Play interactive tour

Edit tour

Analysis Report https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw

Overview

General Information

Sample URL:	https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw
Analysis ID:	383578
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected HtmlPhish10

Phishing site detected (based on image similarity)

Phishing site detected (based on logo template match)

Found iframes

HTML body contains low number of good links

HTML title does not match URL

Classification

Startup

System is w10x64

chrome.exe (PID: 5640 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw' MD5: C139654B5C1438A95B321BB01AD63EF6)

chrome.exe (PID: 5792 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1512,2117667614176880093,14641166115673408432,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1692 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus / Scanner detection for submitted sample

Show sources

Source: https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw

SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Antivirus detection for URL or domain

Show sources

Source: https://frazeeincs.ga/data/Secure/service/common/

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish10

Show sources

Source: Yara match

File source: 78395.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Show sources

Source: https://frazeeincs.ga/data/Secure/service/common/

Matcher: Found strong image similarity, brand: Microsoft image: 78395.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD

Phishing site detected (based on logo template match)

Show sources

Source: https://frazeeincs.ga/data/Secure/service/common/

Matcher: Template: microsoft matched

Source: https://www.microsoft.com/de-ch/microsoft-365/p/microsoft-365-family/cfq7ttc0k5dm?icid=mscom_marcom_CPH2a_M365Family	HTTP Parser: Iframe src: https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-ch&buttons=lpChatService,lpChatSales
Source: https://www.microsoft.com/de-ch/microsoft-365/p/microsoft-365-family/cfq7ttc0k5dm?icid=mscom_marcom_CPH2a_M365Family	HTTP Parser: Iframe src: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=326504f5-1396-4d4c-5a45-e077450f04bc&partnerId=officeproducts
Source: https://www.microsoft.com/de-ch/microsoft-365/p/microsoft-365-family/cfq7ttc0k5dm?icid=mscom_marcom_CPH2a_M365Family	HTTP Parser: Iframe src: https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-ch&buttons=lpChatService,lpChatSales
Source: https://www.microsoft.com/de-ch/microsoft-365/p/microsoft-365-family/cfq7ttc0k5dm?icid=mscom_marcom_CPH2a_M365Family	HTTP Parser: Iframe src: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=326504f5-1396-4d4c-5a45-e077450f04bc&partnerId=officeproducts

Source: https://frazeeincs.ga/data/Secure/service/common/	HTTP Parser: Number of links: 0
Source: https://frazeeincs.ga/data/Secure/service/common/	HTTP Parser: Number of links: 0

Source: https://frazeeincs.ga/data/Secure/service/common/	HTTP Parser: Title: Sign in to Outlook does not match URL
Source: https://frazeeincs.ga/data/Secure/service/common/	HTTP Parser: Title: Sign in to Outlook does not match URL

Source: https://www.microsoft.com/de-ch/microsoft-365/p/microsoft-365-family/cfq7ttc0k5dm?icid=mscom_marcom_CPH2a_M365Family	HTTP Parser: No <meta name="author".. found
Source: https://www.microsoft.com/de-ch/microsoft-365/p/microsoft-365-family/cfq7ttc0k5dm?icid=mscom_marcom_CPH2a_M365Family	HTTP Parser: No <meta name="author".. found
Source: https://frazeeincs.ga/data/Secure/service/common/	HTTP Parser: No <meta name="author".. found
Source: https://frazeeincs.ga/data/Secure/service/common/	HTTP Parser: No <meta name="author".. found

Source: https://www.microsoft.com/de-ch/microsoft-365/p/microsoft-365-family/cfq7ttc0k5dm?icid=mscom_marcom_CPH2a_M365Family	HTTP Parser: No <meta name="copyright".. found
Source: https://www.microsoft.com/de-ch/microsoft-365/p/microsoft-365-family/cfq7ttc0k5dm?icid=mscom_marcom_CPH2a_M365Family	HTTP Parser: No <meta name="copyright".. found
Source: https://frazeeincs.ga/data/Secure/service/common/	HTTP Parser: No <meta name="copyright".. found
Source: https://frazeeincs.ga/data/Secure/service/common/	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49810 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.192:443 -> 192.168.2.3:49907 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.192:443 -> 192.168.2.3:49988 version: TLS 1.2

Source: unknown

DNS traffic detected: queries for: app.box.com

Source: 77EC63BDA74BD0D0E0426DC8F8008506.1.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: Reporting and NEL.1.dr	String found in binary or memory: https://a.nel.cloudflare.com/report?s=LAA%2Fke%2FDlErKZEBp9MU1tdBPg%2F9x6PwDxuIveWMuj%2FV7S0J%2By44g
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	String found in binary or memory: https://aadcdn.msftauth.net
Source: Favicons-journal.0.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Source: Favicons-journal.0.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoK
Source: 4e70ff861187dcce_0.0.dr	String found in binary or memory: https://accdn.lpsnmedia.net/api/account/60270350/configuration/engagement-window/window-confs/164451
Source: 6911ce7d6805bcdf_0.0.dr	String found in binary or memory: https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/campaigns/1644274130/eng
Source: 72090e93af2b3d0c_0.0.dr	String found in binary or memory: https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/zones?fields=id&fields=z
Source: ec3a4da664d5b538_0.0.dr	String found in binary or memory: https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb179
Source: 70666ea15d0f9e6f_0.0.dr	String found in binary or memory: https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb898
Source: 31d75b170cfaba84_0.0.dr	String found in binary or memory: https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb976
Source: manifest.json0.0.dr, e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/
Source: 094e2d6bf2abec98_0.0.dr, 96ebbaf5295dd8ee_0.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js
Source: 96ebbaf5295dd8ee_0.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.jsaD
Source: 61e37b71e9213753_0.0.dr, f46ad1d2652b0b43_0.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
Source: 61e37b71e9213753_0.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.jsaD
Source: manifest.json0.0.dr, e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: 000003.log3.0.dr	String found in binary or memory: https://app.box.com
Source: 000003.log0.0.dr	String found in binary or memory: https://app.box.com/
Source: Current Session.0.dr, History-journal.0.dr	String found in binary or memory: https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw
Source: Current Session.0.dr	String found in binary or memory: https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw.Southlake
Source: History-journal.0.dr	String found in binary or memory: https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw/
Source: History Provider Cache.0.dr	String found in binary or memory: https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw2.Southlake
Source: Favicons-journal.0.dr	String found in binary or memory: https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw:
Source: History-journal.0.dr	String found in binary or memory: https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mwSouthlake
Source: Current Session.0.dr	String found in binary or memory: https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mwem
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://assets.onestore.ms/
Source: 6b848a87f40dd230_0.0.dr	String found in binary or memory: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Source: 8ae12a936f63f6c5_0.0.dr, eff63fce8e6ba9be_0.0.dr, 4fccf16e79028bfd_0.0.dr	String found in binary or memory: https://box.com/
Source: 7942e8431cc54099_0.0.dr	String found in binary or memory: https://box.com/3
Source: 797fa4f8af1d2794_0.0.dr	String found in binary or memory: https://box.com/E
Source: cbf8f37ebc90874c_0.0.dr	String found in binary or memory: https://box.com/s
Source: db2011e40d84ccec_0.0.dr	String found in binary or memory: https://box.com/u
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	String found in binary or memory: https://cdn01.boxcdn.net
Source: Favicons-journal.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png
Source: Favicons-journal.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png:
Source: cbf8f37ebc90874c_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/as-security~change-current-user-role-modal~collaborators~collection
Source: afeff5379e0ef8df_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/content-sidebar.603f77ac19.js
Source: 4fccf16e79028bfd_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5
Source: 231f8daf13d8069c_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/lang-en-US.37ac59649c.js
Source: 40c6c29b4367dc20_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/messagecenter~preview-components~uploads-manager-enduser.7791b26041
Source: db2011e40d84ccec_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/messagecenter~uploads-manager-enduser.e83b2dda31.js
Source: ca20021c8b2bf9b0_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/preview-components.364b492ac8.js
Source: b39677565858f372_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/preview-components~shared-file.e9b47bc810.js
Source: 797fa4f8af1d2794_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/runtime.d2e7dd59de.js
Source: b19547c352ea14c9_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/shared-file.46db0528cb.js
Source: 8ae12a936f63f6c5_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/uploads-manager-enduser.550cb33944.js
Source: eff63fce8e6ba9be_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/enduser/vendors~app.cbc3272203.js
Source: fa5959c104dfcc69_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/platform/preview/2.69.0/en-US/preview.js
Source: 995062b5124845c1_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/exif.min.js
Source: ceaca954fd2831aa_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf.min.js
Source: 7942e8431cc54099_0.0.dr	String found in binary or memory: https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf_viewer.min.js
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://cdnjs.cloudflare.com/
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	String found in binary or memory: https://code.jquery.com
Source: abdc685a78475b47_0.0.dr	String found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
Source: 9a0b7df272ed92c6_0.0.dr	String found in binary or memory: https://consentreceiverfd-prod.azurefd.net/v1
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	String found in binary or memory: https://content-autofill.googleapis.com
Source: manifest.json0.0.dr	String found in binary or memory: https://content.googleapis.com
Source: 5119098391edcc42_0.0.dr	String found in binary or memory: https://controls.account.microsoft-dev.com:44308/me/profile-image?partner=
Source: 8e2673c5-b23a-4f4f-99da-c146103927c0.tmp.1.dr, 1ad68a43-ac32-447e-a671-abc139e5f78c.tmp.1.dr, e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://dns.google
Source: manifest.json0.0.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: abdc685a78475b47_0.0.dr	String found in binary or memory: https://frazeeincs.ga/
Source: Current Session.0.dr	String found in binary or memory: https://frazeeincs.ga/data/Secure/service/common/
Source: Current Session.0.dr	String found in binary or memory: https://frazeeincs.ga/data/Secure/service/common/L3m
Source: History-journal.0.dr	String found in binary or memory: https://frazeeincs.ga/data/Secure/service/common/Sign
Source: manifest.json0.0.dr	String found in binary or memory: https://hangouts.google.com/
Source: 2b178dc788abedc5_0.0.dr	String found in binary or memory: https://live.com/0F(
Source: 22fb0e1969c285c1_0.0.dr	String found in binary or memory: https://liveperson.net/
Source: 4e70ff861187dcce_0.0.dr	String found in binary or memory: https://liveperson.net/0
Source: 70666ea15d0f9e6f_0.0.dr	String found in binary or memory: https://liveperson.net/Lb%
Source: 72090e93af2b3d0c_0.0.dr	String found in binary or memory: https://liveperson.net/M
Source: 366c8b4770143e67_0.0.dr	String found in binary or memory: https://liveperson.net/c
Source: 6b848a87f40dd230_0.0.dr	String found in binary or memory: https://liveperson.net/dq
Source: 5db4ad138a5b020e_0.0.dr	String found in binary or memory: https://liveperson.net/f
Source: 43fb384703621b6c_0.0.dr	String found in binary or memory: https://liveperson.net/m7
Source: 5119098391edcc42_0.0.dr	String found in binary or memory: https://login.microsoftonline.com/common/oauth2/authorize?response_type=id_token&client_id=
Source: 2b178dc788abedc5_0.0.dr	String found in binary or memory: https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.js
Source: 2b178dc788abedc5_0.0.dr	String found in binary or memory: https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.jsaD
Source: 000003.log3.0.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net
Source: 000003.log3.0.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net(_https://lpcdn.lpsnmedia.net
Source: QuotaManager.0.dr, 000003.log0.0.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/
Source: 353c43577c506338_0.0.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/UISuite.js?_v=3.45.0.2-release_5052
Source: 366c8b4770143e67_0.0.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/overlay.js?_v=3.45.0.2-release_5052
Source: Current Session.0.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=http
Source: 5db4ad138a5b020e_0.0.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%
Source: 43fb384703621b6c_0.0.dr	String found in binary or memory: https://lptag.liveperson.net/lptag/api/account/60270350/configuration/applications/taglets/.jsonp?v=
Source: 22fb0e1969c285c1_0.0.dr	String found in binary or memory: https://lptag.liveperson.net/tag/tag.js?site=60270350
Source: e4b9b26cef092fbf_0.0.dr	String found in binary or memory: https://mem.gfx.ms/meversion?partner=MSHomePage&market=de-ch&uhf=1
Source: 80eb0239399151b6_0.0.dr	String found in binary or memory: https://mem.gfx.ms/meversion?partner=officeproducts&market=de-ch&uhf=1
Source: 5119098391edcc42_0.0.dr, 6686b0c92e7fc912_0.0.dr	String found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.js
Source: 5119098391edcc42_0.0.dr	String found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.jsaD
Source: 80ff980fb7d90a4c_0.0.dr, 0481116f3cd8293f_0.0.dr	String found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.js
Source: 80ff980fb7d90a4c_0.0.dr	String found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.jsaD
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://play.google.com
Source: Current Session.0.dr	String found in binary or memory: https://publisher.liveperson.net
Source: 000003.log3.0.dr	String found in binary or memory: https://publisher.liveperson.net-_https://publisher.liveperson.net
Source: QuotaManager.0.dr, 000003.log0.0.dr	String found in binary or memory: https://publisher.liveperson.net/
Source: QuotaManager.0.dr	String found in binary or memory: https://publisher.liveperson.net//
Source: Current Session.0.dr	String found in binary or memory: https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	String found in binary or memory: https://r5---sn-1gi7znes.gvt1.com
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: 5119098391edcc42_0.0.dr	String found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
Source: manifest.json.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: 3b99dc3d3bc104fb_0.0.dr	String found in binary or memory: https://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.js
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://statics-marketingsites-eus-ms-com.akamaized.net/
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://statics-marketingsites-wcus-ms-com.akamaized.net/
Source: 5119098391edcc42_0.0.dr	String found in binary or memory: https://storage.live.com/Users/0x
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: manifest.json0.0.dr, e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.google.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.google.com;
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://www.gstatic.com;

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49810 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.192:443 -> 192.168.2.3:49907 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.192:443 -> 192.168.2.3:49988 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.win@44/258@29/14

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-606EA424-1608.pma

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\846b831c-4599-4a5f-9fe5-935af67521ff.tmp

Jump to behavior

Source: QuotaManager.0.dr

Binary or memory string: CREATE TABLE HostQuotaTable(host TEXT NOT NULL, type INTEGER NOT NULL, quota INTEGER DEFAULT 0, UNIQUE(host, type));

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1512,2117667614176880093,14641166115673408432,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1692 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1512,2117667614176880093,14641166115673408432,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1692 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Drive-by Compromise1	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading3	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw	0%	Virustotal		Browse
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw	0%	Avira URL Cloud	safe
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Link
cs1100.wpc.omegacdn.net	0%	Virustotal	Browse
cs1227.wpc.alphacdn.net	0%	Virustotal	Browse
liveperson.map.fastly.net	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label
https://frazeeincs.ga/data/Secure/service/common/	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://publisher.liveperson.net-_https://publisher.liveperson.net	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png:	0%	Avira URL Cloud	safe
https://consentreceiverfd-prod.azurefd.net/v1	0%	Avira URL Cloud	safe
https://frazeeincs.ga/data/Secure/service/common/Sign	0%	Avira URL Cloud	safe
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.js	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net	0%	Avira URL Cloud	safe
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.jsaD	0%	Avira URL Cloud	safe
https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.jsaD	0%	Avira URL Cloud	safe
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf_viewer.min.js	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/messagecenter~preview-components~uploads-manager-enduser.7791b26041	0%	Avira URL Cloud	safe
https://frazeeincs.ga/	0%	Avira URL Cloud	safe
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.jsaD	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf.min.js	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/platform/preview/2.69.0/en-US/preview.js	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/shared-file.46db0528cb.js	0%	Avira URL Cloud	safe
https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.js	0%	Avira URL Cloud	safe
https://assets.onestore.ms/	0%	URL Reputation	safe
https://assets.onestore.ms/	0%	URL Reputation	safe
https://assets.onestore.ms/	0%	URL Reputation	safe
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoK	0%	Avira URL Cloud	safe
https://lpcdn.lpsnmedia.net(_https://lpcdn.lpsnmedia.net	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/preview-components~shared-file.e9b47bc810.js	0%	Avira URL Cloud	safe
https://frazeeincs.ga/data/Secure/service/common/L3m	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/lang-en-US.37ac59649c.js	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/vendors~app.cbc3272203.js	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/preview-components.364b492ac8.js	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/runtime.d2e7dd59de.js	0%	Avira URL Cloud	safe
https://mem.gfx.ms/meversion?partner=MSHomePage&market=de-ch&uhf=1	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/content-sidebar.603f77ac19.js	0%	Avira URL Cloud	safe
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	0%	URL Reputation	safe
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	0%	URL Reputation	safe
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	0%	URL Reputation	safe
https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/exif.min.js	0%	Avira URL Cloud	safe
https://redux.js.org/api-reference/store#subscribe(listener)	0%	Avira URL Cloud	safe
https://mem.gfx.ms/meversion?partner=officeproducts&market=de-ch&uhf=1	0%	Avira URL Cloud	safe
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.js	0%	Avira URL Cloud	safe
https://aadcdn.msftauth.net	0%	URL Reputation	safe
https://aadcdn.msftauth.net	0%	URL Reputation	safe
https://aadcdn.msftauth.net	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png	0%	URL Reputation	safe
https://cdn01.boxcdn.net/enduser/uploads-manager-enduser.550cb33944.js	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/messagecenter~uploads-manager-enduser.e83b2dda31.js	0%	Avira URL Cloud	safe
https://cdn01.boxcdn.net/enduser/as-security~change-current-user-role-modal~collaborators~collection	0%	Avira URL Cloud	safe
https://controls.account.microsoft-dev.com:44308/me/profile-image?partner=	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
cs1100.wpc.omegacdn.net	152.199.23.37	true	false	0%, Virustotal, Browse	unknown
api.box.com	185.235.236.197	true	false		high
public.boxcloud.com	185.235.236.200	true	false		high
microsoftwindows.112.2o7.net	35.181.18.61	true	false		high
cdnjs.cloudflare.com	104.16.19.94	true	false		high
frazeeincs.ga	62.182.80.182	true	false		unknown
dh1y47vf5ttia.cloudfront.net	13.32.25.13	true	false		high
cs1227.wpc.alphacdn.net	192.229.221.185	true	false	0%, Virustotal, Browse	unknown
mcraa.fs.liveperson.com	52.22.165.174	true	false		high
liveperson.map.fastly.net	151.101.1.192	true	false	0%, Virustotal, Browse	unknown
app.box.com	185.235.236.201	true	false		high
googlehosted.l.googleusercontent.com	172.217.168.33	true	false		high
logincdn.msauth.net	unknown	unknown	false		unknown
lpcdn.lpsnmedia.net	unknown	unknown	false		high
statics-eas.onestore.ms	unknown	unknown	false		unknown
va.v.liveperson.net	unknown	unknown	false		high
assets.onestore.ms	unknown	unknown	false		unknown
cdn01.boxcdn.net	unknown	unknown	false		unknown
ajax.aspnetcdn.com	unknown	unknown	false		high
static-assets.fs.liveperson.com	unknown	unknown	false		high
clients2.googleusercontent.com	unknown	unknown	false		high
statics-wcus.onestore.ms	unknown	unknown	false		unknown
cart.production.store-web.dynamics.com	unknown	unknown	false		high
code.jquery.com	unknown	unknown	false		high
publisher.liveperson.net	unknown	unknown	false		high
accdn.lpsnmedia.net	unknown	unknown	false		high
aadcdn.msftauth.net	unknown	unknown	false		unknown
mem.gfx.ms	unknown	unknown	false		unknown
statics-neu.onestore.ms	unknown	unknown	false		unknown
statics-eus.onestore.ms	unknown	unknown	false		unknown
lptag.liveperson.net	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw	false		high
https://frazeeincs.ga/data/Secure/service/common/	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-ch&buttons=lpChatService,lpChatSales	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://frazeeincs.ga/data/Secure/service/common/	Current Session.0.dr	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown
https://publisher.liveperson.net-_https://publisher.liveperson.net	000003.log3.0.dr	false	Avira URL Cloud: safe	low
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw.Southlake	Current Session.0.dr	false		high
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png:	Favicons-journal.0.dr	false	Avira URL Cloud: safe	unknown
https://publisher.liveperson.net/	QuotaManager.0.dr, 000003.log0.0.dr	false		high
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mwem	Current Session.0.dr	false		high
https://consentreceiverfd-prod.azurefd.net/v1	9a0b7df272ed92c6_0.0.dr	false	Avira URL Cloud: safe	unknown
https://lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/UISuite.js?_v=3.45.0.2-release_5052	353c43577c506338_0.0.dr	false		high
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.jsaD	96ebbaf5295dd8ee_0.0.dr	false		high
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb898	70666ea15d0f9e6f_0.0.dr	false		high
https://liveperson.net/m7	43fb384703621b6c_0.0.dr	false		high
https://frazeeincs.ga/data/Secure/service/common/Sign	History-journal.0.dr	true	Avira URL Cloud: safe	unknown
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.js	5119098391edcc42_0.0.dr, 6686b0c92e7fc912_0.0.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net	e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	false	Avira URL Cloud: safe	unknown
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js	61e37b71e9213753_0.0.dr, f46ad1d2652b0b43_0.0.dr	false		high
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.jsaD	80ff980fb7d90a4c_0.0.dr	false	Avira URL Cloud: safe	unknown
https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/zones?fields=id&fields=z	72090e93af2b3d0c_0.0.dr	false		high
https://liveperson.net/0	4e70ff861187dcce_0.0.dr	false		high
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-	Current Session.0.dr	false		high
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=http	Current Session.0.dr	false		high
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw/	History-journal.0.dr	false		high
https://publisher.liveperson.net//	QuotaManager.0.dr	false		high
https://cdnjs.cloudflare.com	e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	false		high
https://liveperson.net/M	72090e93af2b3d0c_0.0.dr	false		high
https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.jsaD	2b178dc788abedc5_0.0.dr	false	Avira URL Cloud: safe	unknown
https://lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/overlay.js?_v=3.45.0.2-release_5052	366c8b4770143e67_0.0.dr	false		high
https://app.box.com/	000003.log0.0.dr	false		high
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw:	Favicons-journal.0.dr	false		high
https://cdnjs.cloudflare.com/	Network Action Predictor-journal.0.dr	false		high
https://dns.google	8e2673c5-b23a-4f4f-99da-c146103927c0.tmp.1.dr, 1ad68a43-ac32-447e-a671-abc139e5f78c.tmp.1.dr, e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf_viewer.min.js	7942e8431cc54099_0.0.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/enduser/messagecenter~preview-components~uploads-manager-enduser.7791b26041	40c6c29b4367dc20_0.0.dr	false	Avira URL Cloud: safe	unknown
https://frazeeincs.ga/	abdc685a78475b47_0.0.dr	false	Avira URL Cloud: safe	unknown
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw	Current Session.0.dr, History-journal.0.dr	false		high
https://liveperson.net/	22fb0e1969c285c1_0.0.dr	false		high
https://box.com/	8ae12a936f63f6c5_0.0.dr, eff63fce8e6ba9be_0.0.dr, 4fccf16e79028bfd_0.0.dr	false		high
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js	094e2d6bf2abec98_0.0.dr, 96ebbaf5295dd8ee_0.0.dr	false		high
https://code.jquery.com	e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	false		high
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.jsaD	5119098391edcc42_0.0.dr	false	Avira URL Cloud: safe	unknown
https://storage.live.com/Users/0x	5119098391edcc42_0.0.dr	false		high
https://liveperson.net/c	366c8b4770143e67_0.0.dr	false		high
https://box.com/3	7942e8431cc54099_0.0.dr	false		high
https://liveperson.net/f	5db4ad138a5b020e_0.0.dr	false		high
https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf.min.js	ceaca954fd2831aa_0.0.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/platform/preview/2.69.0/en-US/preview.js	fa5959c104dfcc69_0.0.dr	false	Avira URL Cloud: safe	unknown
https://ajax.aspnetcdn.com/	Network Action Predictor-journal.0.dr	false		high
https://liveperson.net/Lb%	70666ea15d0f9e6f_0.0.dr	false		high
https://live.com/0F(	2b178dc788abedc5_0.0.dr	false		high
https://box.com/E	797fa4f8af1d2794_0.0.dr	false		high
https://cdn01.boxcdn.net/enduser/shared-file.46db0528cb.js	b19547c352ea14c9_0.0.dr	false	Avira URL Cloud: safe	unknown
https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.js	2b178dc788abedc5_0.0.dr	false	Avira URL Cloud: safe	unknown
https://login.microsoftonline.com/common/oauth2/authorize?response_type=id_token&client_id=	5119098391edcc42_0.0.dr	false		high
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw2.Southlake	History Provider Cache.0.dr	false		high
https://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.js	3b99dc3d3bc104fb_0.0.dr	false		high
https://feedback.googleusercontent.com	manifest.json0.0.dr	false		high
https://lptag.liveperson.net/lptag/api/account/60270350/configuration/applications/taglets/.jsonp?v=	43fb384703621b6c_0.0.dr	false		high
https://assets.onestore.ms/	Network Action Predictor-journal.0.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoK	Favicons-journal.0.dr	false	Avira URL Cloud: safe	unknown
https://lpcdn.lpsnmedia.net(_https://lpcdn.lpsnmedia.net	000003.log3.0.dr	false	Avira URL Cloud: safe	low
https://cdn01.boxcdn.net/enduser/preview-components~shared-file.e9b47bc810.js	b39677565858f372_0.0.dr	false	Avira URL Cloud: safe	unknown
https://frazeeincs.ga/data/Secure/service/common/L3m	Current Session.0.dr	true	Avira URL Cloud: safe	unknown
https://box.com/s	cbf8f37ebc90874c_0.0.dr	false		high
https://box.com/u	db2011e40d84ccec_0.0.dr	false		high
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb976	31d75b170cfaba84_0.0.dr	false		high
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb179	ec3a4da664d5b538_0.0.dr	false		high
https://cdn01.boxcdn.net/enduser/lang-en-US.37ac59649c.js	231f8daf13d8069c_0.0.dr	false	Avira URL Cloud: safe	unknown
https://lpcdn.lpsnmedia.net/	QuotaManager.0.dr, 000003.log0.0.dr	false		high
https://cdn01.boxcdn.net/enduser/vendors~app.cbc3272203.js	eff63fce8e6ba9be_0.0.dr	false	Avira URL Cloud: safe	unknown
https://publisher.liveperson.net	Current Session.0.dr	false		high
https://cdn01.boxcdn.net/enduser/preview-components.364b492ac8.js	ca20021c8b2bf9b0_0.0.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/enduser/runtime.d2e7dd59de.js	797fa4f8af1d2794_0.0.dr	false	Avira URL Cloud: safe	unknown
https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/campaigns/1644274130/eng	6911ce7d6805bcdf_0.0.dr	false		high
https://mem.gfx.ms/meversion?partner=MSHomePage&market=de-ch&uhf=1	e4b9b26cef092fbf_0.0.dr	false	Avira URL Cloud: safe	unknown
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%	5db4ad138a5b020e_0.0.dr	false		high
https://cdn01.boxcdn.net/enduser/lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5	4fccf16e79028bfd_0.0.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/enduser/content-sidebar.603f77ac19.js	afeff5379e0ef8df_0.0.dr	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	Favicons-journal.0.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://lpcdn.lpsnmedia.net	000003.log3.0.dr	false		high
https://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/exif.min.js	995062b5124845c1_0.0.dr	false	Avira URL Cloud: safe	unknown
https://code.jquery.com/jquery-3.1.1.min.js	abdc685a78475b47_0.0.dr	false		high
https://accdn.lpsnmedia.net/api/account/60270350/configuration/engagement-window/window-confs/164451	4e70ff861187dcce_0.0.dr	false		high
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.jsaD	61e37b71e9213753_0.0.dr	false		high
https://redux.js.org/api-reference/store#subscribe(listener)	5119098391edcc42_0.0.dr	false	Avira URL Cloud: safe	unknown
https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mwSouthlake	History-journal.0.dr	false		high
https://mem.gfx.ms/meversion?partner=officeproducts&market=de-ch&uhf=1	80eb0239399151b6_0.0.dr	false	Avira URL Cloud: safe	unknown
https://app.box.com	000003.log3.0.dr	false		high
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.js	80ff980fb7d90a4c_0.0.dr, 0481116f3cd8293f_0.0.dr	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net	e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://clients2.googleusercontent.com	e403766a-5d7d-4555-933b-a5fa6df65e8e.tmp.1.dr, 119edd29-e71f-4657-bfe4-46dd88125ea5.tmp.1.dr	false		high
https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png	Favicons-journal.0.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn01.boxcdn.net/enduser/uploads-manager-enduser.550cb33944.js	8ae12a936f63f6c5_0.0.dr	false	Avira URL Cloud: safe	unknown
https://cdn01.boxcdn.net/enduser/messagecenter~uploads-manager-enduser.e83b2dda31.js	db2011e40d84ccec_0.0.dr	false	Avira URL Cloud: safe	unknown
https://liveperson.net/dq	6b848a87f40dd230_0.0.dr	false		high
https://a.nel.cloudflare.com/report?s=LAA%2Fke%2FDlErKZEBp9MU1tdBPg%2F9x6PwDxuIveWMuj%2FV7S0J%2By44g	Reporting and NEL.1.dr	false		high
https://cdn01.boxcdn.net/enduser/as-security~change-current-user-role-modal~collaborators~collection	cbf8f37ebc90874c_0.0.dr	false	Avira URL Cloud: safe	unknown
https://controls.account.microsoft-dev.com:44308/me/profile-image?partner=	5119098391edcc42_0.0.dr	false	Avira URL Cloud: safe	unknown
https://lptag.liveperson.net/tag/tag.js?site=60270350	22fb0e1969c285c1_0.0.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
185.235.236.201	app.box.com	Germany	33011	BOXNETUS	false
151.101.1.192	liveperson.map.fastly.net	United States	54113	FASTLYUS	false
185.235.236.197	api.box.com	Germany	33011	BOXNETUS	false
62.182.80.182	frazeeincs.ga	Ukraine	205172	YANINA-ASUA	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
192.229.221.185	cs1227.wpc.alphacdn.net	United States	15133	EDGECASTUS	false
185.235.236.200	public.boxcloud.com	Germany	33011	BOXNETUS	false
35.181.18.61	microsoftwindows.112.2o7.net	United States	16509	AMAZON-02US	false
13.32.25.13	dh1y47vf5ttia.cloudfront.net	United States	7018	ATT-INTERNET4US	false
172.217.168.33	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
152.199.23.37	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false
104.16.19.94	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.1
127.0.0.1

General Information

Joe Sandbox Version:	31.0.0 Emerald
Analysis ID:	383578
Start date:	07.04.2021
Start time:	23:34:31
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 6m 35s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	20
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal72.phis.win@44/258@29/14
Cookbook Comments:	Adjust boot time Enable AMSI Browse: https://frazeeincs.ga/data/Secure/service/common/ Browse: https://www.microsoft.com/en-US/servicesagreement/ Browse: https://privacy.microsoft.com/en-US/privacystatement Browse: https://www.microsoft.com/en-US/servicesagreement/ Browse: https://go.microsoft.com/fwlink/?LinkId=521839 Browse: https://www.microsoft.com/ Browse: https://www.microsoft.com/en-us/servicesagreement Browse: https://www.microsoft.com/en-us/servicesagreement/faq.aspx
Warnings:	Show All Exclude process from analysis (whitelisted): taskhostw.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, svchost.exe, UsoClient.exe TCP Packets have been reduced to 100 Created / dropped Files have been reduced to 100 Excluded IPs from analysis (whitelisted): 13.64.90.137, 104.43.193.48, 52.255.188.83, 172.217.168.78, 216.58.215.238, 172.217.168.13, 173.194.160.74, 142.250.34.2, 104.43.139.144, 104.18.103.56, 104.16.74.20, 172.217.168.67, 172.217.168.10, 172.217.168.42, 172.217.168.74, 40.88.32.150, 52.147.198.201, 20.82.210.154, 23.0.174.185, 23.0.174.200, 69.16.175.10, 69.16.175.42, 23.54.113.104, 23.10.249.43, 23.10.249.26, 23.54.112.217, 152.199.19.160, 13.107.246.19, 13.107.213.19, 23.10.249.40, 23.10.249.41, 23.10.249.18, 23.10.249.33, 2.18.103.205, 51.103.5.186, 2.18.101.230, 20.50.102.62, 104.89.7.57, 65.55.44.109, 172.217.168.35, 178.249.97.23, 74.125.173.170, 178.249.97.99, 20.190.160.1, 20.190.160.70, 20.190.160.3, 20.190.160.74, 20.190.160.131, 20.190.160.7, 20.190.160.72, 20.190.160.68, 178.249.97.98, 52.236.25.6, 51.138.9.238, 208.89.12.87, 23.54.113.53, 20.54.26.129 Excluded domains from analysis (whitelisted): standard.t-0009.t-msedge.net, assets.onestore.ms.edgekey.net, r5.sn-1gi7znes.gvt1.com, clientservices.googleapis.com, i.s-microsoft.com.edgekey.net, publisher.livepersonk.akadns.net, fs-wildcard.microsoft.com.edgekey.net, Edge-Prod-ZRHr3.ctrl.t-0009.t-msedge.net, a1945.g2.akamai.net, skypedataprdcoleus15.cloudapp.net, clients2.google.com, star-azurefd-prod.trafficmanager.net, statics-marketingsites-eus-ms-com.akamaized.net, au-bg-shim.trafficmanager.net, ris-prod.trafficmanager.net, lgincdnvzeuno.ec.azureedge.net, assets.onestore.ms.akadns.net, pmservices.cp.microsoft.com, statics.onestore.ms.edgekey.net, skypedataprdcolcus15.cloudapp.net, c-s.cms.ms.akadns.net, ris.api.iris.microsoft.com, lgincdn.trafficmanager.net, t-0009.t-msedge.net, cdn.account.microsoft.com.akadns.net, translate.googleapis.com, c.s-microsoft.com-c.edgekey.net, clients.l.google.com, i.s-microsoft.com, e12564.dspb.akamaiedge.net, wns.notify.trafficmanager.net, go.microsoft.com, dual.t-0009.t-msedge.net, arc.trafficmanager.net, prod.fs.microsoft.com.akadns.net, geo.accdn.livepersonk.akadns.net, skypedataprdcolwus17.cloudapp.net, accounts.google.com, cs22.wpc.v0cdn.net, mem.gfx.ms.edgekey.net, a767.dscg3.akamai.net, login.msa.msidentity.com, lptag.liveperson.cotcdb.net.livepersonk.akadns.net, skypedataprdcoleus16.cloudapp.net, c.s-microsoft.com, go.microsoft.com.edgekey.net, az725175.vo.msecnd.net, cdn01.boxcdn.net.cdn.cloudflare.net, e13678.dspb.akamaiedge.net, wcpstatic.microsoft.com, cds.s5x3j6q5.hwcdn.net, arc.msn.com.nsatc.net, e13678.dscb.akamaiedge.net, r5---sn-1gieen7e.gvt1.com, www.tm.lg.prod.aadmsa.akadns.net, sw-prod-appgwpublicip-northeurope.northeurope.cloudapp.azure.com, e11290.dspg.akamaiedge.net, www.microsoft.com-c-3.edgekey.net, geo.lpcdn.livepersonk.akadns.net, login.live.com, audownload.windowsupdate.nsatc.net, update.googleapis.com, r5.sn-1gieen7e.gvt1.com, dcc.mp.microsoft.com, watson.telemetry.microsoft.com, www.gstatic.com, a1778.g2.akamai.net, e10583.dspg.akamaiedge.net, fs.microsoft.com, content-autofill.googleapis.com, dcc.microsoftstore.akadns.net, geo.va-v.livepersonk.akadns.net, aadcdnoriginneu.azureedge.net, skypedataprdcolcus16.cloudapp.net, statics-marketingsites-wcus-ms-com.akamaized.net, www.tm.a.prd.aadg.akadns.net, www.googleapis.com, web.vortex.data.trafficmanager.net, e10583.g.akamaiedge.net, e55.dspb.akamaiedge.net, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, privacy.microsoft.com.edgekey.net, au.download.windowsupdate.com.edgesuite.net, store-images.s-microsoft.com-c.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net, mscomajax.vo.msecnd.net, redirector.gvt1.com, Edge-Prod-ZRH.ctrl.t-0009.t-msedge.net, storeweb-cart-prod.trafficmanager.net, edgedl.gvt1.com, img-prod-cms-rt-microsoft-com.akamaized.net, client.wns.windows.com, supplychainaks-prd.westeurope.cloudapp.azure.com, r5---sn-1gi7znes.gvt1.com, ctldl.windowsupdate.com, e1723.g.akamaiedge.net, aadcdnoriginneu.ec.azureedge.net, web.vortex.data.microsoft.com, lgincdnvzeuno.azureedge.net, skypedataprdcoleus17.cloudapp.net, privacy.microsoft.com, e13678.dscg.akamaiedge.net, www.microsoft.com, dcc.mp.trafficmanager.net Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtQueryVolumeInformationFile calls found. Report size getting too big, too many NtWriteFile calls found. Report size getting too big, too many NtWriteVirtualMemory calls found.

Simulations

Behavior and APIs

Time	Type	Description
23:35:46	API Interceptor	1x Sleep call for process: chrome.exe modified

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	451603
Entropy (8bit):	5.009711072558331
Encrypted:	false
SSDEEP:	12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
MD5:	A78AD14E77147E7DE3647E61964C0335
SHA1:	CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
SHA-256:	0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
SHA-512:	DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
Malicious:	false
Reputation:	low
Preview:	BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Microsoft Cabinet archive data, 58596 bytes, 1 file
Category:	dropped
Size (bytes):	58596
Entropy (8bit):	7.995478615012125
Encrypted:	true
SSDEEP:	1536:J7r25qSSheImS2zyCvg3nB/QPsBbgwYkGrLMQ:F2qSSwIm1m/QEBbgb1oQ
MD5:	61A03D15CF62612F50B74867090DBE79
SHA1:	15228F34067B4B107E917BEBAF17CC7C3C1280A8
SHA-256:	F9E23DC21553DAA34C6EB778CD262831E466CE794F4BEA48150E8D70D3E6AF6D
SHA-512:	5FECE89CCBBF994E4F1E3EF89A502F25A72F359D445C034682758D26F01D9F3AA20A43010B9A87F2687DA7BA201476922AA46D4906D442D56EB59B2B881259D3
Malicious:	false
Reputation:	low
Preview:	MSCF............,...................I........T........bR. .authroot.stl...s~.4..CK..8T....c_.d....A.K......&.-.J...."Y...$E.KB..D...D.....3.n..u.............\|..=H4..c&.......f.,..=..-....p2.:..`HX......b.......Di.a......M.....4.....i..}..:~N.<..>..V..CX......B......,.q.M.....HB..E~Q...)..Gax../..}7..f......O0...x..k..ha...y.K.0.h..(....{2Y.].g...yw..\|0.+?.`-../.xvy..e......w.+^...w\|.Q.k.9&.Q.EzS.f......>?w.G.......v.F......A......-P.$.Y...u....Z..g..>.0&.y.(..<.].`>... ..R.q...g.Y..s.y.B..B....Z.4.<?.R....1.8.<.=.8..[a.s.......add..).NtX....r....R.&W4.5]....k.._iK..xzW.w.M.>,5.}..}.tLX5Ls3_..).!..X.~...%.B.....YS9m.,.....BV`.Cee.....?......:.x-.q9j...Yps..W...1.A<.X.O....7.ei..a\.~=X....HN.#....h,....y...\.br.8.y"k).....~B..v....GR.g\|.z..+.D8.m..F .h............ItNs.\....s..,.f`D...]..k...:9..lk.<D....u...........[...*.wY.O....P?.U.l....Fc.ObLq......Fvk..G9.8..!..\T:K`.......'.3......;.u..h...uD..^.bS...r........j..j .=...s .FxV....g.c.s..9.

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	326
Entropy (8bit):	3.120800537141163
Encrypted:	false
SSDEEP:	6:kK4UlkwTJ0N+SkQlPlEGYRMY9z+4KlDA3RUe0ht:gUywTJrkPlE99SNxAhUe0ht
MD5:	EBBC171747862BE85F19160C70272C54
SHA1:	68B95CC311A440637A6419C58330D2A659C942EE
SHA-256:	D171D6B8749542D2509EC8AEC71A5BD12E101A866907DD6E193A2B2CC2205226
SHA-512:	AD10E93B26C67D5DB9426FFD9329F21F0BC789A4F02F8E60BB31E91700349B2F75944E6989662FFAA6B69611020C94DDC3B744DA158289BEF84C8D658CC04E60
Malicious:	false
Reputation:	low
Preview:	p...... .........k.hA,..(....................................................... ...................$...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.d.8.f.4.f.3.f.6.f.d.7.1.:.0."...

C:\Users\user\AppData\Local\Google\Chrome\User Data\4ca9f4f4-f259-4eb3-8260-737085d639f0.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	155605
Entropy (8bit):	6.051477521255009
Encrypted:	false
SSDEEP:	3072:6zmnDWVhPFlyU7sCXgcbjHMFcbXafIB0u1GOJmA3iuRe:o6Q1sJQHaaqfIlUOoSiuRe
MD5:	64EFE061078BDADEAE16D82647A1D76E
SHA1:	60EFE1C4252CF6EB530E23FE48728E56AFFF8700
SHA-256:	A0C8BF2842BB36ADA5E3E8B7F7DE26D233CB1C5C4425251CB04C6428AFB982A0
SHA-512:	EC9210DD8C1F2FCDCA118BA8F4DC8E11E3521DFED89A686A03EA3ED5D0C47A88D04BF07D2B5835D3B88C4F0D3203321CF5FEDBF8BCFDB18E82CB5B361C87D98D
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.617863719272605e+12,"network":1.61783132e+12,"ticks":94284079.0,"uncertainty":4241184.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016557803"},"plugins":{"metadata":{"adobe-flash-player":{"displa

C:\Users\user\AppData\Local\Google\Chrome\User Data\52fec6b5-ed0f-47b8-8418-5fbe12c2ec97.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	92724
Entropy (8bit):	3.7464297749694278
Encrypted:	false
SSDEEP:	384:TjUTvVWIJtS/uNPr8v7R38LZ0HdUGw/rK1DXxM5BRwrajmCFWB/L3MOpJrN213mZ:gyFd29QghOeHPt1kvrS1Kj1Pl/
MD5:	0E30EF32443C8BDF7201D3FA51F8362A
SHA1:	E9A39AA0093B36F3E9306287EB418DE5AC9126A4
SHA-256:	2DE1B8F032283B29118A67F2453DD9090BCF4345954DCD1AD10731270DD69648
SHA-512:	87E8D7100890890E8B7A43267130718D17E07796D15241355CC8572FBD46AEEDD579CA1AA7049FCC1C4C9B02D0FE7914BC4F32F0E0359A69D8D0635F13F96D35
Malicious:	false
Reputation:	low
Preview:	0j.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....68.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\5add62e1-a54c-4f98-a0ed-e2021862f5f9.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	164082
Entropy (8bit):	6.081903118864922
Encrypted:	false
SSDEEP:	3072:JhEzmnDWVhPFlyU7sCXgcbjHMFcbXafIB0u1GOJmA3iuRe:f26Q1sJQHaaqfIlUOoSiuRe
MD5:	A1AB006DC92007BB5C272F5F4D8FDDFA
SHA1:	7FE69928CDD1F9308B94183553BF396D312BE24B
SHA-256:	3A67EEB515593681422067F45A8661B637671D5514479E0AED8337156A7BA169
SHA-512:	C69E5221F166A7609EB7AF7DD6C1229C750BB59D218DA8003739113F1D0C166DB4A748E67ECC6D2D3B1B1EA8F18566507BE8ECF3B534CC081A44ABFA62EE0FDF
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.617863719272605e+12,"network":1.61783132e+12,"ticks":94284079.0,"uncertainty":4241184.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016557803"},"plugins":{"metadata":{"adobe-flash-player":{"displa

C:\Users\user\AppData\Local\Google\Chrome\User Data\74b2b389-1f04-4b56-bee5-66cee22a42f1.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	164081
Entropy (8bit):	6.081902073668833
Encrypted:	false
SSDEEP:	3072:4H/zmnDWVhPFlyU7sCXgcbjHMFcbXafIB0u1GOJmA3iuRe:c76Q1sJQHaaqfIlUOoSiuRe
MD5:	3B83D6E14470124F4D4DB85FED702C0D
SHA1:	6E2C70154971938B623258FF9305D17621A547F0
SHA-256:	E6E3D0B1546B63FD8710E330B0B17BB88A0C46FB9F5C440A5EB0A38ACE4114F4
SHA-512:	8C17D380BFD8BF599FDAFB1327DF314D25C52BEFE07A654EA5CF28470304154E1BC8202DF5A726F1BFBB826F4FFD7E23DB989F63B7DF8BB7DC5789747D9D5E53
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.617863719272605e+12,"network":1.61783132e+12,"ticks":94284079.0,"uncertainty":4241184.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displa

C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	120
Entropy (8bit):	3.254162526001658
Encrypted:	false
SSDEEP:	3:FkXft0xE1G1mstft0xE1G1mstft0xE1n:+ftIE1G1mkftIE1G1mkftIE1n
MD5:	E9224A19341F2979669144B01332DF59
SHA1:	F7F760C7104457DF463306A7F7BAE0142EFCEB5B
SHA-256:	47DD519C226D23F203ACAE0EC44DF9BB6208828E24F726E1602EA52F63C3E2BE
SHA-512:	4184302DEB5009D767FECFC150F580DD57D5CF9CF3BFEB7E52C9F3340E5E6499251B9F0DFF37F0454411FED9046880E0A9204312D021294256372C916B8155AC
Malicious:	false
Reputation:	low
Preview:	sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0b216c7e-466c-4290-8324-ab83abdb5967.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\119edd29-e71f-4657-bfe4-46dd88125ea5.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4219
Entropy (8bit):	4.871684703914691
Encrypted:	false
SSDEEP:	48:YXsJjMH+5s7YMHBKsvxMHVzspxMHbsIHt/soBDysKqnsllzMHpDCLsWJMHLsNuMg:RG+ZGJG+GTTD7IGpD+G7Gp2GnG4GVhH
MD5:	EDC4A4E22003A711AEF67FAED28DB603
SHA1:	977E551B9ED5F60D018C030B0B4AA2E33B954556
SHA-256:	DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
SHA-512:	84D3930579FD73C7D86144D5CDC636436955BA79759273C740D2D72BC4847F2F7F165BBCA3EB2E4DFB01777D6A5F141623278C1BF74615C5A491092CE3FD1602
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248543677350473","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543677350474","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31344},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31656},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501454993","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501454994","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39369},"server":"https://www.googleapis.com","supports_spdy":true},

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\23edd31b-ab05-4ade-9187-6b3a43a3fecf.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2214
Entropy (8bit):	5.591333132741117
Encrypted:	false
SSDEEP:	48:YMUuVwUm6UUhlUbUezUW9seKUewqPeUerwKUYaRUMQUefswUfmUenw:NU5U7UUrUbUezUW93KUGPeUEUzRUMQU1
MD5:	36E68094F6857B62B78279D6A61384A6
SHA1:	6A04F718F01BAC5142AC891450ADCB81E3705A8A
SHA-256:	4EA186903D059DB3DE2AD1C24D0B74F32EDD921106557348EA8E94909C741A1A
SHA-512:	0C2AD1690D55382AC359254E16D94D047EB5D6E7E1CC2EF5A2CE42798E6A14D1D2AE48779B0222995783983F82F52AE973B17626F6AD3318FEB79BF9E2AE8AE6
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1649399760.096707,"host":"AVsuOZgBg0wdpKMoxm8zihjqET8kI4Xl8bCSMk28RsE=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1617863760.09671},{"expiry":1633643746.933253,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1617863746.933257},{"expiry":1633014077.350499,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478077.350503},{"expiry":1649399722.703665,"host":"aUT4cEaMLSu2xah4u8MKxGFwWETfFZ2z86gpRsVr1R8=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1617863722.703668},{"expiry":1649399759.771132,"host":"e0dnev3n5m4rUz3lgUGIx3llwf0kSf/EB+PPIf8u0SI=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1617863759.771135},{"expiry":1649399721.924781,"host":"fcT4TR7pgeTKRQl9Px8kvZ6lsTaVNIjkqgCAM9Mk2kI=","mode":"force-https","sts_include_subdomains":false,"sts_

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2ba5b1d7-d5af-40a4-b1d5-941e33c1aef5.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5027
Entropy (8bit):	4.97773526905293
Encrypted:	false
SSDEEP:	48:YctUkPklwHj/b2cMqA2RqTlYqlQuoTw0pBH3CH3G/s8C1Nfct/9BhUJo3KhmeSnP:n393RR4pcV3ok0JCKL80kS1CbOTQVuwn
MD5:	CCE8B69C23F7B4CFC2E0D4459B870A9A
SHA1:	257BAD1D8C3344E8F1D2E3CB67E19935F2866323
SHA-256:	6BB6088AD33751DE9DF823E2D2EDF4BC92C8C5D9E607E2BC4C867DB5833A853D
SHA-512:	0249CFEE99D8EF8EAA232CBC5C530ED01C7FEB34D82190FD55110BAB72BA1246FD59865015955BD4C2E3E14FDC2F69A15B8ABE548F2EB866DECCAE74F88001D4
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13262337316723099","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\352537cd-86c3-4a58-b7b8-0d2e3e2d95f4.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2715
Entropy (8bit):	5.5980274075881296
Encrypted:	false
SSDEEP:	48:YzmUlNVwUm6UUhGUFUweUuFpUnMUW9seKUe0ULqPeUerwKUYaRUMQUefswUfmUew:XUqU7UU4UFUweUuFpUnMUW93KUbUePei
MD5:	CD822ADDF0B6BBD622555CCBC6EA91DE
SHA1:	05AF013736821B7EB6CC81B8D621C0A0181DAA39
SHA-256:	802C5503BAF9BEF1E70EEE4B4341692F687294FA0FFCDBC1CE8F0A66C8D34368
SHA-512:	279F20D2FEE3BAC6CCAC4609342F9F49BBC3ECF9FD22F6BBEAA1B607FD633DA1AA49D4EBCB3D847555DF90F688A63FA7B715025DB041DA95FC31FEE8BF735191
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1649399823.127852,"host":"AVsuOZgBg0wdpKMoxm8zihjqET8kI4Xl8bCSMk28RsE=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1617863823.127857},{"expiry":1633643746.933253,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1617863746.933257},{"expiry":1633014077.350499,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478077.350503},{"expiry":1649399817.326155,"host":"PKqosHGXLFTwexcsjC+UXTkKV3GWWHwtzKz/ULb9ssM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1617863817.326159},{"expiry":1649399722.703665,"host":"aUT4cEaMLSu2xah4u8MKxGFwWETfFZ2z86gpRsVr1R8=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1617863722.703668},{"expiry":1649399772.10727,"host":"a1ZTYlNSUSrj8xKbRz2eU2pqvpuOBdbHFtk7jbKGSQI=","mode":"force-https","sts_include_subdomains":true,"sts_o

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\39653154-70f8-40e6-b2e8-813d2c2eb46f.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5767
Entropy (8bit):	5.1882232144760945
Encrypted:	false
SSDEEP:	96:n39s00R4Hb5WcV6ok0JCKL80kS1nbOTctVuwn:n3Y47kcn4KRkSdb
MD5:	3D699A59305DEDC5B44FF8565EAC85F5
SHA1:	7F7720697DD521A8DBE2DD60AA23EEDC2E601FDA
SHA-256:	10A54DE7A88BAA1DBF066585591834C8222814F24C2A64533784E166B143CBCB
SHA-512:	4547E54386B383BF35B09E60D0268CC5834E488E6A032D00F0C8A1243EE29BA2A4BF811DC218E7C83871915E9D68DAFDFC93397A0A4ACA8C0B34E4275B96FFEA
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13262337316723099","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\55bd46e6-e10c-498e-a6b5-64c8b9b7adeb.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5767
Entropy (8bit):	5.188236213657174
Encrypted:	false
SSDEEP:	96:n39s00R4Hb5WcV4ok0JCKL80kS1nbOTctVuwn:n3Y47kcl4KRkSdb
MD5:	65DEBC21D6BA774B3E4EADDE752AAEE0
SHA1:	549177C86CA86CD7596DD77355C70449D2E1274C
SHA-256:	25AA31C26A94248A982711C5CBEC235DB5EE3DA3AC33EAC7D40BB1CA985A28D0
SHA-512:	1708CB5CB64E97EA8AEEC2CE92766DF009CD84E219522F160489E41F41971C76466E503450C8E6E8780FD53C607075D674643DC6F64B1141AD7E0596BAE70C23
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13262337316723099","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6110adbc-dee7-453a-a919-4a4997c6b007.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5623
Entropy (8bit):	5.189364180313515
Encrypted:	false
SSDEEP:	96:n393PR4Hb5WcV3ok0JCKL80kS1CbOTQVuwn:n3T47kcc4KRkSW
MD5:	E2CF3AE35A5F9B0CE8F7F756DB1ABF90
SHA1:	FDF279F3C3A5B2418A542A55FF9719A397B3627D
SHA-256:	21F7CCBEF6EF5B20B1A71662206282CD29C57ED0FA0E180DB28400B37FF6B7CE
SHA-512:	7662E1B3609D857634F95E04996BEFBA5B4A803228C99F616317CBF3E60428B18ACE0FC1A0BB72ADE93035C61713653FEA4BF0D8E191A6955CB2C41C59EA217B
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13262337316723099","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9f922dd6-d53c-4f61-94db-23ca9ce684ea.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	18940
Entropy (8bit):	5.568370657032342
Encrypted:	false
SSDEEP:	384:jOnt1Ll+WXh1kXqKf/pUZNCgVLH2HfDUrU7HGxjRuGx4E:CLlPh1kXqKf/pUZNCgVLH2HfIrULGxNd
MD5:	4F0B2561A61B514D0250616CF986E7E9
SHA1:	E91CD0666CA0A00C219DF8BDDDF073E90E46CD3F
SHA-256:	C260282168D8D007B607CFCBB2560D29E4180BC15D199AB6F7D224344B9B3B47
SHA-512:	31B0503BDD12518C227FF48EB6D97EA8AE524FFECFF542F1AA77B0FF3454485C0B583986B3CAC8701B4911329415E9C2B1BA20CCB0E1380D6BDC8BE6B195E552
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13262337316534375","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	334
Entropy (8bit):	5.282968383754782
Encrypted:	false
SSDEEP:	6:mrGXTmHOq2PWXp+N23iKKdK9RXXTZIFUtpmGXTPZmwPmGXTXAzkwOWXp+N23iKKU:2sTRva5Kk7XT2FUtpmsTP/PmsTwz5f51
MD5:	B819A8CBEABF052FB355470A7E3A21E2
SHA1:	E64985AA18F5179311AB4B5EA05EC0511BA571E6
SHA-256:	C878BE12481A3952C9FC5D2B1F591DC172895B707382EF1B8B6E8767F912345A
SHA-512:	38EA728391ACBA4C6002302246AE58B5AAAD4D3C9698A39469182ED0B4D15EF60940B3FB5177E635294A2DD74560D053AA1F191F0914FCFC8382EA3301DE4727
Malicious:	false
Reputation:	low
Preview:	2021/04/07-23:35:26.670 19d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/04/07-23:35:26.679 19d0 Recovering log #3.2021/04/07-23:35:26.681 19d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	318
Entropy (8bit):	5.252665155031357
Encrypted:	false
SSDEEP:	6:mrGXHuwAq2PWXp+N23iKKdKyDZIFUtpmGXHDZmwPmGXukwOWXp+N23iKKdKyJLJ:2sOxva5Kk02FUtpmsj/Pmsu5f5KkWJ
MD5:	0A4517AACFFEC401960FA0B369A56030
SHA1:	9DF5DD7C6D413F82529E1CD61D0B035F6B7A014E
SHA-256:	A63308C646ADFBF94872626BFFBB2D10A32CBE48D117F92150DC35DFDD0EC6C3
SHA-512:	BF92565AFC452A10A77CD36DBB782D5635FFED32638FF5CAA77DE385766E048BDD7D82C3610CD4B705DFDB1B0E9B80CFADF0373DB783E63D402B347245C83B15
Malicious:	false
Reputation:	low
Preview:	2021/04/07-23:35:26.169 19d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/04/07-23:35:26.172 19d0 Recovering log #3.2021/04/07-23:35:26.175 19d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0481116f3cd8293f_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	362
Entropy (8bit):	5.949562832967658
Encrypted:	false
SSDEEP:	6:mlYL8vc7ZALSRTVLx1Dn1ytyqwF32LrR/ZK6t3j87u5JQIVd9EaYqwF32LrD6/:z0c7ZZTRDnYzw32J/Thj5jVd9Eapw32G
MD5:	5FB48A49742981013CC650B1AFF620EA
SHA1:	D49DF8DF82FC30D35F2F87EA8E68A97AF1CA434A
SHA-256:	EB876962B9F87D9058E2F8F564E3E3A1CBB2F67D5A4A7B9F863204B4EF1DB09C
SHA-512:	F4ADEC84ACD514600EA2729A3B26EC72246C18E6B2836BCF0DE291DAE6CE361B825EB12431446DEF5C83E1A1A31A199963E3BBAC10D13C012E1A89A2033B02B1
Malicious:	false
Reputation:	low
Preview:	0\r..m......b...O:......_keyhttps://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.js .https://microsoft.com/.)!.../..............X............DMB#R...>......m$.....A..Eo.......\|...........A..Eo...................)!.../.X...6BC30A984CDF1F67809A191E60D0A7B31924C57733A553354CE2EE79A87D2B09......DMB#R...>......m$.....A..Eo........*.L.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\094e2d6bf2abec98_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	351
Entropy (8bit):	5.922275402588608
Encrypted:	false
SSDEEP:	6:m3VYyK08fNH1DkpyayL65lZK6tecMjfTYZZKInUSXL69e:aKjfNH1DODyylTM3j7YbXnUSXD
MD5:	A2F0662A3A876D8C47406765815046A3
SHA1:	DD9086CAE699364A9C06AB51F2730314EDB9FBD1
SHA-256:	CD8DB1FA591F4B8626A7AEBD5CAD55CA7E4E1E70B3A9C970EE71367E4415FEC4
SHA-512:	DB829EB30C4758074E4C098AFEC2B021B8B70C63CEC140A8AECB940403A14F62C309CAD4B74D446BA89977219D783316BF14F63B0A2A99D48B59D1610BAA043E
Malicious:	false
Reputation:	low
Preview:	0\r..m......W..........._keyhttps://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js .https://microsoft.com/..-.../.......................=.z-.7.K]..~..=..9......8...A..Eo.......#...........A..Eo....................-.../.`...67B3F0D5859D8C80F7D4821AFCCBB3DB6BA4E86CA5992C9436B9DBD17981370C...=.z-.7.K]..~..=..9......8...A..Eo.......$#pL.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\12649853fd6ff52e_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	218
Entropy (8bit):	5.4437041806619915
Encrypted:	false
SSDEEP:	6:mY//XYGLTD9OwjOKdDSpTgR0J/OEE4EDK6t:5LDcwKKdDS9gcO11
MD5:	8D094F12C23266C87266E1BFBF5F5F51
SHA1:	460ABEE62934BEEAA3CA69536DE655F5750AAD2F
SHA-256:	083FB5BA7F76BFE0F479B5E636DCD572C290DC6C04648FD7848C45F99A599792
SHA-512:	9FC49C7456F17CB1A94D3A9AB52A1364A6D50D7A80A0342BEDC0436DF902C76C30D356A5FCF5174B286E433A43A991035367C1C2AE1D21CEC805783F8792CECC
Malicious:	false
Reputation:	low
Preview:	0\r..m......V.....C ...._keyhttps://www.microsoft.com/uniblends/scripts/blender.min.js .https://microsoft.com/...../.............nr...... ....&8......,~..-.A...8.&...!.R.A..Eo.......HBF.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1c1dd7632a5a5a3f_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	595
Entropy (8bit):	5.281209015179817
Encrypted:	false
SSDEEP:	12:EfDF2uqtQJ7Ax1jsKlIT1HQL2FAB2Pg0jK8WKD3jm+6N:Oh2TekxstFY2FXPqKLjD6N
MD5:	8757EFBD4C1484514A4EC80C7169366B
SHA1:	1DE84F1A62E6FA2E4497C23C196FBC08D13893CA
SHA-256:	E49BE45368FB3B854CE353AEE0FE53B24F5BDCBE1F7EEF2497AD929C23C3EA89
SHA-512:	920E170C1D2E06B8F122137B5B91A057BF3827957DEB80DAD4242334EC8782C9A17855BFD47BFA2203FE7833F5A567FFC5A53A47997F5CF66FD0E8BA9138732F
Malicious:	false
Reputation:	low
Preview:	0\r..m..........e......_keyhttps://www.microsoft.com/mwf/js/MWF_20200416_22921869/actionmenu/actiontoggle/additionalinformation/alert/areaheading/autosuggest/badge/banner/button/contentplacement/contentplacementitem/contentrichblock/contenttoggle/dialog/divider/drawer/flyout/glyph/heading/heroitem/highlightfeature/hyperlinkgroup/image/linknavigation/list/metadatabadge/pagebehaviors/pivot/select/selectbutton/selectmenu/skiptomain/structuredlist?apiVersion=1.0 .https://microsoft.com/..].../.............Cr.......~......w7....;\|.2.~]Ov{^.C ..A..Eo......@.9l.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22fb0e1969c285c1_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	428
Entropy (8bit):	5.455299639731936
Encrypted:	false
SSDEEP:	6:mCVCVYv0iffhQ3fvoAsx/pK4DK6tWCVCVYv0iffhQ3fvIA6Cx/pK4PmUhK6t:VVuAavQXVuAavtx
MD5:	B40F65109620D0F3219855C881228F65
SHA1:	8BDB9BCE954A04A846777832D6D86EB3570D311D
SHA-256:	31EF2AB46C73EED64964A88E5FC06AA4DCF4FFAE188994B00908FC2FFED91CA8
SHA-512:	125FFDB7F87FDE6ED90D2C3C5C5368513696453B0B11C4B16E29F3D698931625C287649BF5CBFB63C0F4C9B67164B36977ADDBD7CDDB3517C64C6977D3DA340C
Malicious:	false
Reputation:	low
Preview:	0\r..m......R....p.3...._keyhttps://lptag.liveperson.net/tag/tag.js?site=60270350 .https://liveperson.net/]m..../..............W.........5+.o....D.o.p..3lm...\....x.A..Eo......u..K.........A..Eo..................0\r..m......R....p.3...._keyhttps://lptag.liveperson.net/tag/tag.js?site=60270350 .https://liveperson.net/.*..../.............Cv.........5+.o....D.o.p..3lm...\....x.A..Eo......b ..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\231f8daf13d8069c_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	211
Entropy (8bit):	5.608003895895863
Encrypted:	false
SSDEEP:	3:m+lOmolt6OA8RzYEy9IR6Y8GsZ7WnRh/3tq1lHCa/JLT1tNcaAlYyFmkom5mCxlP:mJm4t6EYEXe7sH/7aBnjN6lIk4aK6t
MD5:	9BFACA03873A331A5B720C16C6E56ED3
SHA1:	DB17D360753A1208FB4C301CA95E83158852A199
SHA-256:	66AEE76522A5F3C675B795FE0DCC733471935E869339D801EA87FEF2AC52C09D
SHA-512:	09384391F509B8826A1E6A3984AC2A29ABF072750A157786114DAF5BAB2BBDC5BD5FAA7CFA195119683BEEEBD77671944EB90B4A2EE5F9EC4A4F710FA516BA89
Malicious:	false
Reputation:	low
Preview:	0\r..m......O.....+....._keyhttps://cdn01.boxcdn.net/enduser/lang-en-US.37ac59649c.js .https://box.com/...../..............q......;.q....2.b......d.M....c.}C.Q./.A..Eo......3>TR.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2b178dc788abedc5_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	17753
Entropy (8bit):	5.639562145916213
Encrypted:	false
SSDEEP:	384:aAcBVKlP0IORDlaxWUTh6DVxvlHINKU3IWA:aL48IONl6TalHGg
MD5:	87DB2D4BEB0FC2FB1D7C11305CC00FFC
SHA1:	7235399CD08F2A11AA86E8538C61A2B1063BFEED
SHA-256:	ACB9570E31E795E8574FFA6B43A1A39C8008B4CBA5B21F7778A0C031E9D32A3F
SHA-512:	1E68454D3FB02674E19B780D62B2EF9C132CACB39670A125F39DCEF01DE93AF6B31387129654F1DFC921EB27BA4B3286EC8E0A9CC2E831E9CE7FBFBFFE5DDDE0
Malicious:	false
Reputation:	low
Preview:	0\r..m......i.....-....._keyhttps://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.js .https://live.com/0F(.../.............CZ......6m./...D..yW!T.....P.<..;~...9...A..Eo..................A..Eo................................'..C....O.....C..v........................................................(S.....`.......L`......L`F....(S.<.`2.....L`....I..K`....Di..............%.......g.....g......g.....(Rc..................Qb..,....._iz.`....Da....h.......b.........B...@.-....`P.q.....R...https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.js..a........D`....D`....D`.....)....`....&...&..A,&.(S.....Ia@...X.....Qb...S...._Du.E..A/d....................&.(S...Iad.........Qb..7....._Bd.E.d....................&.(S...Ia..........Qb.!.S...._BD.E.d....................&.(S...Ia..........QbF.F&...._F..E.d....................&.(S...Ia..........Qb"_\....._BE.E.d....................&...(S...Ia!...9.....Qd.H.....strOrDefaultE.d....................&.(S

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\31d75b170cfaba84_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	269
Entropy (8bit):	5.613089918669961
Encrypted:	false
SSDEEP:	6:mKpdWEYcBB8LjFke/BDWDQICW0ZSVCjzKvr1HhS+EI1yAwK6t:9dWnN/hWDxCxqCjzKvrZYJI1yd
MD5:	18468CED7C4CA29418E812159B469076
SHA1:	2BEF464210E6C95D6B1A0902BF50ED63666B348E
SHA-256:	9627BA9867B881FA56DF3E247FB4B7611E0E463DAA58E6D2BE3898F31777D2E1
SHA-512:	798C4FEC7A919D05205675430E4033090FC1767D529932C7E93FE582B622355B2FE9DCFBDECCCB1A4C215051771DFD2E070DA14F01F3D74C83F2905E9A203EC7
Malicious:	false
Reputation:	low
Preview:	0\r..m...........!.f...._keyhttps://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb97667x83487 .https://liveperson.net/....../..............}......c.w3]D..\..'g..@q/Jz.qp..4q..o.A..Eo.......^j..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\328b75cf02d95d5e_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	5992
Entropy (8bit):	5.815571387614679
Encrypted:	false
SSDEEP:	96:XT31cfAMiEfzvyCHCB+KzQLmWk+4sPMoA3y4LFigqx8UPvcJ4fAtvM5:BcIjkzqOKzQLmwMr39LFGx8UPva4fF
MD5:	751CDDC72353ACB78C7F23F898C507C2
SHA1:	F3DC9D03D6A0979277E196C81A8207B0B6746789
SHA-256:	07E37B99CE26225C5A41879148B3BBA608FD3A05E554E958195005260E774EF8
SHA-512:	A7ECC41995FCF014794F58330BB632792168686DBC27E6BE82180BCACBC9256A00103A8D9872938708DA5D77476B7875228249B055DD999693E3643045F9CE6A
Malicious:	false
Reputation:	low
Preview:	0\r..m......x...?......._keyhttps://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=8c84dc53-9dee-f42a-46b1-5a93c0e43d70 .https://microsoft.com/..,.../.............T..........U..0.....\.oQ.8gD.r{......A..Eo.......'..........A..Eo................................'.0u....O.........P.......................................(S.y...`......L`\......L`.....(S.....Ia&...m....,Qi........ShowSelectedComponentKeyPress...E.@.-....hP.......\...https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=8c84dc53-9dee-f42a-46b1-5a93c0e43d70a........D`....D`....D`.....Q....`....&...&....&.(S...Ia.........,Qi&... ...SetRightSideNavigationMenuHeightE..q.d....)...............&.(S...Ia.........$Qg.......ShowSelectedComponent...E.d....................&.(S.....Ia.........(..f..................-............d................4......d...........-...........d.........!.!..........Qd.`.e....ShowToolTip.E.d.....................D&.(S...Ia....>......e.........-.-............. Qf>.!)....AssignToolTipToHref.E.d.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\353c43577c506338_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	257
Entropy (8bit):	5.603661982329061
Encrypted:	false
SSDEEP:	6:mOJYbLjFCsWLdXUheXNvKoF6QntGDRiR4cUnK6t:An3WBrNvhRt8Rzp
MD5:	8C3EE130815E43B2C5B671B489DA0FF2
SHA1:	1287D5415ACE35677B5FFD27D3400C79E9A430C1
SHA-256:	5852FB869209E888D47DA87C43983FD7A61E7125D94A602A659BD2DB603BDCE2
SHA-512:	A83BD4D6F1597C2611E49BE191B1A6764D7B776D27608709C08840A1F3DB93F90BBAC9BB8A0B2F00AD98A093F5CEEDB7B83AEA7DE7F9653CEE25731F61E30483
Malicious:	false
Reputation:	low
Preview:	0\r..m......}....x......_keyhttps://lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/UISuite.js?_v=3.45.0.2-release_5052 .https://liveperson.net/....../....................9....r.[\|.....h.sZ..&)...Kr(..A..Eo..................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\366c8b4770143e67_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	257
Entropy (8bit):	5.562996126382111
Encrypted:	false
SSDEEP:	6:mOXYbLjFCsWLdXUqy6ZXNvrYu6SYa0U1jAnvlDK6t:in3WBFNvcj82l1
MD5:	2243FB20B4FC2F2673405689706B9EA3
SHA1:	69A70FE1FD35DF1BC254F5E42E0D91D10121EEDD
SHA-256:	BE948F59E75CEBCA2E065AA6BAD86E3302245EA66BC5F7057B2613C2B599074A
SHA-512:	651F2C0F2904625F8187FC8F653AF79AF7671E1D33778AD46BBB385E0C509344D4E845ACD657FB6071B940FFB5EBE0F01ACD79098C3261EB04DCEFEE1B6B4912
Malicious:	false
Reputation:	low
Preview:	0\r..m......}..........._keyhttps://lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/overlay.js?_v=3.45.0.2-release_5052 .https://liveperson.net/c...../.......................*\..'.At...N.k.\.`6.....^..A..Eo......,...........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3b99dc3d3bc104fb_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	476
Entropy (8bit):	5.489562480565123
Encrypted:	false
SSDEEP:	6:moinYkhcV5IT6Rsbm59LPWNvgsTbjPneDK6tWoinYkhcV5IT6Rsbm59LPWNvUwmm:EEpRs0uNvgEjC+EpRs0uNvU94jxT
MD5:	1BF7471B6E7E55186F5D6DDDB739F296
SHA1:	8BE813E663542A97EAD280A56EDC862CD226331B
SHA-256:	2FAA14FD8FE84F184D164E614EE36A0AC3D10C762BA70E2564519D708AD60F9A
SHA-512:	5605D6F5A51EEF90717BC9F0BDE6CC88A0128668608AE7AD3DCFB41DF8E0BCE33B251E7020198ABB656A59A2D17BA849E05EC7180C2BB84BE5A88A868DDFABDB
Malicious:	false
Reputation:	low
Preview:	0\r..m......j...~.F....._keyhttps://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.js .https://liveperson.net/.c#.../..............Y.......j\.!.&.....I....B..m..(..w.G!..A..Eo.......P.r.........A..Eo..................0\r..m......j...~.F....._keyhttps://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.js .https://liveperson.net/.~..../.............}.......j\.!.&.....I....B..m..(..w.G!..A..Eo.......b...........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\40c6c29b4367dc20_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	257
Entropy (8bit):	5.601779232899274
Encrypted:	false
SSDEEP:	6:mOCl/VYEXelB/8IDX8NHu7yS4FZRfsYobK6t:eNXrIDyi4Fbfe
MD5:	6388233B193154B572990323A9B95B6D
SHA1:	6B3A87EF0FD7545D47F76DE20019B40FD6307F1B
SHA-256:	C0C1F6E5151D36556823688661C4B771344F019DAB76395EA6896870200287F3
SHA-512:	008698DB3A26355AA17B18708C07A22F63E68E6CE025509EDBAD6D1834BC572E8D819DEDB5D8CF83A978F1C04083BEA7EE44268EE0540059C08CD6E7FB544995
Malicious:	false
Reputation:	low
Preview:	0\r..m......}..........._keyhttps://cdn01.boxcdn.net/enduser/messagecenter~preview-components~uploads-manager-enduser.7791b26041.js .https://box.com/...../..............s.......&"..E...d...."=.?8["..<hN..x.:..A..Eo......0............A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\43fb384703621b6c_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	586
Entropy (8bit):	5.616771884583681
Encrypted:	false
SSDEEP:	12:Uiu/hWDxCEbBx0RrvoXnRvep+miu/hWDxCEbBx0RrvMRvepP:Uiu/hWcSudgnRmImiu/hWcSudMRm9
MD5:	0D93F1543BD8F26289638C3427966546
SHA1:	C0F4F7ACB67F33ADB04CDB56EC2DD060304C8C2C
SHA-256:	A1D117AEF4CE15838CF68BF15924E730A719B03C100240AE991F93D5314A243A
SHA-512:	A427B7A73D50F89C4A2359CA2B5C43ACC1BD1F7896B0FAA60033DB260F38E08FC2A34218F0BDB5ADC673D33E946807D349DADD673783E8531586E7F4DD2F7648
Malicious:	false
Reputation:	low
Preview:	0\r..m..........H^.?...._keyhttps://lptag.liveperson.net/lptag/api/account/60270350/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=store-sales-de-ch&b=1 .https://liveperson.net/...../.............>X.........6W.....\Oy.se...Ml.1@;....A..Eo........\z.........A..Eo..................0\r..m..........H^.?...._keyhttps://lptag.liveperson.net/lptag/api/account/60270350/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=store-sales-de-ch&b=1 .https://liveperson.net/m7..../..............y.........6W.....\Oy.se...Ml.1@;....A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4e70ff861187dcce_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	284
Entropy (8bit):	5.728415293557196
Encrypted:	false
SSDEEP:	6:mTYcBB8LjFke/BDWDQICACJe15SZcWivfvJTtDYwK688Z4nK6t:JnN/hWDxCACkeZsvnYwsjp
MD5:	1EDBD9FBBF4DF38629419346D15EDFBB
SHA1:	D4C0219D5E076E7FD22B936C53C444739E561E9B
SHA-256:	C617E994912AF5DB969DAEC71F91E40B50D6BFD48767EC8612EED7268ECB4082
SHA-512:	FB3A8CE9C548A110C627D5DA7D725ED1BAE82D82ABA90B8FC13C8DB06C1A934650E85EA493BFFC83188BD3AF1C9F6748ADEF0C5D8F2FF2768ED69F7E95983C3D
Malicious:	false
Reputation:	low
Preview:	0\r..m...........L......_keyhttps://accdn.lpsnmedia.net/api/account/60270350/configuration/engagement-window/window-confs/1644511330?cb=lpCb30561x35468 .https://liveperson.net/0`..../...........................]!z.X..-{.Li..F..........A..Eo.......L.e.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4fccf16e79028bfd_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	261
Entropy (8bit):	5.58274235516093
Encrypted:	false
SSDEEP:	6:mYunYEX/3OJeyi0VlV2klMxfeGfla04shK6t:EX/T1ql8pJ
MD5:	4C737D666C1B232BFCD58C267DAB1C7D
SHA1:	38C3730FFC521C89306D8DF27383A94BFFABDD81
SHA-256:	31F4ADEC6A3CEE1DA9DFF4A102FD6755D815CB40B5193873AFCB22FD1A17CFD1
SHA-512:	A775CA60C477C8AD27D09397549E272AF7FEDA511232F42EF7E9C2BA463DC419B14375307133F33A87F1C34DC34B5B1AED9442ACC276C57E54FFE4C7C10C774B
Malicious:	false
Reputation:	low
Preview:	0\r..m..........lv......_keyhttps://cdn01.boxcdn.net/enduser/lang-en-AU~lang-en-CA~lang-en-GB~lang-en-US~lang-en-x-pseudo.57dba5f597.js .https://box.com/\..../..............q.......f0..7....uv:... ...p.......(A..A..Eo......^............A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5119098391edcc42_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	160104
Entropy (8bit):	6.351493595586021
Encrypted:	false
SSDEEP:	1536:5nIsbyCr5o+KS0YcoERh/aa1zKIfQxBcJKLnEh4mTMidH4QMdRo6HMzjwhsWlWqs:ZIsey5ok0YVEn/eIC6KrdC2zRoqeCap
MD5:	A67E5F922B5BE82A3842C8284775E67E
SHA1:	0AE2B65A23EF9E5444B39473F4DC88D427F97209
SHA-256:	2301C18A0C016799FC9CDCC4C677FE7D53B6C0E20F1BDA923B3A5D2B5432A731
SHA-512:	E2056011978932561C524463B72F68F253D800565F1361656C9CB012A8F8B29F0CF925C37B8C45C32F6FE92EEA9F35036E7ECA866F4A223F36696A3609972DA6
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...........F477AF845F3E2968ADB3F4D4BC973553C4A739697EF719627019E17F56FFCA09..............'..g....O)....o....F............8...@...............................................@...................................................................h........................................(S.H..`L.....L`......Q.`b..\|....MeControlDefine...Qc.%......meBoot.......`......M`......Q.@^.......exports..$Qg"..R....@mecontrol/web-inline....(S...A..`:8.......L`.........Rc..................Qb..\K....w.....Qb./......c......S...R....Qb...L....p.....Qb.^ls....S.....Qb.......T.....Qb.......d.....Qb&J i....e.....Qb.Zdq....l.....Qb~.D.....r......M...Qb..s:....n......O...Qb.:Y.....U.....Qb...M....F.....Qb.[.q....f.....Qb..R.....h.....Qbz.2....._.....Qb6~-.....P..........Qb..m:....m.....Qb.0......C.....Qb..8....R.....Qb&.'.....N.....Qb>.......D.....Qb.~m.....o.....Qb.X.p....s.....Qb.......x.....Qb^23.....y.....Qbz.......M.....Qb.......k.....Qb.6w.....L.....Qb........v.....Qb.\(r....I.....Qb...

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\547db41b413d52f1_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	282
Entropy (8bit):	5.61539768617887
Encrypted:	false
SSDEEP:	6:mXYGLTDQyKfZ+OsFRzh+UXVZOfzKDYZVBlZV+kqK962Sm4JuFDK6t:yDQLsFhh+UF+KDmlZV+k596jmbL
MD5:	17423BFF6ADF0CC12E91F0AD8B4110C6
SHA1:	BF8909FD9223CEDD494D2DF868A13BEAF1F8F61A
SHA-256:	BAE359F2733C2088ECA89296CF06C082FEB15E07499FE33F7F437B2EF6567238
SHA-512:	5E062AEF0C573235795FF6CF26E03A42C330DE6D3C2013B00CA29216EFADC6BC21302252D6411D39B2D46D57648D38BECBE1522A33C12A31A95BA5E50A37C035
Malicious:	false
Reputation:	low
Preview:	0\r..m................._keyhttps://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/78-6f121b/94-3cd1e0?ver=2.0 .https://microsoft.com/=a;.../..............S.......!.$\|p6.g..OG."A....-.o.d.3).....A..Eo......>..<.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\54f9d5181c9e5945_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19434
Entropy (8bit):	6.00752335406911
Encrypted:	false
SSDEEP:	384:wxwpHPxKk+u6H1cwJvB1eFS5GWd6IYgR8qKvaP:t6fK1WUIhKW
MD5:	B35FEB14C8B91A65732F64C6DC682490
SHA1:	4F1E0C950FDB816EFB49CFFC2E4C33EC2B7907E0
SHA-256:	F7EA6C236C1A78F1BDF6F7068C88A134B00C6ABFB219378C7DC5733F7604DC09
SHA-512:	FAC9C6279CAA546EE92EBCBBC897CB4469C1B86FA1F7EC706BE120968DFA544ECABC4B4E02C99BD8D489B15F05741A04C9580648CA9A4E4FD7D3B904BE964C97
Malicious:	false
Reputation:	low
Preview:	0\r..m..........Vs.)...._keyhttps://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/bb-d7480b/db-bc0148/dc-7e9864/6d-c07ea1/9d-b58f60/f6-aa5278/cd-23d3b0/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/79-499886/7e-cda2d3/69-13871c/b7-0ad59f/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/17-f90ef1?ver=2.0&iife=1 .https://microsoft.com/X..../.............8........(..f!.`....U..v.....-.......A..Eo.........+.........A..Eo................................'.z.....O.....H..!...............(........................................(S.0..`......L`.....(S....`.......L`.....LRc".................Qd......requirejs.....QcJT......require...Q.@..t[....define....Q.Pf.)C....__extends...d....................I`....Da..... ...(S...`......L`>.....Rcf..........*.....QbV.......n.....Qbz.......r.....Qb..8....s..

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5db4ad138a5b020e_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	343
Entropy (8bit):	5.604244189201694
Encrypted:	false
SSDEEP:	6:m/HnYbLjFCMufXA8rlN7dJMz0sphQNp4XI2UMtv11L0okTQquPLr4nK6t:oqnfUxPSf/CHMtvDX0p
MD5:	E2FB15834319D0BDDB0FD9EB0117D8B0
SHA1:	A12ED9BA391AE0593895FFD2B4AFDA5DCD39D971
SHA-256:	2A66737E7F6B9E3FA81B12CE34902E8F967328C361F8678E93599FF6C1166626
SHA-512:	BEE67A05C96C8091376144A5EB8F65380E74054E84E2AB3C2761512D8D4BF02123E419131A65C59B5BEB4F0CF5B455101CFA16EA229C8DDC28DF0E84FCCD908A
Malicious:	false
Reputation:	low
Preview:	0\r..m..........{Z......_keyhttps://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%3A%2F%2Fpublisher.liveperson.net&site=60270350&force=1&env=prod&isCrossDomain=true .https://liveperson.net/f...../....................Lju.~.T...h.....O....l.,_k4\|B.A..Eo.......p...........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\61e37b71e9213753_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	94840
Entropy (8bit):	5.788332599339689
Encrypted:	false
SSDEEP:	1536:SWIjlPQUNv0nirZDGil8l/xzcxPIYi6u9GEhKhXGfCRBwwyv:eP/BZlqJAHhubhWve
MD5:	6D6F77D0C30EA106122E26F720E6ED63
SHA1:	D9C40B32698C5C1DCA6618EB52EBA06A7813EE8C
SHA-256:	9C32531D79CBFC876FC97279EFEC43BA6FB6B5687E1741107BE5FC43275FF026
SHA-512:	2134166EC81A68BC80CE3FBBF9FA1B55B590EF4A7CAD46F551B682AF8C3C53B903E2FD56653E95911479ACB4F29F43DB61A0DA317DAD1EB4DBBE56B192C0B2E3
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...I..2....6F9FE219DC60DFC20BFDCD8B968560D178B45EE3FF43B96AD00A716B2300D7EC..............'.wr....O"... q..<..4............................@................................................................................................................(S.4..`$.....L`.....(S......`.:.......L`.......Rc...................O....M...Qb..,.....cy....Qb.......cu....Qb........ct....Qb..7....cs....Qbf.su....cr....Qb..2.....ci....Qb.......ch....Qbf@......cb....Qbfv.\....ca....Qb........b_....Qb.O.K....b$....Qbr$.5....bZ....Qb.%V.....bB....QbZ.\.....bo....Qbv.qf....bn....Qb..8....bm....Qb.!.4....bl....Qb........bk....Qb^N......bj....Qb........bi....Qbr.b.....U.....Qb.-!D....T.....Qb^..p....S.....Qb..c.....K.....Qb.._/....J.....QbF.\|.....n.....Qb..g.....m.....Qb.w^.....l.....Qb.<X.....h.....Qb........c.......Qb..!....d.....Qb..A:....f...........S...Qb.Q.V....j.....Qb........k.....Qb.)r....o.....Qb:=wL....p.....Qb.L.....q.....Qb.mP.....r.....Qb........s.....Qb.w.i....t.....R....Q

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6686b0c92e7fc912_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	362
Entropy (8bit):	5.8604416698838975
Encrypted:	false
SSDEEP:	6:mi6EYL8vc7ZALSRTkVD8v7+AZ2p74fpnK6tH8gqhBBeTj/bTTBRp74f:v670c7ZZTKDYK82expN8gso3bm
MD5:	32574CBAB381DC136D89171C52449B4D
SHA1:	38FFB96F54B1765C142CC3EC4EEA9F31637FD86B
SHA-256:	879EE53EDFF845B12DACF43F1341AB876022323EBF9EC088C20DA4656F660BAE
SHA-512:	747167CCC8BE28AD8E214FC47F098910FB6518DB00AE0253060E9F6E916D91A456084B8FFB4C4029A6675F21011018A4A343F83FC25AEE9D8F3A31A923A09A0E
Malicious:	false
Reputation:	low
Preview:	0\r..m......b.........._keyhttps://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.js .https://microsoft.com/.RP.../.............<V......L....^>.....#(....S..t...^...4..A..Eo.......W`..........A..Eo...................RP.../..p..F477AF845F3E2968ADB3F4D4BC973553C4A739697EF719627019E17F56FFCA09L....^>.....#(....S..t...^...4..A..Eo......M...L.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6911ce7d6805bcdf_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	335
Entropy (8bit):	5.703668702873085
Encrypted:	false
SSDEEP:	6:m0QtVYcBB8LjFke/BDWDQIC8mKVmLPVL7VNvBYu6RJDlM3dn8hK6t:JQynN/hWDxC8mTpVNvye87
MD5:	37CD80C2997F5140CE6C420705FD8884
SHA1:	31263AC6DE986F31ECE57D4E1F2274CB46E9EFD8
SHA-256:	4BF73543FDB8092E7C436C1A6582AA8F8509687B60396FFBCEA223A2EEA5B848
SHA-512:	68814C580A12AFF511784BD68D72C9CB42E8E3A31C1CEDEB602D2C9D358979CC7065B9E1A9BBFD8A2439A23A93FFB37299311EAE4D00BA6BA23DAEA283B25587
Malicious:	false
Reputation:	low
Preview:	0\r..m..........@.J....._keyhttps://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/campaigns/1644274130/engagements/1644512430/revision/16263?v=3.0&cb=lp1644512430&flavor=dependency .https://liveperson.net/.=..../.....................+G.^.A..`.B.H......./.$...o*....A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b848a87f40dd230_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	418
Entropy (8bit):	5.526877510138056
Encrypted:	false
SSDEEP:	6:mewXYWFW7RPAvl/Nh6AqnMNZK6tWewXYWFW7RPAvis0Nh6AqnUlhK6t:yW7RPAvDh6AqqToW7RPAvwh6AqUN
MD5:	33CE2426C9168890B6CE5F039E7B53F3
SHA1:	318C538F3CDBD5A704AAA9F0C0946DD8039D7CD6
SHA-256:	4EA646BA26EDA69B422BF26A1907477EB92C2428133BD69448DE214C15EC87F5
SHA-512:	AA63E4D5C5110326570FBD5B77E737CCFE677EEA16D117EEBD0CC2C3C9A8F574586D1101EE90D2EF09193DE0B22C3D71E132F0546257A9FC3CD430F4F2B41DDF
Malicious:	false
Reputation:	low
Preview:	0\r..m......M....ZcW...._keyhttps://az725175.vo.msecnd.net/scripts/jsll-4.js .https://liveperson.net/.?Q.../.............{V......:....XJ.2.x.b....K .ZQ...Cj..T...A..Eo......x?*..........A..Eo..................0\r..m......M....ZcW...._keyhttps://az725175.vo.msecnd.net/scripts/jsll-4.js .https://liveperson.net/dq..../..............t......:....XJ.2.x.b....K .ZQ...Cj..T...A..Eo......;............A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6e2aa2cbfc56c1a0_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	572
Entropy (8bit):	5.49480881817481
Encrypted:	false
SSDEEP:	12:2DQLsFhhBoK7uCOXUDjNC1Ngw9jMuwe9l1gKDLez3h:2/hHKCOXUDRCrMuFpJIh
MD5:	04497C81564C35931C5FF6BC3DE57FAE
SHA1:	29ACBCF64ED3F4CBF4FD855E2D54CE6382F64255
SHA-256:	C5AB9E5A4CC2841D595358BD8CCB05C42EDF9086868C3E8FE7C702FA4C9BA065
SHA-512:	B7E3EE3949BB3F97FEC8013826113713577197304886925111DCCE700B38A83082112833A63EEDB1C437D3E512A7DD9A1F4050202AA309DE6D44D5D70113660F
Malicious:	false
Reputation:	low
Preview:	0\r..m..........B!._...._keyhttps://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/2f-63ce8f/45-f9a0d4/aa-dc1460/2d-7a9063/dc-7e9864/4f-5115f8/7d-266f10/4a-abd94b/6d-c07ea1/9d-b58f60/f6-aa5278/cd-23d3b0/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/f8-73a5f2/79-499886/7e-cda2d3/69-13871c/b7-0ad59f/91-97a04f/1f-100dea/33-abe4df/17-f90ef1/e3-082b89?ver=2.0 .https://microsoft.com/v.:.../..............S......+.K.6.y...QD....PI..*WYp...z..A..Eo........b..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\70666ea15d0f9e6f_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	268
Entropy (8bit):	5.612837648827892
Encrypted:	false
SSDEEP:	6:monYcBB8LjFke/BDWDQICW0ZSVCSdUMNvqhWRqlvOvYVK6t:MnN/hWDxCxqCStvaWRG
MD5:	AD5BF0FA72D7A448CF89881D781EE1D6
SHA1:	A00DC39220037CA2B684D6D53629DAB1706103F4
SHA-256:	1D979B147D9F7479647A452B38D8AF3E48534EC4B50895D02293E4B7EF8B35B2
SHA-512:	893021024D93EEFC9DC3BD1EB0F2733B9D5DA46D1A2002C8FE18D7362A0AA835EE576B5A6368ABBD60AF09E90BAA9ADEFEDF2018659908FF39C2D99B5EC8FB7F
Malicious:	false
Reputation:	low
Preview:	0\r..m..........(,.c...._keyhttps://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb8984x10584 .https://liveperson.net/Lb%.../.............Y.......t3.Oadt.........+.M...._u....0..A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\72090e93af2b3d0c_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	576
Entropy (8bit):	5.69700395031385
Encrypted:	false
SSDEEP:	12:ICnN/hWDxC8mxHvWwsBCCnN/hWDxC8mxHvYXM:zN/hWc/SZN/hWc/7
MD5:	823918CF363E0B52AA0381A82D9CE404
SHA1:	4EA04AE51F51CD500EFB4F4B14C54B6D5AB050FE
SHA-256:	829B88441CDBD2AAC0F1AE6548D50C9DD528A938DE4C4F845CD2065636666B06
SHA-512:	8D64B73EAA63FF988743D7D96EB81BF937451D207FC4A1716E41CD8AE3B416637D46CD56ADEA421A080F08E5FDC4398BE8E78A7823442C7433C65ED1F6A07C17
Malicious:	false
Reputation:	low
Preview:	0\r..m..........".C....._keyhttps://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB .https://liveperson.net/..%.../.............Y......@...u.RV.%.b...k..,V......... ..A..Eo.......{..........A..Eo..................0\r..m..........".C....._keyhttps://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB .https://liveperson.net/M^..../..............}......@...u.RV.%.b...k..,V......... ..A..Eo......D.`..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\781980b07f1bb38f_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8256
Entropy (8bit):	5.482643453060915
Encrypted:	false
SSDEEP:	96:FWxKUYsfWcNx/GDOWCXBlKvTdtF3EWtnKkF2YEjoltm+1XPKBhovn/r4Ef3ya0W9:YxbYsecNl9txl2t+wnuYE+m+V4hET4S
MD5:	7E6A6B9062A152514122B7C281EA9D46
SHA1:	5C35F2568A2390E865900DF05B395E842D3AF224
SHA-256:	CF520A25A924053487BB5FACF1BB4B4D4BD73439AC59D62D4A8C239E5BB8BA5B
SHA-512:	6CAA6B05169FC79DDADC752D04C64A1260A99A5A8C915B575CE6B54D4FBFE6B8B34F70305DDE7EBE654AC74692440DDDA47867F9273E03A6ECABAFE0633DBE44
Malicious:	false
Reputation:	low
Preview:	0\r..m......x...0.v....._keyhttps://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=1a053411-4f63-d069-d3b8-11d5d720eeb4 .https://microsoft.com/...../....................5...a.....S...s5.O..8O....F$.\|3F.A..Eo......5h.q.........A..Eo................................'.......O...........;.....................................(S....`x....dL`.......L`.....(S.....Ia&...m....,Qi.t.%....ShowSelectedComponentKeyPress...E.@.-....hP.......\...https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=1a053411-4f63-d069-d3b8-11d5d720eeb4a........D`....D`....D`..........`>...&...&....&.(S...Ia..........Qe.3x.....ShowHighLight...E..A.d....................&.(S...Ia....(....,Qin.Pd ...SetRightSideNavigationMenuHeightE.d....)...............&.(S...IaI...M....$Qg65}f....SetRightSideHeaderHeightE.d....!...............&.(S.....Iak........ ..f........................u....$Qg..)....ShowSelectedComponent...E.d.....................D&.(S...Ia....9......d.......................e...........-....-.........Qd.3.)...

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7942e8431cc54099_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	236
Entropy (8bit):	5.570951377971377
Encrypted:	false
SSDEEP:	6:mUu/lXYEX9IVkGRUwKQV7+M/qwGlA+sS4AlJAlK6t:K/lzXCVkkrKQVXqXlSS4AK
MD5:	65A19792845D105A9CDDC5D18EEA75EC
SHA1:	33356CEC990553A47B01AA29BB4AEAE841FF1B81
SHA-256:	788A73679C2241EEBDF0315CB7FA4069C42570BD5B03AE3E61AA63EF1331AF1F
SHA-512:	608A344B3593B66514027DA7800BFAB21FBFA985A32519F127F6E6A6F1D6D0964983947FDE7E30C250ECF230B87FA9A9362A9049D972C56501F1C4B8E4D0C517
Malicious:	false
Reputation:	low
Preview:	0\r..m......h..........._keyhttps://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf_viewer.min.js .https://box.com/3 .../..............x......K.....q.............(..:@2%.3.A..Eo........0..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\797fa4f8af1d2794_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	208
Entropy (8bit):	5.456500221123237
Encrypted:	false
SSDEEP:	6:mG2lVYEX+q91hruSTj9X2hYCVp3RM9k4xzbK6t:AlNXDhp12hYCzRdUN
MD5:	372BD4890698643245B4BAE1CC8DAA02
SHA1:	F5C415B02EF5E58BB0EBB58083760D5C059C55D4
SHA-256:	69E4E7FFCA3F7111FA6E8FFF4A3915891340045DAA8A4B34778FDB894DC1BE81
SHA-512:	9BDFF7961189FAB14FF116D23ED1AAA2A59DBB73D7797457D165424A84535C65EBDB3C259FC66DF36C03C13D86458825EB44F1CB004E2D25B8E6F9B6D7E49751
Malicious:	false
Reputation:	low
Preview:	0\r..m......L.........._keyhttps://cdn01.boxcdn.net/enduser/runtime.d2e7dd59de.js .https://box.com/E..../.............q.......q....2....z.>.@x.)..@.t...t..A..Eo..................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\80eb0239399151b6_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	230
Entropy (8bit):	5.579173842415287
Encrypted:	false
SSDEEP:	3:m+lWH5lA8RzYLLI2P8aPAEWVO0sAIsUVDFYtRh+NlHCYXtlICAbLA9k5mrtpK5kt:m5XYL8+PAEWVOdD2Dh+y6te0+4rbK6t
MD5:	DEEB1BADC908FB6CAE7C28A679BD4833
SHA1:	3B42C089B4B142C1F3DFF83F88D41E61EFA3D08E
SHA-256:	B6C79EA756C85B9635FB589AA4B971957C9D1E6AD3ABC50CB8D77FA0CF26D8B8
SHA-512:	B917AD30030552CB1823FBCF0020A2DBCBBF7913D67FE4FE3FC5862C77CFCF98136911A2F53905C571AEAFC7D37FE2D606AFCD55602C9F8A4266967AF53EB1C1
Malicious:	false
Reputation:	low
Preview:	0\r..m......b.....)L...._keyhttps://mem.gfx.ms/meversion?partner=officeproducts&market=de-ch&uhf=1 .https://microsoft.com/...../..............r......IFD....V..$..Cvo..'.....\|....A..Eo......g..}.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\80ff980fb7d90a4c_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	73216
Entropy (8bit):	5.689420793998541
Encrypted:	false
SSDEEP:	1536:T6GgGpiMIheFoceBkUq6L0z4KjPJXzzZImtNAzLwRwJpkP5xYi1rMQtcDtdsYqOg:TQRy
MD5:	AD23CE3ACB08614F65C06F23BE3B5566
SHA1:	AC75EAAA8E264DAB58E6D4AC50A4B41C59231314
SHA-256:	AFB5A46040D80231B3F4DE604720F33F896AFAA8E04742817140FFCD3B08D5C9
SHA-512:	BE534788597898024BEC2B5246A0B96B5B6A61ADC3AC260DF0E4023E19E2B63FCFF614DC511A1342BFE2FEA0FE3E07B58E37AAA78392613189717D6888D81458
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...\|.......6BC30A984CDF1F67809A191E60D0A7B31924C57733A553354CE2EE79A87D2B09..............'.......O........\.^.........................h...........l........................(S.H..`L.....L`......Q.`b..\|....MeControlDefine...Qc...s....meCore.......`......M`......Q.@^.......exports..$Qg"..R....@mecontrol/web-inline.... Qf.G......@mecontrol/web-boot..(S....`&....}.L`:......Rc..................Qb..R.....h.....Qb.[.q....f.....Qb~.D.....r.....Qb.......d.....Qb.X.p....s......S...R....Qb.Zdq....l.....Qb........v.....Qb.......k.....Qb...L....p.....Qb..s:....n..........Qb.~m.....o......M...Qb./......c.....Qb.^ls....S.....Qb.......A.....Qb6~-.....P.....Qb..m:....m.....Qb^23.....y.....Qb.......T.....Qb...O....E.....Qb.6w.....L.....Qbv.NL....O.....Qb...M....F.....Qb&.'.....N.....Qb.:Y.....U......O...Qb.\(r....I.....Qb>.......D.....Qb.0......C.....Qbz.......M.....Qb..a;....H.....Qb..*.....B.....Qb..\K....w.....Qbz.2....._.....Qb.......x.....Qb..8....R.....Qb......W.....Qb.0T\....z

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8591e0c5755acc61_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	279
Entropy (8bit):	5.560494417108964
Encrypted:	false
SSDEEP:	6:mCnYGLTDQyKfHD40NKM3IGRWm8SIyDW1VTo/hgubD9OcFn4RK6t:PDQjDBl4mxIyDB/JPs5
MD5:	25C4152B0E04DF6105315B4484996852
SHA1:	513FAF43BC52D4742727F8DA95FA3C3197136FF1
SHA-256:	7750C73161C93F37491B8B08723023160EFB87B5A5207E552734EE4FC855F4A7
SHA-512:	EC04C0CC32792AE0E3F59C6EEBBABB92E38FFD2826544C8FC541508CFA6A0381A7AAD0867786920AA976C493EE13533F6C463527E93C693EBF053F73A1B09736
Malicious:	false
Reputation:	low
Preview:	0\r..m............`....._keyhttps://www.microsoft.com/onerfstatics/sfwneuprod/_h/46c44584/coreui.statics/externalscripts/jquery/jquery-3.3.1.min.js .https://microsoft.com/.5\.../..............p.........L*.K.u..w0._{..+.,....gw.R4+.A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8664dce38f69ed75_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	282
Entropy (8bit):	5.520356692732512
Encrypted:	false
SSDEEP:	6:mLlPYGLTDQyKfHD40NKWQRWdAHIyDKyH/l/iB4RNssvP4KZZK6t:AxDQjDQ4dXyDB2CCstB
MD5:	85F0B6A656A4604919F4F2A38292DE14
SHA1:	CBE5C19582593BF3B63951A5C31DEA24D50BBAE5
SHA-256:	ECEDC327BC96EA2304F42E500C303AA5032BB71CA377DAADDE15AC70A83BF319
SHA-512:	36A75295F19D0783F73F482091BC344D7FAEC2B7A4E94C1F7563583A72353A0DF0CC05FFD865BBCFE0B0759CAFA3F761C66A76BD501FFD7F7EE15C594C327C86
Malicious:	false
Reputation:	low
Preview:	0\r..m........... +....._keyhttps://www.microsoft.com/onerfstatics/sfwneuprod/_h/38e1bbbb/coreui.statics/externalscripts/react/16.9.0/react-dom.min.js .https://microsoft.com/zv..../.............Uu.........v.$.q3\|r].....d.....nP......A..Eo.......]..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8ae12a936f63f6c5_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	224
Entropy (8bit):	5.583370937681548
Encrypted:	false
SSDEEP:	3:m+lUPvIv8RzYEy9IR8fNICAX9LBiH3kh2tHelHCHE/S4nEZ7DoZvcK5mUlllpK5M:mtIEYEXgNIDX0O2tVkpw7DoN748hK6t
MD5:	1A504CE927913FEAFE8AE0548B70F9D6
SHA1:	2059A4CC61E3B02C0D7DF73E21AFF221719635C5
SHA-256:	D6375649D4B804BA3AE1546C4B8859EB490B90C11E38DC2FAE1EA45E062EF169
SHA-512:	24EC1D5231D344BFD80A0420CC104FD5F9AF1026751FCBB0B64F7361CCDADD1274D9B9D9BE5E10C08D19FA5B97D00972FABE02630ABAB93A9A73346AB71184D3
Malicious:	false
Reputation:	low
Preview:	0\r..m......\.....'....._keyhttps://cdn01.boxcdn.net/enduser/uploads-manager-enduser.550cb33944.js .https://box.com/...../..............t......#.2.M.6...T.#..i]...u..#...].....A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f3c2e2c260a7099_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	350
Entropy (8bit):	5.85459888122082
Encrypted:	false
SSDEEP:	6:mXYI4McTDsJegDPARk/C1TrlE6//hK6tANmjkH0hJukXncHVTrlEl:e+TDsYgDsk/C13fTayh8N13W
MD5:	C81CA1FDEBFA2419A640023FF36CC047
SHA1:	3AE27E42E4972EA82FE370C4D0E9584E2AEF1D75
SHA-256:	523506E2C5A6AEE4BE0F9D2633491BA1CD0084694140E3E482D250E35EC7C7EB
SHA-512:	2CCF6DD2E284FE49E5DA58B09CB4AF44C36CECF155DF3392F528F23B50252D1C74BC3B11A2E2DDD894E9A75AF611D7C0CB837B3D213D381D8811EB67AFBB2794
Malicious:	false
Reputation:	low
Preview:	0\r..m......V...\|.L\...._keyhttps://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js .https://microsoft.com/...../.............4...........<.S....l....\.W.U\..E?`..r.A..Eo...................A..Eo......................./.p8..9BC2228B4F5D9AD3ADDD1683FDCB1785AE9646F9928D1587FC1B24C135072B8B....<.S....l....\.W.U\..E?`..r.A..Eo..........L.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\96ebbaf5295dd8ee_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	104456
Entropy (8bit):	5.793837073121777
Encrypted:	false
SSDEEP:	1536:QOFtLCNypCEHwOGWCeyN5sJlTkhoPPRQe0eNqHPYtZyjUj0zOSj+qkqn:HtvTaW7ywJl4uj0VPYjaUjMLj+Dm
MD5:	C1FD1962BB64E4AC0DB9C8D0E7647EE0
SHA1:	7C3E1776AD4E533D676758491ACC22EE4ED0DAE4
SHA-256:	349E77B93C53C7A5563BD96A2406A0298C77BF0682FEB8B853179161D8FB25DF
SHA-512:	35F7FF5609BC3AE2FA6EC4FBE798EBB43A4DCC85CB504ECC6377F0136EB2CBDD0F45F6DE07B69AF2AEA0A6348C537538E9272603AB54B4CDBE74FF993B73C1E2
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...].......67B3F0D5859D8C80F7D4821AFCCBB3DB6BA4E86CA5992C9436B9DBD17981370C..............'..v....O#.......E...............d....&......................`............................................................................................................(S.H..`L.....L`.....(S.p.`......L`.....0Rc...................O.`....I`....Da....N.....Q.@......module....Qc.0......exports...Qc...P....document.(S........5.a...............a..............a...............a............a...........Pc.........exportsa....!...I.....@.-....HP.......;...https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js.a........D`....D`....D`.....]....`....&...&..!.&....&.(S....&..`8M.......L`@........Rc............8......M...Qb...,....c.....Qb:..a....d.....Qbf.5.....e.....Qb.i.....f..........Qb..h.....h......S...Qb6,!.....j.....QbfB86....k.....Qb..t....m.....QbZ.4.....n.....Qb.......o.....Qb........p.....Qb.si.....q.....Qb.X.A....r.....Qb.7m.....t.....R....Qbw P....v.....Qb..y.....w.....Qb6T

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\995062b5124845c1_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	230
Entropy (8bit):	5.550521275172751
Encrypted:	false
SSDEEP:	6:mqPYEX9IVkGRUwKQV9ly9tBEo6EX4A7DK6t:DXCVkkrKQV9QtBEqL
MD5:	98165FFAD49F251F2B2469949DA8D1AF
SHA1:	6B325E61A19CD473FBC979415113B73E7D8AF242
SHA-256:	529277B514FDF5480E47924B364BB06976B550969E4DF8CB1C60F43F576AC3C0
SHA-512:	0063081BD92B07044C61C3BD0EBC96C7B4816CB794B9B55DEC6F24663480AEEDFFE591C4E01B1D457CE31BE03B82A26BD3D2ECF818858214CBC8C36818D09B55
Malicious:	false
Reputation:	low
Preview:	0\r..m......b..........._keyhttps://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/exif.min.js .https://box.com/...../..............x......qG`f.%f.......#6....)..*...{M.A..Eo.......Z0..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a0b7df272ed92c6_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	276760
Entropy (8bit):	5.581148121713888
Encrypted:	false
SSDEEP:	3072:xIgUAovcZbf7WITyan2gQvbrqaMyiE/cEjjTxBIw/jZAbGtqxYt9UYs1Rgp3vuhG:x9MvGZH2gQvPZyGtqxYqYKgNX
MD5:	D1E4E04AE832BA1DB4DFF14D890D4F8C
SHA1:	A79394BEAEF7A3A0A33F07FB785C343CF4FF3FA5
SHA-256:	1F702784ECBC3F075B16FF9FFEF508C3DC945B423D61E10F761C5C8A4946E08D
SHA-512:	A34AD6563A2C39173ED6AE18B53116D717A84BB66A9976BABD6205FB0B34443CE72A511DEA28F18D873638C946547283E05EF81E6273A2D201B2F8F8F3017612
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...........9BC2228B4F5D9AD3ADDD1683FDCB1785AE9646F9928D1587FC1B24C135072B8B..............'.tT....OP....7....p.................\....%..................................(...................4...........H...,...........H...........d...............\|...........L...L...............$.......$...`...,... ...\|.......................\|...............$...............p...............p.......P.......(...........$.......\|...8...\|....................(S.`..`\|....$L`......L`......Qd.FI.....WcpConsent...(S...`.....LL`"....@Rc..................Qb.Y......e......M....S.b$...........I`........a....F....(S...`......L`......Qc2.3.....exports..$..a.........C..Qb.w^.....l...H..!....a...........Qbz.El....call......K`....D}8...............&.%.......&.%...&.(......&.}...&.%./...%.0...'....&.%.*..&.(...&.(...&.(...&...&.'..W.....-...(........,Rc................`....Da\...T...........e......... P.........@....@.-....HP.......:...https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js..a........D`....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a5575bef7c495dc_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	292
Entropy (8bit):	5.58491586911499
Encrypted:	false
SSDEEP:	6:m0iYGLTDQyKfZ+ONNKM3IGRWm8SIyDjXZU0Jf375K6t:D6DQLjl4mxIyDuM3X
MD5:	2A97B1C965B3E92416C6A0447CB22011
SHA1:	96D7783B48B9A0B6BF067889196250243B0189E2
SHA-256:	D3F17167905E94A49F6FD6B88F9042125FB1E65C57A5FE1807256BAC08BDA316
SHA-512:	E72F5E48D78716248DBC7434FB11672235F4E5A96E774BE2A185DF892362C912E81F3A0C2BD54A2AC2E0CEE3DD7B192B209E47ECDA17EB6C2A8549D66690102E
Malicious:	false
Reputation:	low
Preview:	0\r..m...........k@....._keyhttps://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/46c44584/coreui.statics/externalscripts/jquery/jquery-3.3.1.min.js .https://microsoft.com/Qy<.../.............2S.......'\|.....C..j.,c%X.i.Y-....F...N.A..Eo......9............A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\abdc685a78475b47_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	203
Entropy (8bit):	5.458934900478523
Encrypted:	false
SSDEEP:	3:m+lty8t6OA8RzYP2FycyG8ZFvDYGDDUCv1lHCosyEsQ9fjT9kRmSGlltpK5kt:mwF9YeMggDU9oxEsQMAzlZK6t
MD5:	2F31DB00A183B151A0C127BAB47E0CA5
SHA1:	39862BFF71F3FB52AEAD5BC80987B33DA0FFC3CE
SHA-256:	87D2D974FC71EECEC3581E3CBADAD37059CE91627D12626F5F15FEC6E977D2ED
SHA-512:	865AF406B82E8EF100D9B02B6D4383CA756F8DCEA3EA19632F6A1F0D405D27B2A9B3F888AF21688F3918642B787F7BB5C86DEEAA05D5195BF66A9D6A6DB49105
Malicious:	false
Reputation:	low
Preview:	0\r..m......G...)..q...._keyhttps://code.jquery.com/jquery-3.1.1.min.js .https://frazeeincs.ga/..t.../........................j.....B........DK..~...}.6.A..Eo......Cn,!.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\afeff5379e0ef8df_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	216
Entropy (8bit):	5.513241924299528
Encrypted:	false
SSDEEP:	6:m2qYEXNl/60V8tCVF1/iwc0XwZJpK4HK6t:T2XNl/dV8G95c0qJp1
MD5:	D31C5F4E9B0609CB2774831C4A80E3EC
SHA1:	76FCD284FA41CD6E333C3E380ABAF7B41303D2E1
SHA-256:	B4E133969733D30C593DE08758AE6070079949650CF4C1595F22B026223B0C91
SHA-512:	5910D0B6CEDE65F7AD4F0464A2F87E6618B2F721284F1AA97A5A79850A79E94D3F324E4952C19C2B0B6160FFAB6547256A1148171397B9E89126D3B298287A3D
Malicious:	false
Reputation:	low
Preview:	0\r..m......T..._2.c...._keyhttps://cdn01.boxcdn.net/enduser/content-sidebar.603f77ac19.js .https://box.com/...../..............w.........B*....s(..8..ErU..{'..B.K..K..A..Eo......+.W(.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b19547c352ea14c9_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	212
Entropy (8bit):	5.593222992536451
Encrypted:	false
SSDEEP:	3:m+lQ5a8RzYEy9IRaEU+9Jx6Wwh1Q7elHCmklsMpdzrEFuHP5mTcb71pK5kt:mTYEXPU+9/6WS671mVMfrEq4TAK6t
MD5:	B112209E0FCB777D7B3270314FDFBD13
SHA1:	41D6CA988DE05C658414E9E493C4CB4120960D63
SHA-256:	D8F1ADEB49FC709830099D4CE8EBB9DBA6A3C3C4A5107D8D98F22C086FD01241
SHA-512:	CAC53A4E34EC4201087F67AC599422E273DEAF65778E0C8A4E657EC78CA32728522688621552A345A09ECB1538EEC8D8AC92F41BFC0A9E8CF2B30C8B5FC7FD45
Malicious:	false
Reputation:	low
Preview:	0\r..m......P....DH....._keyhttps://cdn01.boxcdn.net/enduser/shared-file.46db0528cb.js .https://box.com/...../..............t......B......'F..F.......m..yQK'.f..$.A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b39677565858f372_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	231
Entropy (8bit):	5.590860717541398
Encrypted:	false
SSDEEP:	6:mFPYEXtUY+902Isko1MkT0W0p9ur58RK6t:4XuLdbHOk9gutg
MD5:	B60B5AB05D59FD3C9B44D695444F7918
SHA1:	1446154C281E56A118F9EAA6D227F4C2DAE1D5E9
SHA-256:	41A009642C33F39C21EF609F7BD86D22A06A7C50B486FDE5CFCFE071FC362D31
SHA-512:	B888D6872054C85192A05C062893E01953A80045FC21EC74EBB62C6CC8577CDE849E7E5DFB831E8C49BB9025F720E97A3116C640752BD0AD52836B3C93DA8A21
Malicious:	false
Reputation:	low
Preview:	0\r..m......c...].4u...._keyhttps://cdn01.boxcdn.net/enduser/preview-components~shared-file.e9b47bc810.js .https://box.com/...../..............s.......C...L.Nb;....6{.a.7.k&.n=.,...A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c8f9d658f8dfb068_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	795
Entropy (8bit):	5.25591774663574
Encrypted:	false
SSDEEP:	24:YEeh/0CXOXXcaDRCrMuF8m6PVrx3hbK/szGU:YV/dXOXXcalCrMuF8D13taHU
MD5:	E38C8825C3D22FE6AF44C63F2302C950
SHA1:	DBEAD1FF60266CFA3F3690F01FC9465F3CA7ACBB
SHA-256:	421F6A8FFD698ED11BDA7ADD8424D7BD4B69D4BD3C3C74F063F1739CBB7A2B1A
SHA-512:	523C440DD68224B205A3CEF54351CE8CD8226331DA1645DE72D7E0952F8628EC730106A5B04A9247F5E9E316438F44E2404B53B995BB317A7CDA6A129F73484C
Malicious:	false
Reputation:	low
Preview:	0\r..m............>....._keyhttps://www.microsoft.com/onerfstatics/sfwneuprod/store/_scrf/js/themes=store-web-default/ae-084bea/aa-1248ce/2f-63ce8f/3a-2cfbda/12-f9cbf0/aa-dc1460/2d-7a9063/8b-b7e929/69-f75c22/dc-7e9864/4f-5115f8/7d-266f10/4a-abd94b/6d-c07ea1/29-1ec5a9/f6-aa5278/cd-23d3b0/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/f8-73a5f2/79-499886/7e-cda2d3/69-13871c/e5-08f1c0/91-97a04f/1f-100dea/33-abe4df/17-f90ef1/e3-082b89/81-ae39b6/a8-3a01bf/85-7f00e9/92-472ffd/b5-2ea3f0/8d-0acd9c/7f-25cd1c/89-6a8c66/5d-dd8b2c/50-a5159b/3b-2de93f/3d-9828d8/7c-3f8eff/27-934839/d2-73560c/ad-d68a50?ver=2.0&_cf=02242021_3231 .https://microsoft.com/.T].../.............9r.......m..TP#.V.... .&.@...]M....Z..A..Eo.......{9..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ca20021c8b2bf9b0_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	219
Entropy (8bit):	5.583459777233853
Encrypted:	false
SSDEEP:	3:m+lPHa8RzYEy9IRtU6KIcEQKVRhHelHCCSbdqfX0v3UmQb/lpK5kt:mOYEXtUznE1HVvh+X0v3/eK6t
MD5:	453C98588E04F54871B94F722DF33CB4
SHA1:	3645E47EC12BDD0CE27B873BA019C1D6897F6FE4
SHA-256:	3E317A5BBEAB19AF9D1661F51CB4F31558DEDEF88AD7A8D9B532E3606C498F82
SHA-512:	95DBE61C42B0FCAC54407700683314CAFE3E1FE2711AF9AA30109B970B63CF8E64E36E8E31C9EC747A4184A751D320A372E9F829C1F82238F456ADE4B6CE9BB0
Malicious:	false
Reputation:	low
Preview:	0\r..m......W...+M.z...._keyhttps://cdn01.boxcdn.net/enduser/preview-components.364b492ac8.js .https://box.com/...../.............'t......;.%.w.".....(9v.T2...T..Q..S.-2..A..Eo.........T.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cbf8f37ebc90874c_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	310
Entropy (8bit):	5.536632694076204
Encrypted:	false
SSDEEP:	6:mgRYEXjrR6SDbsLG4uJKt+QBgNwhMSkgzi0YHPzlhK6t:xXf4S/j4ustvBgNw+Tg+0KzN
MD5:	8C64A13EF822D70C9A14CCA1A752F637
SHA1:	BA3A3D8F31A888D546FB9E4AFF014373C6566813
SHA-256:	211F3E4EFD4BFAA22BE520C082C9822EAC112101A7E5C5F3F1BA839CA7507A84
SHA-512:	E74895998450CDAEA66262DC63555BA2FBB54DA702A52308D17B897684746125B56B82ED89DEAC0C152F9E83AED8ECA8F0330E61D0E6C7294BA2F6ACAD4B9C13
Malicious:	false
Reputation:	low
Preview:	0\r..m..........U.[...._keyhttps://cdn01.boxcdn.net/enduser/as-security~change-current-user-role-modal~collaborators~collection-detail-page~content-explorer-mod~2da256af.a0db8de5f2.js .https://box.com/s..../..............s.......(..2.....\.z.V...2o...ev.....A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ccadee8b0401689c_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	406
Entropy (8bit):	5.525169892650928
Encrypted:	false
SSDEEP:	12:aFDFaj9uLesKlITsMqTeq1rKDaUkeUH6zuovV:aFhapEesthqTH1rKGUNUcV
MD5:	7819AB7775609DB823AFF7A6268B056A
SHA1:	D8C0E45B016379B8CE51658E22C19B182750D1FF
SHA-256:	02A6E0A24FE78ACBC1480C0FCC8792732C476812F23A923CB6DDB44A9D46CEB2
SHA-512:	3371A52110FEF82F34298CC7629CACEEB0605BE330BBDD8EF31D8EBAB343AC86DE25EBCCB7A87C6906A3C5A299212933FBC49AEE4C043417B1E64F94388052D7
Malicious:	false
Reputation:	low
Preview:	0\r..m.................._keyhttps://www.microsoft.com/mwf/js/MWF_20210208_31270267/alert/autosuggest/contentplacement/contentplacementitem/flipper/flyout/glyph/heading/hero/heroitem/hyperlinkgroup/image/list/pagebehaviors/singleslidecarousel/skiptomain/social?apiVersion=1.0 .https://microsoft.com/..;.../..............S.......q....re..G.\(..8.>9.!.yVv......A..Eo......R0.e.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ceaca954fd2831aa_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	229
Entropy (8bit):	5.46400307545869
Encrypted:	false
SSDEEP:	6:mNAS9YEX9IVkGRUwKQVx2JtVMxp60VoT1YXnK6t:6nlXCVkkrKQVx2GlC5e
MD5:	684BBCF3396A9E10E3BF988E9F78CA9F
SHA1:	5E8CC01500513CC47ACA16F4448C3B5F743A3C87
SHA-256:	143CB999D52B64793E144CB8242726205A7B76FEA897B1799389AA57B07FEA94
SHA-512:	2CF0EFDE8D81C79CF02E7862E77AC432C6E6FA76D695FE9B46F3AF8B670CDA2F12AB013762EF6D4A16B86067C2CADD32AD332EC9B62DD8AE0DCAEFC4745016AA
Malicious:	false
Reputation:	low
Preview:	0\r..m......a....e.L...._keyhttps://cdn01.boxcdn.net/platform/preview/third-party/doc/2.16.0/pdf.min.js .https://box.com/.-.../..............x......ws..Z..=_F.....;jn....x>f..$ll..A..Eo.......u...........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cfb5709fe74e1e20_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19433
Entropy (8bit):	6.009133550675272
Encrypted:	false
SSDEEP:	384:VxYyxEkrk6H1cwJvB1eFS5GWdTnn68qKvak:FNK1WVWKl
MD5:	ED1F4CF89AE7135D3FBFE56014560F15
SHA1:	2D6416F6A44763FD82CDB782786DF7F20B7CEEF9
SHA-256:	4B99C61093F5B7AEAC0C193A3BEDE1056E180E9A5B926DB2526D6C442C931C47
SHA-512:	FF45157DDFEEF0BF7A4968A7082950C807B5443901998577EE2F3241D9CC53AA55AEB711F5FF5713CE31C5FA94E9A919C46966AC7BB916E778830141D5A0201D
Malicious:	false
Reputation:	low
Preview:	0\r..m..........oVxi...._keyhttps://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/bb-d7480b/db-bc0148/dc-7e9864/6d-c07ea1/9d-b58f60/f6-aa5278/cd-23d3b0/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/79-499886/7e-cda2d3/69-13871c/b7-0ad59f/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/17-f90ef1?ver=2.0&iife=1 .https://microsoft.com/.5-.../.............S........q>.P...+.Rz....@r.E..Y,. ...A..Eo.........4.........A..Eo................................'.z.....O.....H..................(........................................(S.0..`......L`.....(S....`.......L`.....LRc".................QdrP\|{....requirejs.....Qc.06.....require...Q.@........define....Q.Pr'......__extends...d....................I`....Da..... ...(S...`......L`>.....Rcf..........*.....QbF.\|.....n.....Qb.mP.....r.....Qb........s...

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d5db3b76f36a3d39_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	278
Entropy (8bit):	5.411421689008458
Encrypted:	false
SSDEEP:	6:mB/VYGLTDQyKfHD40NKWBMRWd5VD+5e05lDY5K6t:e/pDQjDdG4djDK5lk
MD5:	F57914E9887724E9FDAF56D535FC4C3B
SHA1:	49A47637FDCE572DDFFC29BD71E0149833D0F0D3
SHA-256:	0F20A7569D298AAE8EA9F7B527DAF3642D44490EA5737E42947D2A445DA69826
SHA-512:	B4F39B89034F3F50E3C50D3262B2EDBC339EDA8ADCC9CD52117C9059F95E39E5157C91CF6D3D8C9B5EC9F675EC99ECA04BBDD650980BD251130BC75B78B02C60
Malicious:	false
Reputation:	low
Preview:	0\r..m..........}.r....._keyhttps://www.microsoft.com/onerfstatics/sfwneuprod/_h/dffac2fc/coreui.statics/externalscripts/react/16.9.0/react.min.js .https://microsoft.com/.u..../.............Qu.......8.......3....p.N{.Z..Y?.o.\|?/I..A..Eo......?.._.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\db2011e40d84ccec_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	238
Entropy (8bit):	5.5307302911317
Encrypted:	false
SSDEEP:	6:moEYEXe7FIDXJEnH2LyGdtOexBTf65RK6t:P0XwFIDZoiDBTy
MD5:	2EAF9CEBAE500BC11A27A888C9FBDAFD
SHA1:	51CC9E04FB62489E7C8F70328C54AF548E005A17
SHA-256:	E63904ABFA8D54BA368A1AA16AF22CCB9B8A4901ECE2B4DC6E2822EA1B056FC9
SHA-512:	0ECD61D0C3EBB33BA19FC509CF40A421E10AAFBAAD4BBEF46823D56CAF9D0DB8C5AEE6B1F5C4FB6E43CEAC28717BBF3C1851730CF884446CA24D9D91FCA89610
Malicious:	false
Reputation:	low
Preview:	0\r..m......j......P...._keyhttps://cdn01.boxcdn.net/enduser/messagecenter~uploads-manager-enduser.e83b2dda31.js .https://box.com/u..../..............s........[0.'m....H....`=@..Y..RB>zR..A..Eo.................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dbd8c12c40a4d9e0_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	282
Entropy (8bit):	5.6578634139558375
Encrypted:	false
SSDEEP:	6:mu0EYGLTDQyKfZ+OsFRzhztnWNTHKDS71Sf/4AhK6t:b0sDQLsFhhzETHKDS7Afn7
MD5:	1CDF26FF7D5A44D2B03178856B4EBF18
SHA1:	6342F9B9A07370C6248E8D4F34283A44A6BAF474
SHA-256:	A66AB3AF0CD797BB3FC9E96F439487F22933CE4B1E2E08CFD2C0C2ED8726BA5F
SHA-512:	681F63A5DC0F3F1557E1D8767453597FD7131B9E08E882EADF2DBB0E9E0212E356726AC426AB26B947DD707F12B16EE85B0028BEF32FE98D84594C1D59535D6D
Malicious:	false
Reputation:	low
Preview:	0\r..m.................._keyhttps://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cd-70f7cb/a4-539297?ver=2.0 .https://microsoft.com/.`;.../..............S......C.<.8^.r...............s.RC"..A..Eo........+.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4b9b26cef092fbf_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	226
Entropy (8bit):	5.568044394049228
Encrypted:	false
SSDEEP:	6:mcGRXYL8UdD2D3ydJcA96dGfGhGXhK6t:6RibD2D+yA96dGd7
MD5:	20822419E68D1AF15E2751ED79FAB496
SHA1:	0B6C0C1664110F8CA43A9BC28A283C864F1D6CD7
SHA-256:	6B0EEBD3D53014BD8EB5A7B948A046DA8275D77191E4A751CD1539BC0AB8950E
SHA-512:	572BBBB3A8A25C3B70E377946464FF968AB8A00D628498453F635282B787EE71F050DCDF58F8CF446FAAE0E1C1043D786A57B692DEE9FB09E6257242DD72FF55
Malicious:	false
Reputation:	low
Preview:	0\r..m......^.........._keyhttps://mem.gfx.ms/meversion?partner=MSHomePage&market=de-ch&uhf=1 .https://microsoft.com/t.=.../..............T.........t..-...}~I.1..?D.=.#.&.6d..A..Eo.......n7..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e59a2af405e8a922_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	67544
Entropy (8bit):	5.698331324694974
Encrypted:	false
SSDEEP:	768:c3aMvgA6MaT4wQ41NiQVTOgWXYSNCi+tMWLfcv67tB/qUjBdHvgjEhV0:c3aMePQ4vtVTLKCiIB/qIrHC
MD5:	473B89C22A970E446923FE7A0C7B71B2
SHA1:	031D15B7B7B879DEBD9C4C3949D445B1D0B5E935
SHA-256:	3D5AC0951EB1DEE08AEAE071BC95D44BA90C8D7B078115C9C338B0F8F69FFAAB
SHA-512:	FAF7BB550AD850B9C1EDFC730D3D9BE9B0E8CAAD396C55BF06880BCED0F6ECB64492DFB2076AC5EC383C2E5DC337EF2A7B9CE3482E6D8238144DDD7C5509B201
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...y.......E1ABB4B3A4F12CEFAA2C1AA67DAC4B94473A4B1AFC903BBDAF478B54B04662FD..............'.......O...........t............(...P...............................x...............................................t....................(S...Q...`\ .....A.L`.....(L`.....(S.....Ia..........Qe........getQueryValue...E.@.-......P...........https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=0502864a-b6ef-2f14-9f8e-267004d3a4e0_c5ea3348-55af-729a-2641-14f0312bacf3_742bd11f-3d7c-9955-3df5-f02b66689699_cb9d43d2-fbae-5b5c-827f-72166d6b87fc_49488e0d-6ae2-5101-c995-f4d56443b1d8_7dea7b90-4334-c043-b252-9f132d19ee19_38aa9ffb-ddb5-75be-6536-a58628f435f5_e3e65a0a-c133-43e7-571d-2293e03f85e6_4ca0e9dc-a4de-17ba-f0de-d1d346cb99e2_06310cd8-41c6-3b11-4645-b4884789ed70_5c27e8aa-9347-969e-39ac-37a4de428a8d_d6872b5a-5310-a73c-7cb3-227a3213a1c5_be92d794-4118-193f-9871-58b72092a5ac_64c742e2-b29c-b6c1-fdd9-accf33ec40bd_cf2ceca9-3467-a5b3-d095-68958eee6d4c_cec39dd8-f1d3-56f1-abfc-a7db34ff7b46_ec5fa2c9-

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ec3a4da664d5b538_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	269
Entropy (8bit):	5.605240962014478
Encrypted:	false
SSDEEP:	6:mKUXYcBB8LjFke/BDWDQICW0ZSVCLKaNvmWVcvbxcryAUK6t:oCnN/hWDxCxqCLrNvVkxcryx
MD5:	E21838C5CEE42A16D57A5DA4CBDAD135
SHA1:	0A7D0EECA60B107E10751E2A80E2D706D9F07CAE
SHA-256:	D1E8441D9900F232D217E145E16F5EF618FBF5FA33988052B986434A52BEDF50
SHA-512:	0C1D2E7E0B36EA4EFB1924491512A12BE4CA1F2DE9FA57829E3BB9192D4FCFE38D796E806CBD4980059B2C9F41787CB8725F337D2E027D1F3902329FA5201AFB
Malicious:	false
Reputation:	low
Preview:	0\r..m..........T......._keyhttps://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb17955x63301 .https://liveperson.net/.`..../.............~........5_+,.}Gz.].sCJ03.vE\|b!........A..Eo......}...........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eff63fce8e6ba9be_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	212
Entropy (8bit):	5.454147787558318
Encrypted:	false
SSDEEP:	3:m+lQtqOA8RzYEy9IRwJGWXQVRh+WOv1lHCHrxzCs+wfavP5m17QtllpK5kt:mLYEXjWXQVH+GFGsLaH417QthK6t
MD5:	134A83EFA1C4BB5F1586AC8B6E15C048
SHA1:	37FC03BB0BE94BE9ABFDE400D8C9839ECD00B393
SHA-256:	02100ABCABE7995A2CD3D83BA6A6B2A15379CD70D8B54C127C23EE94BEEA3B52
SHA-512:	095F11B9D00B13F0EF5E502B9DFA3CE4A91021C43EA7CA0B4FD201168735F092125972299F0C236AE676BED78FC485471676A59EF4AF107ED9CFF7DBC49FAD50
Malicious:	false
Reputation:	low
Preview:	0\r..m......P....r......_keyhttps://cdn01.boxcdn.net/enduser/vendors~app.cbc3272203.js .https://box.com/}..../..............q.......,PA.@H.T...GPd..7I...9#e.w.X.$..A..Eo........^..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f2dc0e70f1c715ad_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	295
Entropy (8bit):	5.594857967598588
Encrypted:	false
SSDEEP:	6:m/XYGLTDQyKfHD44GFRzVKqYhrOfygqDKTV3clvidvUbK48lhK6t:+zDQjDiFhVK9gqDKTqlMvhN
MD5:	B50E94B6B6961A155962C0DAE631856A
SHA1:	48E856BF27083BCFF29FEB26233BEB8B6AADB7AF
SHA-256:	A23482022711D30B75A2C58A7334F2FC12F886C68C5E44FE364C5FF77EEDB645
SHA-512:	80924DF4A57DF974AF4B4A6AA3F5091037C431246525799EB8C086E1C6988970475267B7F361CA1D58399B9CA475C6F00E351CF04FB8068E64FBC22E07E02E4D
Malicious:	false
Reputation:	low
Preview:	0\r..m................._keyhttps://www.microsoft.com/onerfstatics/sfwneuprod/store/_scrf/js/themes=store-web-default/e2-ed7413/94-3cd1e0?ver=2.0&_cf=02242021_3231 .https://microsoft.com//C].../.............?r......TO.y....J..L.~pC.9..8......p..c..A..Eo.......4...........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f46ad1d2652b0b43_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	350
Entropy (8bit):	5.902877752134928
Encrypted:	false
SSDEEP:	6:mfYyK08fUH1DGHB7+APEiq5EfzrTkDK6tgIGqmgSl886adEfzrS:QKjfUH1DGHN+6qEfTwuIGqbbadEfS
MD5:	C7619A2723F52760278811922ADE5EB2
SHA1:	8C752877FC9EF11F237B29D8D3A5E47AF6563744
SHA-256:	28E4595CBE322F722B761712940D0A7BAC171AC1B251D963C6A1D32D55813199
SHA-512:	2F4C6248E1F064F4FAF55AE3DDC748C7CC7C57C43E7556252C0851CB8E2C08B2797D5EA8E75E820DE150596C58773EC297ED1DC8EA1134FDDCAAAE72DDC27835
Malicious:	false
Reputation:	low
Preview:	0\r..m......V...T......_keyhttps://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js .https://microsoft.com/#..../.............*.......f....cB..cWhT..6..(..$....G..A..A..Eo........I4.........A..Eo..................#..../..q..6F9FE219DC60DFC20BFDCD8B968560D178B45EE3FF43B96AD00A716B2300D7ECf....cB..cWhT..6..(..$....G..A..A..Eo......>...L.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa5959c104dfcc69_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	219
Entropy (8bit):	5.454014490543545
Encrypted:	false
SSDEEP:	6:mNtVYEX9IVkw2r3VkynHqKnm4LwrbK6t:EDXCVkDrlkUqYmWmN
MD5:	6E99FDB18D849CD628BFEE78C0FA116E
SHA1:	F31D168684D9A3B5A0BD9122D2FD8A0A31FC42E6
SHA-256:	F42605AC392F8722F6C4D24505193C7B2631E5027D5B60107C28C289470C3D4D
SHA-512:	CDA3CB511EB68E94DAFC6FF026848448AE9D92BC97212B976DA80A4EEE7768FC81FA1D1BD0DFDAE28CB33B62006DA162F88529B0621F66266D44B53FF327BE90
Malicious:	false
Reputation:	low
Preview:	0\r..m......W...{.Aa...._keyhttps://cdn01.boxcdn.net/platform/preview/2.69.0/en-US/preview.js .https://box.com/.*.../.............Tt......p.A......#...ne...........U.A..Eo.........J.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff3254c380ce1732_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1235
Entropy (8bit):	5.2339405926748235
Encrypted:	false
SSDEEP:	24:MjXJaGN4zXk16FHPtJ8dtUUuzi19EJkuLUkI5E/9RLFePpVTSMIDF/TS:M9aGQXi6OdCzLJk+UkeE1nePpDsR
MD5:	FC8E30A408B2CBF3FB9FCA9B8CB7A4A2
SHA1:	1E1E70592912EFE9FF6730FB552E8A33F276DB78
SHA-256:	B0E731CA8E2927D5EF6A09E618C3D6B7719F4833F7B3B5436033CF6E7C89D587
SHA-512:	C0500548B1835913C0EC180E1E87DCBB745F862E32ED3B8931A0F9488C1E0289BDE7E53C7EEB3B01FA5A33F68B17BAEF4D1415046317A3D5A3BB9C502DBC58C7
Malicious:	false
Reputation:	low
Preview:	0\r..m..........'......_keyhttps://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=0502864a-b6ef-2f14-9f8e-267004d3a4e0_c5ea3348-55af-729a-2641-14f0312bacf3_742bd11f-3d7c-9955-3df5-f02b66689699_cb9d43d2-fbae-5b5c-827f-72166d6b87fc_49488e0d-6ae2-5101-c995-f4d56443b1d8_7dea7b90-4334-c043-b252-9f132d19ee19_38aa9ffb-ddb5-75be-6536-a58628f435f5_e3e65a0a-c133-43e7-571d-2293e03f85e6_4ca0e9dc-a4de-17ba-f0de-d1d346cb99e2_06310cd8-41c6-3b11-4645-b4884789ed70_5c27e8aa-9347-969e-39ac-37a4de428a8d_d6872b5a-5310-a73c-7cb3-227a3213a1c5_be92d794-4118-193f-9871-58b72092a5ac_64c742e2-b29c-b6c1-fdd9-accf33ec40bd_cf2ceca9-3467-a5b3-d095-68958eee6d4c_cec39dd8-f1d3-56f1-abfc-a7db34ff7b46_ec5fa2c9-3950-ff57-a5c3-1fa77e0db190_d19f9592-65df-bcc9-e30e-439b875c3381_76a3d06f-f11f-77ef-9bfd-6227ba750200_5e1caa45-461c-3b04-f88b-8cd50af16db5_c2dceda8-20b4-7d3f-13b6-9cac67d7df17_914fa41b-cc86-d3b0-4e15-2fdfa357bcc7_40c6c884-da6e-7c2c-081f-4a7dfe7c7245_ae79ba96-1a9d-debd-a5b1-f3067213b9b8 .https://microsoft.com/....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2376
Entropy (8bit):	5.459770080139734
Encrypted:	false
SSDEEP:	24:mUqAKXNxGYCUrDgvkno5o57uz6jBQV2kt16hu4mXaxJEk/8EPUqAKXNxGY1UrDg9:NXO5Kz6jB8B545Ek0El9
MD5:	B6AEFB936AB355DB0A4BF4370054B96D
SHA1:	0D3A50980B45A7E6743C46E7E15103157188FB03
SHA-256:	9B6A67687A32DF1FFEE73512B64C711BC6F9638649CC38A3AD5041A29C4404DC
SHA-512:	7EDBE4FF1E88BBDD1EB6CB3A6AD1F40ED52CB4514A9FF1BD29EC264DEA3F9C42519AF089FB6C4BC96FF18B4149767C9495B02BF2DBF3A1E3E7AE8CE5EC6421F1
Malicious:	false
Reputation:	low
Preview:	......Boy retne............./...........EH..bP.@..../..........@..C.By@..../..........1(.T...@..../............R.G......./...........+... ....../...........co......./.............. ....../......... .gC...@...../.........L...~......../.........r.XXVw......./...........#0L.(k...../................#.W.../............yn..O.W.../...........k..?...W.../.........i....YY....../..........'.....y.W.../.............7..@..../..........^}.Np..@ikt../..........-..0..x@ikt../............/...3.KPu../.................KPu../.........&<..\.O$.KPu../.........p..(....KPu../..........q....._.KPu../.........+<P\|...X.KPu../............./.....T...oy retne....F........................pN..B.../.........8..d.M:..B.../...........h}..i..B.../.........8cP\|WC<5..B.../.........g>.pG.l6..B.../...........[....]@~3.../..........=+....r.3.../..............[.1.3.../............;=.;.3.../.........l.b.G8.C...../.........L.........../............i..."...../.........u.i...d....../.........

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	24576
Entropy (8bit):	1.9867716854868345
Encrypted:	false
SSDEEP:	96:dNwADjVsjidfNwt5bU8PnAiRu6D9q5eUahroU3jVsIPQAi2tiNdl:duQjVsjmunbd9cg5UaSijVsseh
MD5:	0ECF76DD8AC13B05B12B372AA26EB15E
SHA1:	4926326AC5D9419EC0E4368995E3C4214875BEA5
SHA-256:	95A137066FF41D217D5632BACB20CB6479AD651769FB5CE700CCD05682EE819D
SHA-512:	733D615B04C2AFE02AC12A633AA683CB0575752DD6CBCD9F5CC18018C60C7A68BC4E0C33A2DA540C8193B0DEA5ECEB4D6B919FC8CECAF6C4168B64C5B3BEE52D
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	modified
Size (bytes):	25672
Entropy (8bit):	1.1754921002901946
Encrypted:	false
SSDEEP:	48:X8NOZ7q5LLOpEO5J/Kn7U6GidysHgI3AVsmqekLLOpEO5J/Kn7Ud8:kO7cNwzidyDjVsmMNwa
MD5:	056AD0B1B7B23C0A68AAB2A4158FF705
SHA1:	0758F5021C4F56816F670D50BC7CEB0F74301F6B
SHA-256:	DE1B68F8FC87371F4E50D715FEBE1DD19BE0D640AE7B6C6DD35E80308160C9F6
SHA-512:	486A7AA0ABB83C19D4C71BE648FC8211B4DA8B9C6E746BE3983F6F3F9D2FCB7D21B4FE1050430B3C636989A2A930D182FB2CD42217682CE8C036974A21F862F6
Malicious:	false
Reputation:	low
Preview:	.............t..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	24600
Entropy (8bit):	3.373497072948801
Encrypted:	false
SSDEEP:	192:3UR86Mz/qdQ/5hULJiclc3SB2DFfKQJqfSfAbpELfjfA3f7IWf2fAHSNA:Y8/z/YQ/UMyQJqqAELrsDzerm
MD5:	B7180B7BA7411FA0E54BF1E02AE45EB6
SHA1:	90C9464A170BE1452A20EE35B67AA9C24D993F4F
SHA-256:	51C96D64999A34C263F5FD89382F1699CEB1F68E8C39B8A67F521840F3071F0A
SHA-512:	484E1D332CF80A05946D579E855534568DEBE467136601C2702A6120D590E2E09C5C13EB967ADDC1DADFF815AE1772F83E62CCB82F3CA4F73582071223E3C1E1
Malicious:	false
Reputation:	low
Preview:	SNSS....................................................!.............................................1..,.......$...e5b8098a_870e_4b29_9c2e_2deb6ef6f31e........................w.................................................................................5..0.......&...{524A03AB-861D-4591-9B4E-BDD69F9D425A}........................................5..0...........6...https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw......S.o.u.t.h.l.a.k.e. .F.i.r.e. .D.e.p.a.r.t.m.e.n.t...p.d.f. .\|. .P.o.w.e.r.e.d. .b.y. .B.o.x.................................................h.......`............................................... .......t.J@p...u.J@p...`.......x...............................t...6...h.t.t.p.s.:././.a.p.p...b.o.x...c.o.m./.s./.8.p.8.m.e.5.x.q.j.q.7.b.s.c.q.l.w.j.d.e.w.g.n.l.i.7.p.t.3.6.m.w.............................8.......0...............................................................h...0.......?.%. .B.l.i.n.k. .s.e.r.i.a.l.i.z.e.d. .f.o.r.m. .s.t.a.t.e. .v.e.r.s.i.o.n. .1.0

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.8112781244591325
Encrypted:	false
SSDEEP:	3:3Dtn:3h
MD5:	0686D6159557E1162D04C44240103333
SHA1:	053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256:	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512:	884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious:	false
Reputation:	low
Preview:	SNSS....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	164
Entropy (8bit):	4.391736045892206
Encrypted:	false
SSDEEP:	3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+Gg:qT5z/t2qoEwhXeLKB
MD5:	0A906A9A542CDF08FF50DAAF1D1E596E
SHA1:	B97D6274196F40874A368C265799F5FA78C52893
SHA-256:	EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
SHA-512:	8795E905B711ADE6B1C4B402D50AF491B64D157AA738669482DDBFC30E857DF970BFFB774A925F3F4A0802BD27AFAF939CE140894FF09B67FB9C0BB83ED4491A
Malicious:	false
Reputation:	low
Preview:	.f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.278126718654371
Encrypted:	false
SSDEEP:	6:mrGQuRFfpyq2PWXp+N23iKKdK8aPrqIFUtpmGQulE/1ZmwPmGQuTFRRkwOWXp+Nd:2iRFfpyva5KkL3FUtpmilE9/PmibR5fA
MD5:	F5BB1980369F45598E3F69AF7C943169
SHA1:	E0E1580E264F0A9BC16175EF16D507F6F11D6B92
SHA-256:	D064A905D16055FC4DA0349EB274884206C255DC6D90BCE5449AAB87BE22E6B5
SHA-512:	49CC30F44804DE6D79EC3F0026CFE35CF0C39BC2294D58A863472BD1E2C1268FACA97587E0059CD52F5CDA3E8BF01723D32E3AE41E238E028DBDDC24EA5173F7
Malicious:	false
Reputation:	low
Preview:	2021/04/07-23:35:16.784 16a4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/04/07-23:35:16.785 16a4 Recovering log #3.2021/04/07-23:35:16.786 16a4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	570
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
MD5:	D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A
SHA1:	FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7
SHA-256:	99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
SHA-512:	86FD07C34B9ABD4C52BA19EAE291936F92BC6D38A75C021EDC1DEDBC15617669876180CD99F959C62476D82EC6BB9F5FE4C6CB4D82CB037EFB76D99A4D3D9C51
Malicious:	false
Reputation:	low
Preview:	.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.275784349735627
Encrypted:	false
SSDEEP:	6:mrGiGVq2PWXp+N23iKKdK8NIFUtpmGiEUtZmwPmGiWgkwOWXp+N23iKKdK8+eLJ:29GVva5KkpFUtpm9D/Pm9j5f5KkqJ
MD5:	0AB08E2533C61A2255EDAFC03331D762
SHA1:	D71C240C40C20A6A20D1B214164B3E4ED07FE471
SHA-256:	006FF72B67BDFEA8B16A92F43E198681C5047950362F594E8D6A440F29AEE0A5
SHA-512:	0F5AF0C7A4B0984B02C30A95165897AAC4A1BB906F89DE707972459E5FAB560A6DB516C177750FE93316CC13FBA3E45C06EA319CC41CE5AAB6E4C6AF95F78806
Malicious:	false
Reputation:	low
Preview:	2021/04/07-23:35:18.807 16b0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/04/07-23:35:18.809 16b0 Recovering log #3.2021/04/07-23:35:18.810 16b0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	11217
Entropy (8bit):	6.069602775336632
Encrypted:	false
SSDEEP:	192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
MD5:	90F880064A42B29CCFF51FE5425BF1A3
SHA1:	6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
SHA-256:	965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
SHA-512:	D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	23474
Entropy (8bit):	6.059847580419268
Encrypted:	false
SSDEEP:	384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
MD5:	6AE2135EA4583C2F06CDEBEA4AE70FA4
SHA1:	DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
SHA-256:	03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
SHA-512:	B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	71680
Entropy (8bit):	2.1385302322965756
Encrypted:	false
SSDEEP:	384:McPnQiosr10Pnpca9kW0UIa/m+8D0IaiVhy:MfNsJwcayZUIa+pD0IaK8
MD5:	6F3C40AD63176DFB89D241356C4B1E4E
SHA1:	83A306539543BB80CC66B5C1DF3C0F891967D966
SHA-256:	F87DC3453FA7BF19A791F31B84C9DA2FE3C08860D4CCB291B799D4317C63E7D0
SHA-512:	A74910F220C961DCB79B8E2052A70DD84D8CE1C926E25E2A1705789C894E6336B163D697320CAFA02A7968ED121D5F896E82F11E8BB1B789B64730162FB39D17
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	70468
Entropy (8bit):	1.4772927598705794
Encrypted:	false
SSDEEP:	192:1PLOPoPP/7CbQJOD494fUh6q7GKg43494g36Lj7y:1P6PoPn+kJOcafUMGGKdIatby
MD5:	98481DAABFFCBD1B1EB9B3756ED42DFF
SHA1:	767E3652B5D14F462FCB2A0403C7C43F87BC50B0
SHA-256:	F0FFAB5547D7035309C7B7200D9B89F1D09002B356E774BCFBAE202EDE410940
SHA-512:	31B778F1440964A20B5ED825D4B9D60A0888A90E5A9F12307D3180E2F6313555D1616A1B2EEE2BBCB85C9E26BE4D4295D584EA3A5A50EECF619BE8767F3D61F5
Malicious:	false
Reputation:	low
Preview:	.............dfq........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	3:FQxlX:qT
MD5:	0407B455F23E3655661BA46A574CFCA4
SHA1:	855CB7CC8EAC30458B4207614D046CB09EE3A591
SHA-256:	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
SHA-512:	3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
Malicious:	false
Reputation:	low
Preview:	.f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	372
Entropy (8bit):	5.283849941745388
Encrypted:	false
SSDEEP:	6:mrGXZq2PWXp+N23iKKdK25+Xqx8chI+IFUtpmGXMVXZmwPmGX7uwvzkwOWXp+N2k:2sZva5KkTXfchI3FUtpmsUX/PmsiAz5M
MD5:	1E212CD9C402831E552274F4FFB02CCC
SHA1:	6871D9B1A7087EC871F22DD08A49A977D4D30B98
SHA-256:	255CA89102BC4BE73D6098537DF938DAE2F7C22BC26BC6388D80EE8964B10576
SHA-512:	28C7487B93F04EC4FD5EB00DD5BACC2C4F9725E021F3B7EA84AABF4917D632E2FF4066817C6B14CF480556164B45812443F6C4E0F336D4118F0DEB1B4946F8CA
Malicious:	false
Reputation:	low
Preview:	2021/04/07-23:35:26.119 19d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/04/07-23:35:26.120 19d0 Recovering log #3.2021/04/07-23:35:26.121 19d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	358
Entropy (8bit):	5.242010165461094
Encrypted:	false
SSDEEP:	6:mrGXduwAq2PWXp+N23iKKdK25+XuoIFUtpmGXAZZmwPmGXAzkwOWXp+N23iKKdKl:2sdNAva5KkTXYFUtpmsAZ/PmsAz5f5Ky
MD5:	8DB1EF7826EB4DBFF43762B8B0873562
SHA1:	E5687FEEA926D7DA81EF882C3F405F7119AF07C2
SHA-256:	5F9017236EC341BC1D3CE25818935979057727BB88D4ABDC11F4665424F0E160
SHA-512:	B0A2555FA006ECCF5D84E9DC2A1196E395B0C6917CD8FA0E8F35EE07B8A43EB014D1B8289FCE1922820E804866FB999992DE0532A92BF2BB1E91727C2892D328
Malicious:	false
Reputation:	low
Preview:	2021/04/07-23:35:26.109 19d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/04/07-23:35:26.111 19d0 Recovering log #3.2021/04/07-23:35:26.111 19d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	330
Entropy (8bit):	5.2855205802635234
Encrypted:	false
SSDEEP:	6:mrGhIq2PWXp+N23iKKdKWT5g1IdqIFUtpmGCHXZmwPmG5zkwOWXp+N23iKKdKWTk:21va5Kkg5gSRFUtpmXHX/Pmwz5f5Kkgk
MD5:	5EC0E1978889514874E9D5078D3DF3DB
SHA1:	2D163D2849B3FF5DF722072EC08368D503263780
SHA-256:	C39484D6CB6D26124BE2B714CED796CCCFBC1582E137DBEB1F8C4200BC6F8E9E
SHA-512:	C0FDFA7D685D9273E69E70552EC332559902F33BA1616EBCD429EBD9BFEBF8F61FE302A6161788686DE202B0162E0E99B4A1ABA3CA50E5E45008D62CD904F6D4
Malicious:	false
Reputation:	low
Preview:	2021/04/07-23:35:25.988 19d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/04/07-23:35:25.992 19d0 Recovering log #3.2021/04/07-23:35:25.993 19d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	155648
Entropy (8bit):	0.49294375196816403
Encrypted:	false
SSDEEP:	192:fGgTqVfQjg+6K0mVbmIi7Jb36tn0QVamJiG36T:O6qFlwS7QBiHT
MD5:	6CFA4B8C33B61578124A02C140A2BAB2
SHA1:	23919C0C8FF9DA947F5A58ABEDD651328A7C70AB
SHA-256:	6768BC72E58E33083D3F2282D6B97E34E7AB1BF872A3147F710E92A0A34DCA75
SHA-512:	1EA3F8BF3A5E0AFC7826DE5DE0DE286DE35582F480CA0A6B3AB44B09539A0406508F3627B24332A56A79ABA9E80DE60E61D14F0DFD852AED06A969709A4C843B
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	866
Entropy (8bit):	5.407998478502945
Encrypted:	false
SSDEEP:	24:eeMSo1twQMS+HArrEcLGcTJxetVgtjIY78BJgskfa9yBDy3d6+MSTdZj4Q:fMBJMZooEeP6OUaRMe5
MD5:	F7F5F575FC519A5E8C3E346CBD3C2AEE
SHA1:	C87540C2F20382280421998BA9C187187E7458F9
SHA-256:	86750BAA70D8CD19581BF5AF5F01CCD586CE0DA6D197B45D2F2666F2C2BB69DE
SHA-512:	E53FBB0CF72A137BC9C470CFF82C41E3F82378EF54D313BE5DF2423C286F4FEEAEE509148972526D28E3087E8125A9708A2AED865B824A0CC14150D974764567
Malicious:	false
Reputation:	low
Preview:	............."l... 8p8me5xqjq7bscqlwjdewgnli7pt36mw..app..box..by..com..department..fire..https..pdf..powered..s..southlake.....$. 8p8me5xqjq7bscqlwjdewgnli7pt36mw......app......box......by......com......department......fire......https......pdf......powered......s......southlake..2.........3........5........6........7........8........a..........b..........c.........d...........e............f.........g........h.........i.........j........k........l.........m..........n.........o...........p.............q........r..........s...........t...........u........w.........x.........y...:n..............................................................................................................B............. ........6https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw2.Southlake Fire Department.pdf \| Powered by Box:................J..................... (+

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	158572
Entropy (8bit):	0.3337424018456219
Encrypted:	false
SSDEEP:	96:ETbaKc/P6gwM4Vdd9ibP2hzAVpQmRadEQJwMngmPHiMwRuiBQJwMjNRRRumRgyRa:GbQ0xs+hzVf56egmPb36g0mVCgWiDmb
MD5:	C6C88CF869FD6BDB1DA328508F5FD15B
SHA1:	D9823EEA774135B3A2AE7F433E4C5086D74DC6C1
SHA-256:	6876A00408F5F1CA00ADFD64C1EF2B91A3D613BBAE804A394A4B65CC00F3B356
SHA-512:	3306349B0BF2DEC67952C4DE9BE2E90957B879FE8307A6960B22A3AA45BB1FA0B07BE5B349593F5E5889A8069482C7C4D64474AC4CC6F51BB2B64FE7399483DA
Malicious:	false
Reputation:	low
Preview:	.............sFF........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Static File Info

No static file info

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
04/07/21-23:35:27.257818	TCP	2515	WEB-MISC PCT Client_Hello overflow attempt	49758	443	192.168.2.3	172.217.168.10

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 7, 2021 23:35:18.754512072 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.755656004 CEST	49720	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.773273945 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.773302078 CEST	443	49720	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.773406029 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.773530006 CEST	49720	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.773649931 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.773874998 CEST	49720	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.792418957 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.793662071 CEST	443	49720	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.793710947 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.793754101 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.793785095 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.793812990 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.793823004 CEST	443	49720	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.793860912 CEST	443	49720	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.793891907 CEST	443	49720	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.793956041 CEST	49720	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.833395958 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.833640099 CEST	49720	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.969121933 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.969897985 CEST	49720	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.970478058 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.986831903 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.986861944 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.986913919 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:18.987755060 CEST	443	49720	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.987786055 CEST	443	49720	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:18.987864017 CEST	49720	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:19.027553082 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:19.237915039 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:19.237946987 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:19.238137007 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:19.331733942 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:19.331792116 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:19.331864119 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:19.411955118 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:19.411983013 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:19.412072897 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:19.789446115 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:19.807286978 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:20.216649055 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:20.216711044 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:20.216775894 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:20.274224997 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:20.294492006 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:20.387545109 CEST	49720	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:20.405512094 CEST	443	49720	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:20.489195108 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:20.489231110 CEST	443	49719	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:20.489357948 CEST	49719	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:20.523305893 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:20.540885925 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.540998936 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:20.541218042 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:20.558667898 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.559809923 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.559849977 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.559890985 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.559906006 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:20.573508024 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:20.573939085 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:20.585941076 CEST	443	49720	185.235.236.201	192.168.2.3
Apr 7, 2021 23:35:20.591084003 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.591227055 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.591288090 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:20.625550032 CEST	49720	443	192.168.2.3	185.235.236.201
Apr 7, 2021 23:35:20.631208897 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.733743906 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.736437082 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:20.754014015 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:20.754046917 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:21.004000902 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:21.004035950 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:21.004107952 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:21.064831972 CEST	49740	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.082345009 CEST	443	49740	185.235.236.200	192.168.2.3
Apr 7, 2021 23:35:21.082437038 CEST	49740	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.082662106 CEST	49740	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.089514017 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:21.100903988 CEST	443	49740	185.235.236.200	192.168.2.3
Apr 7, 2021 23:35:21.101954937 CEST	443	49740	185.235.236.200	192.168.2.3
Apr 7, 2021 23:35:21.102030039 CEST	443	49740	185.235.236.200	192.168.2.3
Apr 7, 2021 23:35:21.102073908 CEST	443	49740	185.235.236.200	192.168.2.3
Apr 7, 2021 23:35:21.102088928 CEST	49740	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.109124899 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:21.116601944 CEST	49740	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.116796017 CEST	49740	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.135895014 CEST	443	49740	185.235.236.200	192.168.2.3
Apr 7, 2021 23:35:21.135926962 CEST	443	49740	185.235.236.200	192.168.2.3
Apr 7, 2021 23:35:21.135957003 CEST	443	49740	185.235.236.200	192.168.2.3
Apr 7, 2021 23:35:21.136013985 CEST	49740	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.248368025 CEST	49743	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.252083063 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:21.254362106 CEST	49737	443	192.168.2.3	185.235.236.197
Apr 7, 2021 23:35:21.266244888 CEST	443	49743	185.235.236.200	192.168.2.3
Apr 7, 2021 23:35:21.266379118 CEST	49743	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.266644001 CEST	49743	443	192.168.2.3	185.235.236.200
Apr 7, 2021 23:35:21.272202969 CEST	443	49737	185.235.236.197	192.168.2.3
Apr 7, 2021 23:35:21.272234917 CEST	443	49737	185.235.236.197	192.168.2.3

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 7, 2021 23:35:09.766603947 CEST	57544	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:09.781013966 CEST	53	57544	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:10.692445040 CEST	55984	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:10.710587978 CEST	53	55984	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:11.645930052 CEST	64185	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:11.660752058 CEST	53	64185	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:12.392821074 CEST	65110	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:12.407156944 CEST	53	65110	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:13.389717102 CEST	58361	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:13.402997971 CEST	53	58361	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:14.177066088 CEST	63492	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:14.190681934 CEST	53	63492	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:15.026160002 CEST	60831	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:15.037940025 CEST	53	60831	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:16.981283903 CEST	60100	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:16.994580030 CEST	53	60100	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:18.366090059 CEST	53023	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:18.378957987 CEST	53	53023	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:18.727468014 CEST	49563	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:18.732443094 CEST	51352	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:18.733669043 CEST	59349	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:18.735769987 CEST	57084	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:18.742830038 CEST	53	49563	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:18.746359110 CEST	53	59349	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:18.753593922 CEST	53	51352	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:18.763448000 CEST	53	57084	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:19.010689020 CEST	58823	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:19.036840916 CEST	53	58823	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:19.086704969 CEST	57568	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:19.113270998 CEST	53	57568	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:19.167208910 CEST	50540	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:19.179168940 CEST	53	50540	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:19.285049915 CEST	54366	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:19.304311991 CEST	53	54366	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:20.097296953 CEST	57762	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:20.112323999 CEST	53	57762	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:20.496112108 CEST	55435	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:20.522228956 CEST	53	55435	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:20.570974112 CEST	50713	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:20.584121943 CEST	53	50713	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:21.037650108 CEST	56132	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:21.057255983 CEST	53	56132	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:21.273351908 CEST	58987	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:21.293725967 CEST	53	58987	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:24.083964109 CEST	63619	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:24.097361088 CEST	53	63619	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:24.847979069 CEST	64938	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:24.861825943 CEST	53	64938	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:25.750499964 CEST	61946	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:25.789899111 CEST	53	61946	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:26.458728075 CEST	64910	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:26.471164942 CEST	53	64910	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:27.202728987 CEST	56338	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:27.228604078 CEST	53	56338	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:27.864888906 CEST	59420	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:27.878950119 CEST	53	59420	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:33.127975941 CEST	63978	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:33.320869923 CEST	53	63978	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:34.495429993 CEST	62938	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:34.509907007 CEST	53	62938	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:35.350656986 CEST	55708	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:35.364762068 CEST	53	55708	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:41.090080976 CEST	56803	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:41.103048086 CEST	53	56803	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:45.880430937 CEST	57145	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:45.899703979 CEST	53	57145	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:46.356312037 CEST	55359	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:46.374761105 CEST	53	55359	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:46.471654892 CEST	58306	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:46.481735945 CEST	64124	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:46.490258932 CEST	53	58306	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:46.493932009 CEST	53	64124	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:46.950751066 CEST	49361	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:46.978267908 CEST	53	49361	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:48.050699949 CEST	63150	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:48.063524008 CEST	53	63150	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:48.287703037 CEST	53279	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:48.319245100 CEST	53	53279	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:52.225821018 CEST	56881	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:52.244292974 CEST	53	56881	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:53.640841961 CEST	53642	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:53.659548044 CEST	53	53642	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:54.304843903 CEST	55667	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:54.306216955 CEST	54833	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:54.307969093 CEST	62476	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:54.309320927 CEST	49705	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:54.320657969 CEST	53	62476	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:54.322405100 CEST	53	49705	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:54.322452068 CEST	53	55667	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:54.343782902 CEST	53	54833	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:54.416210890 CEST	61477	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:54.433676004 CEST	53	61477	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:56.397439957 CEST	61633	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:56.403244019 CEST	55949	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:56.405539036 CEST	57601	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:56.410911083 CEST	53	61633	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:56.422086954 CEST	53	55949	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:56.444591045 CEST	53	57601	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:57.653938055 CEST	49342	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:57.688693047 CEST	53	49342	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:58.810461044 CEST	56253	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:58.820142031 CEST	55439	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:58.828802109 CEST	53	56253	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:58.854376078 CEST	53	55439	8.8.8.8	192.168.2.3
Apr 7, 2021 23:35:59.591721058 CEST	57069	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:35:59.611526012 CEST	53	57069	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:08.598727942 CEST	57659	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:08.612205982 CEST	53	57659	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:11.708364964 CEST	54717	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:11.731704950 CEST	53	54717	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:15.160319090 CEST	63975	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:15.173264027 CEST	53	63975	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:16.500006914 CEST	56639	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:16.500726938 CEST	51856	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:16.501276016 CEST	56546	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:16.518635035 CEST	53	56639	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:16.528085947 CEST	53	56546	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:16.531665087 CEST	53	51856	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:16.669303894 CEST	62152	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:16.682653904 CEST	53	62152	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:17.290597916 CEST	56446	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:17.319551945 CEST	53	56446	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:17.435977936 CEST	59631	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:17.511923075 CEST	53	59631	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:17.661132097 CEST	55515	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:17.688740969 CEST	53	55515	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:17.885716915 CEST	64547	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:17.895143986 CEST	51759	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:17.910834074 CEST	59207	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:17.912270069 CEST	53	64547	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:17.913474083 CEST	53	51759	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:17.931864977 CEST	53	59207	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:18.064471960 CEST	54269	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:18.091572046 CEST	53	54269	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:18.155716896 CEST	54856	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:18.168848038 CEST	53	54856	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:18.534900904 CEST	64140	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:18.538134098 CEST	62271	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:18.578016996 CEST	53	64140	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:18.581403017 CEST	57404	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:18.587837934 CEST	53	62271	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:18.596647024 CEST	53	57404	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:18.907627106 CEST	62997	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:18.941176891 CEST	53	62997	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:20.614168882 CEST	57712	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:20.691808939 CEST	53	57712	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:22.318897963 CEST	60065	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:22.320796013 CEST	55068	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:22.326607943 CEST	64700	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:22.337430954 CEST	53	60065	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:22.340665102 CEST	53	55068	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:22.344168901 CEST	61998	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:22.346461058 CEST	53724	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:22.348392010 CEST	53	64700	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:22.366255999 CEST	53	53724	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:22.371293068 CEST	53	61998	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:26.961879969 CEST	52328	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:27.061738968 CEST	53	52328	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:30.781680107 CEST	58051	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:30.803752899 CEST	53	58051	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:32.905647993 CEST	64130	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:32.945813894 CEST	53	64130	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:33.010622978 CEST	50491	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:33.041109085 CEST	53	50491	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:53.848891020 CEST	53004	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:53.864960909 CEST	53	53004	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:53.920639992 CEST	52529	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:53.934231043 CEST	53	52529	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:54.888957024 CEST	53656	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:54.902713060 CEST	53	53656	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:57.901490927 CEST	62724	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:57.919487000 CEST	53	62724	8.8.8.8	192.168.2.3
Apr 7, 2021 23:36:58.057450056 CEST	56059	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:36:58.085108995 CEST	53	56059	8.8.8.8	192.168.2.3
Apr 7, 2021 23:37:19.934665918 CEST	63060	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:37:19.954296112 CEST	53	63060	8.8.8.8	192.168.2.3
Apr 7, 2021 23:37:25.958288908 CEST	51498	53	192.168.2.3	8.8.8.8
Apr 7, 2021 23:37:25.975425005 CEST	53	51498	8.8.8.8	192.168.2.3

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Apr 7, 2021 23:35:18.732443094 CEST	192.168.2.3	8.8.8.8	0x376c	Standard query (0)	app.box.com	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:19.285049915 CEST	192.168.2.3	8.8.8.8	0xb06c	Standard query (0)	cdn01.boxcdn.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:20.496112108 CEST	192.168.2.3	8.8.8.8	0xa29b	Standard query (0)	api.box.com	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:21.037650108 CEST	192.168.2.3	8.8.8.8	0x7a92	Standard query (0)	public.boxcloud.com	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:21.273351908 CEST	192.168.2.3	8.8.8.8	0x2eab	Standard query (0)	cdn01.boxcdn.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:25.750499964 CEST	192.168.2.3	8.8.8.8	0xe6d1	Standard query (0)	clients2.googleusercontent.com	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:33.127975941 CEST	192.168.2.3	8.8.8.8	0xbda4	Standard query (0)	frazeeincs.ga	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:46.356312037 CEST	192.168.2.3	8.8.8.8	0xe6ba	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:46.471654892 CEST	192.168.2.3	8.8.8.8	0xa540	Standard query (0)	aadcdn.msftauth.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:46.481735945 CEST	192.168.2.3	8.8.8.8	0xe7a9	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:48.050699949 CEST	192.168.2.3	8.8.8.8	0xe8b2	Standard query (0)	aadcdn.msftauth.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:54.307969093 CEST	192.168.2.3	8.8.8.8	0x8fd5	Standard query (0)	ajax.aspnetcdn.com	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:58.820142031 CEST	192.168.2.3	8.8.8.8	0x16b8	Standard query (0)	assets.onestore.ms	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:16.500006914 CEST	192.168.2.3	8.8.8.8	0x49ca	Standard query (0)	mem.gfx.ms	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:16.500726938 CEST	192.168.2.3	8.8.8.8	0xf22a	Standard query (0)	microsoftwindows.112.2o7.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:17.435977936 CEST	192.168.2.3	8.8.8.8	0x77da	Standard query (0)	publisher.liveperson.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:17.910834074 CEST	192.168.2.3	8.8.8.8	0xceed	Standard query (0)	lptag.liveperson.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:18.534900904 CEST	192.168.2.3	8.8.8.8	0x23bf	Standard query (0)	accdn.lpsnmedia.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:18.581403017 CEST	192.168.2.3	8.8.8.8	0xf59a	Standard query (0)	static-assets.fs.liveperson.com	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:18.907627106 CEST	192.168.2.3	8.8.8.8	0x929c	Standard query (0)	logincdn.msauth.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:20.614168882 CEST	192.168.2.3	8.8.8.8	0x436e	Standard query (0)	lpcdn.lpsnmedia.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:22.318897963 CEST	192.168.2.3	8.8.8.8	0xbd78	Standard query (0)	statics-wcus.onestore.ms	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:22.320796013 CEST	192.168.2.3	8.8.8.8	0x9124	Standard query (0)	statics-eus.onestore.ms	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:22.326607943 CEST	192.168.2.3	8.8.8.8	0x2b14	Standard query (0)	statics-eas.onestore.ms	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:22.344168901 CEST	192.168.2.3	8.8.8.8	0x25fd	Standard query (0)	cart.production.store-web.dynamics.com	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:22.346461058 CEST	192.168.2.3	8.8.8.8	0xc69a	Standard query (0)	statics-neu.onestore.ms	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:32.905647993 CEST	192.168.2.3	8.8.8.8	0xce41	Standard query (0)	va.v.liveperson.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:37:19.934665918 CEST	192.168.2.3	8.8.8.8	0xc24	Standard query (0)	lptag.liveperson.net	A (IP address)	IN (0x0001)
Apr 7, 2021 23:37:25.958288908 CEST	192.168.2.3	8.8.8.8	0xde22	Standard query (0)	mcraa.fs.liveperson.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Apr 7, 2021 23:35:18.753593922 CEST	8.8.8.8	192.168.2.3	0x376c	No error (0)	app.box.com		185.235.236.201	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:19.304311991 CEST	8.8.8.8	192.168.2.3	0xb06c	No error (0)	cdn01.boxcdn.net	cdn01.boxcdn.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:35:20.522228956 CEST	8.8.8.8	192.168.2.3	0xa29b	No error (0)	api.box.com		185.235.236.197	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:21.057255983 CEST	8.8.8.8	192.168.2.3	0x7a92	No error (0)	public.boxcloud.com		185.235.236.200	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:21.293725967 CEST	8.8.8.8	192.168.2.3	0x2eab	No error (0)	cdn01.boxcdn.net	cdn01.boxcdn.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:35:25.789899111 CEST	8.8.8.8	192.168.2.3	0xe6d1	No error (0)	clients2.googleusercontent.com	googlehosted.l.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:35:25.789899111 CEST	8.8.8.8	192.168.2.3	0xe6d1	No error (0)	googlehosted.l.googleusercontent.com		172.217.168.33	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:33.320869923 CEST	8.8.8.8	192.168.2.3	0xbda4	No error (0)	frazeeincs.ga		62.182.80.182	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:46.374761105 CEST	8.8.8.8	192.168.2.3	0xe6ba	No error (0)	cdnjs.cloudflare.com		104.16.19.94	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:46.374761105 CEST	8.8.8.8	192.168.2.3	0xe6ba	No error (0)	cdnjs.cloudflare.com		104.16.18.94	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:46.490258932 CEST	8.8.8.8	192.168.2.3	0xa540	No error (0)	aadcdn.msftauth.net	aadcdnoriginneu.azureedge.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:35:46.490258932 CEST	8.8.8.8	192.168.2.3	0xa540	No error (0)	cs1100.wpc.omegacdn.net		152.199.23.37	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:46.493932009 CEST	8.8.8.8	192.168.2.3	0xe7a9	No error (0)	code.jquery.com	cds.s5x3j6q5.hwcdn.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:35:48.063524008 CEST	8.8.8.8	192.168.2.3	0xe8b2	No error (0)	aadcdn.msftauth.net	aadcdnoriginneu.azureedge.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:35:48.063524008 CEST	8.8.8.8	192.168.2.3	0xe8b2	No error (0)	cs1100.wpc.omegacdn.net		152.199.23.37	A (IP address)	IN (0x0001)
Apr 7, 2021 23:35:54.320657969 CEST	8.8.8.8	192.168.2.3	0x8fd5	No error (0)	ajax.aspnetcdn.com	mscomajax.vo.msecnd.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:35:54.322405100 CEST	8.8.8.8	192.168.2.3	0x6bb6	No error (0)	consentdeliveryfd.azurefd.net	star-azurefd-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:35:58.854376078 CEST	8.8.8.8	192.168.2.3	0x16b8	No error (0)	assets.onestore.ms	assets.onestore.ms.akadns.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:16.518635035 CEST	8.8.8.8	192.168.2.3	0x49ca	No error (0)	mem.gfx.ms	cdn.account.microsoft.com.akadns.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:16.531665087 CEST	8.8.8.8	192.168.2.3	0xf22a	No error (0)	microsoftwindows.112.2o7.net		35.181.18.61	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:16.531665087 CEST	8.8.8.8	192.168.2.3	0xf22a	No error (0)	microsoftwindows.112.2o7.net		15.237.76.117	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:16.531665087 CEST	8.8.8.8	192.168.2.3	0xf22a	No error (0)	microsoftwindows.112.2o7.net		15.237.136.106	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:17.511923075 CEST	8.8.8.8	192.168.2.3	0x77da	No error (0)	publisher.liveperson.net	publisher.livepersonk.akadns.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:17.511923075 CEST	8.8.8.8	192.168.2.3	0x77da	No error (0)	liveperson.map.fastly.net		151.101.1.192	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:17.511923075 CEST	8.8.8.8	192.168.2.3	0x77da	No error (0)	liveperson.map.fastly.net		151.101.65.192	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:17.511923075 CEST	8.8.8.8	192.168.2.3	0x77da	No error (0)	liveperson.map.fastly.net		151.101.129.192	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:17.511923075 CEST	8.8.8.8	192.168.2.3	0x77da	No error (0)	liveperson.map.fastly.net		151.101.193.192	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:17.931864977 CEST	8.8.8.8	192.168.2.3	0xceed	No error (0)	lptag.liveperson.net	lptag.liveperson.cotcdb.net.livepersonk.akadns.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:18.578016996 CEST	8.8.8.8	192.168.2.3	0x23bf	No error (0)	accdn.lpsnmedia.net	geo.accdn.livepersonk.akadns.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:18.587837934 CEST	8.8.8.8	192.168.2.3	0x61ab	No error (0)	prda.aadg.msidentity.com	www.tm.a.prd.aadg.akadns.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:18.596647024 CEST	8.8.8.8	192.168.2.3	0xf59a	No error (0)	static-assets.fs.liveperson.com	dh1y47vf5ttia.cloudfront.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:18.596647024 CEST	8.8.8.8	192.168.2.3	0xf59a	No error (0)	dh1y47vf5ttia.cloudfront.net		13.32.25.13	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:18.596647024 CEST	8.8.8.8	192.168.2.3	0xf59a	No error (0)	dh1y47vf5ttia.cloudfront.net		13.32.25.116	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:18.596647024 CEST	8.8.8.8	192.168.2.3	0xf59a	No error (0)	dh1y47vf5ttia.cloudfront.net		13.32.25.53	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:18.596647024 CEST	8.8.8.8	192.168.2.3	0xf59a	No error (0)	dh1y47vf5ttia.cloudfront.net		13.32.25.92	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:18.941176891 CEST	8.8.8.8	192.168.2.3	0x929c	No error (0)	logincdn.msauth.net	lgincdn.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:18.941176891 CEST	8.8.8.8	192.168.2.3	0x929c	No error (0)	cs1227.wpc.alphacdn.net		192.229.221.185	A (IP address)	IN (0x0001)
Apr 7, 2021 23:36:20.691808939 CEST	8.8.8.8	192.168.2.3	0x436e	No error (0)	lpcdn.lpsnmedia.net	geo.lpcdn.livepersonk.akadns.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:22.337430954 CEST	8.8.8.8	192.168.2.3	0xbd78	No error (0)	statics-wcus.onestore.ms	statics.onestore.ms.edgekey.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:22.340665102 CEST	8.8.8.8	192.168.2.3	0x9124	No error (0)	statics-eus.onestore.ms	statics.onestore.ms.edgekey.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:22.348392010 CEST	8.8.8.8	192.168.2.3	0x2b14	No error (0)	statics-eas.onestore.ms	statics.onestore.ms.edgekey.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:22.366255999 CEST	8.8.8.8	192.168.2.3	0xc69a	No error (0)	statics-neu.onestore.ms	statics.onestore.ms.edgekey.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:22.371293068 CEST	8.8.8.8	192.168.2.3	0x25fd	No error (0)	cart.production.store-web.dynamics.com	storeweb-cart-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:22.371293068 CEST	8.8.8.8	192.168.2.3	0x25fd	No error (0)	cart.northeurope.prod.store-web.dynamics.com	sw-prod-appgwpublicip-northeurope.northeurope.cloudapp.azure.com		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:32.945813894 CEST	8.8.8.8	192.168.2.3	0xce41	No error (0)	va.v.liveperson.net	geo.va-v.livepersonk.akadns.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:36:33.041109085 CEST	8.8.8.8	192.168.2.3	0xc591	No error (0)	pmservices-prod.azurefd.net	star-azurefd-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:37:19.954296112 CEST	8.8.8.8	192.168.2.3	0xc24	No error (0)	lptag.liveperson.net	lptag.liveperson.cotcdb.net.livepersonk.akadns.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 23:37:25.975425005 CEST	8.8.8.8	192.168.2.3	0xde22	No error (0)	mcraa.fs.liveperson.com		52.22.165.174	A (IP address)	IN (0x0001)
Apr 7, 2021 23:37:25.975425005 CEST	8.8.8.8	192.168.2.3	0xde22	No error (0)	mcraa.fs.liveperson.com		3.224.142.147	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Apr 7, 2021 23:35:48.129424095 CEST	152.199.23.37	443	192.168.2.3	49801	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Apr 7, 2021 23:35:48.199254990 CEST	152.199.23.37	443	192.168.2.3	49802	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Apr 7, 2021 23:35:48.270368099 CEST	152.199.23.37	443	192.168.2.3	49803	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Apr 7, 2021 23:35:48.298824072 CEST	152.199.23.37	443	192.168.2.3	49804	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Apr 7, 2021 23:35:48.348515034 CEST	152.199.23.37	443	192.168.2.3	49805	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Apr 7, 2021 23:35:48.376107931 CEST	152.199.23.37	443	192.168.2.3	49807	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Apr 7, 2021 23:35:48.441354036 CEST	152.199.23.37	443	192.168.2.3	49808	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Apr 7, 2021 23:35:48.624351025 CEST	152.199.23.37	443	192.168.2.3	49809	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Apr 7, 2021 23:35:49.281749010 CEST	152.199.23.37	443	192.168.2.3	49810	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Apr 7, 2021 23:36:17.550637960 CEST	151.101.1.192	443	192.168.2.3	49907	CN=liveperson.net, O="LivePerson, Inc.", L=New York, ST=New York, C=US CN=GlobalSign CloudSSL CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE	CN=GlobalSign CloudSSL CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Tue Mar 09 02:30:39 CET 2021 Wed Aug 19 02:00:00 CEST 2015	Thu Mar 10 02:30:39 CET 2022 Tue Aug 19 02:00:00 CEST 2025	771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0	b32309a26951912be7dba376398abc3b
Apr 7, 2021 23:36:17.550637960 CEST	151.101.1.192	443	192.168.2.3	49907	CN=GlobalSign CloudSSL CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE	CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Wed Aug 19 02:00:00 CEST 2015	Tue Aug 19 02:00:00 CEST 2025		b32309a26951912be7dba376398abc3b
Apr 7, 2021 23:36:25.327378988 CEST	151.101.1.192	443	192.168.2.3	49988	CN=liveperson.net, O="LivePerson, Inc.", L=New York, ST=New York, C=US CN=GlobalSign CloudSSL CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE	CN=GlobalSign CloudSSL CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Tue Mar 09 02:30:39 CET 2021 Wed Aug 19 02:00:00 CEST 2015	Thu Mar 10 02:30:39 CET 2022 Tue Aug 19 02:00:00 CEST 2025	771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0	b32309a26951912be7dba376398abc3b
Apr 7, 2021 23:36:25.327378988 CEST	151.101.1.192	443	192.168.2.3	49988	CN=GlobalSign CloudSSL CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE	CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Wed Aug 19 02:00:00 CEST 2015	Tue Aug 19 02:00:00 CEST 2025		b32309a26951912be7dba376398abc3b

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exe PID: 5640 Parent PID: 2124

General

Start time:	23:35:15
Start date:	07/04/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw'
Imagebase:	0x7ff77b960000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: chrome.exe PID: 5792 Parent PID: 5640

General

Start time:	23:35:17
Start date:	07/04/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1512,2117667614176880093,14641166115673408432,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1692 /prefetch:8
Imagebase:	0x7ff77b960000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token .
Tactics:	Initial Access
Data Sources:	Network device logs, Network intrusion detection system, Packet capture, Process use of network, SSL/TLS inspection, Web proxy
Platforms:	Linux, macOS, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://app.box.com/s/8p8me5xqjq7bscqlwjdewgnli7pt36mw

Overview

General Information

Detection

Signatures

Classification

Startup

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Snort IDS Alerts

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: chrome.exe PID: 5640 Parent PID: 2124

General

Analysis Process: chrome.exe PID: 5792 Parent PID: 5640

General

Disassembly