Play interactive tour

Edit tour

Analysis Report Ref#Doc30504871 Wyg.htm

Overview

General Information

Sample Name:	Ref#Doc30504871 Wyg.htm
Analysis ID:	432824
MD5:	baf3567c1fa8ed5b09f630b5ea6e330f
SHA1:	a978b29366ccfb0bff8f6b3db444c2d477ca5ba6
SHA256:	9b66ebeab829896ff2c36801c6818e13c842d08baaee081f027e4985245cff82
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	68
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Yara detected HtmlPhish10

Yara detected HtmlPhish44

Phishing site detected (based on logo template match)

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

No HTML title found

None HTTPS page querying sensitive user data (password, username or email)

Suspicious form URL found

Classification

Process Tree

System is w10x64

iexplore.exe (PID: 4240 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 3156 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4240 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

Initial Sample

Source	Rule	Description	Author	Strings
Ref#Doc30504871 Wyg.htm	JoeSecurity_HtmlPhish_44	Yara detected HtmlPhish_44	Joe Security

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus detection for URL or domain

Show sources

Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news	SlashNext: Label: Fake Login Page type: Phishing & Social Engineering
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home	SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish10

Show sources

Source: Yara match

File source: 580913.pages.csv, type: HTML

Yara detected HtmlPhish44

Show sources

Source: Yara match

File source: Ref#Doc30504871 Wyg.htm, type: SAMPLE

Phishing site detected (based on logo template match)

Show sources

Source: file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm

Matcher: Template: sharepoint matched

Source: file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm	HTTP Parser: HTML title missing
Source: file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm	HTTP Parser: HTML title missing

Source: file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm	HTTP Parser: Has password / email / username input fields
Source: file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm	HTTP Parser: Has password / email / username input fields

Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news	HTTP Parser: Form action: /rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid_4_1252899642&fid=4&fav_1&rand_13InboxLight_aspxn_1774256418&fid_1252899642&fid_1&email=uzohifeanyi%40outlook.com&_rand=13InboxLight.aspx%3Fn%3D1774256418#gf_1
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news	HTTP Parser: Form action: /rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid_4_1252899642&fid=4&fav_1&rand_13InboxLight_aspxn_1774256418&fid_1252899642&fid_1&email=uzohifeanyi%40outlook.com&_rand=13InboxLight.aspx%3Fn%3D1774256418#gf_1
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home	HTTP Parser: Form action: /rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid_4_1252899642&fid=4&fav_1&rand_13InboxLight_aspxn_1774256418&fid_1252899642&fid_1&email=uzohifeanyi%40outlook.com&_rand=13InboxLight.aspx%3Fn%3D1774256418#gf_1
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home	HTTP Parser: Form action: /rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid_4_1252899642&fid=4&fav_1&rand_13InboxLight_aspxn_1774256418&fid_1252899642&fid_1&email=uzohifeanyi%40outlook.com&_rand=13InboxLight.aspx%3Fn%3D1774256418#gf_1

Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news	HTTP Parser: No <meta name="author".. found
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm	HTTP Parser: No <meta name="author".. found
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home	HTTP Parser: No <meta name="author".. found
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home	HTTP Parser: No <meta name="author".. found

Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news	HTTP Parser: No <meta name="copyright".. found
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news	HTTP Parser: No <meta name="copyright".. found
Source: file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm	HTTP Parser: No <meta name="copyright".. found
Source: file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm	HTTP Parser: No <meta name="copyright".. found
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home	HTTP Parser: No <meta name="copyright".. found
Source: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Source: unknown	HTTPS traffic detected: 169.55.190.245:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 169.55.190.245:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 89.187.169.26:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 89.187.169.26:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.3:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.194.76.156:443 -> 192.168.2.3:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.194.76.156:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.16.99:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.16.99:443 -> 192.168.2.3:49759 version: TLS 1.2

Source: Joe Sandbox View	IP Address: 104.16.18.94 104.16.18.94
Source: Joe Sandbox View	IP Address: 104.16.18.94 104.16.18.94

Source: Joe Sandbox View

JA3 fingerprint: 9e10692f1b7f78228b2d4e424db3a98c

Source: gtm[1].js.2.dr	String found in binary or memory: "vtp_html":"\n\u003Cscript type=\"text\/gtmscript\"\u003E!function(b,e,f,g,a,c,d){b.fbq\|\|(a=b.fbq=function(){a.callMethod?a.callMethod.apply(a,arguments):a.queue.push(arguments)},b._fbq\|\|(b._fbq=a),a.push=a,a.loaded=!0,a.version=\"2.0\",a.queue=[],c=e.createElement(f),c.async=!0,c.src=g,d=e.getElementsByTagName(f)[0],d.parentNode.insertBefore(c,d))}(window,document,\"script\",\"https:\/\/connect.facebook.net\/en_US\/fbevents.js\");fbq(\"init\",\"1103530543356374\");fbq(\"track\",\"PageView\");\u003C\/script\u003E\n\u003Cnoscript\u003E\n \u003Cimg height=\"1\" width=\"1\" src=\"https:\/\/www.facebook.com\/tr?id=1103530543356374\u0026amp;ev=PageView\n\u0026amp;noscript=1\"\u003E\n\u003C\/noscript\u003E\n", equals www.facebook.com (Facebook)
Source: fbevents[1].js.2.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("signalsFBEventsGetTier");e.exports=function(b,c){c=a(c);c=c==null?"www.facebook.com":"www."+c+".facebook.com";return"https://"+c+"/signals/iwl.js?pixel_id="+b}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}};e.exports=new h(function(d,e){function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=function(){n.removeItem(m),a.close()};e.src=i(c,g.ENDPOINT);b.body&&b.body.appendChild(e)}var o=!1,p=function(a){return!!(e&&e.pixelsByID&&Object.prototype.hasOwnProperty.call(e.pixelsByID,a))};function q(){if(o)return;var b=n.getItem(m);if(!b)return;b=JSON.parse(b);var c=b.pixelID,d=b.graphToken,e=b.sessionStartTime;o=!0;h(c,function(){var b=p(c)?c:null;a.FacebookIWL.init(b,d,e)})}function r(b){if(o)return;h(b,func

Source: unknown

DNS traffic detected: queries for: icons.iconarchive.com

Source: jquery-ui.min[1].js.2.dr	String found in binary or memory: http://jqueryui.com
Source: jquery-ui[1].css.2.dr	String found in binary or memory: http://jqueryui.com/themeroller/?ffDefault=Verdana%2CArial%2Csans-serif&fwDefault=normal&fsDefault=1
Source: style[1].css.2.dr	String found in binary or memory: http://kelownawebsitedesign.com
Source: style[1].css.2.dr	String found in binary or memory: http://opensource.org/licenses/mit-license.php
Source: uikit.min[1].css.2.dr, uikit.min[1].js.2.dr	String found in binary or memory: http://www.getuikit.com
Source: gtm[1].js.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: analytics[1].js.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: gtm[1].js.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: pro-fa-solid-900-5.12.0[1].eot.2.dr, pro.min[1].css.2.dr	String found in binary or memory: https://fontawesome.com
Source: pro.min[1].css.2.dr	String found in binary or memory: https://fontawesome.com/license
Source: pro-fa-solid-900-5.12.0[1].eot.2.dr, pro-fa-brands-400-5.0.0[1].eot.2.dr, pro-fa-regular-400-5.0.3[1].eot.2.dr, pro-fa-light-300-5.11.2[1].eot.2.dr	String found in binary or memory: https://fontawesome.comhttps://fontawesome.comFont
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7B1i03Sup6.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7B7y03Sup6.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BAyo3Sup6.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup6.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUOjIg1_i6t8kCHKm459WxZqh7k29U.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZBg_z_PZ2.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZFgrz_PZ2.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZOg3z_PZ2.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZSgnz_PZ2.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZYgzz_PZ2.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZbgjz_PZ2.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZ2.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm459WxRyS7g.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD-A.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_aZA3gnD-A.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD-A.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD-A.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD-A.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD-A.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD-A.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhzQ.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4TbMDrMfJg.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrMfJg.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfJg.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjNDrMfJg.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJg.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4bbLDrMfJg.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4cHLDrMfJg.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrMfJg.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejMDrMfJg.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrc.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrc.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtaorCIPrc.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrc.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrc.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrc.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrc.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrc.woff)
Source: 2fed3568f8[1].js.2.dr	String found in binary or memory: https://ka-p.fontawesome.com
Source: 2fed3568f8[1].js.2.dr	String found in binary or memory: https://kit-uploads.fontawesome.com
Source: 2fed3568f8[1].js.2.dr	String found in binary or memory: https://kit.fontawesome.com
Source: gtm[1].js.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: analytics[1].js.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: analytics[1].js.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm[1].js.2.dr	String found in binary or memory: https://www.google.com
Source: gtm[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?id=
Source: gtm[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: {33F77249-CA60-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.premierpaw/Desktop/Ref#Doc30504871%20Wyg.htm
Source: style[1].css.2.dr	String found in binary or memory: https://www.premierpawn.com/
Source: ~DF55F19B4DA9BBA44A.TMP.1.dr	String found in binary or memory: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Source: unknown	HTTPS traffic detected: 169.55.190.245:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 169.55.190.245:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 89.187.169.26:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 89.187.169.26:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.13.92.14:443 -> 192.168.2.3:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.194.76.156:443 -> 192.168.2.3:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.194.76.156:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.16.99:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.16.99:443 -> 192.168.2.3:49759 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.winHTM@3/221@9/6

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DFE6443AA25220534E.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4240 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4240 CREDAT:17410 /prefetch:2

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information1	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://www.premierpawn.com/	0%	Avira URL Cloud	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418	0%	Avira URL Cloud	safe
https://www.premierpaw/Desktop/Ref#Doc30504871%20Wyg.htm	0%	Avira URL Cloud	safe
https://fontawesome.comhttps://fontawesome.comFont	0%	Avira URL Cloud	safe
http://kelownawebsitedesign.com	0%	Avira URL Cloud	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
www.google.de	172.217.16.99	true	false	high
scontent.xx.fbcdn.net	31.13.92.14	true	false	high
icons.iconarchive.com	172.67.186.2	true	false	high
stats.l.doubleclick.net	173.194.76.156	true	false	high
spai.b-cdn.net	89.187.169.26	true	false	high
cdnjs.cloudflare.com	104.16.18.94	true	false	high
premierpawn.com	169.55.190.245	true	false	unknown
kit.fontawesome.com	unknown	unknown	false	high
cdn.shortpixel.ai	unknown	unknown	false	unknown
www.premierpawn.com	unknown	unknown	false	unknown
connect.facebook.net	unknown	unknown	false	high
ka-p.fontawesome.com	unknown	unknown	false	high
stats.g.doubleclick.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
file:///C:/Users/user/Desktop/Ref%23Doc30504871%20Wyg.htm	true		low
https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown
https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://jqueryui.com/themeroller/?ffDefault=Verdana%2CArial%2Csans-serif&fwDefault=normal&fsDefault=1	jquery-ui[1].css.2.dr	false		high
https://fontawesome.com	pro-fa-solid-900-5.12.0[1].eot.2.dr, pro.min[1].css.2.dr	false		high
https://ka-p.fontawesome.com	2fed3568f8[1].js.2.dr	false		high
https://kit.fontawesome.com	2fed3568f8[1].js.2.dr	false		high
https://www.premierpawn.com/	style[1].css.2.dr	false	Avira URL Cloud: safe	unknown
https://www.google.%/ads/ga-audiences	analytics[1].js.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	low
http://opensource.org/licenses/mit-license.php	style[1].css.2.dr	false		high
https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418	~DF55F19B4DA9BBA44A.TMP.1.dr	false	Avira URL Cloud: safe	unknown
https://fontawesome.com/license	pro.min[1].css.2.dr	false		high
http://jqueryui.com	jquery-ui.min[1].js.2.dr	false		high
https://www.premierpaw/Desktop/Ref#Doc30504871%20Wyg.htm	{33F77249-CA60-11EB-90E4-ECF4BB862DED}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/j/collect	analytics[1].js.2.dr	false		high
http://www.getuikit.com	uikit.min[1].css.2.dr, uikit.min[1].js.2.dr	false		high
https://fontawesome.comhttps://fontawesome.comFont	pro-fa-solid-900-5.12.0[1].eot.2.dr, pro-fa-brands-400-5.0.0[1].eot.2.dr, pro-fa-regular-400-5.0.3[1].eot.2.dr, pro-fa-light-300-5.11.2[1].eot.2.dr	false	Avira URL Cloud: safe	unknown
http://kelownawebsitedesign.com	style[1].css.2.dr	false	Avira URL Cloud: safe	unknown
https://cct.google/taggy/agent.js	gtm[1].js.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://kit-uploads.fontawesome.com	2fed3568f8[1].js.2.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
173.194.76.156	stats.l.doubleclick.net	United States	15169	GOOGLEUS	false
172.217.16.99	www.google.de	United States	15169	GOOGLEUS	false
31.13.92.14	scontent.xx.fbcdn.net	Ireland	32934	FACEBOOKUS	false
89.187.169.26	spai.b-cdn.net	Czech Republic	60068	CDN77GB	false
169.55.190.245	premierpawn.com	United States	36351	SOFTLAYERUS	false
104.16.18.94	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

General Information

Joe Sandbox Version:	32.0.0 Black Diamond
Analysis ID:	432824
Start date:	10.06.2021
Start time:	19:52:46
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 5m 57s
Hypervisor based Inspection enabled:	false
Report type:	light
Sample file name:	Ref#Doc30504871 Wyg.htm
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	24
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal68.phis.winHTM@3/221@9/6
Cookbook Comments:	Adjust boot time Enable AMSI Found application associated with file extension: .htm Browsing link: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#home Browsing link: https://www.premierpawn.com/rrt/xxtb/sharepoints/passchallenge.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=uzohifeanyi@outlook.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#news
Warnings:	Show All Exclude process from analysis (whitelisted): taskhostw.exe, MpCmdRun.exe, BackgroundTransferHost.exe, ielowutil.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, UsoClient.exe TCP Packets have been reduced to 100 Created / dropped Files have been reduced to 100 Excluded IPs from analysis (whitelisted): 104.43.193.48, 104.42.151.234, 88.221.62.148, 142.250.201.202, 104.18.23.52, 104.18.22.52, 142.250.180.202, 172.217.18.67, 216.58.214.232, 216.58.214.206, 142.250.180.196, 152.199.19.161, 184.30.24.56, 40.126.31.4, 40.126.31.141, 40.126.31.143, 20.190.159.136, 20.190.159.138, 40.126.31.1, 20.190.159.132, 40.126.31.137, 20.82.210.154, 2.20.142.210, 2.20.142.209, 20.54.26.129, 92.122.213.247, 92.122.213.194 Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, au.download.windowsupdate.com.edgesuite.net, ka-p.fontawesome.com.cdn.cloudflare.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, www.tm.a.prd.aadg.trafficmanager.net, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, go.microsoft.com, www.googletagmanager.com, login.live.com, audownload.windowsupdate.nsatc.net, www.google.com, arc.trafficmanager.net, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, www.google-analytics.com, kit.fontawesome.com.cdn.cloudflare.net, fonts.googleapis.com, fs.microsoft.com, www-google-analytics.l.google.com, ajax.googleapis.com, fonts.gstatic.com, ie9comview.vo.msecnd.net, www-googletagmanager.l.google.com, ris-prod.trafficmanager.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, login.msa.msidentity.com, skypedataprdcolcus15.cloudapp.net, ris.api.iris.microsoft.com, dub2.current.a.prd.aadg.trafficmanager.net, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, skypedataprdcolwus16.cloudapp.net, cs9.wpc.v0cdn.net, www.tm.lg.prod.aadmsa.trafficmanager.net Not all processes where analyzed, report is missing behavior information Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
104.16.18.94	https://bit.ly/35cYpiT	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	http://rva.fonotecanacional.gob.mx/preview-assets/css/smoothness/reports/chron_import.php?spent=1s0xppx5zxx96n&science=sun&round=hand	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	https://bit.ly/2XaOiGR	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	https://bitly.com/2Xaw8VA	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	https://j.mp/3rJBANn	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	http://www.rekmall.net/.well-known/acme-challenge/act_contactar2/admin_cat/mgc_chatbox/information-12/pspbrwse.php?sit=ervw1yb1atp20npd0&remember=quiet&feel=sleep	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	http://rassrochka.rusfishcom.ru/wp-snapshots/mailpage/information-66.php?sit=11kdh2bsq0r0z&bright=afraid&produce=sets	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	https://bitly.com/3nmYKXc	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	https://j.mp/2URXSx8	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	https://bit.ly/33I4Nht	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	https://bit.ly/2Gwx0iC	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	https://bit.ly/3jDHDOo	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
	http://Kardanan.com	Get hash	malicious	Browse	cdnjs.cloudflare.com/ajax/libs/datamaps/0.5.8/datamaps.all.js

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
cdnjs.cloudflare.com	Evershedsnicea NDA file attach...htm	Get hash	malicious	Browse	104.16.18.94
	Check 57549.Html	Get hash	malicious	Browse	104.16.19.94
	7 #U039c#U0456#U0455#U0455#U0435d #U0441#U0430II#U0455.htm	Get hash	malicious	Browse	104.16.19.94
	#Ud83d#Udcde_#U25b6#Ufe0f.htm	Get hash	malicious	Browse	104.16.19.94
	wzdu53.exe	Get hash	malicious	Browse	104.16.19.94
	The Village.html	Get hash	malicious	Browse	104.16.19.94
	#Ud83d#Udcde VM_58490931 Recoding.wav - 20223 PM.htm.htm	Get hash	malicious	Browse	104.16.19.94
	#Ud83d#Udda8northerntrust.hscni.net 692233150-queue-7828.htm	Get hash	malicious	Browse	104.16.19.94
	2ff0174.dll	Get hash	malicious	Browse	104.16.18.94
	Paid INV for Robert.landis Khs-net.htm	Get hash	malicious	Browse	104.16.18.94
	06.08.21 Inv & AP Statement - Copy.htm	Get hash	malicious	Browse	104.16.18.94
	#Ud83d#Udda8rocket.com 1208421(69-queue-2615.htm	Get hash	malicious	Browse	104.16.19.94
	Payment Advice 006062021.htm	Get hash	malicious	Browse	104.16.19.94
	A4C57DF59F0C85EEBCB7B40263D8C3DE037F41B7D2D43.exe	Get hash	malicious	Browse	104.16.18.94
	receipt620.htm	Get hash	malicious	Browse	104.16.18.94
	#Ud83d#Udcde_#U25b6#Ufe0fPlay_to_Listen.htm	Get hash	malicious	Browse	104.16.19.94
	original phishing email.html	Get hash	malicious	Browse	104.16.18.94
	212161C3EFE82736FA483FC9E168CE71#U007eC2#U007e1B6B2C73#U007e00#U007e1.xlsx	Get hash	malicious	Browse	104.16.18.94
	New_Messagejacob@steinborn.comMessage.html	Get hash	malicious	Browse	104.16.18.94
	treetop-payroll-075491-pdf.HtmL	Get hash	malicious	Browse	104.16.18.94
icons.iconarchive.com	po1-atp-22Apr.html	Get hash	malicious	Browse	172.67.186.2
	po1-atp.html	Get hash	malicious	Browse	104.21.19.112
	Skeeter.html	Get hash	malicious	Browse	104.21.19.112
	PO.html	Get hash	malicious	Browse	172.67.186.2
	POrder.html	Get hash	malicious	Browse	172.67.186.2
	https://sharepointsfile.eu-gb.cf.appdomain.cloud/redirect/?param=YW50d2VycGVuLmNlbnRydW1AY20uYmU=	Get hash	malicious	Browse	104.27.191.192
	https://sharia-point.us-south.cf.appdomain.cloud/redirect/?email=Kristine_Bridges@baylor.edu&data=04\|01\|Kristine_Bridges@baylor.edu\|a64194d2378542e06dfc08d8a2802868\|22d2fb35256a459bbcf4dc23d42dc0a4\|0\|0\|637438018615913999\|Unknown\|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=\|0&sdata=smYCgJbR96G/HzImvOXjT6991bTFo5/ZZGjJwucJySM=&reserved=0	Get hash	malicious	Browse	104.27.191.192
	https://greens.us-south.cf.appdomain.cloud/smain/?op=c2FsZXNAZm9yZHdheS5jb20=&/yanief4OLVfRFm.php?83_aJjkvU053dh2qESwbhSn93984jjd8pksh_048jdkkd9n488	Get hash	malicious	Browse	104.27.190.192
	https://feeds.eu-gb.cf.appdomain.cloud/redirect/?email=sales@fordway.com	Get hash	malicious	Browse	104.27.190.192
	POrder.html	Get hash	malicious	Browse	172.67.151.106
	https://u19125531.ct.sendgrid.net/ls/click?upn=xjpmsvvgLV84ud6ykgCFtKIJqbhqiiQ6T-2FC5s2i0IuduuG9-2F5jM4uhdsOW9xaT41HgCgyTomYT1rJpkggKxRH51ZlMifMnMR76v2qnc8EsoHKX72uE7bVpwKF6iH874KORVXi1kDkPoY4WJX6tMutQ-3D-3Ds3O2_B23bv3KjH97q3aPsYdTmlLBjXw-2FxHcZy8Rc6e72BVatoBXaexv1pzGmM10LI5AcaD3B54D-2FulZ7o-2B52hWKcp6toYRTrbLeV3OOUctQADFJ8sSHCBhyFyK9FFWTQu5TAN6AP4-2BnozVViVyqCREOQycTFMmsRs2kRTf9cUNV2roSVmRPYl-2BTu-2FyVME2CELEsnLWbeZtaoUtqajaNEf5vsLVsZC9o7rfWp7Ix7FLfzd8Tmw1O2PppTXpKsgdsrGeo9oOEQqM6PM8AouvJ1c0ly6NB-2Fi67TwkN547yXo1gO2bweZ9jpeNpCietdoone-2BFHgAfwWN-2BfKQPBe2oysTq3KqphSckSWpbbI8H0Q-2BNBtdZg40C8QxQzWODVoXalE-2BvZ7DR2hlF9qZvp89Jgp14D2H43yA4QlhykryzwxYGrJjRMAkRGQAeVBrJ-2BrPAn6fHqE-2ByASiN-2FCIdwgECHVWE7MXhpRKCmvE0krabcSQO2METpnh-2F2uT3MuxaDTRa25zwLRMGMNarS7idbVp3Aa-2F5nj5rCrl4-2FEbex153IYTbqvfYSlVY73Th0g3Sy-2Fkc3alRi74mBSPn1MdUOyr5zvwAKf6P9hLuKAAlcvXnu23Hy6feCLf7Dfyvi3vnzJRbO1ehfwF1murB1AVH96jFXpBIxk9QBdyO28r2-2FrUOGoC-2BkH0oeqCtFVD3h9n7cBC-2Bb2ifqC7hBEB-2Bwm5-2FBONcNSn8ZNoSuTeOKD5Rf2bfsbkWCHL3Tdb-2FAauUCouS-2FfCiXV82-2B3Q2syBXcomeTQreEZI6ifQIop3BMm3kpxevk-2B1dotxt8k1DLhLOhJuM12XMOqJ36Yjg10XQ6s3ONmTC0zJ-2F0Z81STyGuYnYOXp4wH-2BKZlpgpw-3D	Get hash	malicious	Browse	104.31.72.163
	https://mincast.us-south.cf.appdomain.cloud/redirect/?email=prampon@soteb.fr	Get hash	malicious	Browse	172.67.212.166
	https://meetingwithmd.eu-gb.cf.appdomain.cloud/redirect/?email=info@voegtle.de	Get hash	malicious	Browse	172.67.185.115
	https://eprints.tktk.ee/cgi/set_lang?referrer=https%3A%2F%2Fopps.us-south.cf.appdomain.cloud%2Fredirect/?email=john.doe@milkingab.com	Get hash	malicious	Browse	172.67.185.115
	https://nishimurakoumuten.com/assets/images/wood/outlookExpress/index.php?email=	Get hash	malicious	Browse	104.27.129.162
	https://stagparadisebudapest.com/goingstrong?	Get hash	malicious	Browse	104.27.129.162
	tmp3442.HTM	Get hash	malicious	Browse	172.67.185.115
	tmp7A9.HTM	Get hash	malicious	Browse	104.27.128.162
	tmp8EC0.HTM	Get hash	malicious	Browse	104.27.128.162
	https://u16155601.ct.sendgrid.net/ls/click?upn=A8c8TPcN5tpU3XvHkwU4SV9gO3DGRnLKMTXNksKihhwj-2BeAVJlcyCNT8-2FHE9gLEilCBS4y3onYdwAqG6xxdEiHKc3HjTy7DAovSvxwq-2BeAUDT7GuPnacJJriSfb57ok20iPE2lYEUXiW87ZQBr-2F37vizn2sLjKlI67gf6t3JyW4-3DSdmt_9cFwG5DSL37NF4NwRiUyooPh26FczTD-2FLPUp7OKhqxXYYRfOFexvUJOvqTynML1vztEpcQPPrxENXFLUdmQ01kKEEY55WnovrRRoqIdq8QQV3o-2Fw30Uc4qLThl3g-2FNxUCM7TeZ9cD3PJn4-2B0jw2rsALYQnsVKegSel-2Fsg6zBoPEn7YYYUhr9MVQFgW6E9llkSt3IHk6q4NQDV5-2FxAiZT8UJiV0CkOErNo963Wf3zscU-3D	Get hash	malicious	Browse	172.67.161.25

ASN

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
CDN77GB	SecuriteInfo.com.Variant.Bulz.383129.23206.exe	Get hash	malicious	Browse	84.17.52.18
	SecuriteInfo.com.Variant.Bulz.383129.29566.exe	Get hash	malicious	Browse	84.17.52.18
	saturo[1].htm	Get hash	malicious	Browse	89.187.165.8
	Main-lnstall-v6.8.exe	Get hash	malicious	Browse	195.181.169.92
	base.apk	Get hash	malicious	Browse	89.187.165.193
	base.apk	Get hash	malicious	Browse	89.187.165.193
	Tooligram_PRO.exe	Get hash	malicious	Browse	89.187.165.193
	Tooligram_PRO.exe	Get hash	malicious	Browse	89.187.165.193
	V3kT2daGkz.exe	Get hash	malicious	Browse	89.187.165.193
	iZbQHmJevF.exe	Get hash	malicious	Browse	195.181.169.92
	wzdu53.exe	Get hash	malicious	Browse	89.187.165.193
	r.html	Get hash	malicious	Browse	89.187.165.193
	r.html	Get hash	malicious	Browse	89.187.165.193
	BIWJpWWvYm.exe	Get hash	malicious	Browse	195.181.169.92
	7kfeiwt9fQ.exe	Get hash	malicious	Browse	195.181.169.92
	T63KcJGbEj.exe	Get hash	malicious	Browse	195.181.169.92
	StF5kb6YwZ.exe	Get hash	malicious	Browse	195.181.169.92
	CKanpsCMIo.exe	Get hash	malicious	Browse	195.181.169.92
	Fhh8cKq0JH.exe	Get hash	malicious	Browse	195.181.169.92
	TH6erahmls.exe	Get hash	malicious	Browse	195.181.169.92
CLOUDFLARENETUS	DNPr7t0GMY.exe	Get hash	malicious	Browse	23.227.38.74
	o8RYFTZsuU.exe	Get hash	malicious	Browse	162.159.129.233
	MrjC4jkPL8.exe	Get hash	malicious	Browse	162.159.129.233
	3c2pU82NQD.exe	Get hash	malicious	Browse	104.21.19.200
	#Ud83d#Udce9-peter.nash.htm	Get hash	malicious	Browse	104.18.11.207
	SKlGhwkzTi.exe	Get hash	malicious	Browse	104.21.65.7
	RFQ-sib.exe	Get hash	malicious	Browse	104.21.19.200
	PO.doc	Get hash	malicious	Browse	104.21.19.200
	Evershedsnicea NDA file attach...htm	Get hash	malicious	Browse	104.16.18.94
	SecuriteInfo.com.Trojan.PackedNET.825.24532.exe	Get hash	malicious	Browse	172.67.188.154
	090049000009000.exe	Get hash	malicious	Browse	104.21.19.200
	Letter 1019.xlsx	Get hash	malicious	Browse	172.67.161.4
	fTxhRIDnrC.dll	Get hash	malicious	Browse	104.20.185.68
	Proforma Invoice and Bank swift-REG.PI-0086547654.exe	Get hash	malicious	Browse	23.227.38.74
	UGGJ4NnzFz.exe	Get hash	malicious	Browse	23.227.38.74
	Order.exe	Get hash	malicious	Browse	104.21.40.174
	DocumentScanCopy2021_pdf.exe	Get hash	malicious	Browse	104.21.19.200
	RRY0yKj2HM.dll	Get hash	malicious	Browse	104.20.184.68
	SecuriteInfo.com.Trojan.PackedNET.721.2973.exe	Get hash	malicious	Browse	104.23.98.190
	SecuriteInfo.com.Trojan.PackedNET.831.4134.exe	Get hash	malicious	Browse	104.23.98.190
SOFTLAYERUS	7 #U039c#U0456#U0455#U0455#U0435d #U0441#U0430II#U0455.htm	Get hash	malicious	Browse	169.46.118.100
	ManyToOneMailMerge Ver 18.2.dotm	Get hash	malicious	Browse	159.253.128.188
	06.08.21 Inv & AP Statement - Copy.htm	Get hash	malicious	Browse	169.46.89.154
	Payment slip.exe	Get hash	malicious	Browse	169.56.29.200
	a8eC6O6okf.exe	Get hash	malicious	Browse	119.81.95.146
	Windows Defender#U68c0#U67e5#U5de5#U5177.exe	Get hash	malicious	Browse	50.23.197.95
	#U266b Audio_47920.wavv - - Copy.html	Get hash	malicious	Browse	169.47.124.25
	BS.exe	Get hash	malicious	Browse	103.226.228.233
	American Freight Payment Advice.html	Get hash	malicious	Browse	169.47.124.25
	EASTWAY COMNAGA SB PAYMENT BANK IN SLIP 250521_PDF.exe	Get hash	malicious	Browse	192.253.242.6
	de725d13_by_Libranalysis.exe	Get hash	malicious	Browse	50.23.197.95
	$RAULIU9.exe	Get hash	malicious	Browse	198.252.103.41
	Receipt565647864.html	Get hash	malicious	Browse	158.177.118.97
	350969bc_by_Libranalysis.exe	Get hash	malicious	Browse	119.81.45.82
	Open_Invoice_and_statements.htm	Get hash	malicious	Browse	158.176.79.200
	2x93jpW0Ac.dmg	Get hash	malicious	Browse	108.168.175.167
	4wHhXGk3b9.dmg	Get hash	malicious	Browse	108.168.175.167
	networkservice.exe	Get hash	malicious	Browse	69.56.135.212
	6544THReceipt56GFHD.html	Get hash	malicious	Browse	158.177.118.97
	a7ac1595_by_Libranalysis.exe	Get hash	malicious	Browse	159.8.59.82

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
9e10692f1b7f78228b2d4e424db3a98c	#Ud83d#Udce9-peter.nash.htm	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	fTxhRIDnrC.dll	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	RRY0yKj2HM.dll	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	Check 57549.Html	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	sat1_0609_2.dll	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	7 #U039c#U0456#U0455#U0455#U0435d #U0441#U0430II#U0455.htm	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	Yl6482CO6U.exe	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	ManyToOneMailMerge Ver 18.2.dotm	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	Sleek_Free.exe	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	WV Northern Community College.docx	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	LVh23zF9x9.exe	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	d7b9ef581459a0d8f94b789ae07a9e0892c0f0d0bcc74.dll	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	d7b9ef581459a0d8f94b789ae07a9e0892c0f0d0bcc74.dll	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	The Village.html	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	RFQ-INV-PAYMENT.Htm	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	#Ud83d#Udcde VM_58490931 Recoding.wav - 20223 PM.htm.htm	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	Bills Pending Approval.html	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	#Ud83d#Udda8northerntrust.hscni.net 692233150-queue-7828.htm	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	2ff0174.dll	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26
	e621ca05.exe	Get hash	malicious	Browse	173.194.76.156 172.217.16.99 31.13.92.14 169.55.190.245 104.16.18.94 89.187.169.26

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\FHKI20RE\www.premierpawn[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	26
Entropy (8bit):	2.469670487371862
Encrypted:	false
SSDEEP:	3:D90aK1r0aKb:JFK1rFKb
MD5:	132294CA22370B52822C17DCB5BE3AF6
SHA1:	DD26B82638AD38AD471F7621A9EB79FED448A71C
SHA-256:	451ABBE0AEFC000F49967DABF8D42344D146429F03C8C8D4AE5E33FF9963CF77
SHA-512:	6D5808CAD199A785C82763C68F0AE1F4938C304B46B70529EA26B3D300EF9430AD496C688D95D01588576B3A577001D62245D98137FD5CD825AD62E17D36F15C
Malicious:	false
Reputation:	high, very likely benign file
Preview:	<root></root><root></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{33F77247-CA60-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	33368
Entropy (8bit):	1.881452287296359
Encrypted:	false
SSDEEP:	96:rIZPZs2qWN+ItN+vfN+rhMN+9N+VN+5XfN+5O+MrN+sO6h:rIZPZs2qWdtKfghM++YXfYO+MrxO6h
MD5:	8A806458A25BBAED1919983546E58AD1
SHA1:	E303E0F8EEFDE74A0D561DFD82FDB52978162596
SHA-256:	BE9EBE19ECBC0F7EA99020FA521B1847BBC0EED209E58EC888AF1362FEAB4138
SHA-512:	DF5713C7410AA44A3DE5E2AAD906C375C10D12111E32F85D6EE4A189A427A48BBE9E9525BE9EDACBE92C191FB3B19D4C9E80C4329EC554979436E78169296682
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{33F77249-CA60-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	62096
Entropy (8bit):	2.605682952324152
Encrypted:	false
SSDEEP:	384:r5M2mRw7adqJIvYICZQIRhaw6wp9hBW6wTnYE4NlwT6sSXZeciG:tbLkwzh7wTtkwT6FXZecr
MD5:	C8CDC97D619F7B35E3D59C1D6E91F933
SHA1:	3480F7A7454F8B3FE1E330F5522DAB8443FC723C
SHA-256:	BC5CBBDE93DC8B7D2FF924289F43AF5E91D6EEB9B5AD18F2B2D35879BF549B87
SHA-512:	6A0A51300254EB8D806F3370A666E8B4606B52B3D7C80AB846B272964C792507B647489F40AC8D55E1876B510C24919578A1169C2E43BA46397857FB099314C3
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{33F7724A-CA60-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.563401184769611
Encrypted:	false
SSDEEP:	48:IwGGcpr3GwpaOG4pQiGrapbSlGQpK+G7HpRJTGIpG:raZhQu6kBSPA5TvA
MD5:	D812870B696A3E1DECCA9A8CFD48C302
SHA1:	B9D0EA645CF504379CCA1E5722BC5661CB27A315
SHA-256:	49DCBCB619E404096E87254931AF2BDEB95818417FEF71CFC8E1BE911A5FD129
SHA-512:	ADE0E4011DD2E0A50E5FB1C12AFCCA2675302664335EEC1EEDD2406AC5E18DF28CE34633F44E02072BD2A515A215C12EA3C887E4154412352F20991059FA0460
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\1103530543356374[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	266629
Entropy (8bit):	5.471965487394201
Encrypted:	false
SSDEEP:	6144:Rk1HgCSntDV/HaKKV/Ha8NEPjQHguH3HpQrwz8GWVr:CNE7n
MD5:	DF70C5F791A742648C05CAD414E668E2
SHA1:	514750C68DC29AC7AD7EE091223F7CCAA94DCA1F
SHA-256:	21FA34B7DEFBDA0B790AAEE965C82C15F343081ECFA27DC4DA3693ED03A260DA
SHA-512:	B709B8126ACC0E66F1408FF165EFA722CDAED734C40B45988B893164E7CFA8F44040D06998B944A11DB6B696F201AD293E7BF40702010135DB5984A58A78B531
Malicious:	false
Reputation:	low
IE Cache URL:	https://connect.facebook.net/signals/config/1103530543356374?v=2.9.41&r=stable
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4cHLDrMfJg[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 25868, version 1.1
Category:	downloaded
Size (bytes):	25868
Entropy (8bit):	7.979398434294925
Encrypted:	false
SSDEEP:	768:ua3ug8jn2xFz5URUZ7Vkz6NJg0wWKCDDHBerVm/s:/jw2HGCrqzWQQk
MD5:	4F81A2207A87257A96AABD523817DE7A
SHA1:	9EA68035239165E2CE94374E2C7E0D89C9444886
SHA-256:	8E8EE7373C2B509455661FE4B8F36C4062EA76B8181D3D8C6A283816FE404D1B
SHA-512:	56B843DB2FA8506184BFF2BE3CF2828A3C112A60664D63A1505480889357B43C407A50C8B8A620BF737217FBCF36785646C6FE46D576088BB99E478ED2612E6C
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4cHLDrMfJg.woff
Preview:	wOFF......e........(........................GDEF.......m.......PGPOS.......v..6\...GSUB...\|...B........OS/2.......R...`b..2STAT.......6...@..*cmap...L........Kd.lcvt .......g........fpgm...h...........Zgasp..&@............glyf..&H..7%..Y... .head..]p...6...6..._hhea..]....#...$...1hmtx..]....w.....2.Ploca..`D..........wzmaxp..bH... ... ....name..bh...:....GSh.post..c........ ...2prep..c....M....i..[x.=........y-.$!....@R@.@.D...H..>../d.hh......_.Y.U.]..'..bTbl".%f%..bYbUb]bSbk'...X..,...V.^.Q..%.........@...x.L...$A...?.mt.m.6.g.m.m.m37../..........+..I..mao.k{.!...._.6.:....?..j...{!...3.Qr;%.IiEYu.P.Py2.l....t<Ec.....o.n.'.....z....I...n.>......n....u....m.k.....t...R.R..\..w5-.]'-scY.,.y......j+k.n_....,.......k..d.p...=^OAOk._oi.@..W.......1......T.4....g.C......O#.#..\|....B.h..Gv..P_8(.....E.N1,..o..S.RX!A..........b!...X..X.U...l........l2v.)....l)..e........o......@j(...4}F#..^./.D?...\|7.....C..w...oXJ...N`...U...N....G\.xF......t.o.>..[1H...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrMfJg[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 26460, version 1.1
Category:	downloaded
Size (bytes):	26460
Entropy (8bit):	7.982253681100391
Encrypted:	false
SSDEEP:	768:vKh49Iw5vD7l7xFzggo3QyO7mxi6lphp5sAnFn:PI49HYQjyxi6/hvsWFn
MD5:	D670722F12D0F4F7CFF58E0B861FA74A
SHA1:	F808AA6D978D92064FD544C6CAD915676190F920
SHA-256:	91872B0750181F1A8459EF2D64AB4E1DE42EF7EE59852D04388D618D31180109
SHA-512:	C387DA85A0786BF5B4A7CB91B6708C2EC9CD54F2598CBA4B5DE3308B805990DA135C2EEB2C8D90DEAB130530827A570C27A15F61B04D3BA0D69F3146CD657E4A
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4ejLDrMfJg.woff
Preview:	wOFF......g\................................GDEF.......m.......PGPOS.......C..6..A.GSUB...H...B........OS/2.......R...`b..2STAT.......6...@.5.)cmap............Kd.lcvt .......g........fpgm...4...........Zgasp..'.............glyf..'...8...Y..5._head.._....6...6..._hhea.._....#...$...1hmtx..`....x.......nloca..b...........z.maxp..d.... ... ....name..d....B....M~m.post..e........ ...2prep..f....M....i..[x.=........y-.$!....@R@.@.D...H..>../d.hh......_.Y.U.]..'..bTbl".%f%..bYbUb]bSbk'...X..,...V.^.Q..%.........@...x.T...$A...?...6.m.m.m.m.6..../.....#%.CT.h..06..5...tn.#...X..U..m!.e1O.!......Z....L.?.,-.H.....&r....p....r..:S.T.w..).,])},S.....+.*S........T7..c.~.E..xZ^[^.WwPwP.^{T.......zg...J.;k........&..LP.<..:.E.kkVk.7.z.6......~...P.~.K.{.W.j.\.f.N.y.S.w.I.....W..._._>NG.../p..?.......`.`.`.`.`.......P.P.p.......TA/.}1.=1...\|2....C..+0...(.%....1...D. ...'1...b\"Kp....1.`.^........0........h@y{....U.a...G..1...f.0....OX.`.;.u..6..n...2......~.E......z..;.;..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtaorCIPrc[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 25636, version 1.1
Category:	downloaded
Size (bytes):	25636
Entropy (8bit):	7.9803351377602585
Encrypted:	false
SSDEEP:	384:3p2yOgIAZEpduLHjnUGB5oFZ/RFBWiS3c89F/8xsbkAlq/6UtT92oDALQx5S1aq4:POgjmp8LLzaZFrSDc+QV19v8V1aL
MD5:	4C6E77BC3C2709329DF299B975C30A09
SHA1:	6CA86E4733B96B16E2CC589477D3F8CB512E8C4B
SHA-256:	A70A67A556DAC9D0F223A4C995D4A76C951FA51B962F6295CE5FE2E797AFABAE
SHA-512:	D0E8B8C9BF80027D0AE55B1164E741B9E46795087850595FDB0371EDA23149B3EF3FDF0868BCD60AF8F5484C84D44854D1DDC0DEA84D4A43231C33D507FFB802
Malicious:	false
Reputation:	moderate, very likely benign file
IE Cache URL:	https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtaorCIPrc.woff
Preview:	wOFF......d$................................GDEF.......m.......PGPOS..........7:....GSUB.......R.....s.qOS/2.......O...``Z.GSTAT...,...8...D...!cmap...d........MD..cvt .......N........fpgm...l...........Zgasp..&D............glyf..&L..6`..[...bhead..\....6...6.a..hhea..\.... ...$....hmtx..]....P...@..4'loca.._T......."5..Gmaxp..ah... ... ....name..a....A....HGi.post..b........ ...2prep..b....A....O(..x.=........y-.$!....@R@.@.D...H..>../d.hh......_.Y.U.]..'..bTbl".%f%..bYbUb]bSbk'...X..,...V.^.Q..%.........@...x.L..t$A.@.7.....m.`m.m.m..m.F...-.....LAte.W.Kt.~.;..Y..D........{g.!.%cZ.....E..,._.;=]ymC.o.o.I....c..NACu...QMax+....~C.....?..6....A........\|N/.s.+..Z9t`...).......<.y.#.`..........%..L.Z..Aj..7ry....i#{L..-.M.]).}MXq....M9M.M+M..6.j.].....2.2.2....f...-....]...v.S+.u.w.tWv..z.....6LX.....r.....V\Jf%.RXi..V&...E]..V/.%..u.z...`.....&3..L..B..zi"...$.....f/...afqL...i....B.K....6...=...7~....xN^q......g.......$.2X.g80R\|`.x.h... [....;..N.W.H..G...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\2fed3568f8[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	10916
Entropy (8bit):	5.183137519069737
Encrypted:	false
SSDEEP:	192:s2HN42S+9SZRvACpiIthFzoXnemF+shSGnZ+PPxQDqv7jh81Q5l8OcchIlzbCn:bRCfhFzevnEZ/h81Q5l8OsE
MD5:	27FBC0C0D642304A3F378FBD2E082F62
SHA1:	C5918A1D5EFAA162E3277B6940BC4BC0687E5235
SHA-256:	816C6C29BEAD86A38F884FDBAF69AC60E752E08746A474981668AD56E7823CDF
SHA-512:	B8E36FAAC515F8852E758AAC70E7A4E20584EFA67DD664F5E5104CCBEF820FEC93BC18AAAE062DD09DFB6EA9C3981A50D2C7A22F6EB68C9BC7FE93EAECE5523E
Malicious:	false
Reputation:	low
IE Cache URL:	https://kit.fontawesome.com/2fed3568f8.js?ver=1.0.0
Preview:	window.FontAwesomeKitConfig = {"asyncLoading":{"enabled":true},"autoA11y":{"enabled":true},"baseUrl":"https://ka-p.fontawesome.com","baseUrlKit":"https://kit.fontawesome.com","detectConflictsUntil":null,"iconUploads":{},"id":37285600,"license":"pro","method":"css","minify":{"enabled":true},"token":"2fed3568f8","uploadsUrl":"https://kit-uploads.fontawesome.com","v4FontFaceShim":{"enabled":false},"v4shim":{"enabled":false},"version":"5.15.3"};.!function(t){"function"==typeof define&&define.amd?define("kit-loader",t):t()}((function(){"use strict";function t(e){return(t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(e)}function e(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function n(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymb

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\JTUPjIg1_i6t8kCHKm459WxZBg_z_PZ2[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 23756, version 1.1
Category:	downloaded
Size (bytes):	23756
Entropy (8bit):	7.978941742494386
Encrypted:	false
SSDEEP:	384:l42CoLobcXpoW0GTJO8ynXJGM5sMPbiHl3pLvgOzmtkUecUpXWD4:l4xKobOohF8U0M5sMP+xpD7ykUezpmD4
MD5:	FE46CF8B9462C820457D3BF537E4057F
SHA1:	9C78135EB4E84EFEF49139B64EA2D5A6D3A5F484
SHA-256:	219D08EEBC3A38B9E3DBCF90C2076911312625602D2D7942F3D2A4E7A36D50B6
SHA-512:	8C3F0CC3C9F5AF8FAC7DDF85CA9B17A9B57758317FA821219D35044A4877273DAA37494ADCB39FA51CA13798753A03E11FBBBDDDB057B50AE301B6C5BE0AD49C
Malicious:	false
Reputation:	moderate, very likely benign file
IE Cache URL:	https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZBg_z_PZ2.woff
Preview:	wOFF......\........8........................GDEF.......G...X.f.^GPOS..........2..).GSUB.............,.OS/2.......N...`S..@cmap..............h.cvt .......b....-Q.ofpgm.......F...mM$.\|gasp...`............glyf...h..4...^vB..Rhead..SX...6...6.F]khhea..S....#...$....hmtx..S....L...>....loca..V........(.o".maxp..X.... ... .a.fname..X<.......T5%Pepost..Y8........D.-.prep..\..........K..x.%....P......@:D...$.. ]!....h.....2/.$.....D.^.F..ua.].N....%>.....x...p[...+Kvt.$......,333333.-..,...3.0.3.9o.Z.a.y..<.M...:..T........4.n..W&.r>.od..?.....~?.}.....r;E.).R.Le..\|.w...R...D...kNw0...l.a...P....2c4@...I=.....R.....E...Z.n..$>.m@].....u...Q....P.#Tu..U..1....e.(%..H...Qm.o.=j...7#....nq>.....P......-0.....u2......8BAMp.V7ZP.B.Q..Z..Z+DN..1..49.EV..;...4G9k..b..l.lc+2~._g?evQe.{]...>.w..c..0G...;.d.,Ra7.-F ..Q..2...!..0*.,I.0....@....{...P.=.P\|..GLs.P.#...e.L.L....u.~.\|.L.Z.B.R.o..[....c.....A.,5 .)0.]y...@.U..Z@M......6.B.a...<5.JZ}&AZ#.Ch..v.z,..&R.......!..H(.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\JTUPjIg1_i6t8kCHKm459WxZYgzz_PZ2[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 23744, version 1.1
Category:	downloaded
Size (bytes):	23744
Entropy (8bit):	7.978176631397249
Encrypted:	false
SSDEEP:	384:yjzvJqgI7qBtvcyn4GTJO8U7QKwIbAHJTY+YUCXyrrQIRJuAmsvTTcxvWD4:yjzBqFW3cyn4F8QwjJl0gRP0xOD4
MD5:	3FE16939288856E8E828FA2661BF2354
SHA1:	38862D707B124D6CDC39825FD721ACA3888D76F2
SHA-256:	C65FB5E86DE426F12116089347F59809E92598936E37B1AB16587C4015E24184
SHA-512:	40762351F80C9E48D68FAD4C483A39080800CF66EAA78FF6C19380D8C7A14A1AA6D052FE3F7BEBD6C8414D10C6E167B3E4048965D92095A4D9AA1743C03FFFC3
Malicious:	false
Reputation:	moderate, very likely benign file
IE Cache URL:	https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZYgzz_PZ2.woff
Preview:	wOFF......\.................................GDEF.......G...X.f.^GPOS.......w..2..g.^GSUB...@.........,.OS/2.......Q...`S7.Gcmap...X..........h.cvt .......b.....7.Efpgm.......F...mM$.\|gasp................glyf......4...\....Fhead..SX...6...6.U]shhea..S....#...$...+hmtx..S....H...>....loca..U........(...=maxp..X.... ... .a.ename..X8.......,0.L.post..Y,........D.-.prep..\..........K..x.%....P......@:D...$.. ]!....h.....2/.$.....D.^.F..ua.].N....%>.....x...p#I....$.j.H..X..xy..........!...~ffXf..ofgw..:.k:K..{."..CVxv..{.U.Y.U.U]M..\|)?H........<.~.G~...."...r..uz(..O../R...v".w..~...v.o.'y'EH.J...:...jC.:...H..YM..H:c.=..F...I...@m..'..-e6..6Mq.P..T.!...;.....9F1.?.........u.GMsFs$..R5.)..Q....e..B.KD.L....f?...J....z5...T+RP..V...Rb.5..KxN.......fy.y<.<a&L..\0..E.7K.G..?./...N......&....v.E..^......E*..p....#....2.h. .JGN.0@ .5@...h{.........H....P...:..$......u..Y...t...#....j...y?..0d....<.....,..D.i6A./.~.b.r].....H.D.......@.M....O$.. ....%..e.)..E...u..i

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\JTURjIg1_i6t8kCHKm45_bZF3gnD-A[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 23628, version 1.1
Category:	downloaded
Size (bytes):	23628
Entropy (8bit):	7.97652223541331
Encrypted:	false
SSDEEP:	384:aWXmwssTJH1/G6rbr24Jln5GTJO8XWSN2OyyW/nGGxnslEYe3cB68HOeHS9AVqmT:aW2wdx1/HPCQln5F8XL2frP5pMB68H/N
MD5:	7C839D15A6F54E7025BA8C0C4B333E8F
SHA1:	09FC9F1CA6B859952A3641EDBFB1424E1C873F5D
SHA-256:	46226ABFCDE5DB2598FED8FD0DE77AF9B96C8242DC0E72242971F0BBCF566A38
SHA-512:	239EDDCB1FE723077F1FDC76B265A3D5E6F946F5258C968B15AB99CDD817D0D67D85248DA13820D9EBF0EA256F1E29ADB975894707E1901BCBDB0C2908ABC8C2
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD-A.woff
Preview:	wOFF......\L................................GDEF.......G...X.g.^GPOS..........2....!GSUB.............,.OS/2...\|...M...`Ti.mcmap..............h.cvt .......d....2...fpgm.......F...mM$.\|gasp...<............glyf...D..4..._.F.1.head..S....6...6.Z..hhea..S@... ...$....hmtx..S`...$...>...loca..U....!...(N.e.maxp..W.... ... .h.Wname..W.........+.FOpost..X.........D.z.prep..[..........K..x.%....P......@:D...$.. ]!....h.....2/.$.....D.^.F..ua.].N....%>./...x...p.I....RK..Z-...m.-.= .a.........1.0..n.........-h....C!.......Wm.F3....J~/..\|........._]F....Y.x.._......s.w!.S...'..9d...(...5.).O.z.>...OQ..7J'....>...J.:..K$a6. .._P.lXP."....6....Ie.sY5.n.t'".C..-..5.2...4.}..H.P....w.......OX.....)8....7?..H..I.@\|.....R.'..#R.:....{C}....V.%.i...v.L9K..C......N".r.P.../..7.UN..'..0...-.Q..M..o.6......-.&l..B.w..x.....e>....CB....&........&..P.S....3..Y...Q>/..e...B.+..\|.o0..I.#L.]a...../................&..gLz....J...g!.,$..4#...2L..>.P...gF.67.@.}...IX.&....?Vi....ORR

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\JTURjIg1_i6t8kCHKm45_c5H3gnD-A[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 23872, version 1.1
Category:	downloaded
Size (bytes):	23872
Entropy (8bit):	7.9789410515218915
Encrypted:	false
SSDEEP:	384:WCPZ9khezoAK1PfDV/cGTJO8gpFu2KobVfXpH2h1AdWJ8OjcmB2SrOFbYvaUP5KR:WCPUwzj0jV/cF8CFubobVf5WEdCjvBFw
MD5:	9A9BEFCF50D64F9D2D19D8B1D1984ADD
SHA1:	1DAD9D9EFE7BC0B3BA089BE10B8F9741A02312A3
SHA-256:	2849C719C361F2EC1A04BF5B262BCBEDD3DF46BF35F5B4CAE8F75EA0AC500111
SHA-512:	5EC89892CC2453CBC6B9F64C3A261491B3EFF35EA65586B65200D8F3FFB31A727A4F7592D4BD86519EED54FDA35D6A79799300CB2537E5602D5D5AC908C56391
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD-A.woff
Preview:	wOFF......]@.......l........................GDEF.......G...X.g.^GPOS..........2..=.GSUB.............,.OS/2.......O...`U6..cmap..............h.cvt .......e....56..fpgm.......F...mM$.\|gasp...D............glyf...L..4...aZ-...head..S....6...6.t..hhea..T0... ...$....hmtx..TP...%...><..Eloca..Vx.......(y...maxp..X.... ... .[.Mname..X.........+.G.post..Y.........D.z.prep..\..........K..x.%....P......@:D...$.. ]!....h.....2/.$.....D.^.F..ua.].N....%>./...x...p#.......c....L..33333333. .....y...T.u.Og.Y0t..rMY.s.......c. ..<......'Rz..^.J._..7..[..0#.R_.>!.W........B.l.yRmD.B.P..ap.Y.v.S....bC6m.m..YBd....m..6..W.@..Q....C..Uq.2.;.HH..N..@.]D...Pb...... .. ..[o'...{..x.&uf.W.$@...U`.b.!..........W.=i.....T......0.3V...)Q.S.`..{?....u\.0.....&$.."`X.9&2. .L..."........z>(.\|H...........V>.z....G"....v~....S.."....Q.L..Y...9.".,.../.Xd.Td.\t.....[..W..'../Z8 .9(Z8$.....2....T...c....0)b..iL...,P.. ..0.Y...6.eZ....Ln..l;.D.BhU..k.O...... .by1..*.F.g..M.]...M...!.n.-.;.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\JTURjIg1_i6t8kCHKm45_dJE3gnD-A[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 23836, version 1.1
Category:	downloaded
Size (bytes):	23836
Entropy (8bit):	7.979463633723131
Encrypted:	false
SSDEEP:	384:1JCJnpTwnH5O+5hR1GTJO8Ir7BxLJMmel49Ryt+3qiixubNtKBG2DWmkahwV:1w56nZO+5hbF8I5xLJ649MabNCpDkCwV
MD5:	80F10BD382F0DF1CD650FEC59F3C9394
SHA1:	46F6D60D4AC25FC1AA385513C42A58D89BAB45BA
SHA-256:	2A5AFDAC758F2E6A3FD3709719001951708D9F27E7E55ADF9C33B69814A4CD50
SHA-512:	0597EDDF1926C95D792772D3797646AA1E6A294BF023B179CDA1396690AB8B7EAB5394FC896D49A77C161B59D45AB69C53269D869EF40AE83812AC03AA6593B2
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD-A.woff
Preview:	wOFF......].................................GDEF.......G...X.g.^GPOS..........2....GSUB.............,.OS/2...l...O...`T.Ycmap..............h.cvt .......e....3..=fpgm.......F...mM$.\|gasp...0............glyf...8..4..._...qhead..S....6...6.i..hhea..T.... ...$....hmtx..T8...&...>37.hloca..V`.......(Wjn.maxp..X.... ... .[.Mname..X.........SE.post..Y.........D.z.prep..\`.........K..x.%....P......@:D...$.. ]!....h.....2/.$.....D.^.F..ua.].N....%>./...x...p.I.E_..z.-....4f........!.0..i.ye...5..l+.j.n..p.f.y.....UuK.6....^B.Q.y.(....x.....w...D.f>+.E...{.....S[ ...g...Q...v.ap.......&....Q.T..[...v.]o.v....P......? K..l.\|.HD........e.Q....Yl.i...D, ........n.OR.\|.[....p+.PF}....D@D3.{.....l..'Mv.bE.L.....E.0.......HI.....~P+R.....Np.s..KH.."...9!r...=..^..U\|B..b....\|Z...(.Y1...\|^.......,~.B~./).+..k~C...1..<..:...\"....h.r.q.....kE..E....:.N....nQ....^..>.H.hb....!.S.(..1.'D-gD.Y..#f.+j.d.. .......AtW.whb..`...M..Rb..Fo......:..*.['y.y._.n...w....m...P..EV..I6..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\couns-for-pawn[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, baseline, precision 8, 2000x80, frames 3
Category:	downloaded
Size (bytes):	10071
Entropy (8bit):	7.78739542298131
Encrypted:	false
SSDEEP:	192:q2BOM76wprCMdbNYVpNiOclQhyY+ak6qrSmR0OEXHbBERSkyBbT:BkBMmVziOclXJx6qGA0bbBEXy9T
MD5:	375840829A366264A5458DB25E0D1B14
SHA1:	FEE85AA25C1F19236599A8065057819C3FD71283
SHA-256:	CB88B29DCA7A11743CDD5B0AC11A4B01E98CC0F180C3593D715F852B729A3717
SHA-512:	F21A8917710033C9CF02159FD5DD2CAB61575C27BB35274AD791B41DAAFE574FFB500A757E65C6C6D3E7BC492B526F1BE99803A813F8A10E472D769E7D3D03CE
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-content/themes/Premier%20Pawn/images/couns-for-pawn.jpg
Preview:	..................................................$$''$$53335;;;;;;;;;;.............................%......% #...# ((%%((22022;;;;;;;;;;.....}....Adobe.d...........P...."...............................................................................4W.........!1.A.Qa"2q....3B................#$%&'()456789:CDEFGHIJRSTUVWXYZbcdr...efghijstuvwxyz.................................................................................^C............................!"#$%&'()123456789:ABCDEFGHIJQRSTUVWXYZabcdefghijqrstuvwxyz.............................................................................................?...O.H....)Ih'D.Z.HFj.<(6.... eD.)]A!..@.%c.bI+....J.'%..Z!....!.P.S..aJ.z......m.\%.r.t..P...(&!.(...>.@..HE.X..#u)L+.HP.P6.55+B.B.Q..8...T..1D.EJ..... F<...a.$'...O6.1....(a...ug5.I..l.k.@.a.H...f......2R..t.7$.&.4A.(....$...(.1.k$.....@.....t.YJ..Y...b.0V...Ed...E.I........h..zBJCR..-...q....%.........)(@.i...1..B(B..J.+..(JJ..i...;J.,7JD.U.h...D.....~J..F...kEf...b.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\css[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	8357
Entropy (8bit):	5.335965296273562
Encrypted:	false
SSDEEP:	192:ROJNG3pNAKn0OGNvEwXkrKCbxkRTQVFhtY3plAwnpO6NLEar6CdxZkCkDM93r:T3vp0nVbUOaC3nXpH15us3
MD5:	52D71519BE4A0D87393EC56E0F738A1E
SHA1:	610D66ED4FF44B7D38AEECD32B63B67DF621396A
SHA-256:	2748C852647A803F888F0C4269B9C82D2ACB094F9DE7CD82E2D0FCFDEF91DD0D
SHA-512:	6A703DE623265B07E4614A9D08F0D6F02AE043F49043FCCBE446694EE0BBFD7A5628E6FC2C1AC4480BEACCD4EF75071CA7684B306BEAF1682C0930B7FCB865C8
Malicious:	false
Preview:	@font-face {. font-family: 'Dancing Script';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup6.woff) format('woff');.}.@font-face {. font-family: 'Dancing Script';. font-style: normal;. font-weight: 500;. font-display: swap;. src: url(https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BAyo3Sup6.woff) format('woff');.}.@font-face {. font-family: 'Dancing Script';. font-style: normal;. font-weight: 600;. font-display: swap;. src: url(https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7B7y03Sup6.woff) format('woff');.}.@font-face {. font-family: 'Dancing Script';. font-style: normal;. font-weight: 700;. font-display: swap;. src: url(https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7B1i03Sup6.woff) format('woff');.}.@font-face {. font-family: 'Montserrat'

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\fbevents[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	95938
Entropy (8bit):	5.395518863260212
Encrypted:	false
SSDEEP:	1536:3M+OWtI6ay9Ies1zKqQqfUThe7Kdv0a9sIOs1jaV7vu5Om20C+QNSMngySZYSlIa:3zNpkjSVnYDGeI
MD5:	77C8560C3939C247C67163EA47D82335
SHA1:	C357F9819231EF39033CB16B05FC8F4983E20DBD
SHA-256:	412979F99062018CC1B3BA7CC84A0C6D03F86F1C1F07F1EE90FA0402BA2D93ED
SHA-512:	78E5A91B2B74315E04CBCD8726A15E47F97021DE366DB47D8B8789A8A33588C1F1E154522B9EC3176319E1760C80F62BCC81E06CA7744FCFD1C7031BFBB60E6C
Malicious:	false
IE Cache URL:	https://connect.facebook.net/en_US/fbevents.js
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\happy-young-couple-shopping-for-jewellery[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, baseline, precision 8, 2000x680, frames 3
Category:	downloaded
Size (bytes):	38605
Entropy (8bit):	7.730815518964237
Encrypted:	false
SSDEEP:	768:STcBycZBoLoe3/HYanTxP7LJ6N6Bx9s5kXi121ibjYGcLZyaQ:SYBycZBoLoe3/HNxLJ6U/9sKXiwQHYGH
MD5:	042A2CAE62851F19183502865F8E299C
SHA1:	40F6EFCDF8B440F39F1A6E8DAC4A7029CD6293EF
SHA-256:	5E438C85FAD3F0CE277B7517C6B2E6964D86D870A8D4CF8171F01CF84489EE11
SHA-512:	911DA0B9136717FA75D46C9409FACEE31508443FD7928C834981AD6B1DC3F04A31D290D0B37656AC2E773AA88EADB9B6FD335904C5B157036DFFD4077A2DA1DA
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-content/themes/Premier%20Pawn/images/happy-young-couple-shopping-for-jewellery.jpg
Preview:	........................................................#"""#''''''''''..................................................!! !!''''''''''.....}....Adobe.d................"..................................................................................}........!1..AQ"2aq..B....3Rr.....#$4Cb............%&'()56789:DEFGHIJSTUVWXYZcdefghijstuvwxyz................................................................................^C............................!"#$%&'()123456789:ABCDEFGHIJQRSTUVWXYZabcdefghijqrstuvwxyz.............................................................................................?...U6....Qj<sQ,...K.../\...f..U...I..j...b2.x.gAU.Ur^.~......<w.6=".*.otr.......V=.q.N..#.e.y3r.G..5XU....b..v=.;.V>.m.{.YR."&...... 8p..B..(h....t.XT..-.Un<.J.......e$...p{..qO..&........2....@............... .................`.................... ......:...r..NLm.........F.................@d......=...-.............FT..... ................0.....@..0.....@..0.....@.z........F

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery-ui.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	228077
Entropy (8bit):	5.152286977514727
Encrypted:	false
SSDEEP:	3072:YRpEx1fKB5u3gK61NOBbiQaf8dH8DDyttsKvae/HXPK:MCNUIgMIfMsKCe/HXPK
MD5:	FD255415839568E52A48DA5DE5AF244C
SHA1:	ABD6F85A04584792D77E4791C441FF49E9E28C0D
SHA-256:	9671F8BE70AD94A5362E60F4656D5D53BA214D32AB70A3F9D1603D7DADF9D1C1
SHA-512:	75E0B154D1D8BABB02B0AAC7BA136C6FB2C3F0115CD3A5EB258064E32A8B7F9254F44A663010C0E3C694300F231B981D0CEE34AC73260D332C65430289A7A860
Malicious:	false
IE Cache URL:	https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js?ver=1.10.3
Preview:	/! jQuery UI - v1.10.3 - 2013-05-03. http://jqueryui.com.* Includes: jquery.ui.core.js, jquery.ui.widget.js, jquery.ui.mouse.js, jquery.ui.draggable.js, jquery.ui.droppable.js, jquery.ui.resizable.js, jquery.ui.selectable.js, jquery.ui.sortable.js, jquery.ui.effect.js, jquery.ui.accordion.js, jquery.ui.autocomplete.js, jquery.ui.button.js, jquery.ui.datepicker.js, jquery.ui.dialog.js, jquery.ui.effect-blind.js, jquery.ui.effect-bounce.js, jquery.ui.effect-clip.js, jquery.ui.effect-drop.js, jquery.ui.effect-explode.js, jquery.ui.effect-fade.js, jquery.ui.effect-fold.js, jquery.ui.effect-highlight.js, jquery.ui.effect-pulsate.js, jquery.ui.effect-scale.js, jquery.ui.effect-shake.js, jquery.ui.effect-slide.js, jquery.ui.effect-transfer.js, jquery.ui.menu.js, jquery.ui.position.js, jquery.ui.progressbar.js, jquery.ui.slider.js, jquery.ui.spinner.js, jquery.ui.tabs.js, jquery.ui.tooltip.js.* Copyright 2013 jQuery Foundation and other contributors; Licensed MIT */.(function(t,e){function i

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\premier-sign[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 688x525, frames 3
Category:	downloaded
Size (bytes):	33388
Entropy (8bit):	7.956360133422419
Encrypted:	false
SSDEEP:	768:KVXbk9vh1oorJl2rk+gJb6ncGZiWZYB3m4U/V0C:EQ0UDbr16cQi31U/Vr
MD5:	45E3B729A9123FFB3C8ED6CF1A3771C0
SHA1:	893DC35118CB0FC7A5613CA6B1E594E231E93557
SHA-256:	009F406349DA02FE0EBF1F34B612201DE94A46BA61BDD1FCC0A6D5F531290C79
SHA-512:	304157530CCCAA5CFCA7A9367B1E20E3C222270BE7C4C3CA969785323C9703D105D168CCACD7F68938D6308D90A699356D65AD4FA0AEA5A7256765A0CFE4920F
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-content/themes/Premier%20Pawn/images/premier-sign.jpg
Preview:	......JFIF.............C....................................!$..( ..%2%(,-/0/.#484.7./....C.................................................................................................................................................................^.....@.O...L.....@....`.A@...........C.P.b..P8...0.....@. .P.T..h........<Vqa..... ......@.P8(.)@...I(.`.Hp.`.0...`..!.... .Q..@.i...uG,...P<d....O.d..@0A@....b.t...(. ....C......0..).....(....{5i..0.0@...OV5....7.bP.4.;.........AD...H..CG.b.......8... .. ..V....G..TP@K\2GQ.O..'....T..\Z..J..:... ...Z......d...........U...(......4.j....h..~5...]p.....\|s'..W.I@B.$...(...b."Q..`...Hc.....D..`.).........U..Y.9f....r.;.m.tY.k..0Q/>a.......@.......................T............<.:>.T2...~]<,.i.........>.Y<=..}M3.h..N'@). ..........4..... .....`.@.....!..g...W}^.....s.y.S...&..1Q-3'.o....}.y........r.......0...@..H......B.....".h...`..%.k..o..Y..K.K..~3......\.z{P.......6zZ%...c........(. ....@1+.. ..0..d.L......@

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-brands-400-5.0.2[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	3638
Entropy (8bit):	4.868364012848167
Encrypted:	false
SSDEEP:	96:WD9BD9aD9lNRPGOTzq3SfDvx/tX0WaD9eD96wD9ecD9yD9MxDlIrFOD9EwD9fD96:W/w3PTTGCDa00w0c08PWw9WB
MD5:	4914F9FB8E821D98D0E9DB39047D2E4B
SHA1:	58B10B9F7CBED023BF47B3797E4A2C26F2CCBFE8
SHA-256:	B378956CD9B787F07BA62C3E8F227E07F171466A76CF31E4580B35BD5F46280F
SHA-512:	719EFBCB86340D2B1C60DDB8B1A7FCB6DEF083E83495673DFB3C8BD87F0748C7F75A2EB4F8C836DF31901E2720C8892C8A5B67567108E24C182814C576DB1B33
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.0.2.eot?
Preview:	6.................................LP...........................9..................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._n........GDEF.*..........OS/2E.QT...X...`cmap...........Bgasp............glyf.; ...$....head...........6hhea...........$hmtx............loca............maxp.P.<...8... name............postAV.....t...L.....K..9..._.<..........v\|D.....v\|U.....@.........................@.....@.........................9.................@.................L.f...G.L.f....................................PfEd...-./.........T.........:..... ...............@...@.........................<........... .........../.....-....................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-brands-400-5.11.2[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	2990
Entropy (8bit):	4.319401218916416
Encrypted:	false
SSDEEP:	48:XWD9WGD90lD9rdaC9FU9HInyDmO0uTaD9W7D96wD9ecD9yD90ZxDlIrB5FPmD9Eb:GD9BD9aD9rdaCPU9oomO0WaD9eD96wDG
MD5:	1DE106D8B6DAC315545D22440CE6E7A2
SHA1:	7235BBB54B5E9472366CAA0BFA873748AF6467C4
SHA-256:	B16D2EDE160CF47BD1D5F40CDA3817B97EE61C16F7B49AFEDC0629A493FDA530
SHA-512:	EED39D96B47CE6DB8EFBA26241E333024D0675B3D07C9ACC2F0A8D22AE5279DEFB24EBE35511FC3CEBF9D24A5CB5D482340EA19777D88CE7B578DF0A59E51A34
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.11.2.eot?
Preview:	....\|.............................LP..........................0c..................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._v...`....GDEF.*.....@....OS/2EKQ#...X...`cmap...h.......Bgasp.......8....glyfF.#n.......dhead.V.........6hhea...........$hmtx............loca............maxp.O.....8... name.......\|....post..h........2.....K..c0.._.<..........v\|D.....v\|].................................................................................@.................L.f...G.L.f....................................PfEd.............T.........:..... .....................................<........... ...................F........................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-brands-400-5.14.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	6798
Entropy (8bit):	5.791244135487846
Encrypted:	false
SSDEEP:	192:V/wsuf4OuisLH/XdCEsZz3RWa00w0c08PWw9W9:bugw6QEszVH
MD5:	B7235D59FA6FCDE8274C16AAB37AE370
SHA1:	7B3ADE17821375FDE6F3576907CE0890ED16898C
SHA-256:	C91659BDC9B6DC75371C77B46EF384C57A85B1A8E2192E41F1FBE27E092983A2
SHA-512:	37B81D00BDA889BE9690B89FE704434A1069C555EE13B93D9DE946040796F51875838A10BA73A707D43DDD1F31848FBD6BEFB2B8DBA4898456F76EDDE2715829
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.14.0.eot?
Preview:	....\.............................LP..........................._..................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._x...@....GDEF.*..... ....OS/21.O....X...`cmap.Mw~........gasp............glyf.#Q1........head..........6hhea.A.T.......$hmtx"j.x.......Lloca.D.........(maxp._.....8... name............postM.....,.........K.._..._.<..........v\|D.....v\|_.................................................................................@.................L.f...G.L.f....................................PfEd.....b.........T.........:..... ...................@. .........@...................@.......................@.....................\|...........`...................I.R.W.\|.b.............I.R.U.w.b................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-brands-400-5.15.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	2918
Entropy (8bit):	4.308873620572712
Encrypted:	false
SSDEEP:	48:nbYD9WGD90lD9laM506NU8+Wkw/Q0uTaD9W7D96wD9ecD9yD90ZxDlIrB5FPmD9+:bYD9BD9aD9laM5ZNl+fwo0WaD9eD96wc
MD5:	6CA5F92EF253DBA1A09B1DF043779F33
SHA1:	099A257F37BD23844E31CD94634DFF60FFB13AF4
SHA-256:	AB767C2DFE3B2A04CA2618ECDAAF241A6CC520A369FA8B47D3DFF05D4261186C
SHA-512:	1080C30B806BD0999237ECD07E31B0BDF0DDA888F7D67A30E083CD05E833F9A216F4FDD8A7CF04DE31B1C6F219DE4B1E5528EE39DE8609D14EF3E1798AC9DCC5
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.15.1.eot?
Preview:	f...4.............................LP........................A....................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._x........GDEF...........OS/2DgP?...X...`cmap...........Bgasp............glyf.3.L........head.V.........6hhea...........$hmtx............loca............maxp.H.f...8... name.......4....post..l........2.....K...A_.<..........v\|D.....v\|_...............................................................c.................@.................L.f...G.L.f....................................PfEd...............T.........:..... .....................................<........... .............................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-brands-400-5.7.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	9146
Entropy (8bit):	5.939876492950629
Encrypted:	false
SSDEEP:	192:2/wWLQoQHGmxVu27ni9OrKrYcuBuN2LkY302829xK9a00w0c08PWw9WWf:MSnv7i9/YrBCbYE217U
MD5:	A3EEF7941E2FCDE928A86E08051D8CC5
SHA1:	041FC5DE901502FA4054047279C7377A1E17C9B5
SHA-256:	AD67408E62085A833708955153FD5ECD2F01C96178C34CC772DD3E142AE697A5
SHA-512:	1986ECFDD2364809EF9C6302B7951DE1D5D731989EE47B74C0A8D40DE830AA1C86B5D55CA1FEE24DC83D44B121E7D6A49367B14871B977C407F6247D06FC239C
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.7.0.eot?
Preview:	.#..."............................LP.............................................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._s.."l....GDEF.*...."L....OS/2C&S....X...`cmap..e........gasp......"D....glyf..E:........head..........6hhea.?.S.......$hmtx"l.........Hloca8:3@.......&maxp.{.....8... name............post..I...!d.........K......_.<..........v\|D.....v\|Z.................................................................'...............@.................L.f...G.L.f....................................PfEd..............T.........:..... .......................@...@.......@...................@..................................................... . ............<.......'..................<.......'.........k._.].......s.`.z.o......................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.0.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	67650
Entropy (8bit):	6.375585296836121
Encrypted:	false
SSDEEP:	1536:s6AZiBx3T8/w6Tdj0p8c7LtYV0QgnUZYheqiGoGlUvg+D5u451+sZe+ygiyHJ5Gi:s6AZwx3I/w6Tdj0p8cPtYCQgnUZ/q1o1
MD5:	B0BB78CD35AF10BD568B06D7E18DF158
SHA1:	3DA8D2A520A05DFA838FCCC70F0D658BC7F039AA
SHA-256:	9C431284559FF5F9B6B8F43252BFC8E8DDD60835481A31CC6F04A900B2E6462E
SHA-512:	06A6BCE147144C5B41C413AB345A8A65CA3AF2087A293033DC9807807176655C51044D285AE558F237D967A2BFCC809C7B161527F06EEE2ACD3F2143E8A49C23
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.0.0.eot?
Preview:	B...(.......................,.....LP........................,LI...................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._m........GDEF.*.G........OS/2A,OK...X...`cmap..!.........gasp............glyf............head..........6hhea.=.~.......$hmtxA../........loca5Rl ........maxp...q...8... name~%Gs........post(..A.............K..IL,_.<..........v\|D.....v\|T.......................................................=.....A.n.................@...........,.....L.f...G.L.f....................................PfEd...............T.........:..... ...................................................@...........................................@...............................................................................@.......................................@...@...............@...........................@................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.0.5[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	7054
Entropy (8bit):	6.012888140281248
Encrypted:	false
SSDEEP:	192:pk+TYOQkq7XHoeQlkhjGjL0ZTJG8hrTbB:z9PGoeagHZ
MD5:	64F2FD6E63D1EA7B4BEB4BA30BAD9142
SHA1:	5753C9BBAD729C7A8015F881CB6DA5AAE8CF1B59
SHA-256:	6A4FC89C21D5514022A960E01CAAF56106F7950D5D3F1721C29D0CA715B4DB52
SHA-512:	A44EC234763E71FE1B6377E075E0B00D936FFF431B8C2058D31F72D2D2598D2509DC51934469D0134599C2C0E973FAEDE7334468E1125BB5336A245650915FA6
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.0.5.eot?
Preview:	....t.......................,.....LP........................Nnq...................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._o...X....GDEF......8....OS/2C.O....X...`cmap.N.:........gasp.......0....glyf...........Xhead..........6hhea.L.T.......$hmtx%..........Nloca)d$........maxp.b.....8... name~%Gs........postN.j ...0.........K...qnN_.<..........v\|D.....v\|V.................................................................................@...........,.....L.f...G.L.f....................................PfEd.....].........T.........:..... ........................................................... .....................................................h.............2.8.L.Q.S.U.X.[.].......2.7.I.O.S.U.X.Z.]... ............................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.0.9[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	22334
Entropy (8bit):	6.311880240004119
Encrypted:	false
SSDEEP:	384:GVfH0/8TLXMF05u5tSf7qZNWihwCEOzRpHB7fVzNR+JV:GVfU/2LcF05uGfQckEOznHpfVhuV
MD5:	3CECACE8B6A7BAB94F598A365824E3C8
SHA1:	CCF1763A6131A7A7102D1ED55A05D807D58FDC35
SHA-256:	349058461465D4C117A54F5B5B5B7D8F3FDBD957D764CF44758A60430C530D75
SHA-512:	5800820CF4CF96B631A249C0CB2625FAA4E879E8CF5BE1BAE965178E5A1CE6843F2923FBECC1E1C50DF12D7FA28E669537F5BA31488B5F29E32FF055257216F3
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.0.9.eot?
Preview:	>W..$V......................,.....LP........................?....................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._q..V.....GDEF.*.T..U.....OS/2AgPg...X...`cmapw.o.........gasp......U.....glyfibK.......F.head..........6hhea.>.........$hmtx...........8loca............maxp.......8... name~%Gs..L`....postq<.j..Qx...e.....K....?_.<..........v\|D.....v\|X.......................................................N.....N...................@...........,.....L.f...G.L.f....................................PfEd...=...........T.........:..... ...............@...@...@...................................@...................................................................................................................@............... .......@...@...@...........................@............................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.10.2[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	41086
Entropy (8bit):	6.318353502540318
Encrypted:	false
SSDEEP:	768:a+sTn11cLZ7tW9RdUBE73cB1ObtN+vlVZO0qsx86K81swZ//3GHoSQRnR0JW/OC3:wTn12LZ7t2UBE73cB1O+vlVusx8t81sE
MD5:	227AAD54E271D72D978F50C3381902B0
SHA1:	26A4F77BBF626097B4BF8A4EE3FB4A92D27FD041
SHA-256:	4C75BA39F2AD451588677DA5EA48E211FEDCBC60066FCF4DD0D29E4E2D59350E
SHA-512:	D9207E014A05375B49E0E25E95F8F33FA6B6C44465ADCC687912F1B9F5EF3D31AF2BB4447FF76011EA801D988D139846AC421BC4E4593A42C7936DD8D769693C
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.10.2.eot?
Preview:	~...d.......................,.....LP..............................................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._....H....GDEF.*.....(....OS/2A.S....X...`cmap.(....H...:gasp....... ....glyf.u.K.......$head..........6hhea.A.........$hmtx0%.~........loca...6.......Jmaxp.......8... name~%Gs........post.~v..............K....._.<..........v\|D.....v\|h.................................................................................@...........,.....L.f...G.L.f....................................PfEd...............T.........:..... ...................@................. .@...@...................................................@...@...@...........................................@......................................................................... ..........................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.11.2[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	3334
Entropy (8bit):	4.781050283205641
Encrypted:	false
SSDEEP:	96:GD9WD9MD9lX4ph+xiRpHSPPpRKKPrD9eD9HD9NJD9QD9MxDloFOD9RD9ZD9p:Gk+/ophf2Rj0ZTJG8hrTn
MD5:	253F8774A141B3A2DA9F4CDC175E4F54
SHA1:	D7F9CCB8C65F60524C27045B4A6CD44DAF19BFE0
SHA-256:	385DCBD03F4026D7891ADB9AE0AD79F86EEBCA743FC0BC171D6F3D25029C5346
SHA-512:	63341E2F98B6B53BFD8BBBE925EF8DAA8C475453D8324912935BA2678617E5BE287601EFAB3C637AA7ED46F84A1554D1420735B56B9C52358593D89440BF70F0
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.11.2.eot?
Preview:	............................,.....LP.............................................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._.........GDEF.*..........OS/2E.T....X...`cmap...O.......Rgasp............glyf.......4....head..........6hhea.>.G.......$hmtx............loca.,.8...$....maxp.R.....8... name~%Gs...<....post.......T...R.....K......_.<..........v\|D.....v\|k.................................................................................@.........j.,.....L.f...G.L.f....................................PfEd..............T.........:..... ...................@.........................L...........0...........................{.M..............................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.12.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	3638
Entropy (8bit):	4.9518086145135785
Encrypted:	false
SSDEEP:	96:x0D9WD9MD9N6Gv5pxdV0sozKPrD9eD9HD9NJD9QD9MxDloFOD9RD9ZD9sD8:x0k+f6Gv5rz0ZTJG8hrTmD8
MD5:	D2946F95E5AC972C3E2699500CCE310A
SHA1:	38BA218427480D97AFDB9C93F0A4648AB5C8D1AF
SHA-256:	D2CBB0B5DE2A3EEE3D1366D27E7D6979C6033D4C0D48D96EB7CA62CA9700A610
SHA-512:	4AC397E5E75E0DFC2DF3C12928E9589B7966FFD70C1C0C7B1FC8AC43FBB073B3ECFE5F9B919D442E11D079217CEADE142EAEADACD9491CCFCA123AF81C196649
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.12.1.eot?
Preview:	6...........................,.....LP..........................R...................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._.........GDEF.*..........OS/2AAQ....X...`cmap.i.........Zgasp............glyfj}$....L....head.V.........6hhea...........$hmtx...........$loca.......8....maxp.O.R...8... name~%Gs...P....post..\|....h...m.....K..R._.<..........v\|D.....v\|m...............................................................O.................@...........,.....L.f...G.L.f....................................PfEd...............T.........:..... .........................................................T...........8...............^...........^...........B..........................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.13.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	2850
Entropy (8bit):	4.360453679609494
Encrypted:	false
SSDEEP:	48:4D93GD903D9QQoByKytbUdWCpdLalPrD9W7D9BRD9NJD9QD90ZxDlSB5FPmD9nRR:4D9WD9MD9QQoBRy5UMgKPrD9eD9HD9NR
MD5:	9946FABF8EF0B0E54B1ECC8C6E941021
SHA1:	8A6A105EE63D0ADB895FFEA01F8F3E03DB6F2137
SHA-256:	C0F39DC9F471B9CC9A575183FC1988F44BF85CB15526DB5289CB7C68C4FE6BA5
SHA-512:	22BFB6426068788B85A309F2E9E82D30C6C061510254B6C1837A09F0FE2EF39396A8DEE97D30F7D5CAA5783531D47D56BDA532C58F388B750A27DEA555EF5B1A
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.13.0.eot?
Preview:	"...........................,.....LP...........................6..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................`FFTM.._.........GDEF.*..........OS/2E.Pg...h...`cmap...l.......Bcvt ...D........gasp............glyfl..h...,...@head...........6hhea.......$...$hmtx............loca...T... ....maxp.I.....H... name~%Gs...l....post...........=.....K..6..._.<..........v\|D.....v\|m.....A.........................@.....A.........................W.................@.........@.,.....L.f...G.L.f....................................PfEd...............T.........:..... ...@.......@...@.....................<........... .....................B................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.14.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	39898
Entropy (8bit):	6.270214970562135
Encrypted:	false
SSDEEP:	768:T4Sd2q5hTloCObw1bb9JORYLPXSRoNK0dKj8uSKuu3fWgheGbt3Z/pcU:cSd2q5hTKCvbJJOCSRoNpPuSKuu3fgGP
MD5:	633E21F58DC27AF1A14D01F09870BB2C
SHA1:	E681BDECC0B85785CD7338C11855D74625FE0570
SHA-256:	092EBF6F6037D74A67C9F5579205BECC18C08E839210D663FCDB05DE6DB9D48D
SHA-512:	272E88C16473BB50C28F1BF0EF60A2E91A2756AF2301E96A4E10F4A086E1AB7C7BA921CAA478A75440B744C0237EB2580A4D153FEA49F424EE221FBE3FFF6F23
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.14.0.eot?
Preview:	...........................,.....LP...........................z..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._.........GDEF..w........OS/21;....X...`cmap..d...\|...zgasp.......\|....glyfo./.......Phead..........6hhea.7.........$hmtx.1..........loca..3J........maxp.......8... name~%Gs...,....postI."....D...8.....K..z..._.<..........v\|D.....v\|n.......................................................p.....q...................@.........".,.....L.f...G.L.f....................................PfEd.....v.........T.........:..... ............................................................. .@...........................................................@.......................@...........................................................................@.......@................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.15.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	3338
Entropy (8bit):	4.804353962922383
Encrypted:	false
SSDEEP:	96:WD9WD9MD9k4YUIT/7jmZL78KPrD9eD9HD9NJD9QD9MxDloFOD9RD9ZD9h:Wk+i4YzT/nmZLB0ZTJG8hrTn
MD5:	BD9A6943467FAD0259CEEC073B50691A
SHA1:	F48FF1C2E78C93456CC2F285FF1C8DA0F9011FAF
SHA-256:	0408875CF887F9E4D2659937046CD19E0B3FDA3C250A318B78DACED26237F6B3
SHA-512:	E843BC66E88ADAEDD5265FA7EE5E44AED39D62C3F25C1E282380E532054FD273BDEE0CD82A3323C804F2EED26E80B178DC3EE1467FC6E5D4C7BEE9FCC286F8CB
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.15.1.eot?
Preview:	............................,.....LP...........................&..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................`FFTM.._.........GDEF.*..........OS/21.;....h...`cmap...1.......Bcvt ...D... ....gasp............glyf.......0...$head...........6hhea.......$...$hmtx.@..........loca.......$....maxp.P.....H... name~%Gs...T....post..m....l...>.....K..&.._.<..........v\|D.....v\|o.................................................................................@...........,.....L.f...G.L.f....................................PfEd...............T.........:..... .........................................<........... .....................~............................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.15.3[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	2934
Entropy (8bit):	4.404159992513429
Encrypted:	false
SSDEEP:	48:RD93GD903D9zB+K5gJyQVzpdLalPrD9W7D9BRD9NJD9QD90ZxDlSB5FPmD9nRD9J:RD9WD9MD9zBpSJy0KPrD9eD9HD9NJD93
MD5:	ECF910C924354F39B5EFDB57B72889DE
SHA1:	0B7BFD524040103B4A487EB209DCAC7B79A27E6C
SHA-256:	48CE57BC1294E206EEFA9E7C966EE4D3A540C6E85064EA430225465060901C11
SHA-512:	6D6264B491B2F288DF74755DE8B6EE84061A133384DF59A37F45E614E35E9A16FA326573C7C3C636B0645CE150CEC9CFBD07F53E1D4B3F33E49F2D6335058934
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.15.3.eot?
Preview:	v...\.......................,.....LP..........................(...................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._....@....GDEF...... ....OS/2F.Q6...X...`cmap...{.......Bgasp............glyf.8\|.........head.V.........6hhea...........$hmtx............loca............maxp.O.....8... name~%Gs........postB.........8.....K..(.._.<..........v\|D.....v\|p.................................................................................@...........,.....L.f...G.L.f....................................PfEd...............T.........:..... .....................................<........... .....................3................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-light-300-5.2.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	28378
Entropy (8bit):	6.354107492922253
Encrypted:	false
SSDEEP:	768:pFuNWqW7bECW8pspgXP2FDxcvvRVJ6AVOUg:24wl8pwg/2FDa5VJ68U
MD5:	A4F4ACA2D05F152CFE5B0E0D739C9C97
SHA1:	F60A8C475C084BBB532F658AA4C4072B82E37CD0
SHA-256:	2EC7FC2EE0C92B556C3771C3786FB529AD0276EE326C7B8E1639F52654ACF3A7
SHA-512:	1A6082485C065DA4118FC8F3BD39264771B80AF68C8A78A97AFA47FBA04FECA8BB7280D88A11B41083BA8E5094846ED9F6CFC8C95037646F9F3531B4D25F4BC3
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.2.0.eot?
Preview:	.n...m......................,.....LP........................EyG_..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._v..m.....GDEF..d..m.....OS/2ABQ....X...`cmap^.Xo...,...gasp......m\|....glyf..........\.head..........6hhea.?.........$hmtx.\|.........tloca.......X....maxp.......8... name~%Gs..b.....post.Q`}..h....{.....K.._GyE_.<..........v\|D.....v\|].......................................................\.....^...................@...........,.....L.f...G.L.f....................................PfEd.....=.........T.........:..... ...............@...@....................... .......@.......@...........................................@...........................................................@...........`............................................................................................... ........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-regular-400-5.0.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Regular family
Category:	downloaded
Size (bytes):	62278
Entropy (8bit):	6.40044041738365
Encrypted:	false
SSDEEP:	768:iB3ykMUfOkZR2SJrtB7a3YpRwkRG9/pH5pB3y+yr0uX0Qwf+Q/PqJus8rJ5Y+j:/FUfbZE233ROtB3yKQwfV/P2oL3
MD5:	75ACE556DEDB991BD3BCE9AB37801F67
SHA1:	9C0655DE1AE7DC39043F9C5DAC64838593E3E94D
SHA-256:	F2399E771A372EC0C03DE31467DC66D8D76EA1FADACF919FD05733BDE6078790
SHA-512:	A1BCED71CD27F83BF22FAC126FF54D3BFA64A0A0E487C001E4F517864DC8BC44FB534414B2BC3652F5B5B876D3035CBC8943F40AC5B5E1D9073A45D316EC672B
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.0.0.eot?
Preview:	F... .............................LP........................0]....................4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r................PFFTM.._m........GDEF.*.G........OS/2A.QQ...X...`cmap..!.........gasp............glyfz..i.......head..........6hhea.:.~.......$hmtxH..-........loca<gn.........maxp.......8... name"..,.......Fpost(..A.............K....]0_.<..........v\|D.....v\|T.......................................................=.....A...................@.................L.f...G.L.f....................................PfEd...............T.........:..... ...............................................@...@...........................................@...............................................................................@.......................................@...@...@...........@...........@...............@....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-regular-400-5.0.11[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Regular family
Category:	downloaded
Size (bytes):	10062
Entropy (8bit):	6.08053784433059
Encrypted:	false
SSDEEP:	192:HYqbvr+3LTU9Co4sS0djcdSDOf263TX/rgRDL70iwvBq8VUw3UC30:dvrsTU9CodS2jcUDO+63TSDAL0
MD5:	852D7E65EE6DCC30EAE474DD4D2EF326
SHA1:	6A8A259C96A46DB86C4349E4058316B260C104A8
SHA-256:	FCFDE8447096B5116784F9E44B73683FACB75CA7F380316D40C729397372A361
SHA-512:	0A130A02E54773A558B852AF398586532476DE9731C51B16455CE0BDAE04147DBE110CF56A7BB76B91DA177AF375F24721EA69CF86813B55303D1B2A9C44A520
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.0.11.eot?
Preview:	N'..(&............................LP..........................m...................4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r................PFFTM.._s..&.....GDEF.*.&..%.....OS/2A.R....X...`cmap.3.(...8....gasp......%.....glyf.U2.... ....head..........6hhea.B.a.......$hmtxD+..........locagt`........Bmaxp.l.....8... name"..,.......Fpost.....$@.........K...m._.<..........v\|D.....v\|Z....................................................... ..... ...................@.........B.......L.f...G.L.f....................................PfEd...............T.........:..... ...........................................................................................................................................................................................5............................4..............D.C.....+..........................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-regular-400-5.0.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Regular family
Category:	downloaded
Size (bytes):	2778
Entropy (8bit):	4.187106733047195
Encrypted:	false
SSDEEP:	48:NrD9TGD90LD9wGoNRWIXwWhHPQyaD9W7D90wD9xBD90D90ZxDldkB5FPmD9OwD9R:hD9iD9gD9wGoNRWIXhhY7D9eD90wD9x/
MD5:	843F071A97006CEDC4A1777FF32E4E27
SHA1:	7CD1B474C6EA2AECFB8F5542C76D8841F6336F5E
SHA-256:	703C57FDFE0123ED19E7D5878690A8AFC2A0EE88113EB53F4A3C7E82C8C3A37F
SHA-512:	E66A151F371AD104CDB0A5D51FE24213EE203D825BE2D6739B49B5221756A0DDCED6B1A3C6358866944FB309C2E1D4AA852811B644DF52ABB7F2ED2F8EE1F848
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.0.1.eot?
Preview:	..................................LP........................<,&~..................4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r................`FFTM.._n........GDEF.*.....x....OS/2EOQg...h...`cmap...l.......Bcvt ...D........gasp.......p....glyfc......,....head...........6hhea.......$...$hmtx............loca...T... ....maxp.H.Z...H... name"..,.......Fpost..#...<...4.....K..~&,<_.<..........v\|D.....v\|U.....@.........................@.....@.........................).................@.........@.......L.f...G.L.f....................................PfEd...............T.........:..... ...@.......@...@.....................<........... .....................B....................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-regular-400-5.0.3[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Regular family
Category:	downloaded
Size (bytes):	3566
Entropy (8bit):	4.887045905297387
Encrypted:	false
SSDEEP:	96:BD9iD9gD9TXnkeVmCcEc7D9eD90wD9xBD90D9MxDldaFOD9OwD99D9OA:BYqtkeVmLL70iwvBq8VUw3UA
MD5:	9DD81A4F5BD91F41B662B0078DF9189B
SHA1:	41226036560110485FDD8F13C1FBF73C8941A8BD
SHA-256:	F7CC2463B3DFE51D2832F460860B092E6FC6771A692A1688C6070175865F37AD
SHA-512:	0341A7F5419A924D073FE9F8D57B6997B88718D942DC15BFDE9A93903440AE2D64A67BF89C89AC5C511138C28D1A8D071356B6503FE7B3B6D00AD427EFFCFEFB
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.0.3.eot?
Preview:	..................................LP........................D..^..................4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r................PFFTM.._o........GDEF...........OS/2C.P....X...`cmap..........bgasp............glyf..xJ...P....head...........6hhea...........$hmtx............loca..$...<....maxp.Q.X...8... name"..,.......Fpost..u........l.....K..^..D_.<..........v\|D.....v\|V.....@.........................@.....@.........................U.................@.................L.f...G.L.f....................................PfEd...E...........T.........:..... .......................@.............................\...........@...........E...........E...........K.J.E.'............................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-regular-400-5.0.7[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Regular family
Category:	downloaded
Size (bytes):	13242
Entropy (8bit):	6.080631030059945
Encrypted:	false
SSDEEP:	192:ZYq2iOsX9GMoouNoGGlD28xoyTpvFgk5g9YuHTrNf/3RwXFP7ndo3ayG70iwvBq3:GiOst4VGpauFik5Re2t+3ayng
MD5:	14B3872F70D573AAB7F7D9499E559779
SHA1:	8320756744B7FC8A11CAE186D50DC85109CC3016
SHA-256:	0E732457272F35E9C0115FA5258F16E056BBD379A09AB3973AD5FB61EDAE41C7
SHA-512:	5FCA5A514589AB9B4EE9A1653332FEB557899CED10D64A5A58282BAC9A6ED2E4B48C422A2ABFB90787862BE8B002CDA5074ADCE810FC846C131074196E4EA028
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.0.7.eot?
Preview:	.3...2............................LP..........................~..................4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r................PFFTM.._p..2x....GDEF..7..2X....OS/2B_R2...X...`cmap...1...\|....gasp......2P....glyf.~.....\|..%.head..........6hhea.=.r.......$hmtxh...........loca...........dmaxp.......8... name"..,..p...Fpost^..`../..........K..~..._.<..........v\|D.....v\|W.......................................................1.....1...................@.........6.......L.f...G.L.f....................................PfEd...............T.........:..... ................................................................... ...................@...@...........@...........................@...............@.................................................................................x...................a.o.u.z.~........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.0.10[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	2946
Entropy (8bit):	4.512281252063221
Encrypted:	false
SSDEEP:	48:lD9PGD903D9sMXjUMpGnQOpdLalPrD9W7D9DlD9AVED9DOD90ZxDlrKB5FPmD9Vi:lD9eD9MD9sAloFKPrD9eD9xD9AqD96Dh
MD5:	5AF0C0D396595BADE63901D8426658B8
SHA1:	8ACCC6B22E265FA7045516691D5B306A9CCF657F
SHA-256:	0FDD03CB70EF2D0ACBF72D8D445BAC37736A5537A695EA3D90E18375ABBDA69C
SHA-512:	FE114C886467493A42A4EC88EBFD48BA381651E03DA16A553F79846668393311D8E2CCEBB280B1DC9AFC09F54435349F8792DAEE6D5C9DB2B72C36B12B3CBAFE
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.0.10.eot?
Preview:	....h.............................LP........................G<...................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................`FFTM.._r...L....GDEF.*.....,....OS/2G.Q....h...`cmap.8.........Jcvt ...D...(....gasp.......$....glyf.Mn...8....head...........6hhea.......$...$hmtx.<..........loca..."...,....maxp.K.....H... name\|GM}........postx..........5.....K...<G_.<..........v\|E.....v\|X...............................................................N.................@.................L.f...G.L.f....................................PfEd...q...........T.........:..... .........................................D...........(...........q.......q.......:......................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.10.2[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	31990
Entropy (8bit):	6.260678197592428
Encrypted:	false
SSDEEP:	384:pgEccsL6zXQv+ZSIB8QvgOdx4m1xIIJxjSPSsYKQInhdfL1LlR4SLQ11kI:pgEo6zApI7vglA50TnzrLQ3
MD5:	040C4ED5B3793128B0978D09EA8CD13C
SHA1:	B0BEC1BD27A31872062914270E1D03F328030C7B
SHA-256:	F749FDA46B188FE9BC3E44F0903AED589F3FDB6FC8F4CFEF4DA8196AA633C090
SHA-512:	AA71FF15574EDE792F187C38B8A7E59EFED5FC3039ED1D18D0319FF15FF48D2928A2453D680D92A730A146CCA929A0F7E613EF026E217D9C1B74B400473F807C
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.10.2.eot?
Preview:	.\|...{............................LP.........................m....................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................PFFTM.._...{.....GDEF.*....{.....OS/2C.U....X...`cmap.(....H...:gasp......{.....glyf-\.......d.head..........6hhea.A.........$hmtx/...........locao'VH.......Jmaxp.......8... name\|GM}..nl....post.~v...s..........K....m._.<..........v\|E.....v\|e.................................................................................@.................L.f...G.L.f....................................PfEd...............T.........:..... ...................@...................@...@...................................................@...@...@...........................................@....................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.11.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	19578
Entropy (8bit):	6.240477014837751
Encrypted:	false
SSDEEP:	384:fZ8Ni5NnSBbYyhSDkQQglzbNP9dNkA2yLSHdA:fy05AuyhkTbxlSHdA
MD5:	839123C253F9EF592BC7263354D8B685
SHA1:	4E83C5BEDE992DB51CE5A76E59D8BE6975F8CFCE
SHA-256:	6A1B28A5052744BC0B8F10D4740F757F98EB0918936C1268C92BE5E3E7243F0E
SHA-512:	BD44C7EBD414164B622E55938B0F09DAA7115680D12C978BEBEB30897744F402578B49B4A1AF678C8215F07744FF8CC9F5E57DEDC105EAFC3CED3067372B09F7
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.11.1.eot?
Preview:	zL..`K............................LP..........................a...................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................PFFTM.._...KD....GDEF.*.g..K$....OS/2C.V>...X...`cmap.K.....<...Rgasp......K.....glyf.2.#...T..9.head..........6hhea.;.........$hmtx...2........loca..L........maxp.......8... name\|GM}..A.....post\|.,...F4.........K..a._.<..........v\|E.....v\|g.......................................................`.....a...................@.................L.f...G.L.f....................................PfEd...............T.........:..... ...............`.....@...@.....................`....... ................... ... ................................................... .......h...........................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.11.2[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	3254
Entropy (8bit):	4.67873107544464
Encrypted:	false
SSDEEP:	96:1D9eD9MD9g4gph4OFhHHfpnHHHc2KPrD9eD9xD9AqD96D9MxDlkFOD9VD9HD9n:1M+K4Oh4OK0DiqI8tvxB
MD5:	439CAB81AFBA004B8E020B5590914FEC
SHA1:	B76ED9736CC9E4C3F092CB68FF5476982F45735C
SHA-256:	2F3AFED09F8DD549EE59DE63581035A05D192DBA3DF517C0B491AB8FD834F986
SHA-512:	8E94773B7A06EC0195F301903597998B9C886063E0E7274DFCD128EB0ACA10FD350BACAA9BEBE280999FE21FCA52D7BC1E5D663B4890E4F42FFD5C34AEA04344
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.11.2.eot?
Preview:	..................................LP........................./N...................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................PFFTM.._.........GDEF.*.....`....OS/2H.V....X...`cmap...O.......Rgasp.......X....glyfZ..-...4....head..........6hhea.>.G.......$hmtx............loca.......$....maxp.P.q...8... name\|GM}........post...........R.....K...N/._.<..........v\|E.....v\|h...............................................................n.................@.........j.......L.f...G.L.f....................................PfEd..............T.........:..... ...................@.........................L...........0...........................{.M..............................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.12.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	3406
Entropy (8bit):	4.795846261251449
Encrypted:	false
SSDEEP:	96:XD9eD9MD94P8VXO25c1rfOKPrD9eD9xD9AqD96D9MxDlkFOD9VD9HD9IDB:XM+ePO5IrX0DiqI8tvxiDB
MD5:	07FA7E45F64F6089CD1D73FF212164AA
SHA1:	3A880ED8CADAB8396EDE7BF04C3998CD0AD57208
SHA-256:	2C9FFB7F53A960514106841D6412B0ED20065E2AD54285E297A41C7AC70C8DF2
SHA-512:	5724038F80BF975E8AD9B2C3F4366B2DA95982D84DFCE71A3589051F9F1FA179AC75B0DFB1781F81ABA76F9CE24CBCD0DA9AD7E645D818C8EBE4780A14C04C71
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.12.1.eot?
Preview:	N...4.............................LP........................_.....................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................PFFTM.._.........GDEF.*..........OS/2C.S....X...`cmap.i.........Zgasp............glyf?.#....L....head.U.........6hhea...........$hmtx...........$loca.Z.4...8....maxp.N.B...8... name\|GM}...h....post..\|........m.....K.....__.<..........v\|E.....v\|i...............................................................?.................@.................L.f...G.L.f....................................PfEd...............T.........:..... .........................................................T...........8...............^...........^...........B..........................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.13.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	2758
Entropy (8bit):	4.22283534052951
Encrypted:	false
SSDEEP:	48:BD9PGD903D9YImoXwDMGVomSQpdLalPrD9W7D9DlD9AVED9DOD90ZxDlrKB5FPmm:BD9eD9MD9YImoXwwGVG2KPrD9eD9xD94
MD5:	8BCBB6A4220BA3CBF952F79D6A88FC68
SHA1:	E39E417BFF4F07DF66F60A298279184FA8E8BB67
SHA-256:	927BC7A02850B86F1ED7AA33AFCA48C02FBE6D14B4381F03EB23E6E90446BC37
SHA-512:	7A8DE55F9211EEBC43F9FF903F43685A0577A589BD20E16701DF9C16D4D751F4EB13BD2FFA89E214E4435AAFBD5C61F693A0AFC529344B3D360A5ACB49983E71
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.13.0.eot?
Preview:	..................................LP........................_$C...................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................`FFTM.._.........GDEF.*.....p....OS/2HCRg...h...`cmap...l.......Bcvt ...D........gasp.......h....glyf...7...,....head...........6hhea.......$...$hmtx............loca...T... ....maxp.H.c...H... name\|GM}........post.......(...=.....K...C$__.<..........v\|E.....v\|i.....A.........................@.....A.........................2.................@.........@.......L.f...G.L.f....................................PfEd...............T.........:..... ...@.......@...@.....................<........... .....................B................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.14.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	30174
Entropy (8bit):	6.198576685447814
Encrypted:	false
SSDEEP:	384:anfLdWYDSWE8O7iVknaLckYFQxDwignyUOMeM1f7iN8ETOpfthTNhJHzuJFpVi7m:anTI3N2VOaXsVn7D1f7xRfNhJG1ipc5
MD5:	2E693F9D77A4FF73AD10CCBFC5A7FC7D
SHA1:	C6BFE6D39BC74DF7529082206CBF71A275F77B38
SHA-256:	EEBF5C6AFDF4B3D1D9C54069299AEFF83434B37F92FA8280321DAF2131712E0F
SHA-512:	0DC228DAF118257F2D2252E512136D61AC078D3AFDFAAA115CB1462DA9A1213948CF45B06C330E66CFA3CA9F2CCDFD4B04104FB3A545C3452C396983323E9CBD
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.14.0.eot?
Preview:	.u...t............................LP..............................................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................PFFTM.._...t.....GDEF.*.w..t.....OS/23.=....X...`cmap..d...\|...zgasp......t.....glyf.........cThead..........6hhea.B.........$hmtx.4..........loca..%L........maxp...]...8... name\|GM}..i0....postI."...nH...8.....K......_.<..........v\|E.....v\|j.......................................................p.....q.Z.................@.........".......L.f...G.L.f....................................PfEd.....v.........T.........:..... ..................... .........................................@...........................................................@.......................@...........................................................................@.......@................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.15.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	3106
Entropy (8bit):	4.58521486497572
Encrypted:	false
SSDEEP:	96:KD9eD9MD9RK2bKPrD9eD9xD9AqD96D9MxDlkFOD9VD9HD9Q:KM+TKD0DiqI8tvxu
MD5:	6CCC67F394CD24741AF5CA848A184DEA
SHA1:	E1CFD54C2A549730B1404558AC1CE377D2213B21
SHA-256:	149A05841B8F7253912966DB274D84B82F51AB744B0C27474A4A7A396CAAF01D
SHA-512:	F13D4FC11848436E368796252F171567A8D507E46841F2E5D22A1E51030EB554FCA4C1294FD80EFA5333AF9BADDD50AB7A46AA96CD5DC91C29EB2D29F46CAE40
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.15.1.eot?
Preview:	".................................LP.............................................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................`FFTM.._.........GDEF.*..........OS/24.=....h...`cmap...1.......Bcvt ...D... ....gasp............glyf~.\|M...0...<head...........6hhea.......$...$hmtx.@..........loca...r...$....maxp.K.....H... name\|GM}...l....post..m........>.....K......_.<..........v\|E.....v\|k...............................................................i.................@.................L.f...G.L.f....................................PfEd...............T.........:..... .........................................<........... .....................~............................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.6.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	2722
Entropy (8bit):	4.2123640984251605
Encrypted:	false
SSDEEP:	48:CBD9PGD903D9fJxAoGO2uCJX1KpdLalPrD9W7D9DlD9AVED9DOD90ZxDlrKB5FPp:WD9eD9MD9fJxAoGO2L1IKPrD9eD9xD9W
MD5:	8577D82CDBC35868D26E0DB779D87C98
SHA1:	399F9650FE55DB82264CD21A586069F803625181
SHA-256:	ABED79D6FB9AEA183B08EA900F0D21875960B28A70C475B7BD5D7EE39631E3D4
SHA-512:	DF0B300289AB1F6C495712DED2EF9FA5AD8D08CE6FB6248FDAEBFD7ECD2E981158ECAFE32BF02114C92F672EBCC8DA350185C1E7F5B9A526DEE8C56F2AB37F6B
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.6.1.eot?
Preview:	..................................LP........................U....................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................`FFTM.._z...l....GDEF.*.....L....OS/2C.N....h...`cmap...........Bcvt ...D........gasp.......D....glyf.o~....,....head...........6hhea.......$...$hmtx............loca...T... ....maxp.I.S...H... name\|GM}........post/..-.......?.....K.....U_.<..........v\|E.....v\|`.....H.........................@.....H.........................".................@.........@.......L.f...G.L.f....................................PfEd...q.q.........T.........:..... ...@.......@...@.....................<........... ...........q.....q....................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.7.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	19354
Entropy (8bit):	6.2613516199709816
Encrypted:	false
SSDEEP:	192:sM+kVe9wXTAtnxO5zTYLYbTcBII7UoG7j7AyQXoo/qyz7KblTBiIiajWit8GyIeS:XVeiz0BGQJqyjI/t87NoG99ib
MD5:	21786AB07C965350938546E3D6A4F839
SHA1:	CB30B9D7071D5E02FA66FDFCEA777D9F9216CC24
SHA-256:	7735039E791528AC9346ED8003CA2A8BC3B8EEB104BC7E8CBF447B868521C231
SHA-512:	246F70490E4BB63AE7B055FFF8E6A6F8CF70AEFAC04213D60066B07066A67C435CD6EC62AA73B0E6CEC327F3452FE4A183388FA63615A46AE5FDC8013477800C
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.7.0.eot?
Preview:	.K...J............................LP........................ig.X..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................PFFTM.._{..Jd....GDEF..W..JD....OS/2C.U....X...`cmappXi........gasp......J<....glyfV.n}......;xhead..........6hhea.=.........$hmtx.5.........DlocaEPS....(....maxp.......8... name\|GM}..AD....post......F\.........K..X.gi_.<..........v\|E.....v\|a.......................................................Q.....Q...................@.................L.f...G.L.f....................................PfEd.....3.........T.........:..... ...................@...@...............................@...........@.......@...@...@...............@.......@...................@.......................................................@.......................@...@...@...................................@............................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.8.2[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	2638
Entropy (8bit):	4.0767363666755525
Encrypted:	false
SSDEEP:	48:OCD9PGD903D9/m5KopdLalPrD9W7D9DlD9AVED9DOD90ZxDlrKB5FPmD9VD9D7D/:fD9eD9MD9/m5KOKPrD9eD9xD9AqD96De
MD5:	AA670C4769047C249CD9DE1A1E9AF041
SHA1:	0D154865C311836E78A02306C05FE45ABF6E8A98
SHA-256:	C950583A3C342F9641FBDBE38268B40DABEA3AA43D68230CA25B49926A367295
SHA-512:	AF6649EB4ADF28E8DEB643A7E152675714698AAF94F8ABD14066F94EF1EC94EF07BA9B3CE062A100EE92049E70B92E706344B877F108D47F975DB0ABD6286C3C
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.8.2.eot?
Preview:	N...4.............................LP.........................H....................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................PFFTM.._}........GDEF.*..........OS/2H.R....X...`cmap...........Bgasp............glyfP...........head.U.........6hhea...........$hmtx............loca.D..........maxp.H.+...8... name\|GM}........post..D_.......7.....K....H._.<..........v\|E.....v\|c...............................................................(.................@.................L.f...G.L.f....................................PfEd...`.`.........T.........:..... .....................................<........... ...........`.....`....................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro-fa-solid-900-5.9.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	33094
Entropy (8bit):	5.917201757797381
Encrypted:	false
SSDEEP:	384:XD9R7F042P/JtJmAGTWgROKdIvMhLkgMMEW7P6Kt61hx/TTbXT/:XD9Rmvm8Kph5MS7SKQ/LXT/
MD5:	5DA8DCA6AD2C39A11836B1AD3EC0EAF7
SHA1:	DFAEF46F1FD681FDF71F806336B2D7EB2E33283E
SHA-256:	F570B180CC8401EB9FD796755C79D3EC94D2B7E26F2EB1C2AA82169571818636
SHA-512:	A924D7DC21E61691617D8411C7212FE44FC7B58A8356A47CB1B8DE37AA30B6D370CD50C3A9C6F111C3E7B4E4528AA5F70CB2494505D6DEEA6343D9E1F4B86F1E
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.9.0.eot?
Preview:	F...,.............................LP.........................:g...................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................PFFTM.._~........GDEF.*.~........OS/2C.U....X...`cmap............gasp............glyfc.A....h..m.head..........6hhea.B.........$hmtx.E."........loca..&...t....maxp...S...8... name\|GM}..t4....post.n/%..yL.........K..g:._.<..........v\|E.....v\|d.......................................................x.....x.P. ...............@.................L.f...G.L.f....................................PfEd...6...........T.........:..... ......................................................................................... .@...@...@...........@.......................@. .....@...@...................@...........................@...................................................................................@

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pro.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	319061
Entropy (8bit):	5.091121633998878
Encrypted:	false
SSDEEP:	1536:Mwv1E8SIZlJ/Zg9ADlnIZ+mqX56U8CyFXmJ6JadWGFIibJbiC8IYiy6BFAXq6Y1l:X1E1IZ3/g2ln++1gWbqMAXHu
MD5:	7F586C77EB958DD3B153715FDB451B33
SHA1:	8624C3F34B38A630CBAEE6AD615B080BBC808ECF
SHA-256:	F734D8ECDA48E6D98FAAB2E1E9B91D6C5F72B86408EA6E2126D4B1681B92EF4C
SHA-512:	41DA1CCD2899D28961AF22B54C72F6EC58C702B4D134198ACCA8DC58CAFAAD0E8B55CA527494A969B104674E489251B3E3FB4F31A6C96C36775D62F17ED18B96
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/css/pro.min.css?token=2fed3568f8
Preview:	/!. Font Awesome Pro 5.15.3 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license (Commercial License). */.fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pull-left{float:left}.fa-pull-right{float:righ

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\style.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	58171
Entropy (8bit):	4.952248562448469
Encrypted:	false
SSDEEP:	384:T2vicPcBZDn/KRM34XMX6cD+d+AwlVHI+LQ3R+T55GPh5IIINXTXlx:AXMX6E+d+AwlxI+LQ3RC4h5DwTVx
MD5:	B5D1E2C87B60CE71C3FD90CA27073250
SHA1:	B65E3890EF1565F98971B344B4C85866A5F33860
SHA-256:	2CD9DE3DD26246204749CFF259BC34E8E6A47AE5D6E4528B9B28C75D68D50CDE
SHA-512:	0698905368E41D22F1026DCC64F716BE70BFDE1BC05BC85918242AF9C30351166726B4DC4426898E9EF0428EF0A2F875D8FED54BBC8B925289363A39FABBA165
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Preview:	@charset "UTF-8";#start-resizable-editor-section{display:none}.wp-block-audio figcaption{margin-top:.5em;margin-bottom:1em}.wp-block-audio audio{width:100%;min-width:300px}.wp-block-button__link{color:#fff;background-color:#32373c;border:none;border-radius:1.55em;box-shadow:none;cursor:pointer;display:inline-block;font-size:1.125em;padding:.667em 1.333em;text-align:center;text-decoration:none;overflow-wrap:break-word}.wp-block-button__link:active,.wp-block-button__link:focus,.wp-block-button__link:hover,.wp-block-button__link:visited{color:#fff}.wp-block-button__link.aligncenter{text-align:center}.wp-block-button__link.alignright{text-align:right}.wp-block-buttons>.wp-block-button.has-custom-width{max-width:none}.wp-block-buttons>.wp-block-button.has-custom-width .wp-block-button__link{width:100%}.wp-block-buttons>.wp-block-button.wp-block-button__width-25{width:calc(25% - .5em)}.wp-block-buttons>.wp-block-button.wp-block-button__width-50{width:calc(50% - .5em)}.wp-block-buttons>.wp-bl

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\wp-polyfill-formdata.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	7165
Entropy (8bit):	5.3202958764082195
Encrypted:	false
SSDEEP:	96:XsuU3644VdFvjYxlLxSaZZj2Aeijn/IZKoE9pW1KFLDI6L6rAgIDCDT5GRB:AK44zFvjElLNZ1eaQZKoEzW1KF2DDkRB
MD5:	2EA232D2A383E59441DC21DC56300749
SHA1:	5B2B295399817BD116CE824C58E332D9816B7D63
SHA-256:	B0A94AF1B2332C79CD6F2D21449D57665C41886E4674B093F7DA75E96CDC6E6F
SHA-512:	39BE83F804B6C61B7DD577E68E793F2F27ECCCC487DCC50B672CD6AC41F22143523A4656D51B88623AE9A411BE2536AB9B5EB16995B810BD23214E1E0C71DDD3
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-includes/js/dist/vendor/wp-polyfill-formdata.min.js?ver=3.0.12
Preview:	;(function(){var k;function l(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var m="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,d){a!=Array.prototype&&a!=Object.prototype&&(a[b]=d.value)},n="undefined"!=typeof window&&window===this?this:"undefined"!=typeof global&&null!=global?global:this;function p(){p=function(){};n.Symbol\|\|(n.Symbol=r)}var r=function(){var a=0;return function(b){return"jscomp_symbol_"+(b\|\|"")+a++}}();.function u(){p();var a=n.Symbol.iterator;a\|\|(a=n.Symbol.iterator=n.Symbol("iterator"));"function"!=typeof Array.prototype[a]&&m(Array.prototype,a,{configurable:!0,writable:!0,value:function(){return v(l(this))}});u=function(){}}function v(a){u();a={next:a};a[n.Symbol.iterator]=function(){return this};return a}function x(a){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];return b?b.call(a):{next:l(a)}}var y;.if("function"==typeof Object.setPrototypeOf)y=Object.setPrototypeOf;else{va

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\wp-polyfill-node-contains.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	353
Entropy (8bit):	4.82144644832395
Encrypted:	false
SSDEEP:	6:qQQTMhM8Frv1nX/JR/X0QXQeLZ+AWGeNuhLeSqGvSqLifqWpqLlldALnRtgAlSqY:cdUrBPXpAe9+/NEi2v7/BlldoRtgAl7s
MD5:	B32D5CEA64B4FD156F47C0EC0A9D8532
SHA1:	2479F764DE67D2CD836CCB27F97DD4A42232AC0C
SHA-256:	24A4D8749750DA00649D2A24744F109D7E0B2C96755282A65E4BC13B62ED18CE
SHA-512:	DEED55D5DC985E1B7A09A839FD753D634C1BDE9646CD4B709950FCE3A99158FB8494103A1C78C23CBE35A1FD2716F44CD4D28B0E94980125FE50CD92D70D0909
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-includes/js/dist/vendor/wp-polyfill-node-contains.min.js?ver=3.42.0
Preview:	!function(){function t(t){if(!(0 in arguments))throw new TypeError("1 argument is required");do{if(this===t)return!0}while(t=t&&t.parentNode);return!1}if("HTMLElement"in this&&"contains"in HTMLElement.prototype)try{delete HTMLElement.prototype.contains}catch(t){}"Node"in this?Node.prototype.contains=t:document.contains=Element.prototype.contains=t}();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrMfJg[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 25500, version 1.1
Category:	downloaded
Size (bytes):	25500
Entropy (8bit):	7.979173521989936
Encrypted:	false
SSDEEP:	384:XaM7QjWHCtYGTiHsaHxFxyHsUGB5cxtcTR5zeFXhWoP3+0VAOq0i3YanZ9Z1:X7QacafxFztnyFXdxAoYYOh1
MD5:	66453AB23F41C22895B02B984EC9053E
SHA1:	3D17D564CF86FE48C3E28C0CF60C0E7B2AD4532F
SHA-256:	97F0AAB4399A50C0A990B9984F99BBECFC1CEE7799E02EDAED105B15461D265A
SHA-512:	F81B5598F753D57A18ADA221C6B996E78044E32FF2B9DC766BE4D7CA46873610D14574E70AF80DC98E908542A9C4A1CADA84A90291C0FF5CB4BD95DEF842E22A
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrMfJg.woff
Preview:	wOFF......c.................................GDEF.......m.......PGPOS..........6...=GSUB.......B........OS/2.......R...`aU.2STAT... ...6...@...&cmap...X........Kd.lcvt .......g........fpgm...t...........Zgasp..%L............glyf..%T..6...Y..Ahead..\....6...6..._hhea..\<...#...$...1hmtx..\`...s........loca..^............smaxp..`.... ... ....name..`....=....H.j~post..b4....... ...2prep..bL...M....i..[x.=........y-.$!....@R@.@.D...H..>../d.hh......_.Y.U.]..'..bTbl".%f%..bYbUb]bSbk'...X..,...V.^.Q..%.........@...x.T..l%P....m...m.m...m.m.;......@.@..(.Q......nH..0wo.'....Q./A..}{B.$..M.9.e.4...I....f$=/....Z.ZK...T.VL&i.c.d..s...4.y..~...o..Vh.q..4.U+..5#5#.fm.L...jg......R}m.H{...o.5....'......$c...q........4....bLS.:..4.q.C.W0i.._uLvlt.wvu.v~u.wmu.w=u.v/.L............gO}...@.@.`.`...........L.{C.C/...U......K...#.#}..!........x..I..%l<...X......)..a+............C.....V..[..x......._..nh.......4*.7.......t.#..F.'..~...O.1..`".[M....a.....a..h...S...xC....C.gv..W...x

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJg[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 26476, version 1.1
Category:	downloaded
Size (bytes):	26476
Entropy (8bit):	7.981545405072701
Encrypted:	false
SSDEEP:	768:V9+Bz3xdXhxFzmiJOu9urlPbzY8rz+N5BDi:V9+t3vhHmiPCLrojDi
MD5:	09A84C5FA2F0997740CC0C94FA3E7991
SHA1:	51368288B38A5038DC76C493244C134F6191EF26
SHA-256:	A430EA4F74A687E4003692F944956C6D2F56CCDA92FE814517F3FBB11D419B36
SHA-512:	C149F6396D871D76C421BE3AFCCE90FC43AA960EA0C074839F8D8A76D4D1456A8B40618B6ECA50D2FE8AFAEFC346150B155C6D9970C1BA17B0B888C2A91D8E80
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJg.woff
Preview:	wOFF......gl................................GDEF.......m.......PGPOS.......@..6.$..jGSUB...D...B........OS/2.......R...`b..RSTAT.......6...@...(cmap............Kd.lcvt .......g........fpgm...0...........Zgasp..'.............glyf..'...8...Y.<9t.head.._....6...6..._hhea..`....#...$...1hmtx..`<...s........loca..b............smaxp..d.... ... ....name..d....0....>.\.post..f........ ...2prep..f....M....i..[x.=........y-.$!....@R@.@.D...H..>../d.hh......_.Y.U.]..'..bTbl".%f%..bYbUb]bSbk'...X..,...V.^.Q..%.........@...x.T..p.P.....m..;.m..'.m.m....8.3....."'..W.b.....;......=....8.8.:...1.....b.i..8....M.;Y.Oq......S.xS...S...D.f..532.9%\|#.&^#~&QJ...n..s+"..J.2o6.u\|..rHyEu-.Z........QoR.......bZ..4.t\|RV.]7Ew. 4.3T5N2.0.Kq...\.\9e&..Y.X.Y.X.[O.`K.....}....s,pls.q\r.p.r.!.\.<.=.=.U......N.1...E4.\|.\|......}...3...;..@.@\p....z..`.....P.&qXD..+..UX..XG.b...M...I.`7...8.i8G..*Y.[...x..X..x...C..".>.0;........a8....<"..D.......#..A...e......D.]@.q....i@c..0....(Y23.\|a..3[v..=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4bbLDrMfJg[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 26452, version 1.1
Category:	downloaded
Size (bytes):	26452
Entropy (8bit):	7.981972951536371
Encrypted:	false
SSDEEP:	768:61y4WgOTZhAxFzpHfw3F1oZQAy5+oNVMDo:xZCHpHo11oZfPSp
MD5:	86E2B45D15394A34BEAED029271134CD
SHA1:	E4A308BB9E29313FEF8A363E1E394351CCFECB68
SHA-256:	39035EBF0273E0A99A023E3A3D9BE420D7F5D9D754D59EDFD060DC59DA4641AC
SHA-512:	B2867D72F3DE7EFE65751D1AF29ED3E5F0E0C5F8A0C9C6A041785C6703C236AB312E2462A6659EC16E103CBF1C47511B362B8F5F76401DB61CD77AB6FD53BB12
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4bbLDrMfJg.woff
Preview:	wOFF......gT....... ........................GDEF.......m.......PGPOS.......;..6..H..GSUB...@...B........OS/2.......R...`a..2STAT.......6...@.m.'cmap............Kd.lcvt .......g........fpgm...,...........Zgasp..'.............glyf..'...8...Y....Ihead.._....6...6..._hhea.._....#...$...1hmtx..`....r........loca..b............Smaxp..d.... ... ....name..d....;....KSl.post..e........ ...2prep..f....M....i..[x.=........y-.$!....@R@.@.D...H..>../d.hh......_.Y.U.]..'..bTbl".%f%..bYbUb]bSbk'...X..,...V.^.Q..%.........@...x.T..t#@....6..dm.m..m.m..._......2. xe.W..].A..B.U......%..ti.;D@R.\|p!. .....9.....'.Uy.IK^K...I....I..)D....$.LKU..../.U.'b.8$..t.,.<\...).g.P.W.#....WR.....p.!.!...1uQ.]Q.2U...MIU..9-...v.N.....T......k.]2.1.7UL..L...{.,C-...[.X_Y?X.......w./...8O..._.......z{.&.Q.}...Nx.y......z.F.......U.....4p...u....J.1..1..b....,C<V`%Fb...ud.6`..b;...d2v.....Y..d)n......b5^.-...9...{......h.>.'{........go.I{........w.S.%l?..]XOu[h.{.d.8.......4..v./).b{...[j

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrc[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 25984, version 1.1
Category:	downloaded
Size (bytes):	25984
Entropy (8bit):	7.978124312293861
Encrypted:	false
SSDEEP:	384:6WGAiZSqstmYyTMUcrnUGB5QZ4uVjO9vd1LGlyRCMJsZRIX0HOSs3AqDdfLNksN:6nZSl7TzkZ5w9vdFGlySZuSqFfN
MD5:	44A0C7110FC9A61D4677853BEC63173C
SHA1:	C036B11D5A88563E74C04E842455234664E1D19C
SHA-256:	A0CAB96898F40329F422A584BBCD591CE197F97DB9BE5EC061D57524159283B3
SHA-512:	9B609490F56ACF9670B5D4172A87AA08EF0DE130EC66394E6BE28942AB0772051B25612863BDEAE20EAC7B08F9D91405AA56DCB93D29A7D704C76956179112B0
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrc.woff
Preview:	wOFF......e........T........................GDEF.......m.......PGPOS..........7V....GSUB.......R.....s.qOS/2...<...O...`b..GSTAT.......8...D.H.'cmap............MD..cvt ...\|...N........fpgm...............Zgasp..'.............glyf..'...6K..[."D.head..]....6...6.a..hhea..^0... ...$....hmtx..^P...[...@-($hloca..`........"#x..maxp..b.... ... ....name..b....G....E.i.post..d(....... ...2prep..d<...A....O(..x.=........y-.$!....@R@.@.D...H..>../d.hh......_.Y.U.]..'..bTbl".%f%..bYbUb]bSbk'...X..,...V.^.Q..%.........@...x.L...#A.@.... vzm.m.m.m..m.6jk<.......#.>%JU.AT..:..i.ND.. ..@.e.N.B.O..%8..4.A...4.R.).m.....c.J%i.....B..J~s........g..~.C.K...<..&._.9!.B.....}JI.>S.5.\...i. bN...:E.(v%..H..,.EW).$=t.b'H....[.....I.DW....-..m1_..A+w)..c*c.c?...?S..1....\.<.....b.....T..[.X.Y.X?..T.<..T.Q.y.....S.S"A7O...=.Y..'.6...-..ZJ...R....5.9.N.\...z...Z..P..I.y.b... .f....Ti...&..-Ld.....0.}.b&G.y...s.+,......g#.x&...\|.;.1.J\|'.8E)..7]....K..g.$.3.0F.w....%>.I.c.8.^.C.s.....\

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrc[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 25148, version 1.1
Category:	downloaded
Size (bytes):	25148
Entropy (8bit):	7.978066134183957
Encrypted:	false
SSDEEP:	384:EGVYKq52syAZensaa1FlfKJ9TNSnUGB5f8M8MASHo51d1AuhfG+5MxAjfCGE8BsN:Ege2/AYYcvTwzgMQ51d19fUxAj6J8q
MD5:	25DF314437876654C8211E4CFDBE6590
SHA1:	36F989324BEDCBC531A8DF42E1368071B8BCC89C
SHA-256:	2E318C98A14843287469172B63F5B7EB912C1F8F255AFA26C09DA2FBB66E19AD
SHA-512:	0B37AC35B7BB75EF00412A62219B2289855016087B969253E96B1218DDBEF9AB7ACA28573B581D8924C4726BD0F50BDA8BE341F565F9482D0600973EB4738E2E
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrc.woff
Preview:	wOFF......b<................................GDEF.......m.......PGPOS..........7...).GSUB.......R.....s.qOS/2... ...O...`b..GSTAT...p...9...D..(cmap............MD..cvt ...d...N........fpgm...............Zgasp..&.............glyf..&...4 ..[~...head..Z....6...6.a..hhea..Z.... ...$....hmtx..[....`...@8. .loca..]l.......".Q..maxp.._.... ... ....name.._....?....A.fgpost..`........ ...2prep..`....A....O(..x.=........y-.$!....@R@.@.D...H..>../d.hh......_.Y.U.]..'..bTbl".%f%..bYbUb]bSbk'...X..,...V.^.Q..%.........@...x.L....A.@.<.....6KW.m.m.m'.Tl.;}.z.g..p.S.Mb.J.......N.{u...@..S...{t!.9JN..PYxp.*...T.2.Q7R.R...2....u.2).....2......o-...a.eBg...}.6 ..6.......O.Y.X......A..r....4..\|.\|.t....H...9.Y"..K._&_...f.&Z.Xg.......t.v.M.....y.y.y.u.p=q.........y.y.x.x.%.....=.7..\|Z_..............[...;1..w.@..?..Ty..'...."...[`D`^...U..])..S.(...........QQ...@.....0I....2....VJ.. Mb....v2.=.c..8.l.K.8)-.4WX.5i.w..f..m..=...w..&(.QP....Ds!.&.0H\f.8......%.1..#>.E.b.8.~..F.`..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\JTURjIg1_i6t8kCHKm45_ZpC3gnD-A[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 23576, version 1.1
Category:	downloaded
Size (bytes):	23576
Entropy (8bit):	7.979995638545985
Encrypted:	false
SSDEEP:	384:evykH+9E9B49CndLoAUlGTJO8OzoRb1Jrb7ZlZ/EYh93e1rRykMKAZir2k4lyPmo:eqP9sC2dXUlF8Ozc5JrbNr/EM93eZRhl
MD5:	8B763220218FFC11C57C84DDB80E7B26
SHA1:	E85E6898C8FD8B095BD694B3F1350342C7BB3F35
SHA-256:	299E5F2B6E651BFD7B4C74AA12B06BB10A1200757CC4EBD1FC4C0D9D1AAFA00D
SHA-512:	4A93693CDE6B4BAEAD17A78C6B3FF7BD9F7489D20E5BE3815751B4A1E4E034E7BB54249DEF7F8E06B3ADE41E4333F45FDB232E67971C1817F66151F1440BDE32
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD-A.woff
Preview:	wOFF......\.................................GDEF.......G...X.g.^GPOS..........2....GSUB.............,.OS/2...l...O...`T..acmap..............h.cvt .......b....0...fpgm.......F...mM$.\|gasp...,............glyf...4..3...\.)...head..R....6...6.P.xhhea..S.... ...$....hmtx..S,...'...>"...loca..UT.......(...maxp..Wt... ... .h.Wname..W..........EIpost..X.........D.z.prep..[\.........K..x.%....P......@:D...$.. ]!....h.....2/.$.....D.^.F..ua.].N....%>./...x..ex#......<..d.e.-.1..33333333..y...T.`.V^p.m._.{..9...z..z..5... .<....\|...<.-.}9./..._....f.P.J?F......d...b..DzFm......&b...!...H..;a.XI.=6gEB..6N......]6.I...J..w.hU\6...I.uei..@..J.n. .2.D3.. .(ay.......<..j>....s@.n.....Z.U.H@.v..e......!..s.`wW...u4.8P...x.r...z4...h.....H@.;.g.....,1..)..E.}".S.5..X.{E....._.....".D...=\|D..Q...D7...q>.\ .\.E.s.Hp.Hr...r.....+..f..q...\+:.Q..,Bn...g#.l..l..l.i..&v.4;E..D=...I......R.O.1-.fDDA.1+j8...A.D...?M..w.\|.&F.f..1..z....j-o9.V.y.em...vRO.^..-.S..f.q.....j...c....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\JTUSjIg1_i6t8kCHKm459WlhzQ[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 23480, version 1.1
Category:	downloaded
Size (bytes):	23480
Entropy (8bit):	7.981253427621622
Encrypted:	false
SSDEEP:	384:lEfDbJfERirQIhTVId2GTJO8Z84zUE8EW3md2T0LuYXDbMdK3OLmvTHc5qawV:lEf3JPrQI8d2F8WDE9w0FLTbMdK+Cvj3
MD5:	8102C4838F9E3D08DAD644290A9CB701
SHA1:	5AF1938D1327395F47C84E57B6BA7756234D2262
SHA-256:	60CEBEA4C9183F51FBD323F14DD729E18768BE4F6395467013216AE36526CF9C
SHA-512:	E8A0D6B72163E407DE82170E4560044CAE90116D1DD3CFA20F140E4379C8AABDC5BEAC6DD965D0E925CA673E41C42A858975C47F1F8152637958569D239E91FC
Malicious:	false
IE Cache URL:	https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhzQ.woff
Preview:	wOFF......[........8........................GDEF.......G...X.g.^GPOS..........2.....GSUB.............,.OS/2...\...N...`S..Ucmap..............h.cvt ...p...\..../R.Hfpgm.......F...mM$.\|gasp................glyf......3X..].,..$head..Rt...6...6.F.nhhea..R.... ...$....hmtx..R....%...>.x..loca..T........(..0maxp..W.... ... .h.Yname..W4........-5H.post..X$........D.z.prep..Z..........K..x.%....P......@:D...$.. ]!....h.....2/.$.....D.^.F..ua.].N....%>./...x..ut.I......e+..o...g.^..13333333333.-.e/.cgYAs....R.{.G..^.L......j.......R.z..D..o...~......$.`.BY.21.W.......9...f.C..(..M.!..D....1rT...w6cG.J....U.......]..>........q..jhT\l..;,M.zYK..x:.n.R...(........g)..~...Xl#`......-.#..T...]..Tw........k.7....I.....@..$..r....X.\..L......_.H.2".V... .1..."._d.#R..4c"...2> ..A..D;..e>".\|Tt.1..........8...._.K..+........Y~'r.A.....D.../..W..ob.....[.8K.8Gtq..0...\|....D.KE+.."..V.....\vr.._-.Se..=..A.1$...<.E.CL..%QB.8.9.....,.Jv.=,...%.i..:UV..U.b..]N.D..O..'...1.$.....<

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\a11y.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	3041
Entropy (8bit):	5.1840028998342
Encrypted:	false
SSDEEP:	48:Q71QdodncHcNQ4mrIVkb27X2RSc9KkNUKDANaiG5VERKIJwigTdteEdMayS:Xohvj6c6KkFeAEMbBX
MD5:	04E5A9AFA7531AFC601E9E2160544C75
SHA1:	D3EE56E25BDD1AFF9BB6A467D63EC59D68069181
SHA-256:	DD69DB050945063E092F3020E3F2D74EEDE936A5F5E723FF941E92D19BB73BFE
SHA-512:	8FA35AC9B376E6F2AF8D29120E7D6B677C351D71C158668F6B63BF74F49E83BC04FEF74ADB684DEF4B2F2731130346652323B879CA76D3ABE54CFE23DD0B8C01
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-includes/js/dist/a11y.min.js?ver=5e00de7a43b31bbb9eaf685f089a3903
Preview:	/! This file is auto-generated /.this.wp=this.wp\|\|{},this.wp.a11y=function(t){var e={};function n(r){if(e[r])return e[r].exports;var i=e[r]={i:r,l:!1,exports:{}};return t[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}return n.m=t,n.c=e,n.d=function(t,e,r){n.o(t,e)\|\|Object.defineProperty(t,e,{enumerable:!0,get:r})},n.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},n.t=function(t,e){if(1&e&&(t=n(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var i in t)n.d(r,i,function(e){return t[e]}.bind(null,i));return r},n.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return n.d(e,"a",e),e},n.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},n.p="",n(n.s=465)}({1:function(t

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\autoptimize_b503b15c1782165a0d5a49166d9a173e[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	81422
Entropy (8bit):	5.292437236701172
Encrypted:	false
SSDEEP:	1536:6I6AFKbjy64Y3PhO/DTytOXtiNzMZOX2AIucjU15v8EOrZwFRFHrpdjTg/up8wkz:gdPhQDTytmZ2UucMv8EOrZwFRFHrpO/n
MD5:	C9248A9BC93041D937B784A0A2CC3EFE
SHA1:	3D1B44F36DFBAC1C75F215C1029C474CBDC19BEC
SHA-256:	AF2F828641D4955A17FAC1C89CDF517FD67694FE76CAA291AA05A29468CB5614
SHA-512:	C2B1ED323990444C6085E4436C0F35001D12A75F3DD56C7AF74979BC869E88C8CC2121031DF1778037F6E86E8E0B62EE9D529181463B3ACF60C654B6D63AFAD1
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-content/cache/autoptimize/js/autoptimize_b503b15c1782165a0d5a49166d9a173e.js
Preview:	/! Conditionizr v4.3.0 \| (c) 2014 @toddmotto, @markgdyr \| MIT license \| conditionizr.com /.!function(a,b){"function"==typeof define&&define.amd?define([],b):"object"==typeof exports?module.exports=b:a.conditionizr=b()}(this,function(){"use strict";var a,b={},c=document.head\|\|document.getElementsByTagName("head")[0],d=function(b,d,e){var f=e?b:a+b+("style"===d?".css":".js");switch(d){case"script":var g=document.createElement("script");g.src=f,c.appendChild(g);break;case"style":var h=document.createElement("link");h.href=f,h.rel="stylesheet",c.appendChild(h);break;case"class":document.documentElement.className+=" "+b}};return b.config=function(c){var e=c\|\|{},f=e.tests;a=e.assets\|\|"";for(var g in f){var h=g.toLowerCase();if(b[h])for(var i=f[g],j=i.length;j--;)d(h,i[j])}},b.add=function(a,c,e){var f=a.toLowerCase();if(b[f]=e(),b[f])for(var g=c.length;g--;)d(f,c[g])},b.on=function(a,c){var d=/^\!/;(b[a.toLowerCase()]\|\|d.test(a)&&!b[a.replace(d,"")])&&c()},b.load=b.polyfill=function(a,c){f

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\bbb-acredited-business-logo[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	9994
Entropy (8bit):	7.950440631202732
Encrypted:	false
SSDEEP:	192:RS3PR3axpCOuo2cjaTIABK4KoDapqZ+zr9haFYDaYu7U:R0Px+COuqeIz4KSxErCF3Yn
MD5:	746928AAF6F9927E1612229789101B1B
SHA1:	5DCE32627D38471DB5BD864EE940C51693FFCA8B
SHA-256:	3C1C6C613826A7194C199FDEDED87ACEF88B5B0B4DECE835928527F51EF0F924
SHA-512:	12D13199D7360E660ED541E0705DA6D3E50D08436AA7900F511276ADB4EABBE6C0649EDE385E6C457B32A661CBE31D41B6778E8C711FF166A99BC6D8D41BC3FC
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-content/themes/Premier%20Pawn/images/bbb-acredited-business-logo.png
Preview:	.PNG........IHDR.............=..2.. .IDATx...x.e.......^ ..B.........`..V]......V.]..[.......J....5.@.-..HH.=..;..37.....a~..y...3..\|....3.A......\......0...j%.......R.+..\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y....\..Y...q.=(.j..Z........(..Y.....B....../. ..........!..7].v/H..Jj.\|g.r+...o.......8....j.^.B]....r.5M....oNo..~D.Q!%".wMK...#.?.......oo.....\|.+.#..p...$E.]......^]..:...O$......f.~.`..p..c..g{...%-..0>O..S..b......ty...P...sA.........C]K.>..j....A...f...G...s.N.S1.......T\|..W....z.^.+A......\=q..'...>Q..>....>..g.BOI.._e.a...^..W..r.$..N.ryr......W.a..6..l?..............U;{%...r...ALp......X....v'.....~8.......(i..S.....P.f..0.>;.G.../3.o..j.#............*%,.7.-.^m....t.aU(.3....v../}..C.u.A...i.].../.HG..w...Q...W&..v.u...w.+.....8.%Lzt

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\canadian-jewellers-association-logo[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 195 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	16622
Entropy (8bit):	7.979772880874399
Encrypted:	false
SSDEEP:	384:jR5GKUh08h2znbrd5bMkaFXY5Zq9EJgWrGFzijMh:jIh08hIbhmkgYmWr4zijS
MD5:	3B41DD63577E1ADD7DBEE2819FBD9F40
SHA1:	0ECE2009B80B4F4A26FA155BEFD6465CB468E46C
SHA-256:	099B0DC57F8465CDD0538229E9743B752A910CCB6752D67BEB55F0B39B0AA2FD
SHA-512:	0768FEEBAD2F18CE75661195B011D93A19BC31128F0CCB5E94298E8BF620711F315D898BB278FF81B38B02707C1466F53E1FD8753F9F0A8D519004EEE0CBF203
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-content/themes/Premier%20Pawn/images/canadian-jewellers-association-logo.png
Preview:	.PNG........IHDR.......@......[.... .IDATx..].tTW....v..D.....'...@)uZ.GiK.A..^.H..E..k..$.I.@.xv.u{.........._..s.l...#..;3...X...APw..l.3.C........!.d.O".....W........j.H. ......8..=..N}...C{,...$...4:....c...+kA......K..+.....E........`...=@......{..f..\....P__.&.....X...p.<.4..5...@.R..f....z...b1.......<...".j.........v;.....p,.2......X.V(*..N..>>PQY...v..Z.jE~.j...\.0.X,.8~..DEEA.f../F...]..... ...eYr.%.% .J.u.....6..."!.....b...X0..`6..h4.T&#..k..RA....q.....,.o$....:0...Y.#cQ]UE.....{..`......3...........Z..x...O..c^QQ.F.../(,,.OOO(,....5....~~>D......P[[.7n..0r]<.>.../....}...B!./<....St.....@@` ......xoH...+W......T...&.G....Y...z`.B..Pp-%.......7Q..`.3.f...;d..(... C.yS..H.Tz0ap..].B/9Tg..>k...;.{r6;..{...A....G...8.....'...\.^..X`.l#.4.?...9...O..L.v.-..Gk.o....+.O...KA..6..`...e...6;..n....ud.w).......1......t_a ...A.......?...s........Z.E.......q.H!.........xy....9w.d.P....\|..1.B.H.4..&!.r..<d .v..#Y..}.iF....\|......5!...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\dom-ready.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	1219
Entropy (8bit):	5.045667952574819
Encrypted:	false
SSDEEP:	24:Q775J7w/Wbiz7vBmGa1RIYTu9cwMY3l0SSCzfIZ7ksfA7YRvKe1x3:Q7z1euMY69cQiSd07khEwe1p
MD5:	77F4499F6BA18D926FAA81CF5E3F0AC0
SHA1:	20BFF9767AA636AC89E42A4C99243CA8B0C1E5D3
SHA-256:	E73356D7F272C8B109EF3B61568F5502C6F6B7FB698D4446364C9A02965F985B
SHA-512:	C4314B3BDFC697DAC74AC20089C4FBFE39C7E1EF369893C9D7EB26555C76B038E6F09B08108C432EE81F460C7FC07EE92B2666D88F058E05AC30A2AD75FCEF74
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-includes/js/dist/dom-ready.min.js?ver=eb19f7980f0268577acb5c2da5457de3
Preview:	/! This file is auto-generated /.this.wp=this.wp\|\|{},this.wp.domReady=function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=429)}({429:func

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\hooks.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	6937
Entropy (8bit):	5.138519487101676
Encrypted:	false
SSDEEP:	96:5XAm27ODCpWN/06hlDu/3+/w4XfP1RfWeru64T7mR0fp7/Rh64i:5wmoWCpWN/06hlq3qTfWeCF7nET
MD5:	3C0571406F9850BBC675F7ACC8071095
SHA1:	DCC4AB91783983909525238B59646BFF64D91891
SHA-256:	21A9753C3327BF6348A1E76B45A2A620694F77283564C6728068467CF1B3868B
SHA-512:	E863E6793FE0A59DAE631954B04786DD1B825199E8E932A74FB664EEBBF1322CB406099FF70DBE5F34C02338C713748294067B5A8C0BCD74B5C9813BC27261FB
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-includes/js/dist/hooks.min.js?ver=50e23bed88bcb9e6e14023e9961698c1
Preview:	/! This file is auto-generated /.this.wp=this.wp\|\|{},this.wp.hooks=function(n){var t={};function r(e){if(t[e])return t[e].exports;var i=t[e]={i:e,l:!1,exports:{}};return n[e].call(i.exports,i,i.exports,r),i.l=!0,i.exports}return r.m=n,r.c=t,r.d=function(n,t,e){r.o(n,t)\|\|Object.defineProperty(n,t,{enumerable:!0,get:e})},r.r=function(n){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(n,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(n,"__esModule",{value:!0})},r.t=function(n,t){if(1&t&&(n=r(n)),8&t)return n;if(4&t&&"object"==typeof n&&n&&n.__esModule)return n;var e=Object.create(null);if(r.r(e),Object.defineProperty(e,"default",{enumerable:!0,value:n}),2&t&&"string"!=typeof n)for(var i in n)r.d(e,i,function(t){return n[t]}.bind(null,i));return e},r.n=function(n){var t=n&&n.__esModule?function(){return n.default}:function(){return n};return r.d(t,"a",t),t},r.o=function(n,t){return Object.prototype.hasOwnProperty.call(n,t)},r.p="",r(r.s=451)}({15:function

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\i18n.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	downloaded
Size (bytes):	10166
Entropy (8bit):	5.277279427056485
Encrypted:	false
SSDEEP:	192:To5isb3ZbL8IV4eaBOvTQqTqR34cgFDvHtx9Ng9U7412w/:Fsb3ZbLn0stfDvHtx9Ng9U7412M
MD5:	704D7010E98873DC0852D3B75FBD5F1E
SHA1:	17018B06E036A1241A07AB23C024078B51283B2A
SHA-256:	1FEF7A46A32609D5704FA770E930A73ECEFD399E367BF8A2D0B6E18292126BEF
SHA-512:	A73218FB470CFD4E7118EEB7A92259CEBB1766EF22F710FE0A15D274173819A15FC3AC1BEC7C778F08DB7A4C59A5560AF005456B2814E4B405A5657EED230318
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-includes/js/dist/i18n.min.js?ver=db9a9a37da262883343e941c3731bc67
Preview:	/! This file is auto-generated /.this.wp=this.wp\|\|{},this.wp.i18n=function(t){var e={};function n(r){if(e[r])return e[r].exports;var i=e[r]={i:r,l:!1,exports:{}};return t[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}return n.m=t,n.c=e,n.d=function(t,e,r){n.o(t,e)\|\|Object.defineProperty(t,e,{enumerable:!0,get:r})},n.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},n.t=function(t,e){if(1&e&&(t=n(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var i in t)n.d(r,i,function(e){return t[e]}.bind(null,i));return r},n.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return n.d(e,"a",e),e},n.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},n.p="",n(n.s=456)}({207:function

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jewelers-of-america-logo[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 209 x 124, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	8426
Entropy (8bit):	7.967081197489201
Encrypted:	false
SSDEEP:	192:BqPDbrCvXJnjzBCdIXdx5yCofWDNFAT1IB3CUGSMs3PHoSXu:kfWPhfBCedHo+DUqG5sPoSXu
MD5:	C50BBAA27133422BBC783D9D44D7B800
SHA1:	16876BE49786890B5ECBDC5D0213A28ACD19C5BE
SHA-256:	59AC4B6A529FE7F008B4CCBD4E6D6A1F6446B4AE47AAEBF5E02B08A35FE8ECE3
SHA-512:	A581FF6969B6C6B5914987CCFB401152DCD2B589DE43980C26C50FA432D9B4F473A7A384B218CB7122C30D4FA6442C19F35D97D71AA58BC865F159776F7E8402
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-content/themes/Premier%20Pawn/images/jewelers-of-america-logo.png
Preview:	.PNG........IHDR.......\|.......U... .IDATx....]U....{.%CBB.%.&]....X?.. H....\..\|.)/...B....R...D.......H.5...d2.......s.S.d23a..:..Svy.....Di..P.z.TR..;...0.k...`T...`..C..\.....z.W=.......h..P.(...F......B...=....m..x.BE@.(.\V.\....@.....T.).lQG{.z.{.I#EQ..@..z.\.R)U...A..5...SOSCC......BL......:..o...gk.Y....K..di."X.q...r.(.....B..R.&@?..n.=Wmm.4s..T..H.. <#.`...L.(U'V9.(.+.t.Y.../W{[.......W.g.S...AZ..B4.`.....T.I..I..~...].bo.......$..;...".s....Cd.z..a.+.78.Z...3O;W...>}+566..K...-..:@..q.b.Wi..X..+R.....6.s.i...,m..fJr.......4aB....G..q.\|..b.R.Sc...[...;...w.]...Q5.Z.....N%I.b......A......&.'.!Jt.........-.v....ISU,.\......B..A....I..z.Ku..W.(m?kW%Q.......N...)....h. .....:.J.B.q/....\./.p....h.mwUo9RO.(%..).Ga&u4.R.c...]v.7.\|[.z.=....4U.?.9s..5.]..3.VSS..:z.8V.:{.)....r.#..CE....k.....t........M.....]k.[0@....9...)..U.$..:...8..R...XB..1..r.\[..:.U..Z......;7.:K...P....v..K.>V(.?c....9DN...bm.iOOec.....;......QT&J+.8^.'(`.!.Q@.0..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery-ui[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	32046
Entropy (8bit):	5.078852773745703
Encrypted:	false
SSDEEP:	192:Q1StQYpyLPMN1r0sNJdBJU39Mfe3zYZQY+w+ea5Y6B2SmNUm2T8Bw558OV4v9i6V:GYpyLPhOozk1nek+Tx5HVfzS25Sfp
MD5:	D172B560B073F3BC42FEA160BBFF96A2
SHA1:	680D2ABBECD20E970F207E9FDF85E996D5E72580
SHA-256:	9C286C1A80773A8C752FFC323AEC348776F86AB242A4E58636B87F376E0853B1
SHA-512:	9538E5ADEE6EF0262415E92424C09610B69B4F02CD2FF4EBA5470945EE8648EA6D411386751F0F1A7AB2C851D7926A8638EC96DEAE39D27C1B87036B13CB042B
Malicious:	false
IE Cache URL:	https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/themes/smoothness/jquery-ui.css
Preview:	/! jQuery UI - v1.10.3 - 2013-05-03. http://jqueryui.com.* Includes: jquery.ui.core.css, jquery.ui.accordion.css, jquery.ui.autocomplete.css, jquery.ui.button.css, jquery.ui.datepicker.css, jquery.ui.dialog.css, jquery.ui.menu.css, jquery.ui.progressbar.css, jquery.ui.resizable.css, jquery.ui.selectable.css, jquery.ui.slider.css, jquery.ui.spinner.css, jquery.ui.tabs.css, jquery.ui.tooltip.css.* To view and modify this theme, visit http://jqueryui.com/themeroller/?ffDefault=Verdana%2CArial%2Csans-serif&fwDefault=normal&fsDefault=1.1em&cornerRadius=4px&bgColorHeader=cccccc&bgTextureHeader=highlight_soft&bgImgOpacityHeader=75&borderColorHeader=aaaaaa&fcHeader=222222&iconColorHeader=222222&bgColorContent=ffffff&bgTextureContent=flat&bgImgOpacityContent=75&borderColorContent=aaaaaa&fcContent=222222&iconColorContent=222222&bgColorDefault=e6e6e6&bgTextureDefault=glass&bgImgOpacityDefault=75&borderColorDefault=d3d3d3&fcDefault=555555&iconColorDefault=888888&bgColorHover=dadada&bgTextureHove

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.ui.touch-punch.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	1291
Entropy (8bit):	5.2438790660600905
Encrypted:	false
SSDEEP:	24:NVNdp+zAgbf6E5Cbx7pCHHrw6dJElttJQSXxtR/MSFQEIYiQEHfn:NVNd8YtgFEJkVEImE/
MD5:	700B877CD3ADE98CE6CD4BE349D81A5C
SHA1:	C1C36E6927436231EB20474356B29667C4C648AA
SHA-256:	000854D782781AFF1B16EA5451C1DA3D07EFADD35AB911CCB7E4B851571A25BD
SHA-512:	D1B12D2B451235DF7A3273B85E11FC8E1BF79F2445D1E2BCEE92647BAA6461FDDC334B83221349CBD96DBB3AA0CA9A08157C37252BA2CB4E2D564E008E965D67
Malicious:	false
IE Cache URL:	https://cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js
Preview:	/!. jQuery UI Touch Punch 0.2.3. . Copyright 2011.2014, Dave Furfero. * Dual licensed under the MIT or GPL Version 2 licenses.. . Depends:. * jquery.ui.widget.js. * jquery.ui.mouse.js. */.!function(a){function f(a,b){if(!(a.originalEvent.touches.length>1)){a.preventDefault();var c=a.originalEvent.changedTouches[0],d=document.createEvent("MouseEvents");d.initMouseEvent(b,!0,!0,window,1,c.screenX,c.screenY,c.clientX,c.clientY,!1,!1,!1,!1,0,null),a.target.dispatchEvent(d)}}if(a.support.touch="ontouchend"in document,a.support.touch){var e,b=a.ui.mouse.prototype,c=b._mouseInit,d=b._mouseDestroy;b._touchStart=function(a){var b=this;!e&&b._mouseCapture(a.originalEvent.changedTouches[0])&&(e=!0,b._touchMoved=!1,f(a,"mouseover"),f(a,"mousemove"),f(a,"mousedown"))},b._touchMove=function(a){e&&(this._touchMoved=!0,f(a,"mousemove"))},b._touchEnd=function(a){e&&(f(a,"mouseup"),f(a,"mouseout"),this._touchMoved\|\|f(a,"click"),e=!1)},b._mouseInit=function(){var b=this;b.element.bind({touch

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\kelowna-chamber-of-commerce-logo[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 136 x 120, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	18508
Entropy (8bit):	7.980370217310652
Encrypted:	false
SSDEEP:	384:r2O/h9HPT5/ubOlToDGlv5PB7lxCt8UGpz5D7FRHM8C4AaeS+C:SIPkbOdRR1lxA8UWl7FRHM8EaeS+C
MD5:	DF1899B2D4103EA8ED42F6B0FA32AF11
SHA1:	580EF55A79E8D4C493ACC7ACA1ABB5A4B098A50D
SHA-256:	5BDC1056C971B2A08979446CCE9088246535024043FF4EBE12AC286BCC1CB35F
SHA-512:	0E356552C740414961FADA71CCA26D6BCBB4024314CC99282C9559A5BEEE2A6B3BFC10F5A3664AD0EFFBE24AECB0F82D1FD90BB7B8B1EB151366B2150B7F3482
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-content/themes/Premier%20Pawn/images/kelowna-chamber-of-commerce-logo.png
Preview:	.PNG........IHDR.......x.....)(.K.. .IDATx.....U...3.n.n..$....A:.w..A.+.........bA@...A.A.5.. ....M...Wg...}s^..n.M0...3yo....sO?w.j.:[R..(.r...H..lUJW%.Im>.R%..QE.....H.1.R.$.^.9=...RA.<......{.G.;.R&.t\R.....Z..E..i.M7...O..M.h.(.....$.+...j.-]...).J.-..8^U.....%..@..!H.\..T\.!F:.j........T.\....#....z....{....UPJ..*.....)R..+J..T..j.W.b.RQY.\..Z...vSu..;i.....\-.P....iU.yE.6...P........tI.X..c.+. T%.Ei........J.esmJ.mn.%I.?.P......>=..Lu..K..)."..jnU>.r..T.JAP[.8R....U..U.E.N....j.M&..C........<SVT..P.lZAZ..J.....Y...Y.XA8.P.X-.\.57A...Y..O.....B5+.C)LK..l..LNQ.0.(L..U......d9cG.BG...\|.S..).u.......v.R.;....T.....%...... ^u.....X..P.........B.$...G..+......W..J.6T.:F.T.(..W#.Q..^.He.<..".........Pa:. .V.....X.6.....%.j.LE_..{...7S+3......).....Y.....%....ew'...J..j..L:.j5.L.#.v.y..t..35..9.............U..H..R...B...jmiRs>.\:P:..P........+.T.8.2y.G.R.1.U..L...K.T....eu.a..s...../R..4)v..*.#o Hc.....}.Azz.....t..ZT...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\national_pawnbrokers_association[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 150x81, frames 3
Category:	downloaded
Size (bytes):	4189
Entropy (8bit):	7.8567599939033865
Encrypted:	false
SSDEEP:	96:7V2EbMF7U3KZx3JzFj+I0qTrcO0TVIrnOmH6UdosAZ:7V2wMF7U3KZxFURqfcXhIrn99K
MD5:	10A7AF9B6BD4D25CC9DFE6A91E2974E5
SHA1:	001A280A4A8B8D9B312DB306729E3BB1E768CB87
SHA-256:	8651E1902EE0EC7F2145A72D07F474B9D2CB4F996F8BF5FB101E1BED7C651D85
SHA-512:	E80C6AA0230EA53925F73BE43CD1950D8CA7A7172E26E8847F104ECC767AA85812BB92B60E1E7B70B46306AB3EB009C47946544CA24370F32E2EDA6F76795797
Malicious:	false
IE Cache URL:	https://www.premierpawn.com/wp-content/themes/Premier%20Pawn/images/national_pawnbrokers_association.jpg
Preview:	......JFIF.............C.....................................!........'.."#%%%..),($+!$%$...C...........$...$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$......Q...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?....(..e.NFF885._.}_..<I.6>.......+....I.0}..Z.....[...^..,o.#..E....Z.g.d..rN.....8..!.o..Io,..D...m..s....pk.A..._.x........\|.......~....5......K..-9\|3.O.J.?..s..C........$\Uz;u..3./..I..O.=#.>.....ui,.^..;.z.k.............v..../.k.S..8>.r+.....z..=z.Q.u;.4.C....7h$..q...Yl+..rj.l.%.t..v..F...c...2/....G.#.3...........~....`,.'.....r...j/.Z..j7.y{=. ...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.0.10[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	3122
Entropy (8bit):	4.51040969910744
Encrypted:	false
SSDEEP:	96:dD9BD9aD9ZyggP7PAbDHB0WaD9eD96wD9ecD9yD9MxDlIrFOD9EwD9fD9EV:d/wrygvDRa00w0c08PWw9WV
MD5:	C3986BD997243B723A4CDEA6B39124D5
SHA1:	AF8946A604320883B32B41A78B0047964C3E0FBB
SHA-256:	4C367CEB6E5D3EE2996E8332416BE60470CB1E4B6E57A693109643548DECD06F
SHA-512:	7CEB581FCE3BC70A326283D732DB2E4EC0C8A869AEC14FB0AE280A04DF9B7D2DCEF5AF5CAE9E502199CAC7FEE6412A440A9D3A29AE676EAA0F96664058AF1E2A
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.0.10.eot?
Preview:	2.................................LP.........................w.>..................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._p........GDEF.*..........OS/2FcR....X...`cmap...........Jgasp............glyfW......$....head..........6hhea.B.F.......$hmtx.j..........loca............maxp.N.l...8... name............post......x...B.....K..>.w._.<..........v\|D.....v\|W...............................................................i.................@.........`.......L.f...G.L.f....................................PfEd...............T.........:..... ...............@.........................D...........(..........................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.0.11[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	5826
Entropy (8bit):	5.727545426330368
Encrypted:	false
SSDEEP:	96:VD9BD9aD92KpSXgfraVo4+ZgSbVbFEQDvvC9tpsqk8aZ0WaD9eD96wD9ecD9yD9c:V/wcKpSQfrn4+ZjeQDvvOtpi1Ja00w0O
MD5:	08A0E1D6F6F43DB6D3DB1892BD305EC9
SHA1:	32339D6024BB5F6B7B3B0871B89DB4AD8C9DF4CC
SHA-256:	D42A43961B51EEE05616234A861DB1988A4EAEFCBD353140C8D8EC03DDBDF0D3
SHA-512:	77332328674BE24D5BA1C5CA5F13D0FA9D8B5AF7A8F36B0C0EF5186D15F040C94461FECD4E699F9588986FFD0E1A9C7BD926BBEECB6EAC85DD6366FF8A34D604
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.0.11.eot?
Preview:	..................................LP.............................................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._p...t....GDEF.*.....T....OS/2C.RG...X...`cmap...........Rgasp.......L....glyfj<.#...t....head.F.........6hhea...........$hmtx.j.........Dloca...`...P...$maxp.Y.v...8... name.......T....post?}u........p.....K......_.<..........v\|D.....v\|W...............................................................s.................@.................L.f...G.L.f....................................PfEd...............T.........:..... .........................................................................................L...........0..........................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.0.12[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	6918
Entropy (8bit):	5.675327112258697
Encrypted:	false
SSDEEP:	192:9/w8zTh2OuO4kLva015XCGMXtPyUbRGu0a00w0c08PWw9WkT:zzTi2va015Sftt7U
MD5:	F31DB407541733F43736949D409E4540
SHA1:	386C3EFE472A1587780012F310A26782676A5EC9
SHA-256:	93F6519BE08B758D70019B064A2E497C9645EFD249F508C54B8AAC7D7BE1AFEB
SHA-512:	CF0C5A17576CE33458DB64BB8ED73018D7544F9530B6615E2E143C6EF583B1DFDEBE9E545D430D26AA7F022DFB2A245407A61C1D647FA045FB353CEA224ECAE0
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.0.12.eot?
Preview:	..................................LP..........................d?..................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._p........GDEF.*..........OS/2F.Rp...X...`cmap.B.........bgasp............glyf.......\....head...........6hhea...........$hmtx.o.........(loca.......D....maxp.Y.@...8... name.......p....post.=-..............K..?d.._.<..........v\|D.....v\|W.....E.........................E.....E.........................=.................@.................L.f...G.L.f....................................PfEd...............T.........:..... ...............E.............................................\...........@......................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.0.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	2874
Entropy (8bit):	4.251880577991298
Encrypted:	false
SSDEEP:	48:ftwD9WGD90lD9ctiX8wdC56bU0uTaD9W7D96wD9ecD9yD90ZxDlIrB5FPmD9EwDl:uD9BD9aD9ctiMw85iU0WaD9eD96wD9ec
MD5:	0A9AD461F4BD618F6FCAEAF960851E6C
SHA1:	CAEC36191A304F78A275C52290048040EF17B52A
SHA-256:	9BD7A418AA6A4A1FB455BF37C4D00E43E557A128288D91BD50FD44AA08AA3312
SHA-512:	0039C73778D4075D5A4D8A654F6CB45E9E1A3A22D8A55D1B04F6C888F604282DF62035D1D263C254394FC02709DAED3D47D06240B58D29CCF2215A5416D47B2D
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.0.1.eot?
Preview:	:.................................LP..........................3...................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._n........GDEF...........OS/2B.Qs...X...`cmap...p.......Jgasp............glyf.`(^...$....head.f.........6hhea...........$hmtx.z..........loca.(.h........maxp.J.2...8... name............postG.....\|...F.....K...3.._.<..........v\|D.....v\|U.............................................................../.................@.................L.f...G.L.f....................................PfEd...k.%.........T.........:..... .........................................D...........(...........k.%.....k.%....................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.0.3[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	7866
Entropy (8bit):	5.905265227445293
Encrypted:	false
SSDEEP:	192:k/wluplidg+tAPdTChvekjuXKgPnGdft4a00w0c08PWw9W7Nx:xupsd6P1ieuoK6nGdLdNx
MD5:	5264CF81E914D345DBF38FD0E4B6E6EA
SHA1:	D43751DFC245A76FA891F1B2C0BDD3B8B2972B70
SHA-256:	730374A8D9BC03D8815CAB74595AC3B3A236CB3A7863F64F347EB3558F3F139E
SHA-512:	462EEF241AC63ED5DE9582233E7BCCDEAFEE589FE45A0E4DEF0E1CDF07268150424DE5D7C891CDE5D856D44628BA7967FB8A7D7AF725A4E8926BEA7F1EFAC9CD
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.0.3.eot?
Preview:	..................................LP..............................................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._o...l....GDEF......L....OS/2C.Q....X...`cmap.V..........gasp.......D....glyfy+aD........head..........6hhea.B.V.......$hmtx&..V.......Vloca)$.........maxp.a.....8... name............postr.;...<.........K....._.<..........v\|D.....v\|V.................................................................................@.................L.f...G.L.f....................................PfEd....1.........T.........:..... .......................@...................................@.................................................................$. ...........................#.).1...........................#.).0...v.O.........X.w.R.A.:.6.4........................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.0.5[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	3470
Entropy (8bit):	4.794221410004019
Encrypted:	false
SSDEEP:	96:8IYD9BD9aD9rjpjUWiPt91fsF0WaD9eD96wD9ecD9yD9MxDlIrFOD9EwD9fD9Eh:8IY/wtpQ91fca00w0c08PWw9Wh
MD5:	FE04CF23C97F84B697AD9463E066804B
SHA1:	CA7F0100851B74E4CE3326A42B4DFCA9D104F6A9
SHA-256:	9F1B082E731B1319F9FFED44DA7B0523C997BD48460FABE7A4BC96C0DD939D09
SHA-512:	11B12744495E9DE12E9C717B8854C9AFAA315B0A8EDA50D47122101711B02B80B74D33C2995A5F1A843AEC07344A43ECD05B2472B2BEDBEA1FD4D7E77ABF9F6F
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.0.5.eot?
Preview:	....\.............................LP...........................U..................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................`FFTM.._o...@....GDEF.*..... ....OS/2E.R=...h...`cmap.q.........Jcvt ...D...(....gasp............glyf.._=...8... head..........6hhea.F.E...$...$hmtx............loca.......,....maxp.N.....H... name.......X....post.P.........5.....K..U..._.<..........v\|D.....v\|V.......x.........................................................................@.................L.f...G.L.f....................................PfEd...R.W.........T.........:..... .........................................D...........(...........R.W.....R.W....................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.1.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	4402
Entropy (8bit):	5.354649370576883
Encrypted:	false
SSDEEP:	96:MD9BD9aD9LPZPBzsPhUQF/Aec0WaD9eD96wD9ecD9yD9MxDlIrFOD9EwD9fD9EHJ:M/wtPZZQP6S4Ba00w0c08PWw9WHJ
MD5:	384C5D32B664220FD93584679ED4564F
SHA1:	C2AC821E3522F4A323300191867E87956C5293BC
SHA-256:	AFBC05385E0602C5A2E51A7F987D085007C16D6AE82AC0C108B1005CAFF68022
SHA-512:	DE56013DD112391BBC3162BEA16521D208CA3CAE5C54F72E9D40F185672E7CDE066DFFB42EFF70912D56D7B628050B32721EC63EA6F255512AF7FF6866A5217D
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.1.0.eot?
Preview:	2.................................LP..............................................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._q........GDEF.*..........OS/2C.SZ...X...`cmap.d........jgasp............glyfU..$...\...lhead..........6hhea.D.J.......$hmtx...........$loca.......H....maxp.Q.....8... name............post.......P...i.....K......_.<..........v\|D.....v\|X.................................................................................@.........%.......L.f...G.L.f....................................PfEd...^...........T.........:..... .........................................................d...........H...........^.u.............^.u...............b.H.;.9......................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.11.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	4258
Entropy (8bit):	5.25752141251496
Encrypted:	false
SSDEEP:	96:slYD9BD9aD9KaRqjmLFwp6eMUqtENEEpZ/Z0WaD9eD96wD9ecD9yD9MxDlIrFOD0:sG/wAuqwwQaNEEpZJa00w0c08PWw9WUM
MD5:	239985D338698B821D4153AE15D27524
SHA1:	D0A533F063EC04EE67A4B123A20774E5CA77DB71
SHA-256:	CC7B225FCDF6FC1520FE286E1E6DC24CC5DAFCBC1F00060F78B125321FEB50C4
SHA-512:	C93786A75402ED95FCD617A476118465FBDD8AA363D99ED9EDFAAF91DEA59A9D1A95B37896CE9EC932725F2BCB42414BFD5B32C7D0E649283372ACDC8F5F95CC
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.11.0.eot?
Preview:	....p.............................LP........................!..'..................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._v...T....GDEF......4....OS/2F.VM...X...`cmap.M.........jgasp.......,....glyf..$....\....head...........6hhea...........$hmtx..........$loca.......H....maxp.Q.....8... name.......D....postj..........`.....K..'..!_.<..........v\|D.....v\|].....9.........................@.....9...........................................@.................L.f...G.L.f....................................PfEd...............T.........:..... ...................@...@.................................d...........H...........................................^.;.4.&. ......................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.3.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	2914
Entropy (8bit):	4.278841069627843
Encrypted:	false
SSDEEP:	48:n/JWD9WGD90lD9DJVoRKT1G0uTaD9W7D96wD9ecD9yD90ZxDlIrB5FPmD9EwD9fV:nRWD9BD9aD9D/oRKA0WaD9eD96wD9ecr
MD5:	4D06B2B3AE3F10133099DFE40ECB38AC
SHA1:	F212653222AF5E9C2FB140A2B67AF92805AF32AB
SHA-256:	092BE6092EE0BC4E2359BFC5DC322561AC504C43CEF75DFC9C50134BE6568231
SHA-512:	256FCA23E83D7828AB6895ECEA7970524B6D54C934F777BC3A96483DE7A80F9E309261D71699EBE7B057F9DB840133A267224BB17BB06A41BED9802CAD8501DA
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.3.0.eot?
Preview:	b...0.............................LP.............................................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................`FFTM.._q........GDEF.*..........OS/2G.Sh...h...`cmap...........Bcvt ...D........gasp............glyf.:....,....head...........6hhea.......$...$hmtx.@..........loca...T... ....maxp.H.o...H... name.......0....post.Mv........1.....K......_.<..........v\|D.....v\|X...............................................................>.................@.................L.f...G.L.f....................................PfEd...B.B.........T.........:..... .....................................<........... ...........B.....B............................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.4.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	6794
Entropy (8bit):	5.539779205830247
Encrypted:	false
SSDEEP:	192:T/wiYmkU+pk4ylWvwsyDU9BokPa00w0c08PWw9WjZI:roiU+OSPJZI
MD5:	2C20AC8AA5C468C2980E3E48EDD1FEF0
SHA1:	43A24D1D121D0AE4A4647963627252B11AEAE4F9
SHA-256:	9B70B38FF32AE0748EBEF072E6C52A1CC14804CA927AAFF19F7B1C2E8285A9DC
SHA-512:	8729651600BA4FEBC4C3BFB54362075E884E3C8A63C3ECD223705CE67371714EAD501CF95719FA68743721C6BCAF98843B30A318D86B17FB7261DDD97EE3BD12
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.4.0.eot?
Preview:	....X.............................LP..........................\...................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._r...<....GDEF...........OS/2F.T....X...`cmap...........jgasp............glyfq.8....\....head..........6hhea.D.I.......$hmtx.Z........."loca...(...H....maxp.e.....8... name............post.k...............K...\.._.<..........v\|D.....v\|Y.................................................................................@.........2.......L.f...G.L.f....................................PfEd.....0.........T.........:..... .........................................................d...........H.....................0...............0.....:.9...........................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-brands-400-5.6.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
Category:	downloaded
Size (bytes):	6318
Entropy (8bit):	5.7403509869523
Encrypted:	false
SSDEEP:	192:g/wv0gnU6y5YhLqbZW+abTa00w0c08PWw9Wfd:30UMpZW+9Nd
MD5:	3D4D61610A652AC557DCC156BB7FAFFD
SHA1:	23D1A17EDAF60937090ADA5EA86DAA389949C42E
SHA-256:	BAF80AA214BAABFF1BA70F8DA941D308DBAE3B2110762A5D36233591559DB4BC
SHA-512:	8F8E1389F296F2E3837C11E31F0A4169ADFA26E1DC5093365696EB0AEA1711EC2620B83E31296424998D4AE1C8A3AFA61B6C65CC0E7981244FA969924AA0907F
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.6.0.eot?
Preview:	....\|.............................LP.............................................:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...:.F.o.n.t. .A.w.e.s.o.m.e. .5. .B.r.a.n.d.s. .R.e.g.u.l.a.r................PFFTM.._s...`....GDEF.*.....@....OS/2C.UL...X...`cmap...........gasp.......8....glyf..........phead..........6hhea.>.O.......$hmtx...........:loca..."....... maxp._.n...8... name............post%................K..._.<..........v\|D.....v\|Z...............................................................k.................@.................L.f...G.L.f....................................PfEd..............T.........:..... .............................................................................................h............{......................{.......................x.v.p.Y.X.Q...+......................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-light-300-5.10.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	23970
Entropy (8bit):	6.311989887474906
Encrypted:	false
SSDEEP:	384:RfW2tydT/CGqcbVNSERm5GU7aJXLLD5fOh5jsanC/nCmy28f:RfrtydTKG3VNJm5GO+D1OhRsanC/nCmI
MD5:	56494F4A43BECA0B226FDAC2B5843722
SHA1:	24651B8660C37317D455548CCFA7D93ED588ADD7
SHA-256:	2FD64B9B53077FE621A43C7A4363CB177EB8DA6DBDF60A0A1DF441313DF6248F
SHA-512:	28FD9E0E5D8065C11E258A5D3D1AC2B36411CE559EDF1E83BF5CF890BFB098799D60B9B7A65A084B69BF66CEB1938FBCA1FA55F477A2F3EA2254847D8D3DCA18
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.10.1.eot?
Preview:	.]...\......................,.....LP.............................................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._...\l....GDEF..^..\L....OS/2AT%...X...`cmap...4.......Jgasp......\D....glyf.#Q>......K.head..........6hhea.H.........$hmtx...........\loca.,.....`....maxp.......8... name~%Gs..S.....post.]....X ...#.....K......_.<..........v\|D.....v\|h.......................................................V.....X...................@.........".,.....L.f...G.L.f....................................PfEd...............T.........:..... .....................(.............................@.......................@...............................@.......@...@...@.......@...........@.......@...............@....... ...@...@.......@.....................(...(...(...(... ... ... ... .@...............@...@................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-light-300-5.11.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	35570
Entropy (8bit):	6.309494646220298
Encrypted:	false
SSDEEP:	768:6dPv8eYV4BSzf+8Dcfyz2p3zFc+3EYbXLu+RyqxPilKXPJDP4:iX8eYV4Bw+86rp3zFckEYXLu+RyqxOKW
MD5:	551F54A7C114C2DEAEE83F41BCB63EDF
SHA1:	6A5D10ED1D69E271A7C10A6043210531042DCAA1
SHA-256:	023CAE08B7F16579FFC35574CD79420260A260F216BB5D2886EC9D16C2B8A714
SHA-512:	AC382E1E63AFB259F299AA25FB6DE6BD7D94E7D37A62106C94BAF6E414F305F97389A4153D13A3EF00DF71C1952542DF7782B2C95DE040047D3DDF5E4C783A4B
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.11.0.eot?
Preview:	..........................,.....LP.........................z(2..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._.........GDEF...........OS/2A+TV...X...`cmap.5..........gasp............glyfy.;.......v$head..........6hhea.A.........$hmtx.v..........loca..........maxp.......8... name~%Gs..}.....post.................K..2(z._.<..........v\|D.....v\|i.................................................................................@...........,.....L.f...G.L.f....................................PfEd...............T.........:..... ...............................@...................@............... ....... ....... ...............@...@...@...@...@.......................@...@....... .......................................................................................................@. .@...@.......@........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-light-300-5.11.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	24914
Entropy (8bit):	6.354993984969343
Encrypted:	false
SSDEEP:	384:Z2ENAdNvI8Bc/LdG9TlZVECapMNydMMFcCvjmo4W0Yc6ComjvHdk:Z2E+Y8B0Y9hfklcCvyZUc6CbjvHdk
MD5:	7A38B5F64539B8E70A121B6E4FCA276B
SHA1:	D5316BEDACA9FE5DF019DAA3EB4B66A7C625B1DA
SHA-256:	FB2D17E99A7D30C9900F8B377D0255E9E1A643E1F22A28E6B9A0F2217024CE04
SHA-512:	1B4ED673EE3AA53AFDB6DFDBA06BB462E851B411070F2FE581A9463F1CFC60AC6A1E211B1F257792B2977A27F4DA97CC0C515B5D1013D1E6095A6AC274A210C8
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.11.1.eot?
Preview:	Ra..8`......................,.....LP........................w.GH..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._...`.....GDEF.*.g.._.....OS/2A7T<...X...`cmap.K.....<...Rgasp......_.....glyf.......T..N.head..........6hhea.@.........$hmtx.w..........locaN;b.........maxp.......8... name~%Gs..U.....post\|.,...[..........K..HG.w_.<..........v\|D.....v\|j.......................................................`.....a...................@...........,.....L.f...G.L.f....................................PfEd...............T.........:..... ...............@.....@...@................................................. ... ................................................... .......h...........................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-light-300-5.12.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	14206
Entropy (8bit):	6.197077104183964
Encrypted:	false
SSDEEP:	384:79q5BN4Ti+S2tomK8WLEjHw2qdPUwap2QKMmT+kI:79qtaisS4vqe+MmjI
MD5:	903E01CFFCED70A914AC8DEF60C4CE25
SHA1:	D474EB505406422CB38FC15303B3C6059993A275
SHA-256:	C07F48FBC8136D5101D92B8DAA7F780CC20DEC46268352B03C3FB66A542B8C27
SHA-512:	22DE3F3644765A8BDEFD507DECD489E467DB4A454C23E5520DE04C40D8BA121E35B3F4D8052638DE6AD3703AF59E6B6592EB82A47501434C6258FBD63E0C97F4
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.12.0.eot?
Preview:	~7..d6......................,.....LP...........................n..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._...6H....GDEF..0..6(....OS/2B_Ts...X...`cmap.....`....gasp......6 ....glyf2.w.......Phead..........6hhea.:.k.......$hmtxR..E........loca.....L...Vmaxp.}.....8... name~%Gs........post...{..4..........K..n..._.<..........v\|D.....v\|l...............................................................................@...........,.....L.f...G.L.f....................................PfEd...5...........T.........:..... ..................................................... .................................@. .@. .............................@.......@.......@................................................................... .....5...Y...".$...D.......X.f.r...S.b.../...........5...Y...".$...D....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-light-300-5.6.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	22126
Entropy (8bit):	6.2634168225211635
Encrypted:	false
SSDEEP:	384:128EZChdrJIzsuQgC38hkTKOjNyOaCsqgAr34w+USS+P+ck7r1T+DKByh:128EZ4czF9C3VKAyC+AreUSSs+ckBIKQ
MD5:	7BAA191430D17E6B0C6AA754BE08927C
SHA1:	B2E80A6F71C02856A5DB72CD1F7478E326CFC20F
SHA-256:	973EF3FAE8D78275F3E0A1E2125379632EED4567402609784CB8CAAC8D3853A9
SHA-512:	BC91145D6040728BF663515D89DC55AE44820BE88BE2734966FFF6F9D8FE6FF28DE939E7C97A8D5A9F970443C752F0239681334628D157BCDDE7E282E6EB5247
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.6.0.eot?
Preview:	nV..TU......................,.....LP.........................G....................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._z..U8....GDEF.*.H..U.....OS/2A.SW...X...`cmap.0.p........gasp......U.....glyfq.....L..G.head..........6hhea.;.........$hmtx............loca3j".........maxp.......8... name~%Gs..L.....post..5...Q..........K....G._.<..........v\|D.....v\|a.......................................................B.....B...................@...........,.....L.f...G.L.f....................................PfEd...k...........T.........:..... ...................................................................@...................................................................@.......@...@...................................................@................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-light-300-5.7.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	2822
Entropy (8bit):	4.324198522085315
Encrypted:	false
SSDEEP:	48:KD93GD903D9xd095+8u8DZWFpdLalPrD9W7D9BRD9NJD9QD90ZxDlSB5FPmD9nRm:KD9WD9MD9xq95+8bVWJKPrD9eD9HD9Nm
MD5:	A34D256BF38EDF575612569F1811D361
SHA1:	AD36071BB7774DD4DE69684A826928CB5C321065
SHA-256:	8380346CB2C1C5DD0BD203D70ACC8E7708F354DBE73AE4A105FBFA3AB48ACE9C
SHA-512:	2F010C2BEFB1D523923BF60BF6CE221F9E3382FEF482142B539BA5F71EB97204C306277031E864CB5405832BF6E1C25D34A00E25555ABE2F6B5B4CEFACAC8457
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.7.1.eot?
Preview:	............................,.....LP.........................`....................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._~........GDEF.*..........OS/2I.SW...X...`cmap...........Bgasp............glyf..........@head.U.........6hhea...........$hmtx............loca............maxp.N.q...8... name~%Gs...X....post6.Yd...p...7.....K...`._.<..........v\|D.....v\|e...............................................................n.................@...........,.....L.f...G.L.f....................................PfEd...............T.........:..... .....................................<........... ......................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-light-300-5.8.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	4458
Entropy (8bit):	5.45571377874592
Encrypted:	false
SSDEEP:	96:5D9WD9MD9kdeX/ENqRZS+oy39KPrD9eD9HD9NJD9QD9MxDloFOD9RD9ZD9JL14:5k+OO/ECSHyI0ZTJG8hrTv+
MD5:	2D376CFE57CDFDC0CAE01A95E4C46F8A
SHA1:	BCC9663EB695FA6F6976BDEC31A384539C53C51C
SHA-256:	92B579CDC9E073DA0A5807AD251E885D46F5E52D9439073F9700BD7652462388
SHA-512:	782E9BB7A52C0A7C8AB8B6C6E2BD36A391569370CF4FA872DE05EFD5432941ABED73C08C48831B0AC865E11E61BA93332D5CC2C238E20BEDD6A90EA19B1A8488
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.8.0.eot?
Preview:	j...P.......................,.....LP........................)U....................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._~...4....GDEF.*..........OS/2AHS....X...`cmap.z..........gasp............glyf._.........head..........6hhea.J.M.......$hmtx...........2loca.......x....maxp.V.k...8... name~%Gs...D....post=......\.........K....U)_.<..........v\|D.....v\|e...............................................................h.................@...........,.....L.f...G.L.f....................................PfEd.....>.........T.........:..... .....................................................................................h.............!.&.v.-...V._...>.......!.&.v.-...V._...>...................[........................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-light-300-5.8.2[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	2746
Entropy (8bit):	4.165588578624771
Encrypted:	false
SSDEEP:	48:BD93GD903D9jPodK5jOlhmjpdLalPrD9W7D9BRD9NJD9QD90ZxDlSB5FPmD9nRDr:BD9WD9MD9jPodK5jjHKPrD9eD9HD9NJl
MD5:	850D44E7F70461CD9F7403009001CA66
SHA1:	D45D7F2AFD31F180B34D4B4FA30FD65B07F25100
SHA-256:	5B78FBEE5190039C882ADAAE72002811CC0A895C4DA75EFD5B8ACA23E0825E8E
SHA-512:	4A1724B754FC7E59FD5174B8CE5D5553B9B334833F6D03DBC101ABCE6EA71AFC4BD882DEC5BEACF5E899AD798978E03C7B7F8ADDFC3C1B49A613114591D16B25
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.8.2.eot?
Preview:	............................,.....LP..........................N2..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................`FFTM.._.........GDEF......d....OS/2F.P....h...`cmap...........Bcvt ...D........gasp.......\....glyf......,....head...........6hhea.......$...$hmtx.@..........loca...T... ....maxp.H.[...H... name~%Gs........post..D_...$...7.....K..2N._.<..........v\|D.....v\|f................................................................................@...........,.....L.f...G.L.f....................................PfEd...`.`.........T.........:..... .....................................<........... ...........`.....`....................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-light-300-5.9.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Light family
Category:	downloaded
Size (bytes):	36030
Entropy (8bit):	6.1156084331743825
Encrypted:	false
SSDEEP:	768:1C0BBg3lvlPGxPsfnzhHOWsjvFYbpF6YwRwFBISHYqKLXTF:1gVvUx2nzhHOWshYbaTwFKsLAR
MD5:	0E4ABD45C65CC1BA37CC40F088DA26EB
SHA1:	78FDC2B949FF275CDF662C76C952E541C446BDA0
SHA-256:	E151D1F62E39607B12272A73D116A326A74E21526930B1962A39B7C675EE9604
SHA-512:	0797FBD7EB54A554FEA8B0CFC4043E636885D1663C1C45147FF6ACEF7FDC39D79C53658E26B1177E800067C5BF8ED73279CDE1E485EF7B0E0EB2BCD66019ACBC
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-light-300-5.9.0.eot?
Preview:	............................,.....LP...........................q..................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t.....L.i.g.h.t...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .L.i.g.h.t................PFFTM.._.........GDEF.*.~...h....OS/2A`S....X...`cmap............gasp.......`....glyfo.=h...h..yDhead..........6hhea.?.........$hmtx.3..........loca%_.....t....maxp.......8... name~%Gs........post.n/%.............K..q..._.<..........v\|D.....v\|g.......................................................x.....x...................@...........,.....L.f...G.L.f....................................PfEd...6...........T.........:..... .........................................................................................@.@...@...@...........@.......................@.......@...@...................@...........................@...................................................................................@

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-regular-400-5.10.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Regular family
Category:	downloaded
Size (bytes):	22118
Entropy (8bit):	6.3004048221055315
Encrypted:	false
SSDEEP:	384:WhZTDkfmPDK/Y/8o/t/kwsTqFK83fksoBI9qviN2SkT0A7xho1csgz+28f:WDPm/Y/r/t/3s2K83Vl4FTzhoGsgz+2k
MD5:	C91DB98D1E4597D224BE1AEC96108A67
SHA1:	9C2BF9D26ED43BC85E59CE6A81EE805EAA9449BE
SHA-256:	AB098ACB15D6594A50A374D7CFDBA7F415D3FB8365B04893DBD6ED84194B7273
SHA-512:	62CF3EB7C1409A499025D65E05D04EDBFF438761C1833825AF139964DD527E3D582A26C4EAC2B0FED82DFB13024B3896AF3BD93EF0FD49D493D6D0421862D8DD
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.10.1.eot?
Preview:	fV..@U............................LP.........................]~...................4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r................PFFTM.._...U$....GDEF.*.^..U.....OS/2A.V%...X...`cmap...4.......Jgasp......T.....glyfZ.E.......D\|head..........6hhea.H.........$hmtx...........\loca..t....`....maxp.......8... name"..,..K....Fpost.]....P....#.....K...~]._.<..........v\|D.....v\|h.......................................................V.....X...................@.........".......L.f...G.L.f....................................PfEd...............T.........:..... ..................... .............................@.......................@...............................@.......@...@...@.......@...........@.......@...............@....... ...@...@.......@..................... ... ... ...(.................@...............@...@....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-regular-400-5.14.0[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Regular family
Category:	downloaded
Size (bytes):	35474
Entropy (8bit):	6.2586334878602825
Encrypted:	false
SSDEEP:	768:Fu7EpeYvQ6AYOqGcVDrE/9oGsakwyz6bytkLpcU:YWeo/ycVXE1FsVwy6bXuU
MD5:	217CE656E4D30B25EB4CCBB4E9D97EAE
SHA1:	27F7A205C0F3600E8096D5FD20E352E9661B6AED
SHA-256:	F0D1337B4C29BF277AFD705CE3D08D5C0B73A05697B96BFCDB72C84191CDCBCF
SHA-512:	9CD18D063A0A0A3B4D5050FC6CE2525C619810F3C19983C29D37CAD3EB9881276A99662E4E6897F3E8CD48DF4D568146FC417756AAA2D23E090684ECA9241049
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.14.0.eot?
Preview:	....l.............................LP.........................\| ...................4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r................PFFTM.._....P....GDEF.*.w...0....OS/21.=....X...`cmap..d...\|...zgasp.......(....glyf..Z.......w.head..........6hhea.B.........$hmtx.4.%........loca.x6>........maxp...z...8... name"..,..}....FpostI."........8.....K... \|._.<..........v\|D.....v\|n.......................................................p.....q.w.................@.........".......L.f...G.L.f....................................PfEd.....v.........T.........:..... ...............................................................@...........................................................@.......................@...........................................................................@.......@....................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-regular-400-5.7.1[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Regular family
Category:	downloaded
Size (bytes):	2862
Entropy (8bit):	4.32470449584306
Encrypted:	false
SSDEEP:	48:7jD9TGD90LD9hHa9o3MU0+ZJOQyaD9W7D90wD9xBD90D90ZxDldkB5FPmD9OwD9Y:PD9iD9gD9hHbcU0417D9eD90wD9xBD9a
MD5:	6F18A57788BF660234D9CCD790AEAED5
SHA1:	00469C4D93AF880545A05CC179F7FB17B3D42DF5
SHA-256:	11E0D6A6D2002E0CF4B298A150832C6908C287CBE1B376940E9290829C0CC9AA
SHA-512:	ABDAD34E8A407BB12036EFA4341CE4C5E5D247E84BCCE6724FFA31A663DEFA645E7F3AA77915D0E723E5231CDC1BBCC3CA440D74F7971F0ABEFAB08740A5D633
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.7.1.eot?
Preview:	..................................LP........................cN.}..................4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r.....R.e.g.u.l.a.r...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...4.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .R.e.g.u.l.a.r................PFFTM.._~........GDEF.*..........OS/2I.UW...X...`cmap...........Bgasp............glyf.H.?.......,head.U.........6hhea...........$hmtx............loca............maxp.M.m...8... name"..,...D...Fpost6.Yd.......7.....K..}.Nc_.<..........v\|D.....v\|e...............................................................j.................@.................L.f...G.L.f....................................PfEd...............T.........:..... .....................................<........... ..........................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pro-fa-solid-900-5.0.11[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Pro Solid family
Category:	downloaded
Size (bytes):	8270
Entropy (8bit):	5.938642655612635
Encrypted:	false
SSDEEP:	192:2M+2qWEY370nVVxzKWuq4lDyWmnlmbLc+s3DZm0DiqI8tvxv3f:3/x70nVVhKWCDqnlmfc+YDZyCf
MD5:	0F4F905A0F69DA120A6F7309D264D43F
SHA1:	C0FE940DF4166C48E861821C454A498639D597D2
SHA-256:	90DE10C77F6C7312558455D84922523DCA91FD765AC388F8D97801FA2FBF0AF9
SHA-512:	B83DBBA5CEB9C30F1C467DD3C2F83E435F18D5BDDC304E0034DBE4F01142A2181542DBB08546599A441AD3735262C06ACF7E852F7AB2C04832295DB528197F89
Malicious:	false
IE Cache URL:	https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.0.11.eot?
Preview:	N ..4.............................LP........................Zy....................0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...0.F.o.n.t. .A.w.e.s.o.m.e. .5. .P.r.o. .S.o.l.i.d................PFFTM.._r........GDEF.*.&........OS/2C.R....X...`cmap.3.(...8....gasp............glyf....... ....head..........6hhea.B.a.......$hmtxD+..........locaL.G2.......Bmaxp.h.....8... name\|GM}...4....post......L.........K...yZ_.<..........v\|E.....v\|X....................................................... ..... ...................@.........B.......L.f...G.L.f....................................PfEd...............T.........:..... ...........................................................................................................................................................................................5............................4..............D.C.....+......................................

Static File Info

General
File type:	HTML document, ASCII text, with very long lines, with CRLF line terminators
Entropy (8bit):	3.617967529718418
TrID:
File name:	Ref#Doc30504871 Wyg.htm
File size:	162986
MD5:	baf3567c1fa8ed5b09f630b5ea6e330f
SHA1:	a978b29366ccfb0bff8f6b3db444c2d477ca5ba6
SHA256:	9b66ebeab829896ff2c36801c6818e13c842d08baaee081f027e4985245cff82
SHA512:	8c3afc689f9ac6cd1ce83d17313400866404363ff3e7ba52370b6d27a22929038c264b1a42d7a8ab3446f3b8cc333d84fd6755d74c8f5b9de2e6dde544e5e1c6
SSDEEP:	3072:Co8CIlYZasiJL8t+6Jz2Uu72d9fhBBtlGj2eQPV:Co8CIlYZasiJL8t+6Jz2Uu72d9fhBBtp
File Content Preview:	<script language="javascript">..var aaswurkqgr="JyUzQyUyMSU0NCU0RiU0MyU1NCU1OSU1MCU0NSUyMCU2OCU3NCU2RCU2QyUzRSUwRCUwQSUzQyU2OCU3NCU2RCU2QyUzRSUzQyU2OCU2NSU2MSU2NCUzRSUzQyU2RCU2NSU3NCU2MSUyMCU2OCU3NCU3NCU3MCUyRCU2NSU3MSU3NSU2OSU3NiUzRCUyMiU0MyU2RiU2RSU3NCU

File Icon


Icon Hash:	f8c89c9a9a998cb8

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 10, 2021 19:53:52.293705940 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.294574022 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.424598932 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.424721956 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.425367117 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.429114103 CEST	443	49731	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.429224014 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.429850101 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.556185961 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.558307886 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.558335066 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.558348894 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.558397055 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.558440924 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.563007116 CEST	443	49731	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.565049887 CEST	443	49731	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.565079927 CEST	443	49731	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.565093994 CEST	443	49731	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.565134048 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.565159082 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.566430092 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.566891909 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.567096949 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.568403006 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.568792105 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.697474957 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.697540998 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.697554111 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.697602987 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.698189020 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.698651075 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.698688030 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.698704004 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.698720932 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.698734045 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.698736906 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.698755026 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.698760986 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.698767900 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.698780060 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.698803902 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.698832035 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.701622009 CEST	443	49731	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.701735020 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.701873064 CEST	443	49731	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.701977968 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.702328920 CEST	49731	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.828493118 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.828526974 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.828571081 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.828597069 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.840539932 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.841321945 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.850815058 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.851056099 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.868854046 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.872100115 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.872317076 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.872478962 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.872642040 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.872800112 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.872963905 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.873112917 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.873255014 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.873418093 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.873574018 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.874882936 CEST	443	49731	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.920535088 CEST	49732	443	192.168.2.3	104.16.18.94
Jun 10, 2021 19:53:52.920666933 CEST	49734	443	192.168.2.3	104.16.18.94
Jun 10, 2021 19:53:52.920696020 CEST	49733	443	192.168.2.3	104.16.18.94
Jun 10, 2021 19:53:52.934211016 CEST	49739	443	192.168.2.3	89.187.169.26
Jun 10, 2021 19:53:52.934389114 CEST	49740	443	192.168.2.3	89.187.169.26
Jun 10, 2021 19:53:52.963030100 CEST	443	49733	104.16.18.94	192.168.2.3
Jun 10, 2021 19:53:52.963083982 CEST	443	49734	104.16.18.94	192.168.2.3
Jun 10, 2021 19:53:52.963109970 CEST	443	49732	104.16.18.94	192.168.2.3
Jun 10, 2021 19:53:52.963211060 CEST	49733	443	192.168.2.3	104.16.18.94
Jun 10, 2021 19:53:52.963238955 CEST	49734	443	192.168.2.3	104.16.18.94
Jun 10, 2021 19:53:52.963291883 CEST	49732	443	192.168.2.3	104.16.18.94
Jun 10, 2021 19:53:52.971069098 CEST	49733	443	192.168.2.3	104.16.18.94
Jun 10, 2021 19:53:52.971329927 CEST	49734	443	192.168.2.3	104.16.18.94
Jun 10, 2021 19:53:52.971577883 CEST	49732	443	192.168.2.3	104.16.18.94
Jun 10, 2021 19:53:52.973922968 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.975466967 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.975508928 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.975547075 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.975550890 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.975584984 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.975585938 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.975591898 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.975622892 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.975645065 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.975661039 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.975680113 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.975696087 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.975713015 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.975745916 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.976394892 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.976435900 CEST	443	49730	169.55.190.245	192.168.2.3
Jun 10, 2021 19:53:52.976454973 CEST	49730	443	192.168.2.3	169.55.190.245
Jun 10, 2021 19:53:52.976484060 CEST	49730	443	192.168.2.3	169.55.190.245

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 10, 2021 19:53:26.224437952 CEST	64185	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:26.283253908 CEST	53	64185	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:27.211249113 CEST	65110	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:27.272917986 CEST	53	65110	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:28.500020027 CEST	58361	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:28.550257921 CEST	53	58361	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:29.533379078 CEST	63492	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:29.586601019 CEST	53	63492	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:30.846643925 CEST	60831	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:30.899580956 CEST	53	60831	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:31.748191118 CEST	60100	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:31.801096916 CEST	53	60100	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:32.625471115 CEST	53195	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:32.684022903 CEST	53	53195	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:32.730017900 CEST	50141	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:32.780507088 CEST	53	50141	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:34.083745003 CEST	53023	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:34.150988102 CEST	53	53023	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:34.253143072 CEST	49563	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:34.303550005 CEST	53	49563	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:35.588180065 CEST	51352	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:35.646666050 CEST	53	51352	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:36.957973957 CEST	59349	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:37.008130074 CEST	53	59349	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:38.031021118 CEST	57084	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:38.081336975 CEST	53	57084	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:39.149574995 CEST	58823	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:39.199944973 CEST	53	58823	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:40.393201113 CEST	57568	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:40.443603992 CEST	53	57568	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:41.282267094 CEST	50540	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:41.344036102 CEST	53	50540	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:44.253580093 CEST	54366	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:44.312745094 CEST	53	54366	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:45.675556898 CEST	53034	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:45.728594065 CEST	53	53034	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:46.880045891 CEST	57762	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:46.931766987 CEST	53	57762	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:50.198194981 CEST	55435	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:50.262032986 CEST	53	55435	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:52.230959892 CEST	50713	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:52.292113066 CEST	53	50713	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:52.844563961 CEST	56132	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:52.850905895 CEST	58987	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:52.858412981 CEST	56579	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:52.866692066 CEST	60633	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:52.918160915 CEST	53	58987	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:52.923784018 CEST	53	56579	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:52.926258087 CEST	53	56132	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:52.931940079 CEST	53	60633	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:53.302892923 CEST	61292	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:53.336611986 CEST	63619	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:53.366605043 CEST	53	61292	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:53.382931948 CEST	64938	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:53.397943020 CEST	53	63619	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:53.444652081 CEST	53	64938	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:54.134637117 CEST	61946	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:54.143194914 CEST	64910	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:54.203851938 CEST	53	61946	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:54.207983971 CEST	53	64910	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:55.471069098 CEST	52123	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:55.525388002 CEST	53	52123	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:55.719964981 CEST	56130	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:55.723639965 CEST	56338	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:53:55.781012058 CEST	53	56130	8.8.8.8	192.168.2.3
Jun 10, 2021 19:53:55.790335894 CEST	53	56338	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:02.632515907 CEST	59420	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:02.683852911 CEST	53	59420	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:03.448410988 CEST	58784	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:03.498641968 CEST	53	58784	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:03.672769070 CEST	59420	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:03.724071026 CEST	53	59420	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:03.910069942 CEST	63978	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:03.971560955 CEST	53	63978	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:04.505723000 CEST	58784	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:04.564728975 CEST	53	58784	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:04.701508045 CEST	59420	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:04.752623081 CEST	53	59420	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:05.531063080 CEST	58784	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:05.581307888 CEST	53	58784	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:08.159949064 CEST	58784	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:08.165548086 CEST	59420	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:08.210180044 CEST	53	58784	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:08.216774940 CEST	53	59420	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:12.175146103 CEST	59420	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:12.187761068 CEST	58784	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:12.226596117 CEST	53	59420	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:12.237971067 CEST	53	58784	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:14.751111984 CEST	62938	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:14.801739931 CEST	53	62938	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:15.454397917 CEST	55708	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:15.527302980 CEST	53	55708	8.8.8.8	192.168.2.3
Jun 10, 2021 19:54:21.608449936 CEST	56803	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:54:21.670315981 CEST	53	56803	8.8.8.8	192.168.2.3
Jun 10, 2021 19:55:02.610394001 CEST	57145	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:55:02.684806108 CEST	53	57145	8.8.8.8	192.168.2.3
Jun 10, 2021 19:55:09.995275974 CEST	55359	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:55:10.055428028 CEST	53	55359	8.8.8.8	192.168.2.3
Jun 10, 2021 19:55:37.569462061 CEST	58306	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:55:37.636814117 CEST	53	58306	8.8.8.8	192.168.2.3
Jun 10, 2021 19:55:38.627583981 CEST	64124	53	192.168.2.3	8.8.8.8
Jun 10, 2021 19:55:38.700774908 CEST	53	64124	8.8.8.8	192.168.2.3

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Jun 10, 2021 19:53:50.198194981 CEST	192.168.2.3	8.8.8.8	0x44e	Standard query (0)	icons.iconarchive.com	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:52.230959892 CEST	192.168.2.3	8.8.8.8	0x9eff	Standard query (0)	www.premierpawn.com	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:52.850905895 CEST	192.168.2.3	8.8.8.8	0x40e2	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:52.858412981 CEST	192.168.2.3	8.8.8.8	0x722f	Standard query (0)	kit.fontawesome.com	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:52.866692066 CEST	192.168.2.3	8.8.8.8	0xe93e	Standard query (0)	cdn.shortpixel.ai	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:53.302892923 CEST	192.168.2.3	8.8.8.8	0x4790	Standard query (0)	ka-p.fontawesome.com	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:54.143194914 CEST	192.168.2.3	8.8.8.8	0xae81	Standard query (0)	connect.facebook.net	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:55.471069098 CEST	192.168.2.3	8.8.8.8	0xecb1	Standard query (0)	stats.g.doubleclick.net	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:55.723639965 CEST	192.168.2.3	8.8.8.8	0x2ea5	Standard query (0)	www.google.de	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Jun 10, 2021 19:53:50.262032986 CEST	8.8.8.8	192.168.2.3	0x44e	No error (0)	icons.iconarchive.com		172.67.186.2	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:50.262032986 CEST	8.8.8.8	192.168.2.3	0x44e	No error (0)	icons.iconarchive.com		104.21.19.112	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:52.292113066 CEST	8.8.8.8	192.168.2.3	0x9eff	No error (0)	www.premierpawn.com	premierpawn.com		CNAME (Canonical name)	IN (0x0001)
Jun 10, 2021 19:53:52.292113066 CEST	8.8.8.8	192.168.2.3	0x9eff	No error (0)	premierpawn.com		169.55.190.245	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:52.918160915 CEST	8.8.8.8	192.168.2.3	0x40e2	No error (0)	cdnjs.cloudflare.com		104.16.18.94	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:52.918160915 CEST	8.8.8.8	192.168.2.3	0x40e2	No error (0)	cdnjs.cloudflare.com		104.16.19.94	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:52.923784018 CEST	8.8.8.8	192.168.2.3	0x722f	No error (0)	kit.fontawesome.com	kit.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Jun 10, 2021 19:53:52.931940079 CEST	8.8.8.8	192.168.2.3	0xe93e	No error (0)	cdn.shortpixel.ai	spai.b-cdn.net		CNAME (Canonical name)	IN (0x0001)
Jun 10, 2021 19:53:52.931940079 CEST	8.8.8.8	192.168.2.3	0xe93e	No error (0)	spai.b-cdn.net		89.187.169.26	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:53.366605043 CEST	8.8.8.8	192.168.2.3	0x4790	No error (0)	ka-p.fontawesome.com	ka-p.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Jun 10, 2021 19:53:54.207983971 CEST	8.8.8.8	192.168.2.3	0xae81	No error (0)	connect.facebook.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)
Jun 10, 2021 19:53:54.207983971 CEST	8.8.8.8	192.168.2.3	0xae81	No error (0)	scontent.xx.fbcdn.net		31.13.92.14	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:55.525388002 CEST	8.8.8.8	192.168.2.3	0xecb1	No error (0)	stats.g.doubleclick.net	stats.l.doubleclick.net		CNAME (Canonical name)	IN (0x0001)
Jun 10, 2021 19:53:55.525388002 CEST	8.8.8.8	192.168.2.3	0xecb1	No error (0)	stats.l.doubleclick.net		173.194.76.156	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:55.525388002 CEST	8.8.8.8	192.168.2.3	0xecb1	No error (0)	stats.l.doubleclick.net		173.194.76.155	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:55.525388002 CEST	8.8.8.8	192.168.2.3	0xecb1	No error (0)	stats.l.doubleclick.net		173.194.76.154	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:55.525388002 CEST	8.8.8.8	192.168.2.3	0xecb1	No error (0)	stats.l.doubleclick.net		173.194.76.157	A (IP address)	IN (0x0001)
Jun 10, 2021 19:53:55.790335894 CEST	8.8.8.8	192.168.2.3	0x2ea5	No error (0)	www.google.de		172.217.16.99	A (IP address)	IN (0x0001)
Jun 10, 2021 19:54:14.801739931 CEST	8.8.8.8	192.168.2.3	0x169d	No error (0)	prda.aadg.msidentity.com	www.tm.a.prd.aadg.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Jun 10, 2021 19:53:52.558335066 CEST	169.55.190.245	443	192.168.2.3	49730	CN=*.premierpawn.com CN=R3, O=Let's Encrypt, C=US	CN=R3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Mon Apr 26 22:06:35 CEST 2021 Wed Oct 07 21:21:40 CEST 2020	Sun Jul 25 22:06:35 CEST 2021 Wed Sep 29 21:21:40 CEST 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:52.558335066 CEST	169.55.190.245	443	192.168.2.3	49730	CN=R3, O=Let's Encrypt, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Oct 07 21:21:40 CEST 2020	Wed Sep 29 21:21:40 CEST 2021		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:52.565079927 CEST	169.55.190.245	443	192.168.2.3	49731	CN=*.premierpawn.com CN=R3, O=Let's Encrypt, C=US	CN=R3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Mon Apr 26 22:06:35 CEST 2021 Wed Oct 07 21:21:40 CEST 2020	Sun Jul 25 22:06:35 CEST 2021 Wed Sep 29 21:21:40 CEST 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:52.565079927 CEST	169.55.190.245	443	192.168.2.3	49731	CN=R3, O=Let's Encrypt, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Oct 07 21:21:40 CEST 2020	Wed Sep 29 21:21:40 CEST 2021		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:53.014760971 CEST	104.16.18.94	443	192.168.2.3	49734	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:53.014760971 CEST	104.16.18.94	443	192.168.2.3	49734	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:53.015594959 CEST	104.16.18.94	443	192.168.2.3	49733	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:53.015594959 CEST	104.16.18.94	443	192.168.2.3	49733	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:53.015678883 CEST	104.16.18.94	443	192.168.2.3	49732	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:53.015678883 CEST	104.16.18.94	443	192.168.2.3	49732	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:53.032375097 CEST	89.187.169.26	443	192.168.2.3	49740	CN=*.shortpixel.ai CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue Jan 28 01:00:00 CET 2020 Fri Nov 02 01:00:00 CET 2018 Tue Mar 12 01:00:00 CET 2019	Fri Jan 28 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2031 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB	CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	Fri Nov 02 01:00:00 CET 2018	Wed Jan 01 00:59:59 CET 2031
					CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue Mar 12 01:00:00 CET 2019	Mon Jan 01 00:59:59 CET 2029
Jun 10, 2021 19:53:53.032685995 CEST	89.187.169.26	443	192.168.2.3	49739	CN=*.shortpixel.ai CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue Jan 28 01:00:00 CET 2020 Fri Nov 02 01:00:00 CET 2018 Tue Mar 12 01:00:00 CET 2019	Fri Jan 28 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2031 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB	CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	Fri Nov 02 01:00:00 CET 2018	Wed Jan 01 00:59:59 CET 2031
					CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue Mar 12 01:00:00 CET 2019	Mon Jan 01 00:59:59 CET 2029
Jun 10, 2021 19:53:54.295413017 CEST	31.13.92.14	443	192.168.2.3	49753	CN=*.facebook.com, O="Facebook, Inc.", L=Menlo Park, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed May 26 02:00:00 CEST 2021 Tue Oct 22 14:00:00 CEST 2013	Wed Aug 25 01:59:59 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:54.295413017 CEST	31.13.92.14	443	192.168.2.3	49753	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:54.295864105 CEST	31.13.92.14	443	192.168.2.3	49754	CN=*.facebook.com, O="Facebook, Inc.", L=Menlo Park, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed May 26 02:00:00 CEST 2021 Tue Oct 22 14:00:00 CEST 2013	Wed Aug 25 01:59:59 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:54.295864105 CEST	31.13.92.14	443	192.168.2.3	49754	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:55.643445015 CEST	173.194.76.156	443	192.168.2.3	49755	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Mon May 17 03:34:10 CEST 2021 Thu Jun 15 02:00:42 CEST 2017	Mon Aug 09 03:34:09 CEST 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:55.643445015 CEST	173.194.76.156	443	192.168.2.3	49755	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:55.643471956 CEST	173.194.76.156	443	192.168.2.3	49756	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Mon May 17 03:34:10 CEST 2021 Thu Jun 15 02:00:42 CEST 2017	Mon Aug 09 03:34:09 CEST 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:55.643471956 CEST	173.194.76.156	443	192.168.2.3	49756	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:55.922126055 CEST	172.217.16.99	443	192.168.2.3	49760	CN=www.google.de, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Mon May 17 05:22:16 CEST 2021 Thu Jun 15 02:00:42 CEST 2017	Mon Aug 09 05:22:15 CEST 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:55.922126055 CEST	172.217.16.99	443	192.168.2.3	49760	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:55.923301935 CEST	172.217.16.99	443	192.168.2.3	49759	CN=www.google.de, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Mon May 17 05:22:16 CEST 2021 Thu Jun 15 02:00:42 CEST 2017	Mon Aug 09 05:22:15 CEST 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 19:53:55.923301935 CEST	172.217.16.99	443	192.168.2.3	49759	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 4240 Parent PID: 792

General

Start time:	19:53:30
Start date:	10/06/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff6f34b0000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Analysis Process: iexplore.exe PID: 3156 Parent PID: 4240

General

Start time:	19:53:31
Start date:	10/06/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4240 CREDAT:17410 /prefetch:2
Imagebase:	0x10a0000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report Ref#Doc30504871 Wyg.htm

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Initial Sample

Sigma Overview

Signature Overview

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

File Icon

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 4240 Parent PID: 792

General

Analysis Process: iexplore.exe PID: 3156 Parent PID: 4240

General

Disassembly