Analysis Report https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen

Overview

General Information

Sample URL:	https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen
Analysis ID:	418883
Infos:
Most interesting Screenshot:

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Phishing site detected (based on logo template match)

Invalid T&C link found

Classification

Signatures

AV Detection:

Antivirus detection for URL or domain

Source: https://installw.com/ajax/libs/jquery/3.0.1/jquery.min.js

Avira URL Cloud: Label: malware

Phishing:

Phishing site detected (based on logo template match)

Source: https://risefundraiser.com/login	Matcher: Template: facebook matched
Source: https://risefundraiser.com/login	Matcher: Template: facebook matched

Invalid T&C link found

Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Terms of Use

Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="author".. found

Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="copyright".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="copyright".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="copyright".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.20.1:443 -> 192.168.2.4:49783 version: TLS 1.2

Source: create[1].htm.3.dr	String found in binary or memory: <img height='1' width='1' style='display:none' src='https://www.facebook.com/tr?id=2126210880948599&ev=PageView&noscript=1'/>; equals www.facebook.com (Facebook)
Source: 2126210880948599[1].js.3.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("signalsFBEventsGetTier");e.exports=function(b,c){c=a(c);c=c==null?"www.facebook.com":"www."+c+".facebook.com";return"https://"+c+"/signals/iwl.js?pixel_id="+b}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}};e.exports=new h(function(d,e){function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=function(){n.removeItem(m),a.close()};e.src=i(c,g.ENDPOINT);b.body&&b.body.appendChild(e)}var o=!1,p=function(a){return!!(e&&e.pixelsByID&&Object.prototype.hasOwnProperty.call(e.pixelsByID,a))};function q(){if(o)return;var b=n.getItem(m);if(!b)return;b=JSON.parse(b);var c=b.pixelID,d=b.graphToken,e=b.sessionStartTime;o=!0;h(c,function(){var b=p(c)?c:null;a.FacebookIWL.init(b,d,e)})}function r(b){if(o)return;h(b,func

Source: unknown

DNS traffic detected: queries for: risefundraiser.com

Source: Chart.bundle.min[1].js.3.dr	String found in binary or memory: http://chartjs.org/
Source: animate.min[1].css.3.dr	String found in binary or memory: http://daneden.me/animate
Source: fontawesome-webfont[1].eot.3.dr, font-awesome.min[1].css.3.dr	String found in binary or memory: http://fontawesome.io
Source: font-awesome.min[1].css.3.dr	String found in binary or memory: http://fontawesome.io/license
Source: fontawesome-webfont[1].eot.3.dr	String found in binary or memory: http://fontawesome.io/license/
Source: fontawesome-webfont[1].eot.3.dr	String found in binary or memory: http://fontawesome.iohttp://fontawesome.iohttp://fontawesome.io/license/http://fontawesome.io/licens
Source: bootstrap.min[1].css.3.dr	String found in binary or memory: http://getbootstrap.com)
Source: animate.min[1].css.3.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: risefundraiser[1].xml.3.dr	String found in binary or memory: http://round.glass/rise/"
Source: swiper.min[1].css.3.dr	String found in binary or memory: http://www.idangero.us/swiper/
Source: gtm[1].js.3.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: create[1].htm.3.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.3/jquery.min.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://api.whatsapp.c
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://api.whatsapp.com/send?text=https%3A%2F%2Frisefundraiser.com%2Fcampaign%2Fhelp-india-fight-co
Source: gtm[1].js.3.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: create[1].htm.3.dr	String found in binary or memory: https://cdn.quilljs.com/1.2.2/quill.bubble.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdn.quilljs.com/1.2.2/quill.snow.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.6.0/Chart.bundle.min.js
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.1.6/assets/owl.carousel.min.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/swiper.min.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/swiper.min.js
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/systemjs/0.19.39/system.src.js
Source: create[1].htm.3.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/main.94919de6defa08284319.js
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/polyfills.661b9383b7c93a39b0f5.js
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/scripts.d004d92bf73ccd662204.js
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/vendor.7b1b41a937a083fd16b0.js
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.woff
Source: create[1].htm.3.dr, ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favicon.ico?v=2
Source: imagestore.dat.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favicon.ico?v=2~
Source: risefundraiser[1].xml.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/logo.png"
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/hero.jpg
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/design-Ico.png
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/fundraiser-Ico.png
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/peers-Ico.png
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/promote-Ico.png
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/storybg.png)
Source: risefundraiser[1].xml.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/rg-logo.png"
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/themes/style-layout.css
Source: styles.a19aec6bac6aa86c5932[1].css2.3.dr	String found in binary or memory: https://fengyuanchen.github.io/cropperjs
Source: owl.carousel.min[1].css.3.dr	String found in binary or memory: https://github.com/OwlCarousel2/OwlCarousel2/blob/master/LICENSE)
Source: Chart.bundle.min[1].js.3.dr	String found in binary or memory: https://github.com/chartjs/Chart.js/blob/master/LICENSE.md
Source: gtm[1].js.3.dr	String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: bootstrap.min[1].css.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: calculator-v1[1].js.3.dr	String found in binary or memory: https://installw.com/ajax/libs/jquery/3.0.1/jquery.min.js
Source: create[1].htm.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Source: create[1].htm.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Source: create[1].htm.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: quill.bubble[1].css.3.dr	String found in binary or memory: https://quilljs.com/
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/campaign/help-india-fight-ctegrated
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/createhelp-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/explorehelp-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/loginRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/notificationRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/offeringsRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/orgsRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/otificationRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/reatehelp-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.Root
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr, create[1].htm.3.dr	String found in binary or memory: https://risefundraiser.com/
Source: risefundraiser[1].xml.3.dr	String found in binary or memory: https://risefundraiser.com/"
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen#campaign
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen#campaigna-fight-covi
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen.com/campaign/help-in
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygenZEdifecs:
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/create
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/createhelp-india-fight-covid-19-donate-for-oxygen
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/createhelp-india-fight-covid-19-donate-for-oxygend
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/explore
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/explorehelp-india-fight-covid-19-donate-for-oxygen
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/explorehelp-india-fight-covid-19-donate-for-oxygenhttps://risefundraiser.
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/explorehelp-india-fight-covid-19-donate-for-oxygenicon/favicon.ico?v=2
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/explorevFundraising
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/login
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/loginationhttps://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favicon
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/loginhelp-india-fight-covid-19-donate-for-oxygen
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/loginhelp-india-fight-covid-19-donate-for-oxygenb
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/notification
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/offerings
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/offeringsj
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/orgs
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/orgs$
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/otification
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/otificationhttps://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favico
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/reatehelp-india-fight-covid-19-donate-for-oxygeniser.com/
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundrraiser.com/explore
Source: create[1].htm.3.dr	String found in binary or memory: https://s3-us-west-2.amazonaws.com/rg-fundraiser/assets/images/calculator-v1.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: analytics[1].js.3.dr	String found in binary or memory: https://tagassistant.google.com/
Source: create[1].htm.3.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: create[1].htm.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: create[1].htm.3.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-K54ZJZ4

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.20.1:443 -> 192.168.2.4:49783 version: TLS 1.2

Source: classification engine

Classification label: mal52.phis.win@3/115@10/9

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{622DD187-B99A-11EB-90EB-ECF4BBEA1588}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DFB16589E349C1BC94.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2480 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2480 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.17.182.73	js.hsforms.net	United States	13335	CLOUDFLARENETUS	false
104.18.10.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
31.13.92.14	scontent.xx.fbcdn.net	Ireland	32934	FACEBOOKUS	false
52.218.236.192	s3-us-west-2.amazonaws.com	United States	16509	AMAZON-02US	false
13.224.89.71	dqy0ngl1d5798.cloudfront.net	United States	16509	AMAZON-02US	false
172.217.20.1	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
54.201.10.107	risefundraiser.com	United States	16509	AMAZON-02US	false
151.101.1.0	render.map.fastly.net	United States	54113	FASTLYUS	false
104.16.18.94	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Contacted Domains

Name	IP	Active
risefundraiser.com	54.201.10.107	true
scontent.xx.fbcdn.net	31.13.92.14	true
js.hsforms.net	104.17.182.73	true
cdnjs.cloudflare.com	104.16.18.94	true
dqy0ngl1d5798.cloudfront.net	13.224.89.71	true
maxcdn.bootstrapcdn.com	104.18.10.207	true
render.map.fastly.net	151.101.1.0	true
googlehosted.l.googleusercontent.com	172.217.20.1	true
s3-us-west-2.amazonaws.com	52.218.236.192	true
cdn.quilljs.com	unknown	unknown
connect.facebook.net	unknown	unknown
lh3.googleusercontent.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://risefundraiser.com/orgs	true	unknown
https://risefundraiser.com/offerings	true	unknown
https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen	true	unknown
https://risefundraiser.com/login	true	unknown
https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen#campaign	true	unknown
https://api.whatsapp.com/send?text=https%3A%2F%2Frisefundraiser.com%2Fcampaign%2Fhelp-india-fight-covid-19-donate-for-oxygen%3Futm_source%3Dwhatsapp%26utm_medium%3Dsocial	false	high

AV Detection:

Antivirus detection for URL or domain

Source: https://installw.com/ajax/libs/jquery/3.0.1/jquery.min.js

Avira URL Cloud: Label: malware

Phishing:

Phishing site detected (based on logo template match)

Source: https://risefundraiser.com/login	Matcher: Template: facebook matched
Source: https://risefundraiser.com/login	Matcher: Template: facebook matched

Invalid T&C link found

Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Terms of Use
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Privacy Policy
Source: https://risefundraiser.com/login	HTTP Parser: Invalid link: Terms of Use

Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="author".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="author".. found

Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="copyright".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="copyright".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="copyright".. found
Source: https://risefundraiser.com/login	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.20.1:443 -> 192.168.2.4:49783 version: TLS 1.2

Source: create[1].htm.3.dr	String found in binary or memory: <img height='1' width='1' style='display:none' src='https://www.facebook.com/tr?id=2126210880948599&ev=PageView&noscript=1'/>; equals www.facebook.com (Facebook)
Source: 2126210880948599[1].js.3.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("signalsFBEventsGetTier");e.exports=function(b,c){c=a(c);c=c==null?"www.facebook.com":"www."+c+".facebook.com";return"https://"+c+"/signals/iwl.js?pixel_id="+b}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}};e.exports=new h(function(d,e){function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=function(){n.removeItem(m),a.close()};e.src=i(c,g.ENDPOINT);b.body&&b.body.appendChild(e)}var o=!1,p=function(a){return!!(e&&e.pixelsByID&&Object.prototype.hasOwnProperty.call(e.pixelsByID,a))};function q(){if(o)return;var b=n.getItem(m);if(!b)return;b=JSON.parse(b);var c=b.pixelID,d=b.graphToken,e=b.sessionStartTime;o=!0;h(c,function(){var b=p(c)?c:null;a.FacebookIWL.init(b,d,e)})}function r(b){if(o)return;h(b,func

Source: unknown

DNS traffic detected: queries for: risefundraiser.com

Source: Chart.bundle.min[1].js.3.dr	String found in binary or memory: http://chartjs.org/
Source: animate.min[1].css.3.dr	String found in binary or memory: http://daneden.me/animate
Source: fontawesome-webfont[1].eot.3.dr, font-awesome.min[1].css.3.dr	String found in binary or memory: http://fontawesome.io
Source: font-awesome.min[1].css.3.dr	String found in binary or memory: http://fontawesome.io/license
Source: fontawesome-webfont[1].eot.3.dr	String found in binary or memory: http://fontawesome.io/license/
Source: fontawesome-webfont[1].eot.3.dr	String found in binary or memory: http://fontawesome.iohttp://fontawesome.iohttp://fontawesome.io/license/http://fontawesome.io/licens
Source: bootstrap.min[1].css.3.dr	String found in binary or memory: http://getbootstrap.com)
Source: animate.min[1].css.3.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: risefundraiser[1].xml.3.dr	String found in binary or memory: http://round.glass/rise/"
Source: swiper.min[1].css.3.dr	String found in binary or memory: http://www.idangero.us/swiper/
Source: gtm[1].js.3.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: create[1].htm.3.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.3/jquery.min.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://api.whatsapp.c
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://api.whatsapp.com/send?text=https%3A%2F%2Frisefundraiser.com%2Fcampaign%2Fhelp-india-fight-co
Source: gtm[1].js.3.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: create[1].htm.3.dr	String found in binary or memory: https://cdn.quilljs.com/1.2.2/quill.bubble.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdn.quilljs.com/1.2.2/quill.snow.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.6.0/Chart.bundle.min.js
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.1.6/assets/owl.carousel.min.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/swiper.min.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/swiper.min.js
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Source: create[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/systemjs/0.19.39/system.src.js
Source: create[1].htm.3.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/main.94919de6defa08284319.js
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/polyfills.661b9383b7c93a39b0f5.js
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/scripts.d004d92bf73ccd662204.js
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/1.9.7_P9_patch2/vendor.7b1b41a937a083fd16b0.js
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_0_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_1_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_2_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_3_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_4_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_5_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_6_0.woff
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.eot
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.eot?#iefix
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.ttf
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/fonts/313E30_7_0.woff
Source: create[1].htm.3.dr, ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favicon.ico?v=2
Source: imagestore.dat.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favicon.ico?v=2~
Source: risefundraiser[1].xml.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/logo.png"
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/hero.jpg
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/design-Ico.png
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/fundraiser-Ico.png
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/peers-Ico.png
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/icon/promote-Ico.png
Source: style-layout[1].css.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/microsite/storybg.png)
Source: risefundraiser[1].xml.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/images/rg-logo.png"
Source: create[1].htm.3.dr	String found in binary or memory: https://dqy0ngl1d5798.cloudfront.net/assets/themes/style-layout.css
Source: styles.a19aec6bac6aa86c5932[1].css2.3.dr	String found in binary or memory: https://fengyuanchen.github.io/cropperjs
Source: owl.carousel.min[1].css.3.dr	String found in binary or memory: https://github.com/OwlCarousel2/OwlCarousel2/blob/master/LICENSE)
Source: Chart.bundle.min[1].js.3.dr	String found in binary or memory: https://github.com/chartjs/Chart.js/blob/master/LICENSE.md
Source: gtm[1].js.3.dr	String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: bootstrap.min[1].css.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: calculator-v1[1].js.3.dr	String found in binary or memory: https://installw.com/ajax/libs/jquery/3.0.1/jquery.min.js
Source: create[1].htm.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Source: create[1].htm.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Source: create[1].htm.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: quill.bubble[1].css.3.dr	String found in binary or memory: https://quilljs.com/
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/campaign/help-india-fight-ctegrated
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/createhelp-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/explorehelp-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/loginRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/notificationRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/offeringsRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/orgsRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/otificationRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundr.com/reatehelp-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.Root
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr, create[1].htm.3.dr	String found in binary or memory: https://risefundraiser.com/
Source: risefundraiser[1].xml.3.dr	String found in binary or memory: https://risefundraiser.com/"
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen#campaign
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen#campaigna-fight-covi
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen.com/campaign/help-in
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygenRoot
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygenZEdifecs:
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/create
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/createhelp-india-fight-covid-19-donate-for-oxygen
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/createhelp-india-fight-covid-19-donate-for-oxygend
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/explore
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/explorehelp-india-fight-covid-19-donate-for-oxygen
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/explorehelp-india-fight-covid-19-donate-for-oxygenhttps://risefundraiser.
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/explorehelp-india-fight-covid-19-donate-for-oxygenicon/favicon.ico?v=2
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundraiser.com/explorevFundraising
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/login
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/loginationhttps://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favicon
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/loginhelp-india-fight-covid-19-donate-for-oxygen
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/loginhelp-india-fight-covid-19-donate-for-oxygenb
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/notification
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/offerings
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/offeringsj
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/orgs
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/orgs$
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/otification
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/otificationhttps://dqy0ngl1d5798.cloudfront.net/assets/images/icon/favico
Source: ~DF6F133FC75023CC50.TMP.1.dr	String found in binary or memory: https://risefundraiser.com/reatehelp-india-fight-covid-19-donate-for-oxygeniser.com/
Source: {622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://risefundrraiser.com/explore
Source: create[1].htm.3.dr	String found in binary or memory: https://s3-us-west-2.amazonaws.com/rg-fundraiser/assets/images/calculator-v1.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: analytics[1].js.3.dr	String found in binary or memory: https://tagassistant.google.com/
Source: create[1].htm.3.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: create[1].htm.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: create[1].htm.3.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-K54ZJZ4

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 54.201.10.107:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.0:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.182.73:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.71:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.236.192:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.20.1:443 -> 192.168.2.4:49783 version: TLS 1.2

Source: classification engine

Classification label: mal52.phis.win@3/115@10/9

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{622DD187-B99A-11EB-90EB-ECF4BBEA1588}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DFB16589E349C1BC94.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2480 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2480 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

ID:	418883
Product:	CloudBasic
Start time:	20:36:16
Start date:	20.05.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\E5F0NRSV\risefundraiser[1].xml	UTF-8 Unicode text, with very long lines, with no line terminators	8648A0A85D421BBAC0AD0108124F59C7	6D9059B0DD6E30C87B8A89DF53D247C88D7D6221	88006176DF720C29F89F21390F9FFAAEB0136775B405A8EB5469B631A5B578A8
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{622DD187-B99A-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	03F28B8D33F124CD82503434F5377938	875D024D9031109A47C69134F4D23220B3FAC39F	01C2E13734C39908D3A6AE2942A04D38D643CEF2B062B571FDFACA10E0BA4B99
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{622DD189-B99A-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	4AC80084EEDD72E6C9739F63A6F1B08A	B276C101CF8B95BDAEE49F3F4166D2CF1B21F85D	9705F11D65A8C5B6BD4385F5D19AFA3268576C17F6B3A75A59851D6D194B8A09
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{69711AB1-B99A-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	8344D75B8095BCBE66A47DB00685F205	CA8B66995CFE3A4ECAC01C1E80D0811D78D392C9	1160832E036EA8C33BE823EAAFD884F2C6F49150CF7A194EBDB0E5A45D784F50
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat	data	24A94E19CB4AF83D9287422BD3C69317	C0E13E1C2A101B0455C3BB84F82EBADEF2745255	8C07B91716A95827F8054DDD831A8C2A6B2AEAF80CD7ACC4C76D4754A7566F33
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\2.4b9b9b512c2d18bea2fa[1].js	ASCII text, with very long lines, with no line terminators	017187A9DE9A04C22B9B4E95220FBB08	08BD4D11B431CAFB66B4870D20C1623F868D2496	F7ABCB2A2CFD0A4B0505C16F61B243ED013986C3C2675CD82651631A29539964
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\2126210880948599[1].js	ASCII text, with very long lines	808520535955CC1E341511FF493C6704	0176C6F76E6EC2F308C4C561460FD5BC8ACD711F	CD23C1588831E8E86CC4565585F2CCD769F38184C2A9DCEF5C6D8537F314021A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\analytics[1].js	ASCII text, with very long lines	6DF1787C4BE82D1BB24F8BFFA10C7738	3634E839429E462E49C5F42B75FBFB4BA318AF6D	2CB09C7B3E19BFC41743CA3624EF81C3258D56525647FEAC76AA757E0292627A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\animate.min[1].css	ASCII text, with very long lines	178B651958CEFF556CBC5F355E08BBF1	97AFA151569F046B2E01F27C1871646E9CD87CAF	8FE3FA119255ADB5E0C12479331F9E092E85BCFF56AB6ECC0510BFA2056B898D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\bootstrap.min[1].css	ASCII text, with very long lines	EC3BB52A00E176A7181D454DFFAEA219	6527D8BF3E1E9368BAB8C7B60F56BC01FA3AFD68	F75E846CC83BD11432F4B1E21A45F31BC85283D11D372F7B19ACCD1BF6A2635C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\campaign[1].htm	ASCII text, with very long lines, with no line terminators	A2B7AE388BCF1BBB364A345F31013BC6	05D88AB7FD6996E815EA555F8EA33689591138F5	80E7851E13A7E1A92B6C2790EB09220683D13A587C55C3BD1555D18F0B4CBF14
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\category[1].png	PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced	D213CD5B7BEBEF7AF9FFCEBDEA489487	7CBE56B1A448AAAF458FB551929A44FED4C935ED	07B6BC8A7FAE66A8884F04B3AA0BC85AAAD5DFEEC06A77FE66EBB7BF134E61EF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\errorPageStrings[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	D65EC06F21C379C87040B83CC1ABAC6B	208D0A0BB775661758394BE7E4AFB18357E46C8B	A1270E90CEA31B46432EC44731BF4400D22B38EB2855326BF934FE8F1B169A4F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\font-awesome.min[1].css	ASCII text, with very long lines	269550530CC127B6AA5A35925A7DE6CE	512C7D79033E3028A9BE61B540CF1A6870C896F8	799AEB25CC0373FDEE0E1B1DB7AD6C2F6A0E058DFADAA3379689F583213190BD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\fontawesome-webfont[1].eot	Embedded OpenType (EOT), FontAwesome family	674F50D287A8C48DC19BA404D20FE713	D980C2CE873DC43AF460D4D572D441304499F400	7BFCAB6DB99D5CFBF1705CA0536DDC78585432CC5FA41BBD7AD0F009033B2979
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\gtm[1].js	UTF-8 Unicode text, with very long lines	FB03A97E6E876A1D9E4A65364DE9A0C7	4CE81401CDFF314C941024BE3F4DFDE0F7BF112F	979425217C6C12165ADE9777989BBD0CE48E11A22E2BC45B550FF2AB66F7D08F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\help-india-fight-covid-19-donate-for-oxygen[1].htm	HTML document, ASCII text, with very long lines	930BEB337957CB670EA0A26E14F60641	82E9EDCFFFB9963BCAA5630B4E69EE31F3A022A0	191023D73725AF7817E533FD81FC969E7218AEEFC55E4866B5B1BFFE7D5F07F0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\help-india-fight-covid-19-donate-for-oxygen[1].json	ASCII text, with no line terminators	C4CBFE5BDC03042E1247747430A6AC87	C8DEFD12416E3F28EF6CC22CC25E970804710706	1A34D9AD2C22D54E57B66F10972A34AFCDF769F80D49AA10C202EA1D615CC7B2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\help-india-fight-covid-19-donate-for-oxygen[2].htm	ASCII text, with very long lines, with no line terminators	1D73CB27C802DE1C89203C09A17F9E6C	7448E24A2D2CAE0A6A5D859171FCFDED3AE48239	C5036FC0FBA17A3C421C1A8774B61338914D6B0C205F8459D29CE9FED63E15E9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\help-india-fight-covid-19-donate-for-oxygen[3].htm	ASCII text, with no line terminators	1D9CBC9183CC4856FDE20A4975B21934	8BA065FFB062AD0DEEB8CDFCEA073C6AF22057E9	13E377274C138BC7DD7FD92337470C8501CC358B2A8A930CF3D04A71D37DBA50
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\help-india-fight-covid-19-donate-for-oxygen[4].htm	ASCII text, with very long lines, with no line terminators	4462F1E77507365714C59D8661420218	9410BBCE02D966274428C8CF49CF8E3F0EDBBCBC	4192117ED03F25BDCDC9B8684ABECAB6690CC6502515B54390F26137D154F393
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\icon-sprite[1].png	PNG image data, 70 x 1800, 8-bit/color RGBA, non-interlaced	DBC207D114CDB2D6A45298C1496762FD	5A94DCE9715A32C316E6B61FFF12541A4361EC52	ED608E7B73C8D11DE411E62F7DB311ABFA25B9252D93174229F2FB6DA35AED0B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\logo[1].png	PNG image data, 320 x 29, 8-bit/color RGBA, non-interlaced	37757573A86E0D9806E2026E5AD0ED98	F7F1401D4A1A1C59B9273D0D2CD99DEB8E12D700	E233C0A97EB72959AB358ED12E6AD2AC1C844714DF3C65BC2A453F0FDEB516CE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\mobile-brandlogo[1].svg	SVG Scalable Vector Graphics image	7489C8DB6CF91158E37B6B22F0727958	422D4085CA80D199908FFE97E636DE31D667C451	122886B71B3B906F61231B8932A20AA733AB0F1DA775C2AFEDD6B63F535BEB98
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\mobile-brandlogo[2].svg	SVG Scalable Vector Graphics image	7489C8DB6CF91158E37B6B22F0727958	422D4085CA80D199908FFE97E636DE31D667C451	122886B71B3B906F61231B8932A20AA733AB0F1DA775C2AFEDD6B63F535BEB98
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\no-org[1].png	PNG image data, 122 x 112, 8-bit/color RGBA, non-interlaced	F9984F14F3BA133B1498FE0E6B791DA2	BE38DCB9F30F900CFD866663C7FEB71CBD1D1703	6E71FAC7555D79BF25BA3C919EB2A70BFE7CE92F1668737AA9F0DE1F8658DAD9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\notification[1].htm	HTML document, ASCII text, with very long lines	2A5CEF0817081FC6AD1909B62ACD9919	B005FD522AD71CCADCBFE240599389ACA8BECDCA	B6F1F3701DC121B979E593EBD27D71CDDD16BDECFB3FEDD70C7ADB5F2D0BA3F3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\quill.bubble[1].css	ASCII text	BF72827F7B8BA905583BB96B3CBCECFA	CC207D56A87886E74E83256F9C59DD053A6749BA	588FC4B888D104066129BB5DB7A43B9A3518A80A79FF12055EFBCDE6FE212B56
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\quill.snow[1].css	ASCII text	455913274305F030C2944F8DE75A0996	12165B0AABA2E1E44311B6160CF54313598508AE	C99A5C5600B39A3FC8A4B2A47BD9B8C6276F399284C1F32D893852979C5197DA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\search-icon[1].png	PNG image data, 14 x 15, 8-bit colormap, non-interlaced	D5771DF738B58A49F97A7E81FC57950F	4127BF2E7D5704BF750D6C55C82DF54DD21A6712	3EB6E5F60B14BE86B9C5778047CC617BDFBE7D9DF5B40AA0BE17E642885DF0A6
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\styles.a19aec6bac6aa86c5932[1].css	ASCII text, with very long lines	F753655555A8CCF2D9F3D2F2DD14CBEE	1307C82DA95EE428D6AA5456A9D5B8C36DD3B804	FA6D0F89AA5233FCA7459485DB8CC8AD2D3ED702EA5C653376A350ADA4624FEB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\theCenter2-350px[1].jpg	[TIFF image data, big-endian, direntries=16, height=6144, manufacturer=Canon, model=Canon EOS 5D Mark II, orientation=upper-left, xresolution=2294, yresolution=2302, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2015:01:26 13:24:41, width=4096], baseline, precision 8, 350x400, frames 3	1A7178933DC3BF18500C64C0A7D79E9A	5271FF428501C24DE6974FA436B688AFF9417E95	AF3F9922E6DB913921379D60A91493099E2F2B041D798A9158A044850839031F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\1.5cf16574643d5c9fb418[1].js	ASCII text, with very long lines, with no line terminators	DC1AB1848707F8E095AEFB39A8E4750C	9AFCFB18F7B0698D8695CAB0BF6427A8C0B7C484	DC9449A8A415DD94F061F9022A021503672ADE942640407E22F2510F162DDC57
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\19.7daa68dd33aae7e5e751[1].js	ASCII text, with very long lines, with no line terminators	966FA0601455C35A11EFDB4C146FD68C	F4A65D518ED65537EF7CCA6F576B54980B8F617C	E8016EC2AF237FE1192265447E4965B234CC42C7B1BCD92E8342732095C5AF23
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2020-01-23_22-57-36[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, frames 3	508492BEA54F640A5730FB7668E39005	568614B96B6D1A1A0A0F6DA49EF2A3838B137C30	1BE88288625A7D7E4D97DA195A123F7407A70251F5CD9BAF1A8E38DE60C6EE6A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2126210880948599[1].js	ASCII text, with very long lines	1A01B87AD9BFCFEF8085580509E16AC6	4A7DECF0126F8AF69B4762EC7CEE6F5767DA2AA7	93538E2907F6D0F0E48C9A2886BCDCCFAB5077279F5CF6C755800176EEEB541D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2126210880948599[2].js	ASCII text, with very long lines	AE4DA01D599640A4F84724E8CB5C890E	12FD721F9A99A063BFE2419CDFFBF48A95DED5B1	8D4A8EF94E0F6FED90678AC8974450340DDAAE87E74003A774EF518C1A109C4D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\22.ffb009f27d517354a7bf[1].js	ASCII text, with very long lines, with no line terminators	A9963E007E9D8BDA1DED3FD7B87A8C9C	2E08A3B913F2FAFBCE4A69AFBC833B81B85155F7	F262C7DEEF76FDE080C7350AABEDA4FBB6E3AF3D34ED01189863DD5B42CAAE63
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\GV[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, frames 3	380E05E08FDFE5A5363CF78157502BB1	C1D7F2B401855883C7B43A94DB0F41ED8B77C886	B6F6686B11DCC853924923CCBD1F9B0916F848F8344C5CDB1744CFD2CC4FE0DE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\NewErrorPageTemplate[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	DFEABDE84792228093A5A270352395B6	E41258C9576721025926326F76063C2305586F76	77B138AB5D0A90FF04648C26ADDD5E414CC178165E3B54A4CB3739DA0F58E075
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\RG-FoundationYoutubeProfile[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, frames 3	513E3901D2C8FEA9F3F113A02AF3A1DB	10E907BE368B69B925DCA74D929A82E6138E94A1	D12413B19C3157EFBFEFBFD3CB05EBE8EECF4DFEC83C5E92A5D0691F59FF994E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\bootstrap.min[1].js	ASCII text, with very long lines	5869C96CC8F19086AEE625D670D741F9	430A443D74830FE9BE26EFCA431F448C1B3740F9	53964478A7C634E8DAD34ECC303DD8048D00DCE4993906DE1BACF67F663486EF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\campaigns[1].htm	HTML document, ASCII text, with very long lines, with no line terminators	FC718E4B02A1200AF8033BD30FE13D16	FC1081018C4CD2705882B7F667857E6FB51178F1	E4B26102FE1F4C1AF342685DBD8C6932043810AB902B063117B382D0F743D9E6
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\down[1]	PNG image data, 15 x 15, 8-bit colormap, non-interlaced	C4F558C4C8B56858F15C09037CD6625A	EE497CC061D6A7A59BB66DEFEA65F9A8145BA240	39E7DE847C9F731EAA72338AD9053217B957859DE27B50B6474EC42971530781
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\favicon[1].ico	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	C94E81065888B62BF227B3B3CDE05293	02B94517E6A1CEEAB8587A190A3CBBB62790A3E9	C88E9605361E7AA6DAF9C8A53B63C9E3FFA6800D0F8F486D0AD410E85932F160
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\help-india-fight-covid-19-donate-for-oxygen[1].htm	ASCII text, with very long lines, with no line terminators	18109223E69FBE7321B036CEBC81D0ED	7DDB5D9E746E9884C562FD2DC348A04D3AE10E2F	63098B6AFC6EDF946878339AE8966CBAFB87C201847DFAB973DC2BDB84304C1E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\help-india-fight-covid-19-donate-for-oxygen[1].json	ASCII text, with no line terminators	C4CBFE5BDC03042E1247747430A6AC87	C8DEFD12416E3F28EF6CC22CC25E970804710706	1A34D9AD2C22D54E57B66F10972A34AFCDF769F80D49AA10C202EA1D615CC7B2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\help-india-fight-covid-19-donate-for-oxygen[2].htm	ASCII text, with very long lines, with no line terminators	7AA9341861D9D44D56551FEEB7366257	C43B293106C61D88658E72119105D45BAA1A0803	E2C198778D5D68F11B07BCF16F598A967B41EFC34839679728654F9FB4896792
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jointeam[1].png	PNG image data, 92 x 92, 8-bit/color RGBA, non-interlaced	741D4857CCE301D72EBE085A6886B56F	11836A0AFDCE67AEBF26BB066716D954555F13A3	B8D01AE7996702EF28157FF4F93A623031308EF130D86BB94B67676638561548
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\main.94919de6defa08284319[1].js	ASCII text, with very long lines, with no line terminators	D588B9A4FDA0E8BF8551B0C1DACE7476	F02399F4BFE067DF6F32AF15FDD6AE7D556DDC63	C970C9766ECC73F2B1EC364EFBDEA2C9B14A4B31D82BD7EB5F204D977863313A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\offerings[1].htm	HTML document, ASCII text, with very long lines	2A5CEF0817081FC6AD1909B62ACD9919	B005FD522AD71CCADCBFE240599389ACA8BECDCA	B6F1F3701DC121B979E593EBD27D71CDDD16BDECFB3FEDD70C7ADB5F2D0BA3F3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\orgs[1].htm	HTML document, ASCII text, with very long lines	2A5CEF0817081FC6AD1909B62ACD9919	B005FD522AD71CCADCBFE240599389ACA8BECDCA	B6F1F3701DC121B979E593EBD27D71CDDD16BDECFB3FEDD70C7ADB5F2D0BA3F3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\polyfills.661b9383b7c93a39b0f5[1].js	ASCII text, with very long lines, with no line terminators	64EE510D298F7A9D5D903C09DFD5DD2E	6AC796273F014314F7B9192CB522EA54E43BB6A6	1511EE988EA9B78FFED8A19D8CAF41323B5113D4B4604A59D290D3D69EF8FF8F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\scripts.d004d92bf73ccd662204[1].js	ASCII text, with very long lines, with no line terminators	20E3AD8573552DC6216513076660AE02	A6986325320D54162B1164D3F0A39ABBC6619FA3	7FC07124DFC5B6E5C0F8E420286BACEBD05317632F569FC89EB887FA4D2A20D5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\style-layout[1].css	ASCII text	4358F223535895B968CE0B87F7A745DA	CC2760B005F14AD70A87CA1B8A616298C11E6118	ACB1CA8F2038623F6E718DEEEDDD458BBDA9B6DFF25718AA4B5F3DFCE08CD3A5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\styles.a19aec6bac6aa86c5932[1].css	ASCII text, with very long lines	474FEA01E60D3BDB011F756FE5F3DB55	6CCF3E80B0B9C4A01E995FF78170C7C57687FEF5	85A1EF5D8C5694507F53BF36A6D48EEBF3A941A9424BD4EE3DE3C20A40BC9E1D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\swiper.min[1].js	ASCII text, with very long lines	53FC0155C6C3CB55F34B749325EBB370	A0738B4767A38B90E17792041D648ED621DAB2AE	B9C90C601BC81AD71ED8BE557FF9B095DE5AAE947926E84011E2728CF65250A6
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\unite[1].jpg	gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 640x343, frames 3	DA278FF50AB1BCBABA3F4837841E1D72	E6798E6764AC059A64636B132E523E14D7F82DD0	FC1E2BA78A3DB54DAD1D17006ABACBFB12B99BCC209E6F6737684F03D3470465
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\vendor.7b1b41a937a083fd16b0[1].js	ASCII text, with very long lines, with no line terminators	C86E5AC192DD7863E71E6900DD48626E	9FB46A182EC58A16DEC1540EC49F18E88A86B0D3	5AC5AACFB3040CEE52DF80CED8CBD3E0F6ACC34CA7025120FC641FC0CC79AF23
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\0.5dfdaa7dfd5376b677fc[1].js	ASCII text, with very long lines, with no line terminators	70263DB7C4A020915B912D676257F4C7	7960A1890B37481524188FE0BC5EC5BEE88D867A	3337B28ED58DCF883AE4F25887DE585B3E4070A143F0451DC34D1A03A3611A95
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\14.2ec136e8a48c6b3f9416[1].js	ASCII text, with very long lines, with no line terminators	3E92E103CFCA77F19512F7F3A3B4E983	31ECF4F9339AB809C5B9AF4B6542F9E5C5C7537A	A2D6C3F2746CC05938B09983DA239FD913ADA43EF378484B7D294717ECA19FF9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\21.680500fdf3b5ae7c779f[1].js	ASCII text, with very long lines, with no line terminators	EE744D47A86ED7392F1431D9379725C8	D4A9F14E9FCC8D9922EA3A6B0359673249BC3843	AB82A5653B0DB8345FC3C7503AFC98FDA2A917B2B4546AE51914E74F7F237A81
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\2126210880948599[1].js	ASCII text, with very long lines	AE4DA01D599640A4F84724E8CB5C890E	12FD721F9A99A063BFE2419CDFFBF48A95DED5B1	8D4A8EF94E0F6FED90678AC8974450340DDAAE87E74003A774EF518C1A109C4D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\7.e3eae7715a1007e2167a[1].js	ASCII text, with very long lines, with no line terminators	7B4A071FDED67BA056AB3EA2DD656F28	776C8ED313535BF0224485B060598508C2617D7F	D975085BF84CEE9D6FCF995615E578F114278EFA8D3ADC47F6E74F43D10B1EBA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Accepted[1].htm	ASCII text, with very long lines, with no line terminators	288E6EE8E808BD945E9A136FA7D8A308	91C4D08B6C6A4AC425CEE367B3ACD6C318093885	5E51D0F93AB174017FD8F52F4846434180DC6DDC65F934C13AD0C7BE8B7907EC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Chart.bundle.min[1].js	ASCII text, with very long lines	658DCA7101C0E348DA6A8898F04A383F	37F92D10CDF56F5C78AFD05ABDB72F93EE8D2686	54D6D7F4D8D03515BE064D361BF44EE968932AE867716238132ECB9126C4FB9B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Concentrator[1].png	PNG image data, 320 x 450, 8-bit/color RGBA, non-interlaced	1B3DB60867FD9FE7A2A62D73EDFAEF18	AB1A73C090CF01D2A377DF4E190901EC83C0445B	FE7426B19D6CB6DA9B052F9C2B7BEF43CD045566ADC1D9867200325A48BB818A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\QuixoteCommunitiesLogo[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, frames 3	02B0ABBE8B498B0E819C0DD670F58563	509A5D0CE9DABDB79137645319649C592A18B122	67BC2EFAFE4295AB41707D9DC70913D2CB1BD2F89894C5313D48A9E4669F0F86
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\calculator-v1[1].js	ASCII text, with very long lines, with CRLF, LF line terminators	DD572A0354C02D76DA5DAEC1888CCFB8	5D380341EF58A8FFCE2599A472C864EB329C86F6	D8106146E4CE35A796DA1B004F66E9DBA13D8B28E0608CB2C93D1AF3AFB4F4BA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\champions[1].htm	ASCII text, with very long lines, with no line terminators	9B993DFDA3A96C079B9F06AF6AA1E011	0E8C864C232F1BE91BA39AA09324A16255226530	FAB10F267B0BDC1AC8D7215DF27BEFC86334035DEAADF892EC9DC28349AF4944
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\champions[2].htm	ASCII text, with very long lines, with no line terminators	5681981C98EC2F7DEB713C75594537F7	73E7CC7A7A44E760FB28C08DC33C3C607F5E2808	9CD99917C79945C0C29EBA7E12AA9DFCB984BA1D4821CBABD93F38353CAB5073
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\cloudbase[1].png	PNG image data, 759 x 730, 8-bit/color RGB, non-interlaced	57AC25612BD9449C962B52F394D82BB6	07A2E37ED42CFBF063CC81DB8FA04D55F2D67DC8	912B69EE2D6436E9D6EDAD69466E05049C4464B92393B28075473AC60861E5DF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\explore[1].htm	HTML document, ASCII text, with very long lines	2A5CEF0817081FC6AD1909B62ACD9919	B005FD522AD71CCADCBFE240599389ACA8BECDCA	B6F1F3701DC121B979E593EBD27D71CDDD16BDECFB3FEDD70C7ADB5F2D0BA3F3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\fbevents[1].js	ASCII text, with very long lines	077B8B6E85C9EDF74D372D155180E6D3	4A24BE343819AD355807ADB01579366A1E64B8B9	A517525B8A7D39BCAF1CF5F9695C5BE8FCE7A6B920A3924C1A4F70E8EA748C05
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\freshdesk[1].js	ASCII text, with very long lines	CFF3B62B96E2A16C4F6227CE13BD4F51	C80CABBC76CD2E54F36D4C3F3CFEF153939CC5C2	D41D43E89387B0A0783307E1721DA4EF1957313D4CD030E0BCAEA8A0C2F4456B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\hammer[1].jpg	[TIFF image data, big-endian, direntries=4], baseline, precision 8, 321x314, frames 3	E1654B657EC7DD6A262E5B23E7B26FAA	092BC58361329B174843A1CBB396A537DFACFA96	EA04562ABE4B81CC3D7AB2F6E0A64E44527AEE8A1074068634E76471B079ADFD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\healthandhope[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, frames 3	ADA377310F923DC6C000B6F2AC2C1135	11B23513A91459BD6F532594681279B99A92360F	FABBBBFA436C666AF8FC0195B62AD222D3D9E6FD75A2F8B293C30D38A1DAC329
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\help-india-fight-covid-19-donate-for-oxygen[1].htm	ASCII text, with very long lines, with no line terminators	7AA9341861D9D44D56551FEEB7366257	C43B293106C61D88658E72119105D45BAA1A0803	E2C198778D5D68F11B07BCF16F598A967B41EFC34839679728654F9FB4896792
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\help-india-fight-covid-19-donate-for-oxygen[1].json	ASCII text, with no line terminators	C4CBFE5BDC03042E1247747430A6AC87	C8DEFD12416E3F28EF6CC22CC25E970804710706	1A34D9AD2C22D54E57B66F10972A34AFCDF769F80D49AA10C202EA1D615CC7B2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\help-india-fight-covid-19-donate-for-oxygen[2].htm	ASCII text, with very long lines, with no line terminators	7AA9341861D9D44D56551FEEB7366257	C43B293106C61D88658E72119105D45BAA1A0803	E2C198778D5D68F11B07BCF16F598A967B41EFC34839679728654F9FB4896792
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\location[1].png	PNG image data, 66 x 90, 8-bit/color RGBA, non-interlaced	86583862DCE94A02753B1C1A367168AE	B23B9FCF8F4EF2C4F63A3A6A644CCF9F14BE0ABF	F6DC49880D1400795E5F3F5951749DFCB11828462953A5A9EB07022D8A85B337
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\owl.carousel.min[1].css	ASCII text, with very long lines	61847D9B7353713B59DA014C409CFE6E	7AF97410BEF0C5CF04044AE95256714E4DDD9E29	3B794F3708960B080C92F863E8936343433D11BCAB48CC68A834E970A394C47E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\rg-logo[1].png	PNG image data, 132 x 29, 8-bit/color RGBA, non-interlaced	5BB12C7EBA967DF8194BF92F9475D567	653730CEDE43F53A37C3B84B4B85E78F90AAA0BD	AD4E18AC6E1292031A527498496F3FD4F4F7E3132C30552947E302BA6C4BD7FD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\runtime.c7dadc7bcd65c1e7f27b[1].js	ASCII text, with very long lines, with no line terminators	4D70C2741203113B3B393B9DED9D8873	17D1E0A391D5890AB738CF54B412BB9CA4CB96A6	B1A4BDDE12FDD220324934B565CDA709A039F6E204CFED16124E00D30345BFF1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\styles.a19aec6bac6aa86c5932[1].css	ASCII text, with very long lines	F753655555A8CCF2D9F3D2F2DD14CBEE	1307C82DA95EE428D6AA5456A9D5B8C36DD3B804	FA6D0F89AA5233FCA7459485DB8CC8AD2D3ED702EA5C653376A350ADA4624FEB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\swiper.min[1].css	ASCII text, with very long lines	9097E7972B059ECAE0F5BB78A0186F71	87312E89335AEE051F552BA29644AE9B1F8CC0C1	5F07D43571A20235B2506061C9729D91179D32B8B3C75123AA8FCD45E60D7541
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\tenant[1].htm	ASCII text, with very long lines, with no line terminators	C2336E16B9A28A26B02A159709285AEE	42BCB6B3FEABB9DA0E9A3D494B2FAFC15998CF00	7F846B5EFA0FE287C4D6CDFD887F9EEC4742381181AF689CF16155C97D15C852
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\unnamed[1].png	PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced	3FE7DAFC86ABF70ADD83ECA333BC53E9	75E668D9B4C1B3E8A2E67AB99C9FB5CFED5C20DC	95EA2950394D84C4433D31F32D99D7C75388E1D0314094E58D55495E0A20656A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\313E30_0_0[1].eot	Embedded OpenType (EOT)	423A531319FA7BB3AD352D18D5903C71	0E660CD60C23DA420647A195C0CD1827F85A714A	95EEDB1B0291336A5F7A809F5BE68C78A6507E43ED8405A5D8757451B3EE0F65
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\313E30_1_0[1].eot	Embedded OpenType (EOT)	4DDA6EB189D2EFA2074CA89FED5E043C	669A381B62C1E868E20265BE869A21C867A14706	570F31FB731A0CB6F5FC324C4DF06893B34A47658086434558A0D21A368DEE5E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\313E30_2_0[1].eot	Embedded OpenType (EOT)	6C34DEB8139898E1C02C5FD4DAA63D06	190D8BF28320C11CB24EEF9D6BF7D877ADDD18EF	397BD2855C15F0D88512F26AE75CA95AA5D71AA008BE88EC47C6C32B0F6D49C4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\313E30_3_0[1].eot	Embedded OpenType (EOT)	3D8EABC4181E2E0DB2FAFC92983FA830	CBF5E62B66D3577C4D50920BB03D67FB1ADC7FE7	A8AD2DA00D1D4F8C4DD79FD9BEB57BD40110F7A59DCB604C6C95FF32067D5B9E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\313E30_4_0[1].eot	Embedded OpenType (EOT)	3711ACF094B06C8BB46D4B9AD9FF006A	05373A160BD17A3A9D714130FE0C754E8A69E925	1C3871A9DD5E7B39413D66F8DFC7833C0420F1550CD0609C25523CC9097FBD47
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\313E30_5_0[1].eot	Embedded OpenType (EOT)	FF7F9E17F3E9DC0191B32D172D513CAB	9E27AB17F652CAAE8C32C16B24EB6D85C74D909E	94E73FBEF5E43F2736B9956317D5BD8ACC71703332C8A3760FD7ACDCF217C355
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\313E30_6_0[1].eot	Embedded OpenType (EOT)	8D20465818A4456D9BA479747C164786	C3E172AD9DFA94BF53042900699DAC679900D997	CE69C1FB10432714DBF98010612CD151773961955047D6C35F3B57629F60071D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\313E30_7_0[1].eot	Embedded OpenType (EOT)	90F042EA002D0DA7AB730EF4A591184C	379A4E0E9195A0EA97FA78F4FF93778BD4EF49CF	8652FBF147490DD5A7E47AFDF8B84E829563B2767C10FDD9E2C006C5A8DC83C8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\5.4b476a3f79802388bd4a[1].js	ASCII text, with very long lines, with no line terminators	8A4123418A60168AE555AD20DD879091	08D039A314232F8328407EC25C6529D1B6515D6E	B12190456495212ACD9DC0032705EA04DD853AAF00FF7CBDD343BFCBAB924359
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\RG-FoundationYoutubeProfile[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, frames 3	513E3901D2C8FEA9F3F113A02AF3A1DB	10E907BE368B69B925DCA74D929A82E6138E94A1	D12413B19C3157EFBFEFBFD3CB05EBE8EECF4DFEC83C5E92A5D0691F59FF994E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\TogetherLogoF[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, frames 3	24FFC51D9CFB323926C94791CE4DDBB6	8C5A325032BBAAA5ED0C0D1D6BEE062012334278	9A364AB5511C8F248C673DDB55764E2F0FDD3A0090516B5E4098E80E0E09579F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\create[1].htm	HTML document, ASCII text, with very long lines	2A5CEF0817081FC6AD1909B62ACD9919	B005FD522AD71CCADCBFE240599389ACA8BECDCA	B6F1F3701DC121B979E593EBD27D71CDDD16BDECFB3FEDD70C7ADB5F2D0BA3F3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\dnserror[1]	HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators	2DC61EB461DA1436F5D22BCE51425660	E1B79BCAB0F073868079D807FAEC669596DC46C1	ACDEB4966289B6CE46ECC879531F85E9C6F94B718AAB521D38E2E00F7F7F7993
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\fb-pixel-events[1].js	ASCII text	13495DCB6FC91AD79E80FA3153CAFFBE	1B154CD723D77AD0D1823C01F0DA82453CE1AE3D	EE5D1522A909E9749A263422880B8A9D6E0711ADCEE6036AA9460E207CF70FD7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\glyphicons-halflings-regular[1].eot	Embedded OpenType (EOT), GLYPHICONS Halflings family	F4769F9BDB7466BE65088239C12046D1	86B6F62B7853E67D3E635F6512A5A5EFC58EA3C3	13634DA87D9E23F8C3ED9108CE1724D183A39AD072E73E1B3D8CBF646D2D0407
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\httpErrorPagesScripts[1]	UTF-8 Unicode (with BOM) text, with CRLF line terminators	9234071287E637F85D721463C488704C	CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152	65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\jquery.min[1].js	ASCII text, with very long lines	33CABFA15C1060AAA3D207C653AFB1EE	E3DBB65F2B541D842B50D37304B0102A2D5F2387	6B6DE0D4DB7876D1183A3EDB47EBD3BBBF93F153F5DE1BA6645049348628109A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\leftArrow[1].png	PNG image data, 128 x 87, 8-bit colormap, non-interlaced	3E17B647B666C1CC32D5A9129DF3EBC1	1051DBEC03BB54D05DE1E28A963D8565DFE56A5A	B65110C1AD2C6331645F12186DECF9F3E9717ADB6266FB60C8CA81B250DA8FFB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\loader[1].svg	SVG Scalable Vector Graphics image	1BE6A381570D862ED6A40697AB62E59E	A24D97AF249A2865A35740AD462C83A798769A78	118B16D8228652DB85B050E341407A0ABA2D4261A611663B700066E842E137E5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\no-user[1].png	PNG image data, 200 x 200, 8-bit/color RGB, non-interlaced	EE262C61148B2CFAF2D98E2116260913	BF866FE9AD1188D2EC88019E157D199EEA4CBC29	2295CD1857C674138B50309846EA160191F9CC958CCE71E862F0B471A400D3F8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\rightArrow[1].png	PNG image data, 128 x 87, 8-bit colormap, non-interlaced	C2894FAB6ABF5DE744D3B84AEDABFF0E	D0D8563F97EDCB212B55FEC732C4D06892DDA43B	25A17D9101C3458A597C9B5C0927FAA40887DD07447460E7A1DC2E759D457C1C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\styles.a19aec6bac6aa86c5932[1].css	ASCII text, with very long lines	462371D1192A70CFEC6C959FFD7AE8AD	A5E33E92C4EF0F7ED7FE3E7F5FDE2870F5DADB78	2AE9F72177659C347810E8FCA0C195067A41359E73DDD911617D57300A9958F3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\v2[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	F01130E2D2ED0B752B178AE3428286FA	B076703BB26B62AAAE800B470C1841ADE1B24B91	C93BEA6EB2C5CD796052D336D8F42741459817D0D02BA2C279B0A88691AE8190
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\verified[1].png	PNG image data, 192 x 188, 8-bit/color RGBA, non-interlaced	857DF0AA759363E37FD9FA439513F2BD	FCDB2F20D9BDB6AE6F0962F83C13DE93ADBA8DAF	DD81B41BFD3B51F117F403713469039311C3803F95ECE56673434EAB76542B89
C:\Users\user\AppData\Local\Temp\~DF6F133FC75023CC50.TMP	data	A9E7BB909D6852D721DA51330070EA9C	BBBDBE0A343962818096077F919182C3CCC61CC1	0B036AE857C24AB071686F4C24266FB6B126E39BCFB2925461679370022E3512
C:\Users\user\AppData\Local\Temp\~DFB16589E349C1BC94.TMP	data	D93E71A44A44007B198CA4298CDB82CA	E1C3672CC34FBB0D80A877B6B6DCFDBA57937D2F	11C69068656E2D0486D906FFED7AFF149B74FDFD540833828960FD39B0F1543B
C:\Users\user\AppData\Local\Temp\~DFCAE3458EA0A53278.TMP	data	AB889A32AB9ACD33E816C2422337C69A	1190C6B34DED2D295827C2A88310D10A8B90B59B	4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA

Analysis Report https://risefundraiser.com/campaign/help-india-fight-covid-19-donate-for-oxygen

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs