Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report https://covid19.protected-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV6ZWxkblJEZzFiMlZCTWxoTlVXaG5aMHRoYW1kc09VSnlja2xZYkc5MlYwdzNOWFpsVERWNUsxWXZiVkJ5YURreFUzTk9kbGt4ZWtoSGRYa3dTM1ppY1hkT0x6Y3pSMFJXVjNsMWRXNVRiRnBCZURZMGJVWkNlRlJ0TVdGM1REZEhNRnA0ZW5keksyTmFZV2hPWVRGd1Z6Tm9iRFVyVlhnd1UwdHhOVkU0YTJsRGRXMDBjMlZOUFMwdGVsSnhlVlJOWkZKRlNIVjZZbEpUYkVscGJUQTJaejA5LS0yNjI0MmEyNmU5MTE4NzY5Nzk4YzQ5Nzk4MGQyMGYxNmNiYmE1MGQy?cid=874637403

Overview

General Information

Sample URL:https://covid19.protected-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV6ZWxkblJEZzFiMlZCTWxoTlVXaG5aMHRoYW1kc09VSnlja2xZYkc5MlYwdzNOWFpsVERWNUsxWXZiVkJ5YURreFUzTk9kbGt4ZWtoSGRYa3dTM1ppY1hkT0x6Y3pSMFJXVjNsMWRXNVRiRnBCZURZMGJVWkNlRlJ0TVdGM1REZEhNRnA0ZW5keksyTmFZV2hPWVRGd1Z6Tm9iRFVyVlhnd1UwdHhOVkU0YTJsRGRXMDBjMlZOUFMwdGVsSnhlVlJOWkZKRlNIVjZZbEpUYkVscGJUQTJaejA5LS0yNjI0MmEyNmU5MTE4NzY5Nzk4YzQ5Nzk4MGQyMGYxNmNiYmE1MGQy?cid=874637403
Analysis ID:431202
Infos:

Most interesting Screenshot:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

No high impact signatures.

Classification

Process Tree

  • System is w10x64
  • iexplore.exe (PID: 5948 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)
    • iexplore.exe (PID: 4768 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5948 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll
Source: unknownHTTPS traffic detected: 34.226.85.79:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.226.85.79:443 -> 192.168.2.3:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.226.85.79:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.226.85.79:443 -> 192.168.2.3:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.216.88.141:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.216.88.141:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.17.242.204:443 -> 192.168.2.3:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.17.242.204:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.112.193:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.112.193:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: msapplication.xml0.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml0.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml5.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml5.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4b72d3c,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml7.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xf4b72d3c,0x01d75cb3</date><accdate>0xf4b72d3c,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: msapplication.xml7.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xf4b72d3c,0x01d75cb3</date><accdate>0xf4b72d3c,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: unknownDNS traffic detected: queries for: covid19.protected-forms.com
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://24ways.org/2010/calculating-color-contrast
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/accordion/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/autocomplete/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/blind-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/bounce-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/button/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/category/effects-core/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/category/ui-core/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/clip-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/datepicker/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/dialog/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/draggable/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/drop-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/droppable/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/explode-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/fade-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/fold-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/highlight-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/jQuery.widget/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/menu/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/mouse/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/position/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/progressbar/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/puff-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/pulsate-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/resizable/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/scale-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/selectable/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/selectmenu
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/shake-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/size-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/slide-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/slider/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/sortable/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/spinner/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/tabs/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/tooltip/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://api.jqueryui.com/transfer-effect/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://blog.jquery.com/2012/08/09/jquery-1-8-released/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://bugs.jquery.com/ticket/11778
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://bugs.jquery.com/ticket/13378
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://bugs.jquery.com/ticket/8235
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://bugs.jquery.com/ticket/9413
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://bugs.jquery.com/ticket/9413)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://bugs.jquery.com/ticket/9917
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://bugs.jqueryui.com/ticket/7552
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://bugs.jqueryui.com/ticket/9446
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://codereview.stackexchange.com/q/13338
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://creativecommons.org/licenses/by/3.0/)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://dev.w3.org/csswg/css-color/#hwb-to-rgb
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://fa2png.io/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://flightschool.acylt.com/devnotes/caret-position-woes/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: bootstrap.min[1].css.2.drString found in binary or memory: http://getbootstrap.com)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://github.com/jrburke/almond
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://jquery.com/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://jquery.org/license
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://jqueryui.com
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://jsperf.com/1-vs-infinity
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://jsperf.com/diacritics/18
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://jsperf.com/thor-indexof-vs-for/5
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://scaledinnovation.com/analytics/splines/aboutSplines.html
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://sizzlejs.com/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://stackoverflow.com/a/21336448/937891
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://stackoverflow.com/a/26707753
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://stackoverflow.com/a/32954565/96342
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://stackoverflow.com/a/384380/937891
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://there4.io/2012/05/02/google-chart-color-list/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: msapplication.xml.1.drString found in binary or memory: http://www.amazon.com/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.txt
Source: msapplication.xml1.1.drString found in binary or memory: http://www.google.com/
Source: msapplication.xml2.1.drString found in binary or memory: http://www.live.com/
Source: msapplication.xml3.1.drString found in binary or memory: http://www.nytimes.com/
Source: msapplication.xml4.1.drString found in binary or memory: http://www.reddit.com/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://www.robertpenner.com/easing)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://www.robertpenner.com/easing/
Source: msapplication.xml5.1.drString found in binary or memory: http://www.twitter.com/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: http://www.whatwg.org/specs/web-apps/current-work/multipage/timers.html#dom-windowtimers-settimeout:
Source: msapplication.xml6.1.drString found in binary or memory: http://www.wikipedia.com/
Source: msapplication.xml7.1.drString found in binary or memory: http://www.youtube.com/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://blog.alexmaccaw.com/css-transitions
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=47182
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=561664
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://caniuse.com/download
Source: N7K4C4D4.htm.2.drString found in binary or memory: https://cdn2.hubspot.net/hubfs/241394/html_file/files/img/KB4-logo.png
Source: N7K4C4D4.htm.2.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://chartjs.gitbooks.io/proposals/content/Platform.html
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://chmln.github.io/flatpickr/#altinput
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://chmln.github.io/flatpickr/#dateformat
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://chmln.github.io/flatpickr/#disable
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://chmln.github.io/flatpickr/#inline-calendar
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://chmln.github.io/flatpickr/examples/#flatpickr-external-elements
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=378607
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=449857
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=470258
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://code.google.com/p/maashaack/source/browse/packages/graphics/trunk/src/graphics/colors/HUE2RG
Source: ~DFF6FF6DAE3469FA3D.TMP.1.dr, {1BEF76F9-C8A7-11EB-90E4-ECF4BB862DED}.dat.1.drString found in binary or memory: https://covid19.protected-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://davidwalsh.name/detect-node-insertion
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/Using_Firefox_1.5_caching
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/EventTarget/addEventListener
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/EventTarget/addEventListener#Safely_detecting_optio
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/EventTarget/removeEventListener
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/CSS/font
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/CSS/line-height
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/CSS/used_value
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Events
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.mozilla.org/en/Security/CSP)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://developer.snapappointments.com/bootstrap-select)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://dl.dropboxusercontent.com/u/34601363/toomuchscience.gif
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://dl.dropboxusercontent.com/u/34601363/yeahscience.gif
Source: N7K4C4D4.htm.2.drString found in binary or memory: https://fonts.googleapis.com/css2?family=Open
Source: css2[1].css.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-U1UQ.woff)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://fullcalendar.io/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#affix
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#alerts
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#buttons
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#carousel
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#collapse
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#dropdowns
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#modals
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#popovers
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#scrollspy
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tabs
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tooltip
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#transitions
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://gist.github.com/nnnick/696cc9c55f4b0beb8fe9
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://gist.github.com/paulirish/5d52fb081b3570c81e3a#box-metrics
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://gist.github.com/shawnbot/4166283
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/Do/iso8601.js
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/DoersGuild/jQuery.print/issues/18#issuecomment-96451589
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/Microsoft/tslib/blob/v1.6.0/tslib.js
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/angular/angular/blob/7.2.4/packages/core/src/sanitization/url_sanitizer.ts
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/ankane/chartkick.js
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/bassjobsen/Bootstrap-3-Typeahead
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/compare/v2.8.0...v2.9.0
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/2210
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/2435#issuecomment-216718158
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/2441
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/2538
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/2807
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/3575
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/3781
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/3887
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/4102
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/4152
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/4287
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/4737
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/5111#issuecomment-355934167
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/5208
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/5597
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/5763
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/5858
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/5902
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/issues/6104
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/pull/2640
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/pull/4507
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/pull/4556
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/chartjs/Chart.js/pull/4591#issuecomment-319575939
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/cujojs/when/issues/410
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/davidstutz/bootstrap-multiselect)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/eligrey/classList.js/issues/36
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/imulus/retinajs/issues/8
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/imulus/retinajs/pull/45)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jashkenas/underscore/blob/1.6.0/underscore.js#L714
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jdewit/bootstrap-timepicker/graphs/contributors
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jquery/jquery-color
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jquery/jquery-color/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jquery/jquery-ui/blob/1.11.0/ui/core.js#L51
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jquery/jquery/blob/2.2.4/src/core.js#L448
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/kkapsner/CanvasBlocker
Source: modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f[1].js.2.drString found in binary or memory: https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/madrobby/zepto/blob/master/src/zepto.js
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/marcj/css-element-queries
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/moment/moment/blob/2.18.1/src/lib/moment/format.js#L22
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/moment/moment/issues/1423
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/moment/moment/issues/2166
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/moment/moment/issues/2978
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/moment/moment/pull/1871
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/rails/jquery-ujs
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/rails/jquery-ujs/issues/357
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/sass/libsass/blob/0e6b4a2850092356aa3ece07c6b249f0221caced/functions.cpp#L209
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/select2/select2/blob/master/LICENSE.md
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/snapappointments/bootstrap-select/blob/master/LICENSE)
Source: bootstrap.min[1].css.2.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/twbs/bootstrap/issues/14093
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/twbs/bootstrap/issues/20280
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/uxsolutions/bootstrap-datepicker)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/w3c/IntersectionObserver/issues/211
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://github.com/w3c/IntersectionObserver/pull/205
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://groups.google.com/forum/#
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: N7K4C4D4.htm.2.drString found in binary or memory: https://i.imgur.com/QRF01zv.png
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://itsjavi.com/bootstrap-colorpicker/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://jsperf.com/object-keys-vs-for-in-with-closure/3
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://modernizr.com/)
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://momentjs.com/docs/#/get-set/iso-weekday/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://momentjs.com/docs/#/parsing/string-format/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://npms.io/search?q=ponyfill.
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
Source: N7K4C4D4.htm.2.drString found in binary or memory: https://s3.amazonaws.com/helpimg/landing_pages/css/dd.css
Source: ~DFF6FF6DAE3469FA3D.TMP.1.dr, PGAYGPRO.htm.2.drString found in binary or memory: https://secured-login.net/pages/c3955b1c48a/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGN
Source: {1BEF76F9-C8A7-11EB-90E4-ECF4BB862DED}.dat.1.drString found in binary or memory: https://secured-login.ted-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://select2.github.io
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://stackoverflow.com/a/14853974
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://stackoverflow.com/a/27757708/1177228
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://stackoverflow.com/q/181348
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://stackoverflow.com/q/3922139
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://stackoverflow.com/questions/10149963/adding-event-listener-cross-browser
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://stackoverflow.com/questions/30464750/chartjs-line-chart-set-background-color
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://stackoverflow.com/questions/5623838/rgb-to-hex-and-hex-to-rgb
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://stackoverflow.com/questions/8506881/nice-label-algorithm-for-charts-with-minimum-ticks
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://tc39.github.io/ecma262/#sec-array.prototype.findIndex
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://tools.ietf.org/html/rfc2822#section-3.3
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://w3c.github.io/IntersectionObserver/#calculate-intersection-rect-algo
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://w3c.github.io/IntersectionObserver/#intersection-observer-entry
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://w3c.github.io/IntersectionObserver/#intersection-observer-interface
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://www.anujgakhar.com/2014/03/01/binary-search-in-javascript/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://www.chartjs.org
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://www.chromestatus.com/features/5093566007214080
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://www.html5canvastutorials.com/advanced/html5-canvas-mouse-coordinates/
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://www.nathanaeljones.com/blog/2013/reading-max-width-cross-browser
Source: application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drString found in binary or memory: https://www.paulirish.com/2011/requestanimationframe-for-smart-animating/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownHTTPS traffic detected: 34.226.85.79:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.226.85.79:443 -> 192.168.2.3:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.226.85.79:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.226.85.79:443 -> 192.168.2.3:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.216.88.141:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.216.88.141:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.17.242.204:443 -> 192.168.2.3:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.17.242.204:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.112.193:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.112.193:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: classification engineClassification label: clean0.win@3/28@7/5
Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\HighJump to behavior
Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Temp\~DF8AF1BA4D4EA076FE.TMPJump to behavior
Source: C:\Program Files\internet explorer\iexplore.exeFile read: C:\Users\desktop.iniJump to behavior
Source: unknownProcess created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5948 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5948 CREDAT:17410 /prefetch:2
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading1OS Credential DumpingFile and Directory Discovery1Remote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://covid19.protected-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV6ZWxkblJEZzFiMlZCTWxoTlVXaG5aMHRoYW1kc09VSnlja2xZYkc5MlYwdzNOWFpsVERWNUsxWXZiVkJ5YURreFUzTk9kbGt4ZWtoSGRYa3dTM1ppY1hkT0x6Y3pSMFJXVjNsMWRXNVRiRnBCZURZMGJVWkNlRlJ0TVdGM1REZEhNRnA0ZW5keksyTmFZV2hPWVRGd1Z6Tm9iRFVyVlhnd1UwdHhOVkU0YTJsRGRXMDBjMlZOUFMwdGVsSnhlVlJOWkZKRlNIVjZZbEpUYkVscGJUQTJaejA5LS0yNjI0MmEyNmU5MTE4NzY5Nzk4YzQ5Nzk4MGQyMGYxNmNiYmE1MGQy?cid=8746374030%VirustotalBrowse
https://covid19.protected-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV6ZWxkblJEZzFiMlZCTWxoTlVXaG5aMHRoYW1kc09VSnlja2xZYkc5MlYwdzNOWFpsVERWNUsxWXZiVkJ5YURreFUzTk9kbGt4ZWtoSGRYa3dTM1ppY1hkT0x6Y3pSMFJXVjNsMWRXNVRiRnBCZURZMGJVWkNlRlJ0TVdGM1REZEhNRnA0ZW5keksyTmFZV2hPWVRGd1Z6Tm9iRFVyVlhnd1UwdHhOVkU0YTJsRGRXMDBjMlZOUFMwdGVsSnhlVlJOWkZKRlNIVjZZbEpUYkVscGJUQTJaejA5LS0yNjI0MmEyNmU5MTE4NzY5Nzk4YzQ5Nzk4MGQyMGYxNmNiYmE1MGQy?cid=8746374030%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://chmln.github.io/flatpickr/examples/#flatpickr-external-elements0%VirustotalBrowse
https://chmln.github.io/flatpickr/examples/#flatpickr-external-elements0%Avira URL Cloudsafe
https://covid19.protected-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV0%Avira URL Cloudsafe
http://getbootstrap.com)0%Avira URL Cloudsafe
https://w3c.github.io/IntersectionObserver/#intersection-observer-interface0%Avira URL Cloudsafe
http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html0%Avira URL Cloudsafe
https://www.nathanaeljones.com/blog/2013/reading-max-width-cross-browser0%Avira URL Cloudsafe
https://www.anujgakhar.com/2014/03/01/binary-search-in-javascript/0%Avira URL Cloudsafe
http://www.robertpenner.com/easing/0%URL Reputationsafe
http://www.robertpenner.com/easing/0%URL Reputationsafe
http://www.robertpenner.com/easing/0%URL Reputationsafe
https://w3c.github.io/IntersectionObserver/#calculate-intersection-rect-algo0%Avira URL Cloudsafe
http://flightschool.acylt.com/devnotes/caret-position-woes/0%URL Reputationsafe
http://flightschool.acylt.com/devnotes/caret-position-woes/0%URL Reputationsafe
http://flightschool.acylt.com/devnotes/caret-position-woes/0%URL Reputationsafe
http://www.robertpenner.com/easing)0%URL Reputationsafe
http://www.robertpenner.com/easing)0%URL Reputationsafe
http://www.robertpenner.com/easing)0%URL Reputationsafe
https://secured-login.ted-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV0%Avira URL Cloudsafe
https://w3c.github.io/IntersectionObserver/#intersection-observer-entry0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
cdn2.hubspot.net
104.17.242.204
truefalse
    		high
    s3.amazonaws.com
    		52.216.88.141
    		truefalse
      		high
      cdnjs.cloudflare.com
      		104.16.18.94
      		truefalse
        		high
        secured-login.net
        		34.226.85.79
        		truefalse
          		unknown
          landing.training.knowbe4.com
          		34.226.85.79
          		truefalse
            		high
            ipv4.imgur.map.fastly.net
            		151.101.112.193
            		truefalse
              		unknown
              covid19.protected-forms.com
              		unknown
              		unknownfalse
                		unknown
                i.imgur.com
                		unknown
                		unknownfalse
                  		high
                  favicon.ico
                  		unknown
                  		unknownfalse
                    		unknown

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://secured-login.net/pages/c3955b1c48a/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV6ZWxkblJEZzFiMlZCTWxoTlVXaG5aMHRoYW1kc09VSnlja2xZYkc5MlYwdzNOWFpsVERWNUsxWXZiVkJ5YURreFUzTk9kbGt4ZWtoSGRYa3dTM1ppY1hkT0x6Y3pSMFJXVjNsMWRXNVRiRnBCZURZMGJVWkNlRlJ0TVdGM1REZEhNRnA0ZW5keksyTmFZV2hPWVRGd1Z6Tm9iRFVyVlhnd1UwdHhOVkU0YTJsRGRXMDBjMlZOUFMwdGVsSnhlVlJOWkZKRlNIVjZZbEpUYkVscGJUQTJaejA5LS0yNjI0MmEyNmU5MTE4NzY5Nzk4YzQ5Nzk4MGQyMGYxNmNiYmE1MGQyfalse
                      		unknown

                      URLs from Memory and Binaries

                      NameSourceMaliciousAntivirus DetectionReputation
                      https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.cssN7K4C4D4.htm.2.drfalse
                        		high
                        http://api.jqueryui.com/slide-effect/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                          		high
                          https://github.com/moment/moment/issues/1423application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                            		high
                            https://github.com/chartjs/Chart.js/pull/4507application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                              		high
                              https://chmln.github.io/flatpickr/examples/#flatpickr-external-elementsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                              • 0%, Virustotal, Browse
                              • Avira URL Cloud: safe
                              		unknown
                              https://covid19.protected-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV~DFF6FF6DAE3469FA3D.TMP.1.dr, {1BEF76F9-C8A7-11EB-90E4-ECF4BB862DED}.dat.1.drfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://stackoverflow.com/a/32954565/96342application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                		high
                                https://github.com/madrobby/zepto/blob/master/src/zepto.jsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                  		high
                                  https://stackoverflow.com/questions/30464750/chartjs-line-chart-set-background-colorapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                    		high
                                    https://github.com/chartjs/Chart.js/issues/5597application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                      		high
                                      http://stackoverflow.com/a/26707753application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                        		high
                                        https://github.com/jquery/jquery-colorapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                          		high
                                          https://github.com/select2/select2/blob/master/LICENSE.mdapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                            		high
                                            http://api.jqueryui.com/jQuery.widget/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                              		high
                                              http://blog.jquery.com/2012/08/09/jquery-1-8-released/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                		high
                                                http://codereview.stackexchange.com/q/13338application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                  		high
                                                  https://cdn2.hubspot.net/hubfs/241394/html_file/files/img/KB4-logo.pngN7K4C4D4.htm.2.drfalse
                                                    		high
                                                    https://bugzilla.mozilla.org/show_bug.cgi?id=561664application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                      		high
                                                      http://dev.w3.org/csswg/cssom/#resolved-valuesapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                        		high
                                                        https://caniuse.com/downloadapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                          		high
                                                          https://github.com/chartjs/Chart.js/issues/2538application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                            		high
                                                            http://dev.w3.org/csswg/css-color/#hwb-to-rgbapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                              		high
                                                              https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anonapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                		high
                                                                http://www.apache.org/licenses/LICENSE-2.0)application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                  		high
                                                                  https://github.com/kriskowal/es5-shim/blob/master/es5-shim.jsmodernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f[1].js.2.drfalse
                                                                    		high
                                                                    http://api.jqueryui.com/button/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                      		high
                                                                      http://getbootstrap.com)bootstrap.min[1].css.2.drfalse
                                                                      • Avira URL Cloud: safe
                                                                      		low
                                                                      https://bugzilla.mozilla.org/show_bug.cgi?id=687787application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                        		high
                                                                        https://blog.alexmaccaw.com/css-transitionsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                          		high
                                                                          https://github.com/bassjobsen/Bootstrap-3-Typeaheadapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                            		high
                                                                            https://getbootstrap.com/docs/3.4/javascript/#transitionsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                              		high
                                                                              https://github.com/chartjs/Chart.js/issues/4152application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                		high
                                                                                http://bugs.jquery.com/ticket/9917application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                  		high
                                                                                  http://www.reddit.com/msapplication.xml4.1.drfalse
                                                                                    		high
                                                                                    http://api.jqueryui.com/size-effect/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                      		high
                                                                                      https://github.com/Do/iso8601.jsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                        		high
                                                                                        https://developer.mozilla.org/en-US/docs/Web/API/EventTarget/addEventListener#Safely_detecting_optioapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                          		high
                                                                                          http://momentjs.com/guides/#/warnings/zone/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                            		high
                                                                                            http://bugs.jquery.com/ticket/12359application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                              		high
                                                                                              https://developer.mozilla.org/en-US/docs/Web/API/EventTarget/removeEventListenerapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                		high
                                                                                                https://w3c.github.io/IntersectionObserver/#intersection-observer-interfaceapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                http://creativecommons.org/licenses/by/3.0/)application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                  		high
                                                                                                  http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.htmlapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  https://www.nathanaeljones.com/blog/2013/reading-max-width-cross-browserapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  https://bugzilla.mozilla.org/show_bug.cgi?id=649285application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                    		high
                                                                                                    https://getbootstrap.com/docs/3.4/javascript/#tooltipapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                      		high
                                                                                                      https://github.com/chartjs/Chart.js/issues/6104application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                        		high
                                                                                                        http://jsperf.com/diacritics/18application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                          		high
                                                                                                          http://api.jqueryui.com/category/ui-core/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                            		high
                                                                                                            https://github.com/twbs/bootstrap/issues/20280application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                              		high
                                                                                                              https://github.com/chartjs/Chart.js/issues/4287application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                		high
                                                                                                                https://getbootstrap.com/docs/3.4/javascript/#modalsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                  		high
                                                                                                                  https://github.com/chartjs/Chart.js/issues/2435#issuecomment-216718158application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                    		high
                                                                                                                    https://jsperf.com/object-keys-vs-for-in-with-closure/3application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                      		high
                                                                                                                      https://stackoverflow.com/q/181348application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                        		high
                                                                                                                        https://getbootstrap.com/docs/3.4/javascript/#collapseapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                          		high
                                                                                                                          https://www.anujgakhar.com/2014/03/01/binary-search-in-javascript/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          https://github.com/chartjs/Chart.js/issues/4737application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                            		high
                                                                                                                            https://github.com/kkapsner/CanvasBlockerapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                              		high
                                                                                                                              http://www.robertpenner.com/easing/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                              • URL Reputation: safe
                                                                                                                              • URL Reputation: safe
                                                                                                                              • URL Reputation: safe
                                                                                                                              		unknown
                                                                                                                              https://w3c.github.io/IntersectionObserver/#calculate-intersection-rect-algoapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                              • Avira URL Cloud: safe
                                                                                                                              		unknown
                                                                                                                              https://github.com/chartjs/Chart.js/issues/3887application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                		high
                                                                                                                                https://getbootstrap.com/docs/3.4/javascript/#scrollspyapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                  		high
                                                                                                                                  https://github.com/w3c/IntersectionObserver/issues/211application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                    		high
                                                                                                                                    https://github.com/twbs/bootstrap/blob/master/LICENSE)bootstrap.min[1].css.2.drfalse
                                                                                                                                      		high
                                                                                                                                      http://flightschool.acylt.com/devnotes/caret-position-woes/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                      • URL Reputation: safe
                                                                                                                                      • URL Reputation: safe
                                                                                                                                      • URL Reputation: safe
                                                                                                                                      		unknown
                                                                                                                                      http://api.jqueryui.com/transfer-effect/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                        		high
                                                                                                                                        https://github.com/rails/jquery-ujsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                          		high
                                                                                                                                          https://stackoverflow.com/questions/8506881/nice-label-algorithm-for-charts-with-minimum-ticksapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                            		high
                                                                                                                                            https://bugzilla.mozilla.org/show_bug.cgi?id=491668application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                              		high
                                                                                                                                              https://github.com/marcj/css-element-queriesapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                		high
                                                                                                                                                http://www.robertpenner.com/easing)application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                • URL Reputation: safe
                                                                                                                                                • URL Reputation: safe
                                                                                                                                                • URL Reputation: safe
                                                                                                                                                		unknown
                                                                                                                                                http://momentjs.com/guides/#/warnings/min-max/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                  		high
                                                                                                                                                  https://npms.io/search?q=ponyfill.application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                    		high
                                                                                                                                                    https://github.com/chartjs/Chart.js/issues/4102application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                      		high
                                                                                                                                                      https://stackoverflow.com/q/3922139application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                        		high
                                                                                                                                                        http://api.jqueryui.com/drop-effect/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                          		high
                                                                                                                                                          http://www.amazon.com/msapplication.xml.1.drfalse
                                                                                                                                                            		high
                                                                                                                                                            http://www.twitter.com/msapplication.xml5.1.drfalse
                                                                                                                                                              		high
                                                                                                                                                              http://jsperf.com/getall-vs-sizzle/2application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                		high
                                                                                                                                                                https://getbootstrap.com/docs/3.4/javascript/#buttonsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://github.com/jquery/jquery/pull/557)application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://www.html5canvastutorials.com/advanced/html5-canvas-mouse-coordinates/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      http://api.jqueryui.com/menu/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://getbootstrap.com/docs/3.4/javascript/#alertsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://github.com/chartjs/Chart.js/issues/5208application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                            		high
                                                                                                                                                                            http://api.jqueryui.com/category/effects-core/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://bugs.jquery.com/ticket/8235application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://chartjs.gitbooks.io/proposals/content/Platform.htmlapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://secured-login.ted-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV{1BEF76F9-C8A7-11EB-90E4-ECF4BB862DED}.dat.1.drfalse
                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  http://api.jqueryui.com/dialog/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://w3c.github.io/IntersectionObserver/#intersection-observer-entryapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    http://api.jqueryui.com/shake-effect/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      http://www.nytimes.com/msapplication.xml3.1.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://github.com/Microsoft/tslib/blob/v1.6.0/tslib.jsapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://stackoverflow.com/questions/10149963/adding-event-listener-cross-browserapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://github.com/imulus/retinajs/issues/8application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              http://jsperf.com/1-vs-infinityapplication-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://github.com/cujojs/when/issues/410application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js.2.drfalse
                                                                                                                                                                                                  		high

                                                                                                                                                                                                  Contacted IPs

                                                                                                                                                                                                  • No. of IPs < 25%
                                                                                                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                                                                                                  • 75% < No. of IPs

                                                                                                                                                                                                  Public

                                                                                                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                  151.101.112.193
                                                                                                                                                                                                  		ipv4.imgur.map.fastly.netUnited States
                                                                                                                                                                                                  		54113FASTLYUSfalse
                                                                                                                                                                                                  104.16.18.94
                                                                                                                                                                                                  		cdnjs.cloudflare.comUnited States
                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                  52.216.88.141
                                                                                                                                                                                                  		s3.amazonaws.comUnited States
                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                  104.17.242.204
                                                                                                                                                                                                  		cdn2.hubspot.netUnited States
                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                  34.226.85.79
                                                                                                                                                                                                  		secured-login.netUnited States
                                                                                                                                                                                                  		14618AMAZON-AESUSfalse

                                                                                                                                                                                                  General Information

                                                                                                                                                                                                  Joe Sandbox Version:32.0.0 Black Diamond
                                                                                                                                                                                                  Analysis ID:431202
                                                                                                                                                                                                  Start date:08.06.2021
                                                                                                                                                                                                  Start time:15:15:11
                                                                                                                                                                                                  Joe Sandbox Product:CloudBasic
                                                                                                                                                                                                  Overall analysis duration:0h 3m 49s
                                                                                                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                                                                                                  Report type:light
                                                                                                                                                                                                  Cookbook file name:browseurl.jbs
                                                                                                                                                                                                  Sample URL:https://covid19.protected-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV6ZWxkblJEZzFiMlZCTWxoTlVXaG5aMHRoYW1kc09VSnlja2xZYkc5MlYwdzNOWFpsVERWNUsxWXZiVkJ5YURreFUzTk9kbGt4ZWtoSGRYa3dTM1ppY1hkT0x6Y3pSMFJXVjNsMWRXNVRiRnBCZURZMGJVWkNlRlJ0TVdGM1REZEhNRnA0ZW5keksyTmFZV2hPWVRGd1Z6Tm9iRFVyVlhnd1UwdHhOVkU0YTJsRGRXMDBjMlZOUFMwdGVsSnhlVlJOWkZKRlNIVjZZbEpUYkVscGJUQTJaejA5LS0yNjI0MmEyNmU5MTE4NzY5Nzk4YzQ5Nzk4MGQyMGYxNmNiYmE1MGQy?cid=874637403
                                                                                                                                                                                                  Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                                                                                                                                                  Number of analysed new started processes analysed:13
                                                                                                                                                                                                  Number of new started drivers analysed:0
                                                                                                                                                                                                  Number of existing processes analysed:0
                                                                                                                                                                                                  Number of existing drivers analysed:0
                                                                                                                                                                                                  Number of injected processes analysed:0
                                                                                                                                                                                                  Technologies:
                                                                                                                                                                                                  • HCA enabled
                                                                                                                                                                                                  • EGA enabled
                                                                                                                                                                                                  • AMSI enabled
                                                                                                                                                                                                  Analysis Mode:default
                                                                                                                                                                                                  Analysis stop reason:Timeout
                                                                                                                                                                                                  Detection:CLEAN
                                                                                                                                                                                                  Classification:clean0.win@3/28@7/5
                                                                                                                                                                                                  Cookbook Comments:
                                                                                                                                                                                                  • Adjust boot time
                                                                                                                                                                                                  • Enable AMSI
                                                                                                                                                                                                  Warnings:
                                                                                                                                                                                                  Show All
                                                                                                                                                                                                  • Exclude process from analysis (whitelisted): taskhostw.exe, BackgroundTransferHost.exe, ielowutil.exe, backgroundTaskHost.exe, SgrmBroker.exe, svchost.exe
                                                                                                                                                                                                  • TCP Packets have been reduced to 100
                                                                                                                                                                                                  • Excluded IPs from analysis (whitelisted): 92.122.145.220, 13.88.21.125, 88.221.62.148, 172.217.23.42, 142.250.186.99, 184.30.24.56, 13.64.90.137, 20.82.210.154, 152.199.19.161, 104.42.151.234, 51.103.5.186, 20.50.102.62, 40.88.32.150
                                                                                                                                                                                                  • Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, store-images.s-microsoft.com-c.edgekey.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, e12564.dspb.akamaiedge.net, skypedataprdcoleus15.cloudapp.net, wns.notify.trafficmanager.net, go.microsoft.com, arc.trafficmanager.net, watson.telemetry.microsoft.com, prod.fs.microsoft.com.akadns.net, fonts.googleapis.com, skypedataprdcolwus17.cloudapp.net, client.wns.windows.com, fs.microsoft.com, fonts.gstatic.com, ie9comview.vo.msecnd.net, e1723.g.akamaiedge.net, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, skypedataprdcolwus15.cloudapp.net, skypedataprdcolwus16.cloudapp.net, cs9.wpc.v0cdn.net
                                                                                                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                  • Report size getting too big, too many NtDeviceIoControlFile calls found.

                                                                                                                                                                                                  Simulations

                                                                                                                                                                                                  Behavior and APIs

                                                                                                                                                                                                  No simulations

                                                                                                                                                                                                  Joe Sandbox View / Context

                                                                                                                                                                                                  IPs

                                                                                                                                                                                                  No context

                                                                                                                                                                                                  Domains

                                                                                                                                                                                                  No context

                                                                                                                                                                                                  ASN

                                                                                                                                                                                                  No context

                                                                                                                                                                                                  JA3 Fingerprints

                                                                                                                                                                                                  No context

                                                                                                                                                                                                  Dropped Files

                                                                                                                                                                                                  No context

                                                                                                                                                                                                  Created / dropped Files

                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DNTVAT8O\secured-login[1].xml
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):26
                                                                                                                                                                                                  Entropy (8bit):2.469670487371862
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:3:D90aK1r0aKb:JFK1rFKb
                                                                                                                                                                                                  MD5:132294CA22370B52822C17DCB5BE3AF6
                                                                                                                                                                                                  SHA1:DD26B82638AD38AD471F7621A9EB79FED448A71C
                                                                                                                                                                                                  SHA-256:451ABBE0AEFC000F49967DABF8D42344D146429F03C8C8D4AE5E33FF9963CF77
                                                                                                                                                                                                  SHA-512:6D5808CAD199A785C82763C68F0AE1F4938C304B46B70529EA26B3D300EF9430AD496C688D95D01588576B3A577001D62245D98137FD5CD825AD62E17D36F15C
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <root></root><root></root>
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1BEF76F7-C8A7-11EB-90E4-ECF4BB862DED}.dat
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:Microsoft Word Document
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):30296
                                                                                                                                                                                                  Entropy (8bit):1.8604726868512316
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:48:IwuGcprXjGwpLThG/ap8oGIpct7bWGvnZpvt7UGoHqp9t7wGo4FpmtK+GWRn9thw:ryZX9ZJ2IWtDttHftHFMtRtftrft5cX
                                                                                                                                                                                                  MD5:4B8E727B034DED882A2E1FF805C7D8DD
                                                                                                                                                                                                  SHA1:B46C78A1FC9773B7E080BC88C49CE1E476CFE0C7
                                                                                                                                                                                                  SHA-256:98A06AE0D94C08A4F1D7558AA33D83754760F446D43E959C821915B6FBF92C64
                                                                                                                                                                                                  SHA-512:97F95B8084B32E8743462EEBAB18F69DCB208B3D33FCC9C2E7B7520BDE487BBF55CBD235A500010577D989A4C49833F47A7CB5DE43BA69B5BC07BD5247341BEC
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1BEF76F9-C8A7-11EB-90E4-ECF4BB862DED}.dat
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:Microsoft Word Document
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):37278
                                                                                                                                                                                                  Entropy (8bit):2.565041504864698
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:192:rJZu9QC6AkAjl2VWrMD8c06hQmPj06jR06T063r06106D06l06K06HKg:r/uCtNCcsYwc8mPjH9FrHxHoRN
                                                                                                                                                                                                  MD5:AAB70BC27375039AB0983CDA3C690392
                                                                                                                                                                                                  SHA1:7D4348FEFF6DA0AEA8C5E88AFD870F99DC89D281
                                                                                                                                                                                                  SHA-256:1E2ED73139CC5EA42331A6593C5FB5320DAF05EF65E1D6F9F88317675DC858B5
                                                                                                                                                                                                  SHA-512:B116FEEA051402917290D6C06798CDCDE316065CD1BBEEF341006C77AF83D32FAB7698DD3BD947205F3ED0D0DAA423439E4759074FFA9D1D2592E7A7CEC5AC45
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{23ACB7E6-C8A7-11EB-90E4-ECF4BB862DED}.dat
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:Microsoft Word Document
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):16984
                                                                                                                                                                                                  Entropy (8bit):1.5642020207394023
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:48:IwZGcprYjGwpalG4pQ5GrapbSpGQpK7G7HpRLTGIpG:r/ZY9Q36ZBSjA6ThA
                                                                                                                                                                                                  MD5:094CC6C276C1742A6028DCFE83B061AB
                                                                                                                                                                                                  SHA1:9D7E8D3EE6BA5AB47887252D2E11CB2A10720375
                                                                                                                                                                                                  SHA-256:5088EF53C8BEECCD7141B4BDF2E8F3A096D494595025D700BCB56DDED3B28A44
                                                                                                                                                                                                  SHA-512:D2D5A17A74B621C915001E597FF91125F50CCCA78BBF3A2136B21C6C7565803E57651D509A287F2C7FA89FDD190D7C1C48C9919FE842EF491538791419A1FBA7
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):656
                                                                                                                                                                                                  Entropy (8bit):5.0666373075347355
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:TMHdNMNxOEBQ0nWimI002EtM3MHdNMNxOEBqV9nWimI00ObVbkEtMb:2d6NxOaQ0SZHKd6NxOaiSZ76b
                                                                                                                                                                                                  MD5:4FE1FC58F23CD253D8FF5A19CF1084B2
                                                                                                                                                                                                  SHA1:B1A599F75C8A648ABB08A6628E447EB63250F741
                                                                                                                                                                                                  SHA-256:D042165B69F135631F7831816D55D872048A142ECB1311C8AF22D005DF45523D
                                                                                                                                                                                                  SHA-512:4E27E0EE08F05FD34F7B18941E44A048289ADA04B99BAF31866C286DAD4764870610865FF30E2FD550500EC1AC11BB7033979B0009BF844B497B0034FA3FF441
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4b72d3c,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig>..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):653
                                                                                                                                                                                                  Entropy (8bit):5.071032646743542
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:TMHdNMNxe2kBQ0nWimI002EtM3MHdNMNxe2kBQ0nWimI00Obkak6EtMb:2d6Nxr6Q0SZHKd6Nxr6Q0SZ7Aa7b
                                                                                                                                                                                                  MD5:9BEE7E96DE811B3C4B133A3B80AD4496
                                                                                                                                                                                                  SHA1:282C77920950555AAE0945609F1F7E17EA021795
                                                                                                                                                                                                  SHA-256:26E21A93FB7F091EA3E33FC1A8199B367ECD1AB527534DF9DE17EC679EBA5891
                                                                                                                                                                                                  SHA-512:326C619EC102CDFEFCAACEDD16E90E7494235A8CA7156EE966DF2FF35387E964DD094F38651603820530B7744D0AF2AACB9FB10C812066CB277FE5B5D617D62E
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Amazon.url"/></tile></msapplication></browserconfig>..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):662
                                                                                                                                                                                                  Entropy (8bit):5.115478915032624
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:TMHdNMNxvLrVJV9nWimI002EtM3MHdNMNxvLrVJV9nWimI00ObmZEtMb:2d6NxvXSZHKd6NxvXSZ7mb
                                                                                                                                                                                                  MD5:7EBD26A93E47E7BF75EEDF417184D109
                                                                                                                                                                                                  SHA1:C1C8CD1DEA0B359BA02CFEC9D74CA514807EA57E
                                                                                                                                                                                                  SHA-256:1274E400A4B2A995551E12B2B2697A61A3BF982CDAAF5DF2C8D81B78759B89F6
                                                                                                                                                                                                  SHA-512:9BCF5673E6A69D1B7FC1CF411E19EFC60C9BFF97791CAADCE55FD13A93E079D3DE65428F2B819BF19DD4E7C5DD5A0DB53949DBF22EE3281E62993716A8BC5B3B
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0xf4b72d3c,0x01d75cb3</date><accdate>0xf4b72d3c,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0xf4b72d3c,0x01d75cb3</date><accdate>0xf4b72d3c,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Wikipedia.url"/></tile></msapplication></browserconfig>..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):647
                                                                                                                                                                                                  Entropy (8bit):5.066050376733735
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:TMHdNMNxiBQ0nWimI002EtM3MHdNMNxiBQ0nWimI00Obd5EtMb:2d6NxAQ0SZHKd6NxAQ0SZ7Jjb
                                                                                                                                                                                                  MD5:275E15C0A486DA583D99797DAC78B497
                                                                                                                                                                                                  SHA1:50A7D5651F361A080AC715410599DE4DA4A4CB80
                                                                                                                                                                                                  SHA-256:5CCDEEA47FD75B6294CF9F1F82AF22D5BA41AE8059421E19FBF3757B8FB3CB7D
                                                                                                                                                                                                  SHA-512:B58F83A111809A80CCA2DA14B5EA2C2B43F9FD5078D5ADC4ED89E92BA77AF767FC2DFB4953BFD4744FAFE62A3C44BE5FF6EAF93D1160BB8B7C348587AA8BA0EE
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Live.url"/></tile></msapplication></browserconfig>..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):656
                                                                                                                                                                                                  Entropy (8bit):5.1255465699733
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:TMHdNMNxhGwrVJV9nWimI002EtM3MHdNMNxhGwrVJV9nWimI00Ob8K075EtMb:2d6NxQeSZHKd6NxQeSZ7YKajb
                                                                                                                                                                                                  MD5:5E953CD9CDCF1E69A4022F19FE2F66CC
                                                                                                                                                                                                  SHA1:23F4642613FDBB4812D3E2F1237B5DEA1944C090
                                                                                                                                                                                                  SHA-256:AE0577A63A93CB0E2F97FEDA6A15B1A5122E194871150245A916A8D1B00C785E
                                                                                                                                                                                                  SHA-512:50D06E3F36F17F0D44CA353C3706AD09145B927D8C193DAE0D82468736D2215E95E303FCB0FCDE4403B7ED45DBAE535694C25788FD93DE52F7B6461EA62E6F93
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xf4b72d3c,0x01d75cb3</date><accdate>0xf4b72d3c,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xf4b72d3c,0x01d75cb3</date><accdate>0xf4b72d3c,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig>..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):653
                                                                                                                                                                                                  Entropy (8bit):5.051434655959557
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:TMHdNMNx0nBQ0nWimI002EtM3MHdNMNx0nBQ0nWimI00ObxEtMb:2d6Nx0BQ0SZHKd6Nx0BQ0SZ7nb
                                                                                                                                                                                                  MD5:E857EB182C16DE328BEFF3DCAF8DB4A3
                                                                                                                                                                                                  SHA1:A05C2DCDE275F4DDC7DFD1BA12340F48862BE953
                                                                                                                                                                                                  SHA-256:30F749915D4B1F555F874E6012DEA2F7C36575931802D9D34ADDEB25C2F275A1
                                                                                                                                                                                                  SHA-512:61DCA551C03F6FCC3324465D47960958D89E04A824BCF01EF8EA2E720FA56A0EA3A4AC224D6301C0F915F19D58642A562A0DC44E6AC600D888080612D11B4CF1
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Reddit.url"/></tile></msapplication></browserconfig>..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):656
                                                                                                                                                                                                  Entropy (8bit):5.091319364540433
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:TMHdNMNxxBQ0nWimI002EtM3MHdNMNxxBQ0nWimI00Ob6Kq5EtMb:2d6NxDQ0SZHKd6NxDQ0SZ7ob
                                                                                                                                                                                                  MD5:25B3BA7147256064794F2674577822BC
                                                                                                                                                                                                  SHA1:372545A6B1CE30205C718EBE653E592D61C63725
                                                                                                                                                                                                  SHA-256:621E04B3D56EA36132DE78935B6C8239AC6A0E2C469D488D04E217CEB3CF569D
                                                                                                                                                                                                  SHA-512:D5FED61DDCD993AC61E13922B3DFE72E7DE2D30BBEBA7AA50377373F8D4229C6E9B54B46250347A29C402EC6C431F5A3ED764774C4235FAC98E68DDFF47CF037
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\NYTimes.url"/></tile></msapplication></browserconfig>..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):659
                                                                                                                                                                                                  Entropy (8bit):5.064562415132592
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:TMHdNMNxcBQ0nWimI002EtM3MHdNMNxcBQ0nWimI00ObVEtMb:2d6NxyQ0SZHKd6NxyQ0SZ7Db
                                                                                                                                                                                                  MD5:483351B8DCBB7CC81F3DC30128590F48
                                                                                                                                                                                                  SHA1:634DD82A05860F82389B59CD47316050002FAD32
                                                                                                                                                                                                  SHA-256:FA8DEA79CF52BE219B88DCC72FDE9A1A9CF04B6F28E4E7651B72111ABD24F460
                                                                                                                                                                                                  SHA-512:1E3988D20333DA52054DA9D92E807F77FE9D4E4055123F5B75064B5D2D7D9782617E50485176C3ED6D1EBF85ACC609B15E5644D156834318D29F557C77B89BE5
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig>..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):653
                                                                                                                                                                                                  Entropy (8bit):5.052128092659896
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:TMHdNMNxfnBQ0nWimI002EtM3MHdNMNxfnBQ0nWimI00Obe5EtMb:2d6NxZQ0SZHKd6NxZQ0SZ7ijb
                                                                                                                                                                                                  MD5:952E66772BFE9848BF841897D7CEA4F7
                                                                                                                                                                                                  SHA1:0545075FD127E97E427C91CF02F9694B6370F4F1
                                                                                                                                                                                                  SHA-256:E6ABFDA804EA2E41F733E371E47A2085A3BB5C646B94926AD1EA9ADBF9BBDCCB
                                                                                                                                                                                                  SHA-512:5626C165D6646DD500008E2A1499AE58AFD8E37F8B1287EB34C17155E33331F8701A0DA3B47C8FAE00197314AA26569AC6E9D0DF3DCE457CEBABE339ECAAA3B6
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0xf4ada3c0,0x01d75cb3</date><accdate>0xf4ada3c0,0x01d75cb3</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Google.url"/></tile></msapplication></browserconfig>..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b[1].js
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:UTF-8 Unicode text, with very long lines
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):4008497
                                                                                                                                                                                                  Entropy (8bit):5.095997159612487
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:49152:Aw4mDiTFyA6TVfMAeuljHmcIkp5W5FHAzJ7CjhB0ZyA9At+zORaseqlyT7cZdTA8:8Z
                                                                                                                                                                                                  MD5:EA43F2BF3329E6FECFCE657D8788AFC6
                                                                                                                                                                                                  SHA1:D9C95A9DA90AEFB0D27D54001FC495A4B8040942
                                                                                                                                                                                                  SHA-256:3F9643CF23457F5E352C895A1B9B7D12BFCDA608697713C0AADDA634B1EDD7E6
                                                                                                                                                                                                  SHA-512:1D63BBB463ED835C353ADCD39D3227093115B7F7E5A4BE8B35442C8644091FD9E9B054C55ADAA4B2889856C9939F367667182E64BAD849BAE8D094BD39700885
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://secured-login.net/assets/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b.js
                                                                                                                                                                                                  Preview: // Array.fill.if (!Array.prototype.fill) {. Object.defineProperty(Array.prototype, 'fill', {. value: function(value) {.. // Steps 1-2.. if (this == null) {. throw new TypeError('this is null or not defined');. }.. var O = Object(this);.. // Steps 3-5.. var len = O.length >>> 0;.. // Steps 6-7.. var start = arguments[1];. var relativeStart = start >> 0;.. // Step 8.. var k = relativeStart < 0 ?. Math.max(len + relativeStart, 0) :. Math.min(relativeStart, len);.. // Steps 9-10.. var end = arguments[2];. var relativeEnd = end === undefined ?. len : end >> 0;.. // Step 11.. var final = relativeEnd < 0 ?. Math.max(len + relativeEnd, 0) :. Math.min(relativeEnd, len);.. // Step 12.. while (k < final) {. O[k] = value;. k++;. }.. // Step 13.. return O;. }. });.}..// Object.values.Object.values = Object.values ? Object.values : f
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903[1].css
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):1471
                                                                                                                                                                                                  Entropy (8bit):4.754611179426391
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:24:y40r8CQo40agx40mC400XLaR404hZYmx40vGk40vG/I40vGhH40VhZ40UrCmn:xdDgCFEiBZgnTOHTn
                                                                                                                                                                                                  MD5:15E89F9684B18EC43EE51F8D62A787C3
                                                                                                                                                                                                  SHA1:9CBAAACEAE96845ECD3497F41EE3B02588ABEC11
                                                                                                                                                                                                  SHA-256:16F13E16A7EF02FB6F94250AA1931DED83DBEE5D9FAD278E33DD5792D085194F
                                                                                                                                                                                                  SHA-512:79E0110A045F28437D192290AC9789270CB0D4E676A985564746DB439992D867BA89639D7738E2A7F7D83BBF37D9A02CAA2AE1DC4E0EE2519797E5840A47FABE
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://secured-login.net/assets/landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903.css
                                                                                                                                                                                                  Preview: /* line 1, app/assets/stylesheets/landing-watermark.scss */..watermark {. -webkit-writing-mode: vertical-rl;. -ms-writing-mode: tb-rl;. writing-mode: vertical-rl;. text-orientation: sideways;.}../* line 4, app/assets/stylesheets/landing-watermark.scss */..watermark.left {. left: 0;.}../* line 7, app/assets/stylesheets/landing-watermark.scss */..watermark.right {. right: 0;.}../* line 10, app/assets/stylesheets/landing-watermark.scss */..watermark.top {. text-align: center;. -webkit-writing-mode: horizontal-tb;. -ms-writing-mode: lr-tb;. writing-mode: horizontal-tb;. top: -38px;.}../* line 15, app/assets/stylesheets/landing-watermark.scss */..watermark h1 {. -webkit-user-select: none;. -moz-user-select: none;. -ms-user-select: none;. user-select: none;. font-size: 15px;. color: #fdfdfa;. font-weight: bold;.}../* line 24, app/assets/stylesheets/landing-watermark.scss */.#template_sei .watermark.left {. margin-left: -10px;.}../* li
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f[1].js
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:HTML document, ASCII text
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):51364
                                                                                                                                                                                                  Entropy (8bit):4.630626843010533
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:1536:TRCJJ/KpVsnpxvXmET56JYFE7qbe/7Y8fjWWy+4GrkfwuXxJ44ipW/VPRLq277ts:TS/FpzarzCT71Pts
                                                                                                                                                                                                  MD5:BF2F96E6233DE3D8C0346085AC28248A
                                                                                                                                                                                                  SHA1:4DB267704D7E3FB2489CF96E82862A2245CD9311
                                                                                                                                                                                                  SHA-256:EE94DDA0AF1FC5C5045741B39E54136015365EEDCA34095F1D3C666998BB442D
                                                                                                                                                                                                  SHA-512:D4DB54380D135D9F5AAA03727CC88037B014C1057A3061C3D173EB8D4CEC7E4A2F71CFCA1478E8E15C093D510EEE80668C2038691EAEB21958942089F0DD9C6C
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://secured-login.net/assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js
                                                                                                                                                                                                  Preview: /*!. * Modernizr v2.7.1. * www.modernizr.com. *. * Copyright (c) Faruk Ates, Paul Irish, Alex Sexton. * Available under the BSD and MIT licenses: www.modernizr.com/license/. */../*. * Modernizr tests which native CSS3 and HTML5 features are available in. * the current UA and makes the results available to you in two ways:. * as properties on a global Modernizr object, and as classes on the. * <html> element. This information allows you to progressively enhance. * your pages with a granular level of control over the experience.. *. * Modernizr has an optional (not included) conditional resource loader. * called Modernizr.load(), based on Yepnope.js (yepnopejs.com).. * To get a build that includes Modernizr.load(), as well as choosing. * which tests to include, go to www.modernizr.com/download/. *. * Authors Faruk Ates, Paul Irish, Alex Sexton. * Contributors Ryan Seddon, Ben Alman. */..window.Modernizr = (function( window, document, undefined ) {.. var version = '2.7.1',..
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\vendor-f9f57d7be17e331a1955[1].js
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):372931
                                                                                                                                                                                                  Entropy (8bit):5.29856229717366
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:6144:bczjVEg2HsGtNjvZBHPg96/6FTHL6jcYyTIU0:PsGzLkHLWJ
                                                                                                                                                                                                  MD5:0D3DDEEF42E7DD5336F27DAADB55AC92
                                                                                                                                                                                                  SHA1:7397C6CE00E6370069D944DAB49F226AA76609D2
                                                                                                                                                                                                  SHA-256:15BFAB10A07CA0B82FACA5584E364AA700D9BDB8D739FBBD4890E0782F894924
                                                                                                                                                                                                  SHA-512:F803B85D256D5B89FE4B3B9AD6967C9653E36BD95A1081898B00965C0B0079FFD343C2A07FA68CD5A380B0ED5E49E2FA6A67690547C1EC7813A6561B5F6E8436
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://secured-login.net/packs/js/vendor-f9f57d7be17e331a1955.js
                                                                                                                                                                                                  Preview: !function(t){var e={};function i(n){if(e[n])return e[n].exports;var r=e[n]={i:n,l:!1,exports:{}};return t[n].call(r.exports,r,r.exports,i),r.l=!0,r.exports}i.m=t,i.c=e,i.d=function(t,e,n){i.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:n})},i.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},i.t=function(t,e){if(1&e&&(t=i(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var n=Object.create(null);if(i.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var r in t)i.d(n,r,function(e){return t[e]}.bind(null,r));return n},i.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return i.d(e,"a",e),e},i.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},i.p="/packs/",i(i.s=973)}([,,,,,,function(t,e,i){function n(t,e,i){var c,u,p,d,f=t&n.F,g=t&n.G,m=t&n.P,v=t
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\N7K4C4D4.htm
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):116740
                                                                                                                                                                                                  Entropy (8bit):5.949949023255428
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:1536:SQcQgxpcDdaft9KG4Nm6yL1sIL5QHQGsIHBHjiulJriUVG9vFx8wQzK/4igmNO27:lcRLLmMe3juUVBlyUW
                                                                                                                                                                                                  MD5:026B7F3DA1DD3E7E9134D5971D0281C2
                                                                                                                                                                                                  SHA1:2403422DCDFF53DF424128AC6343E62B55A630D6
                                                                                                                                                                                                  SHA-256:8EDB5724DF71F88143E0C457940935AA88F8D476723628EECAECA377C3F7DB6F
                                                                                                                                                                                                  SHA-512:8B8412DC2A29EF1B3C2E46C5F0BF8737E6EAADE382E950E33E54A5A21E0E88C6E0661A1969A9532E3C0B46A3E7929145F70949B00779C7C910BBB37E9C55AF59
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://secured-login.net/pages/c3955b1c48a/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV6ZWxkblJEZzFiMlZCTWxoTlVXaG5aMHRoYW1kc09VSnlja2xZYkc5MlYwdzNOWFpsVERWNUsxWXZiVkJ5YURreFUzTk9kbGt4ZWtoSGRYa3dTM1ppY1hkT0x6Y3pSMFJXVjNsMWRXNVRiRnBCZURZMGJVWkNlRlJ0TVdGM1REZEhNRnA0ZW5keksyTmFZV2hPWVRGd1Z6Tm9iRFVyVlhnd1UwdHhOVkU0YTJsRGRXMDBjMlZOUFMwdGVsSnhlVlJOWkZKRlNIVjZZbEpUYkVscGJUQTJaejA5LS0yNjI0MmEyNmU5MTE4NzY5Nzk4YzQ5Nzk4MGQyMGYxNmNiYmE1MGQy
                                                                                                                                                                                                  Preview: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN". "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<html xmlns="http://www.w3.org/1999/xhtml">. <meta name="IMPORTANT" content="This page is part of a simulated phishing attack initiated by KnowBe4 on behalf of its customers." />. <meta name="IMPORTANT" content="If you have any questions please contact support@knowbe4.com." />. <meta content="IE=edge,chrome=1" http-equiv="X-UA-Compatible"/>. <meta name="robots" content="noindex, nofollow" />.. <head>. <script src="/assets/application-90929fee9f5daac0eca637129a780171565a15cebe060e2d86c95ffac685fd7b.js"></script>. <script src="/packs/js/vendor-f9f57d7be17e331a1955.js"></script>. <script src="/assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js"></script>.. <script>.//<![CDATA[.window.gon={};gon.locale="en";.// .</script>.. <link rel="stylesheet" media="all" href="/assets/landing-watermark-8487e36eef1bec74f06631f19
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\bootstrap.min[1].css
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:ASCII text, with very long lines
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):121200
                                                                                                                                                                                                  Entropy (8bit):5.0982146191887106
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:768:Vy3Gxw/Vc/QWlJxtQOIuiHlq5mzI4X8OAduFKbv2ctg2Bd8JP7ecQVvH1FS:nw/a1fIuiHlq5mN8lDbNmPbh
                                                                                                                                                                                                  MD5:EC3BB52A00E176A7181D454DFFAEA219
                                                                                                                                                                                                  SHA1:6527D8BF3E1E9368BAB8C7B60F56BC01FA3AFD68
                                                                                                                                                                                                  SHA-256:F75E846CC83BD11432F4B1E21A45F31BC85283D11D372F7B19ACCD1BF6A2635C
                                                                                                                                                                                                  SHA-512:E8C5DAF01EAE68ED7C1E277A6E544C7AD108A0FA877FB531D6D9F2210769B7DA88E4E002C7B0BE3B72154EBF7CBF01A795C8342CE2DAD368BD6351E956195F8B
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
                                                                                                                                                                                                  Preview: /*!. * Bootstrap v3.3.7 (http://getbootstrap.com). * Copyright 2011-2016 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color:#000;background:#ff0}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1em 40px}hr
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\css2[1].css
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):204
                                                                                                                                                                                                  Entropy (8bit):5.04308254844705
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:3:0SYWFFWlIYCiF15RI5XwDKLRIHDfFRWdFWLRI9j9v7fqzrZqcdJ1NAI7uRlGUBmn:0IFFm15+56ZRWHMqh7izlpddtglDxNin
                                                                                                                                                                                                  MD5:F9E67BD36470A28F1FEFC2FB4D6D0D27
                                                                                                                                                                                                  SHA1:7A40D21435164C8A55C20656FCA2F66FF92DAB75
                                                                                                                                                                                                  SHA-256:7ECE5239BC78D5E242A0CBCEC4087896A6354BD65F12874F2D3973B834F2FBC1
                                                                                                                                                                                                  SHA-512:6CEED0E07AE1072FCD63870682A9E7FB471F21F22AAF885305AA2CA142EACAA50BDB71489C403CAFFD54F3ECFC73B7D1183C7A57DE38FA3617ECD79A2AE13EB3
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
                                                                                                                                                                                                  Preview: @font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-U1UQ.woff) format('woff');.}.
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\KB4-logo[1].png
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:PNG image data, 200 x 75, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):5864
                                                                                                                                                                                                  Entropy (8bit):7.925096866918419
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:96:YRObJZQcSGBG0v6UBnFSai6Xk2kQ6779zVD0nCXYTu4qWeG0a6lS+adxQVwZ5kkt:iO5SGBRBAkelpXY69We5IhdxQVwfkkt
                                                                                                                                                                                                  MD5:20F88CB052864EF047CBF095E46A23B0
                                                                                                                                                                                                  SHA1:5068F0745178BC0C042B6302ED114516981141BD
                                                                                                                                                                                                  SHA-256:65149B7AFD0CCFDEA4CB383944A47825F33B1A80B092ECA6F74CB01F0C186809
                                                                                                                                                                                                  SHA-512:57E78802933898C66F8E2245357883705E732F0686697601C0F3C2C96B9D345BE131DCD4C0118C657C2A55BC397044DBD06456AB68172C3867C4D055B6EC11EF
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://cdn2.hubspot.net/hubfs/241394/html_file/files/img/KB4-logo.png
                                                                                                                                                                                                  Preview: .PNG........IHDR.......K.....5|......IDATx..].x.E........(...^ ..(.!.....ry.*".*...Q.u.s.ka.(..'....{ ...G.I.9 .#..r....a.GuO..$$...~_f..^].W...N.."@CCC...... ... ... ... ... ... ... ... ... .... ... ... ... ... ... ... ... ... ...t...........>| ...,D...9.........".I.C.R..p..Mi>.<.....E+@0 .....S...V.PpO@.$k..b...B)z.qv.p@.Z..+.v.$qi......Hr...j.............v2.D..s!`..3B.e.&..7....H.......|.(R.$.......Z...P.*.....V.jO..6.5... .....X.....5A .h.?.p.V..A..[...._.............$.W....0..k.+.C.Ti..........T7..E..-*. ...a..gu..M....d..d.!m....%.......Q..3.S.h.T.A.2..j@...b.:.^...2..Y.........d..v?..|.7Bl.....8..y...z....Q.o.x... ........1.. .B.PgmHX..k.....d...4........0.........R.:{1.]....n.B.&.!...^V....d....B............T.U~ ..l..[A.........../..d....e.1..V...^.d.. *4<.|..M">!Q.N.#..M.{SR...="a...q.....Y.i.(.-.r..P.[.....X.Op(.%)o.*G%.d-.q......mnH...@....oI^....v..36..r.q^.'..t.:@..;.O9 H.o......+..g.cyy..38.{...........D\.v.d.@.....R..g...?z)..4..!....(V
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\QRF01zv[1].png
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):1666
                                                                                                                                                                                                  Entropy (8bit):7.843362903299294
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:48:1E3hTvNbvJkGGv0nnr5I2rk5boP0gD6EaTMN:1ERb+cr5Z1P0gD6/a
                                                                                                                                                                                                  MD5:29D583007FCD677AA31CA849478BC17A
                                                                                                                                                                                                  SHA1:F354E323218A450060852C344927C3E79D8E7B66
                                                                                                                                                                                                  SHA-256:120EE096F38C1E21083054C15F0F8CFBB02B6740A01D98068E3BE9581E83D453
                                                                                                                                                                                                  SHA-512:4AFC2641D96D1C372D091FD795D39C1AF12149B5EB30DA7BEE6FBFEA0650841067B7D259473BF65706CDD42D1EDF1CC5673B5F5556D1E91F8AE32976490A7E4D
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://i.imgur.com/QRF01zv.png
                                                                                                                                                                                                  Preview: .PNG........IHDR...<...<.....:..r...IIDATh..{.VE.....Y.E.......Uv.B....=. *{....ee....G.%....H/).UR1[.G...d...._m......~:.|.13..~.e.;s...;g......&g.@..w.G..K......{.u+..^...k.....s+...e..R.z...."..............l.z......C.......V.#.}.5(..f5.N`.......e&3".x..g..w..C.......T|...v"w..Q>-(/2.x.A.L..!....r..noB..g|...|.\....U.T...<3.N-...rU.bp%.<.CE........k....0C..|.Sw~.g....!....uf+y.KG.O+Y.h&.....F.......sB...7.|;.r|..\o......;.$...i.wC.ICO.n.h....AJ.N.+.T).........)9..y..?.hs%.".B..k....#.S.....:..!o..Z...|.w2....a..+y.e;..A...x.p+2G/!..1..jTr.S...S.....D.<.G.z.+2..E..>.Z6L.......e.2..R..3...~..%.C.!..f..s.'.;.M...5..k.1..L._B.vA_|.c{......{....*...d...Y.'Q.TS:.7.......|...,.:..-...#.V.*NA..&...iO.....SEE.kW!.y.p.y.m..6b..@=.,.n..i,....q..W...w.f..bg.`|......3.:.K.<..I.[....a..}..%_....{...~..j...)......n}m[...u...._....{....,.t.[ ..g.....&.v.j..2.r5.r5.B..jp..v-.j./.....c.s..$q@..z...oo..g?.z...%..gW.......}.6h....U....o.u.])]..@B);.o.V
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\PGAYGPRO.htm
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:HTML document, ASCII text, with very long lines
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):556
                                                                                                                                                                                                  Entropy (8bit):5.751255253864889
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:12:3R+xnAp6Q/rPAg1tWhLJ+q3GemyuqLJ9YlWt/4AEdeIQL:3Eo6QT4eMh9+Mb7VqW5NEkj
                                                                                                                                                                                                  MD5:E29F472F8FDABCC42F4A714319354832
                                                                                                                                                                                                  SHA1:D380CD566FDE466D955AAC77C9DAB011FA43962B
                                                                                                                                                                                                  SHA-256:092879E02BB81B6B636A80A9D521FEC8A0555965886D3461E40BE1A26D24660B
                                                                                                                                                                                                  SHA-512:DB6C482DA17C86D9268B12873668757BD56F47505CC6B281D44216D54B2C309B761DAE1D20E27D8039EA9DEEE50DA068B63EE47E2FF45B063DB28A5A28A2C1F1
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://covid19.protected-forms.com/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV6ZWxkblJEZzFiMlZCTWxoTlVXaG5aMHRoYW1kc09VSnlja2xZYkc5MlYwdzNOWFpsVERWNUsxWXZiVkJ5YURreFUzTk9kbGt4ZWtoSGRYa3dTM1ppY1hkT0x6Y3pSMFJXVjNsMWRXNVRiRnBCZURZMGJVWkNlRlJ0TVdGM1REZEhNRnA0ZW5keksyTmFZV2hPWVRGd1Z6Tm9iRFVyVlhnd1UwdHhOVkU0YTJsRGRXMDBjMlZOUFMwdGVsSnhlVlJOWkZKRlNIVjZZbEpUYkVscGJUQTJaejA5LS0yNjI0MmEyNmU5MTE4NzY5Nzk4YzQ5Nzk4MGQyMGYxNmNiYmE1MGQy?cid=874637403
                                                                                                                                                                                                  Preview: <html>. <head>. <script>window.location.href = 'https://secured-login.net/pages/c3955b1c48a/XWkZKNVRYQmFTVmxrVkRoek9VTkdXRzVHWjNBM2RtMDBRMlptZVRkdGNFUjFZekV6ZWxkblJEZzFiMlZCTWxoTlVXaG5aMHRoYW1kc09VSnlja2xZYkc5MlYwdzNOWFpsVERWNUsxWXZiVkJ5YURreFUzTk9kbGt4ZWtoSGRYa3dTM1ppY1hkT0x6Y3pSMFJXVjNsMWRXNVRiRnBCZURZMGJVWkNlRlJ0TVdGM1REZEhNRnA0ZW5keksyTmFZV2hPWVRGd1Z6Tm9iRFVyVlhnd1UwdHhOVkU0YTJsRGRXMDBjMlZOUFMwdGVsSnhlVlJOWkZKRlNIVjZZbEpUYkVscGJUQTJaejA5LS0yNjI0MmEyNmU5MTE4NzY5Nzk4YzQ5Nzk4MGQyMGYxNmNiYmE1MGQy';</script>. </head>. <body>. </body>.</html>.
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\dd[1].css
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:UTF-8 Unicode text, with CRLF line terminators
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):4524
                                                                                                                                                                                                  Entropy (8bit):5.108931295370594
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:96:AG5XS7vBkRVkhmRaM44/HLPRaByA+zBRNI:AG5XABkAhmRaM44/H1CyrBRNI
                                                                                                                                                                                                  MD5:DD05B711E15EF201B07E20CB5C87F5D8
                                                                                                                                                                                                  SHA1:41B818B243140D90DA4CA917D454335B603A6BDA
                                                                                                                                                                                                  SHA-256:617F793D125F780AB7BB7C9E92AB427D9E757083E7368E241E8E8FA69F013E4F
                                                                                                                                                                                                  SHA-512:243C149BB8AAF5376EEBAC49833A59F75BA26BEC098AFD8A167D12BDACD3E80D98EE1DA1D82915CC7E4C7FAC747FBFF5D2D687D97F20BDF5C81D67CFA0620F39
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://s3.amazonaws.com/helpimg/landing_pages/css/dd.css
                                                                                                                                                                                                  Preview: .borderRadius{-moz-border-radius:5px; border-radius:5px; }...borderRadiusTp{-moz-border-radius:5px 5px 0 0; border-radius:5px 5px 5px 5px;}...borderRadiusBtm{-moz-border-radius:0 0 5px 5px ; border-radius:5px 5px 5px 5px;}.....ddcommon {position:relative;display:-moz-inline-stack; zoom:1; display:inline-block; *display:inline; cursor:default;}...ddcommon ul{padding:0;margin:0;}...ddcommon ul li{list-style-type:none;}...borderRadiusTp ul li:last-child{-moz-border-radius:0 0 5px 5px ; border-radius:0 0 5px 5px;border-bottom:0 none #c3c3c3; }...borderRadiusBtm ul li:first-child{-moz-border-radius:5px 5px 0 0; border-radius:5px 5px 0 0 ;border-bottom:1 solid #c3c3c3; }.....ddcommon .disabled img, .ddcommon .disabled span, .ddcommon.disabledAll{..opacity: .5; /* standard: ff gt 1.5, opera, safari */..-ms-filter:"alpha(opacity=50)"; /* ie 8 */..filter:alpha(opacity=50); /* ie lt 7 */..-khtml-opacity:.5; /* safari 1.x */..-moz-opacity:.5; /* ff lt 1.5, netscape */..color:#999999;..}...ddcommo
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\mem8YaGs126MiZpBA-U1UQ[1].woff
                                                                                                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  File Type:Web Open Font Format, TrueType, length 55324, version 1.1
                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                  Size (bytes):55324
                                                                                                                                                                                                  Entropy (8bit):7.99064619923168
                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                  SSDEEP:1536:JjsyS1KN5BvtgX74JT3XeCuDfKQDpoKyT0756MILnbr:JjdIKNTvtgX0JKFp2cSz3
                                                                                                                                                                                                  MD5:89BA4E29DC7A63CD15959A5BB068BB0E
                                                                                                                                                                                                  SHA1:250DEBBAEE6E7DC0C79F2BF23D8C84512F03BC10
                                                                                                                                                                                                  SHA-256:3ADC584FB0BEF1FBF9B1C0ECDDDE5727643B4334C734DB78B517AB112D92E1D8
                                                                                                                                                                                                  SHA-512:B7297EE98B51B5E8113CF1E50A8081B82B1A9AED9B386322AADB8CD4689D2C3335AF1858211615DB024AAA47FA3DE9E4C568D145D1C23AC45A7E20EA074D2449
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  IE Cache URL:https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-U1UQ.woff
                                                                                                                                                                                                  Preview: wOFF..............l<........................GDEF.......-.....4.qGPOS................GSUB...........>.w.:OS/2...x..._...`.6..cmap.......h........cvt ...@...Y.....M..fpgm............~a..gasp...8...........#glyf...H......'...A.head.......6...6..cphhea...,... ...$...Phmtx...L........k.2.loca...............tmaxp....... ... . ..name............&:A.post.......B...@...prep...,........C...x.c`d``.a..&.V ......$...../s..#s.s..#. ......................x.U..n.P.D.....am.QmcK........L.@g.w.$....MWS.87SM+....@..8""..y.0RI;;>.f..^.1..W......w\...p.0@...I..v.. ...m"D...1.....L..v7*P!.D..U.......t.)..f..1..|......Y..B..WF.+[...x.c`f..8.....u..1...<.f....................{...h..... 0t.vf.....&.O.....)B..q>H..u..R``.....1.x.....;....L.j.Ms[.m.m..P.m....v.ijkb...... 8p...;.;..y!?......a<L.5..v.8...}4,.K..]l......Q..E.h....4.&...Cs. ...<./........|.....C...(..>b..+..G.E."2.. .td\.\...ef.[6..d79]..}...."......%.Uu......Du.....Tw.....{.hc.@ZGA....0..TX.k[.d\d./Y.w...q.:....;.P.H.c
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\~DF8AF1BA4D4EA076FE.TMP
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):13029
                                                                                                                                                                                                  Entropy (8bit):0.4837867861775243
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:24:c9lLh9lLh9lIn9lIn9losF9loM9lWNzDz+qWq:kBqoIHhNzDz+2
                                                                                                                                                                                                  MD5:9D6E0BBB0C5E099357D6BFD216B16786
                                                                                                                                                                                                  SHA1:751DBA195A2FCC517177E6F6D78C1496AE8F8EB9
                                                                                                                                                                                                  SHA-256:4C7BD8E1D53D0DC11C81EF08AEB94F1BFA9A5A870BFFA6DB6188BA90039C05E7
                                                                                                                                                                                                  SHA-512:A6795A63A758E675E20135E14A0C6A58FCC7401A0E872793F1B77DACC24B896DC517C7157F3B344ECB000CF78724C4FF49675CCECE8223CD7CDC6F99A8ACF96C
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\~DF8C6F444256A1F16A.TMP
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):25441
                                                                                                                                                                                                  Entropy (8bit):0.7402921304129136
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:48:kBqoxxJhHWSVSEabKn0Tqzd9ZN+N8/V/G6LiEgdCvJMBmYIjDBgdEJdOcfdoddLj:kBqoxDhHWSVSE+8lN+N8/VeMvrzE7T
                                                                                                                                                                                                  MD5:F330EC49875C490BFB38FCDD3B00A562
                                                                                                                                                                                                  SHA1:446BB8CF8A49DDBD79040BE763D36EEF40C4E458
                                                                                                                                                                                                  SHA-256:C0C2134B09D8A66960D65C75DED3944A522BF474F73C5AE4DEF307B10216BF2D
                                                                                                                                                                                                  SHA-512:D191C0600CBAA928F35FB035F3EED88363D16EA3E2943EE0B2F42E0A99898BE8D2158737964CD6D494879053B769E4ED0DC991DD7B736526EC30CFA79955A858
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\~DFF6FF6DAE3469FA3D.TMP
                                                                                                                                                                                                  Process:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                  Size (bytes):46768
                                                                                                                                                                                                  Entropy (8bit):1.252252212779373
                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                  SSDEEP:192:kBqoxKAuqR+lLpY7jc06Qme06y06T063r06106D06l06K06H:kBqoxKAuqR+lLpY7jc2me09FrHxHoR
                                                                                                                                                                                                  MD5:CD4FBF9B9F21BC8E55B470496038D806
                                                                                                                                                                                                  SHA1:EF3F53868847C835F665F13E2ED010C429904768
                                                                                                                                                                                                  SHA-256:4C76D2A0FD090A0861EE23571810CC93185DC35178D355111E5D63E5EB125F25
                                                                                                                                                                                                  SHA-512:211A2185B28F529A7F977439A466F5011BD09EC3CFD6E611579BCF19F242AAD34FB6A7D1098B65699C58C4241B017BD97875CE6BAA09B1A815AE253B4DDA45B4
                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                  Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                  Static File Info

                                                                                                                                                                                                  No static file info

                                                                                                                                                                                                  Network Behavior

                                                                                                                                                                                                  Network Port Distribution

                                                                                                                                                                                                  TCP Packets

                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.772777081 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.772799015 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.904176950 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.904441118 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.909414053 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.909562111 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.909634113 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.910265923 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.040949106 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.041939020 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.041992903 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.042011976 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.042018890 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.042047024 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.042069912 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.042073965 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.042130947 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.045747042 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.046777964 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.046812057 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.046839952 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.046864986 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.046880007 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.046890020 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.046932936 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.046956062 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.083152056 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.083847046 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.090070009 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.090126991 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.090379953 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.215536118 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.215554953 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.215758085 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.218015909 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.219352961 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.219393969 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.219610929 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.220320940 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.220340967 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.221353054 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.221493006 CEST49716443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.225740910 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.225908041 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.273518085 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.295013905 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.295034885 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.295217037 CEST49715443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.356028080 CEST4434971534.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.393161058 CEST4434971634.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.933629036 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.940517902 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.065287113 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.065450907 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.066488981 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.072429895 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.072573900 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.073510885 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.197812080 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.198607922 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.198636055 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.198657990 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.198681116 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.198697090 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.198712111 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.198791027 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.205280066 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.206032991 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.206058979 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.206084967 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.206151962 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.206201077 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.206231117 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.206243992 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.206315041 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.863460064 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.864774942 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.865242958 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.871787071 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.873220921 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.995682001 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.995713949 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.995918989 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.996733904 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.996959925 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.997581005 CEST49719443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.003484964 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.003525019 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.003592014 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.003626108 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.004631996 CEST4434971834.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.004662037 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.004713058 CEST49718443192.168.2.334.226.85.79
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.037456036 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.069020033 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.069041967 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.069061041 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.069077969 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.069094896 CEST4434971934.226.85.79192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.069112062 CEST4434971934.226.85.79192.168.2.3

                                                                                                                                                                                                  UDP Packets

                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                  Jun 8, 2021 15:15:55.113228083 CEST5598453192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:15:55.157880068 CEST53559848.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:15:55.902761936 CEST6418553192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:15:55.946855068 CEST53641858.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:03.294976950 CEST6511053192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:03.337441921 CEST53651108.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.710412979 CEST5836153192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.761859894 CEST53583618.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.867662907 CEST6349253192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.919404984 CEST53634928.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.156884909 CEST6083153192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.167767048 CEST6010053192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.194660902 CEST5319553192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.199359894 CEST53608318.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.218709946 CEST53601008.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.237591028 CEST53531958.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.369627953 CEST5014153192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.417982101 CEST53501418.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.521433115 CEST5302353192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.564176083 CEST53530238.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:09.719904900 CEST4956353192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:09.762376070 CEST53495638.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:22.337836981 CEST5135253192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:22.380919933 CEST53513528.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:29.027445078 CEST5934953192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:29.091629982 CEST53593498.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:29.444108963 CEST5708453192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:29.487062931 CEST53570848.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:30.946587086 CEST5882353192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:30.989861012 CEST53588238.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:33.404812098 CEST5756853192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:33.447233915 CEST53575688.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:34.811250925 CEST5756853192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:34.853981018 CEST53575688.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:34.856513977 CEST5054053192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:34.899610996 CEST53505408.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:36.433522940 CEST5054053192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:36.436002970 CEST5756853192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:36.476478100 CEST53505408.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:36.478450060 CEST53575688.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:38.702249050 CEST5054053192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:38.725070953 CEST5756853192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:38.744704962 CEST53505408.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:38.767476082 CEST53575688.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:40.197144985 CEST5436653192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:40.240547895 CEST53543668.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:40.735124111 CEST5054053192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:40.779860973 CEST53505408.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:42.766251087 CEST5756853192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:42.810391903 CEST53575688.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:44.781671047 CEST5054053192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:44.824588060 CEST53505408.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:50.723881006 CEST5303453192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:50.766902924 CEST53530348.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:51.196429014 CEST5776253192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:51.240349054 CEST53577628.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:53.437706947 CEST5543553192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:53.488975048 CEST53554358.8.8.8192.168.2.3
                                                                                                                                                                                                  Jun 8, 2021 15:16:53.616800070 CEST5071353192.168.2.38.8.8.8
                                                                                                                                                                                                  Jun 8, 2021 15:16:53.658987999 CEST53507138.8.8.8192.168.2.3

                                                                                                                                                                                                  DNS Queries

                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.710412979 CEST192.168.2.38.8.8.80x7e18Standard query (0)covid19.protected-forms.comA (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.867662907 CEST192.168.2.38.8.8.80x6d6fStandard query (0)secured-login.netA (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.156884909 CEST192.168.2.38.8.8.80x1776Standard query (0)cdnjs.cloudflare.comA (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.194660902 CEST192.168.2.38.8.8.80x3e93Standard query (0)s3.amazonaws.comA (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.369627953 CEST192.168.2.38.8.8.80x62adStandard query (0)cdn2.hubspot.netA (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.521433115 CEST192.168.2.38.8.8.80x4ec1Standard query (0)i.imgur.comA (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:22.337836981 CEST192.168.2.38.8.8.80xc8c6Standard query (0)favicon.icoA (IP address)IN (0x0001)

                                                                                                                                                                                                  DNS Answers

                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.761859894 CEST8.8.8.8192.168.2.30x7e18No error (0)covid19.protected-forms.comlanding.training.knowbe4.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.761859894 CEST8.8.8.8192.168.2.30x7e18No error (0)landing.training.knowbe4.com34.226.85.79A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:04.761859894 CEST8.8.8.8192.168.2.30x7e18No error (0)landing.training.knowbe4.com18.233.2.161A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.919404984 CEST8.8.8.8192.168.2.30x6d6fNo error (0)secured-login.net34.226.85.79A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.919404984 CEST8.8.8.8192.168.2.30x6d6fNo error (0)secured-login.net18.233.2.161A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.199359894 CEST8.8.8.8192.168.2.30x1776No error (0)cdnjs.cloudflare.com104.16.18.94A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.199359894 CEST8.8.8.8192.168.2.30x1776No error (0)cdnjs.cloudflare.com104.16.19.94A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.237591028 CEST8.8.8.8192.168.2.30x3e93No error (0)s3.amazonaws.com52.216.88.141A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.417982101 CEST8.8.8.8192.168.2.30x62adNo error (0)cdn2.hubspot.net104.17.242.204A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.417982101 CEST8.8.8.8192.168.2.30x62adNo error (0)cdn2.hubspot.net104.17.240.204A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.417982101 CEST8.8.8.8192.168.2.30x62adNo error (0)cdn2.hubspot.net104.17.241.204A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.417982101 CEST8.8.8.8192.168.2.30x62adNo error (0)cdn2.hubspot.net104.17.243.204A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.417982101 CEST8.8.8.8192.168.2.30x62adNo error (0)cdn2.hubspot.net104.17.244.204A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.564176083 CEST8.8.8.8192.168.2.30x4ec1No error (0)i.imgur.comipv4.imgur.map.fastly.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.564176083 CEST8.8.8.8192.168.2.30x4ec1No error (0)ipv4.imgur.map.fastly.net151.101.112.193A (IP address)IN (0x0001)
                                                                                                                                                                                                  Jun 8, 2021 15:16:22.380919933 CEST8.8.8.8192.168.2.30xc8c6Name error (3)favicon.icononenoneA (IP address)IN (0x0001)

                                                                                                                                                                                                  HTTPS Packets

                                                                                                                                                                                                  TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.042069912 CEST34.226.85.79443192.168.2.349716CN=authentlcation.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USMon Feb 08 01:00:00 CET 2021 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Thu Mar 10 00:59:59 CET 2022 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                                                                                                  Jun 8, 2021 15:16:05.046890020 CEST34.226.85.79443192.168.2.349715CN=authentlcation.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USMon Feb 08 01:00:00 CET 2021 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Thu Mar 10 00:59:59 CET 2022 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.198681116 CEST34.226.85.79443192.168.2.349718CN=secured-login.net CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USSat Oct 24 02:00:00 CEST 2020 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Wed Nov 24 00:59:59 CET 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                                                                                                  Jun 8, 2021 15:16:06.206151962 CEST34.226.85.79443192.168.2.349719CN=secured-login.net CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USSat Oct 24 02:00:00 CEST 2020 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Wed Nov 24 00:59:59 CET 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.311980963 CEST104.16.18.94443192.168.2.349722CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IEWed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IEMon Jan 27 13:48:08 CET 2020Wed Jan 01 00:59:59 CET 2025
                                                                                                                                                                                                  Jun 8, 2021 15:16:07.312531948 CEST104.16.18.94443192.168.2.349723CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IEWed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IEMon Jan 27 13:48:08 CET 2020Wed Jan 01 00:59:59 CET 2025
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.347281933 CEST52.216.88.141443192.168.2.349726CN=s3.amazonaws.com, O="Amazon.com, Inc.", L=Seattle, ST=Washington, C=US CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IETue Aug 04 02:00:00 CEST 2020 Tue Dec 08 13:05:07 CET 2015Mon Aug 09 14:00:00 CEST 2021 Sat May 10 14:00:00 CEST 2025771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,03faf2df7ab96c36419c31725cb1fa7d6
                                                                                                                                                                                                  CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=USCN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IETue Dec 08 13:05:07 CET 2015Sat May 10 14:00:00 CEST 2025
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.436007977 CEST52.216.88.141443192.168.2.349727CN=s3.amazonaws.com, O="Amazon.com, Inc.", L=Seattle, ST=Washington, C=US CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IETue Aug 04 02:00:00 CEST 2020 Tue Dec 08 13:05:07 CET 2015Mon Aug 09 14:00:00 CEST 2021 Sat May 10 14:00:00 CEST 2025771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,03faf2df7ab96c36419c31725cb1fa7d6
                                                                                                                                                                                                  CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=USCN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IETue Dec 08 13:05:07 CET 2015Sat May 10 14:00:00 CEST 2025
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.529680967 CEST104.17.242.204443192.168.2.349728CN=hubspot.net, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IESun Jun 06 02:00:00 CEST 2021 Mon Jan 27 13:48:08 CET 2020Mon Jun 06 01:59:59 CEST 2022 Wed Jan 01 00:59:59 CET 2025771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IEMon Jan 27 13:48:08 CET 2020Wed Jan 01 00:59:59 CET 2025
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.529840946 CEST104.17.242.204443192.168.2.349729CN=hubspot.net, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IESun Jun 06 02:00:00 CEST 2021 Mon Jan 27 13:48:08 CET 2020Mon Jun 06 01:59:59 CEST 2022 Wed Jan 01 00:59:59 CET 2025771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=USCN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IEMon Jan 27 13:48:08 CET 2020Wed Jan 01 00:59:59 CET 2025
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.755610943 CEST151.101.112.193443192.168.2.349731CN=*.imgur.com, O="Imgur, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Jan 15 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013Wed Mar 16 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                                                                                                  Jun 8, 2021 15:16:08.755628109 CEST151.101.112.193443192.168.2.349730CN=*.imgur.com, O="Imgur, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Jan 15 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013Wed Mar 16 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                                                                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023

                                                                                                                                                                                                  Code Manipulations

                                                                                                                                                                                                  Statistics

                                                                                                                                                                                                  Behavior

                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                  System Behavior

                                                                                                                                                                                                  Analysis Process: iexplore.exe PID: 5948 Parent PID: 792

                                                                                                                                                                                                  General

                                                                                                                                                                                                  Start time:15:16:02
                                                                                                                                                                                                  Start date:08/06/2021
                                                                                                                                                                                                  Path:C:\Program Files\internet explorer\iexplore.exe
                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                  Commandline:'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
                                                                                                                                                                                                  Imagebase:0x7ff688160000
                                                                                                                                                                                                  File size:823560 bytes
                                                                                                                                                                                                  MD5 hash:6465CB92B25A7BC1DF8E01D8AC5E7596
                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                  Reputation:low

                                                                                                                                                                                                  Analysis Process: iexplore.exe PID: 4768 Parent PID: 5948

                                                                                                                                                                                                  General

                                                                                                                                                                                                  Start time:15:16:03
                                                                                                                                                                                                  Start date:08/06/2021
                                                                                                                                                                                                  Path:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                  Commandline:'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5948 CREDAT:17410 /prefetch:2
                                                                                                                                                                                                  Imagebase:0x11c0000
                                                                                                                                                                                                  File size:822536 bytes
                                                                                                                                                                                                  MD5 hash:071277CC2E3DF41EEEA8013E2AB58D5A
                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                  Reputation:low

                                                                                                                                                                                                  Disassembly

                                                                                                                                                                                                  Reset < >