 CET	57854	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:36:00.964873075 CET	53	57854	8.8.8.8	192.168.2.7
Feb 23, 2021 17:36:01.437148094 CET	62026	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:36:01.485913038 CET	53	62026	8.8.8.8	192.168.2.7
Feb 23, 2021 17:36:24.717123032 CET	59453	53	192.168.2.7	8.8.8.8
Feb 23, 2021 17:36:24.765793085 CET	53	59453	8.8.8.8	192.168.2.7

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Feb 23, 2021 17:34:33.272686958 CET	192.168.2.7	8.8.8.8	0xddf6	Standard query (0)	app.box.com	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:33.893155098 CET	192.168.2.7	8.8.8.8	0xf0ff	Standard query (0)	cdn01.boxcdn.net	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:38.600826979 CET	192.168.2.7	8.8.8.8	0x1987	Standard query (0)	api.box.com	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:39.942424059 CET	192.168.2.7	8.8.8.8	0xd98f	Standard query (0)	public.boxcloud.com	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:51.499074936 CET	192.168.2.7	8.8.8.8	0x8dfb	Standard query (0)	cdn01.boxcdn.net	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:55.674323082 CET	192.168.2.7	8.8.8.8	0xe100	Standard query (0)	dy2ln.csb.app	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:56.041503906 CET	192.168.2.7	8.8.8.8	0x1358	Standard query (0)	codesandbox.io	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Feb 23, 2021 17:34:33.349843979 CET	8.8.8.8	192.168.2.7	0xddf6	No error (0)	app.box.com		185.235.236.201	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:33.952980042 CET	8.8.8.8	192.168.2.7	0xf0ff	No error (0)	cdn01.boxcdn.net	cdn01.boxcdn.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Feb 23, 2021 17:34:38.662314892 CET	8.8.8.8	192.168.2.7	0x1987	No error (0)	api.box.com		185.235.236.197	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:40.004379034 CET	8.8.8.8	192.168.2.7	0xd98f	No error (0)	public.boxcloud.com		185.235.236.200	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:51.547714949 CET	8.8.8.8	192.168.2.7	0x8dfb	No error (0)	cdn01.boxcdn.net	cdn01.boxcdn.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Feb 23, 2021 17:34:55.748915911 CET	8.8.8.8	192.168.2.7	0xe100	No error (0)	dy2ln.csb.app		104.18.26.114	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:55.748915911 CET	8.8.8.8	192.168.2.7	0xe100	No error (0)	dy2ln.csb.app		104.18.27.114	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:56.090053082 CET	8.8.8.8	192.168.2.7	0x1358	No error (0)	codesandbox.io		104.18.22.207	A (IP address)	IN (0x0001)
Feb 23, 2021 17:34:56.090053082 CET	8.8.8.8	192.168.2.7	0x1358	No error (0)	codesandbox.io		104.18.23.207	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Feb 23, 2021 17:34:33.463437080 CET	185.235.236.201	443	192.168.2.7	49711	CN=app.box.com, O="Box, Inc.", L=Redwood City, ST=California, C=US CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Jun 23 02:00:00 CEST 2020 Mon Nov 06 13:23:45 CET 2017	Sat Jul 23 14:00:00 CEST 2022 Sat Nov 06 13:23:45 CET 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:33.463437080 CET	185.235.236.201	443	192.168.2.7	49711	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:45 CET 2017	Sat Nov 06 13:23:45 CET 2027		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:33.463785887 CET	185.235.236.201	443	192.168.2.7	49710	CN=app.box.com, O="Box, Inc.", L=Redwood City, ST=California, C=US CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Jun 23 02:00:00 CEST 2020 Mon Nov 06 13:23:45 CET 2017	Sat Jul 23 14:00:00 CEST 2022 Sat Nov 06 13:23:45 CET 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:33.463785887 CET	185.235.236.201	443	192.168.2.7	49710	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:45 CET 2017	Sat Nov 06 13:23:45 CET 2027		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:38.760006905 CET	185.235.236.197	443	192.168.2.7	49723	CN=*.box.com, O="Box, Inc.", L=Redwood City, ST=California, C=US CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Nov 18 01:00:00 CET 2020 Mon Nov 06 13:23:45 CET 2017	Thu Nov 18 00:59:59 CET 2021 Sat Nov 06 13:23:45 CET 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:38.760006905 CET	185.235.236.197	443	192.168.2.7	49723	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:45 CET 2017	Sat Nov 06 13:23:45 CET 2027		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:38.760159016 CET	185.235.236.197	443	192.168.2.7	49722	CN=*.box.com, O="Box, Inc.", L=Redwood City, ST=California, C=US CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Nov 18 01:00:00 CET 2020 Mon Nov 06 13:23:45 CET 2017	Thu Nov 18 00:59:59 CET 2021 Sat Nov 06 13:23:45 CET 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:38.760159016 CET	185.235.236.197	443	192.168.2.7	49722	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:45 CET 2017	Sat Nov 06 13:23:45 CET 2027		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:40.184338093 CET	185.235.236.200	443	192.168.2.7	49725	CN=*.boxcloud.com, O="Box, Inc.", L=Redwood City, ST=California, C=US CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Feb 18 01:00:00 CET 2021 Mon Nov 06 13:23:45 CET 2017	Thu Feb 17 00:59:59 CET 2022 Sat Nov 06 13:23:45 CET 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:40.184338093 CET	185.235.236.200	443	192.168.2.7	49725	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:45 CET 2017	Sat Nov 06 13:23:45 CET 2027		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:40.186388969 CET	185.235.236.200	443	192.168.2.7	49726	CN=*.boxcloud.com, O="Box, Inc.", L=Redwood City, ST=California, C=US CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Feb 18 01:00:00 CET 2021 Mon Nov 06 13:23:45 CET 2017	Thu Feb 17 00:59:59 CET 2022 Sat Nov 06 13:23:45 CET 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:40.186388969 CET	185.235.236.200	443	192.168.2.7	49726	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:45 CET 2017	Sat Nov 06 13:23:45 CET 2027		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:55.878900051 CET	104.18.26.114	443	192.168.2.7	49740	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sun Jun 14 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Mon Jun 14 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:55.878900051 CET	104.18.26.114	443	192.168.2.7	49740	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:55.880188942 CET	104.18.26.114	443	192.168.2.7	49739	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sun Jun 14 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Mon Jun 14 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:55.880188942 CET	104.18.26.114	443	192.168.2.7	49739	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.459846020 CET	104.18.22.207	443	192.168.2.7	49742	CN=codesandbox.io, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Jun 19 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sat Jun 19 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.459846020 CET	104.18.22.207	443	192.168.2.7	49742	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.477652073 CET	104.18.22.207	443	192.168.2.7	49746	CN=codesandbox.io, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Jun 19 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sat Jun 19 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.477652073 CET	104.18.22.207	443	192.168.2.7	49746	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.479250908 CET	104.18.22.207	443	192.168.2.7	49741	CN=codesandbox.io, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Jun 19 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sat Jun 19 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.479250908 CET	104.18.22.207	443	192.168.2.7	49741	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.479387045 CET	104.18.22.207	443	192.168.2.7	49744	CN=codesandbox.io, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Jun 19 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sat Jun 19 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.479387045 CET	104.18.22.207	443	192.168.2.7	49744	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.483587027 CET	104.18.22.207	443	192.168.2.7	49745	CN=codesandbox.io, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Jun 19 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sat Jun 19 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.483587027 CET	104.18.22.207	443	192.168.2.7	49745	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.488957882 CET	104.18.22.207	443	192.168.2.7	49743	CN=codesandbox.io, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Jun 19 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sat Jun 19 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 23, 2021 17:34:56.488957882 CET	104.18.22.207	443	192.168.2.7	49743	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 580 Parent PID: 792

General

Start time:	17:34:30
Start date:	23/02/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff77b8c0000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: iexplore.exe PID: 5392 Parent PID: 580

General

Start time:	17:34:31
Start date:	23/02/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:580 CREDAT:17410 /prefetch:2
Imagebase:	0x1020000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://app.box.com/s/4c3tf7iumvvg3c3q6e7udjiq7o0yealq

Overview

General Information

Detection

Signatures

Classification

Startup

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

AV Detection:

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 580 Parent PID: 792

General

Analysis Process: iexplore.exe PID: 5392 Parent PID: 580

General

Disassembly