https://www.apple.com/legal/privacy/de/
This report is generated from a file or URL submitted to this webservice on September 13th 2023 11:40:41 (UTC) and action script Default browser analysis
Guest System: Windows 7 32 bit, Professional, 6.1 (build 7601), Service Pack 1
Report generated by
Falcon Sandbox v10.2.0 © Hybrid Analysis
Incident Response
Risk Assessment
- Network Behavior
- Contacts 1 domain and 1 host. View all details
MITRE ATT&CK™ Techniques Detection
Additional Context
Related Sandbox Artifacts
- Associated SHA256s
-
39ffc5b2e6afe150574aca6a97ddb80c846453ea33bb9e450cb0df614d89b851
185ca16f96135a6e31d014e564cb9bcd23b907797888638e947eb9b138168002
087ef62d973726494884a054c8fcb4e24e7cc2bbb41cd0fea82b8c70e4b317c5
2cc86663371c06fbf8e745480a1ec82a77cafb4031bcd9f5414947757438052d
4585fc401717abfd0b405ad58dfb25de1d7b9f820a6d97c5450d3f455f841118
Indicators
Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.
-
Suspicious Indicators 2
-
General
-
Found a potential E-Mail address in binary/memory
- details
-
Pattern match: "0zhglof@r.l98"
Pattern match: "preact@10.10.6"
Pattern match: "ac-browser@0.5.0"
Pattern match: "ac-classlist@1.3.0"
Pattern match: "ac-function@1.3.0"
Pattern match: "ac-headjs@2.2.0"
Pattern match: "ac-object@1.6.1"
Pattern match: "ac-polyfills@2.10.0" - source
- File/Memory
- relevance
- 3/10
- ATT&CK ID
- T1114 (Show technique in the MITRE ATT&CK™ matrix)
-
Found a potential E-Mail address in binary/memory
-
Network Related
-
Found potential IP address in binary/memory
- details
- Potential IP "15.9.5.44" found in string "any such object have a <code>toISOString</code> method. Full info can be found in the ES5 spec (15.9.5.44):"
- source
- File/Memory
- relevance
- 3/10
- ATT&CK ID
- T1071 (Show technique in the MITRE ATT&CK™ matrix)
-
Found potential IP address in binary/memory
-
Informative 13
-
Environment Awareness
-
Attempts to detect virtual machine (file access)
- details
-
"iexplore.exe" trying to touch file "%WINDIR%\System32\vm3dum_loader.dll"
"iexplore.exe" trying to touch file "C:\Windows\System32\vm3dum_10.dll"
"iexplore.exe" trying to touch file "C:\Windows\System32\vm3dum.dll"
"iexplore.exe" trying to touch file "%WINDIR%\System32\vm3dum_10.dll" - source
- API Call
- relevance
- 8/10
- ATT&CK ID
- T1497 (Show technique in the MITRE ATT&CK™ matrix)
-
Attempts to detect virtual machine (file access)
-
External Systems
-
Sample was identified as clean by Antivirus engines
- details
- 0/89 Antivirus vendors marked sample as malicious (0% detection rate)
- source
- External System
- relevance
- 10/10
-
Sample was identified as clean by Antivirus engines
-
General
-
Contacts server
- details
- "96.16.68.219:443"
- source
- Network Traffic
- relevance
- 1/10
- ATT&CK ID
- T1071 (Show technique in the MITRE ATT&CK™ matrix)
-
Creates mutants
- details
-
"\Sessions\1\BaseNamedObjects\Local\!BrowserEmulation!SharedMemory!Mutex"
"\Sessions\1\BaseNamedObjects\Local\VERMGMTBlockListFileMutex"
"\Sessions\1\BaseNamedObjects\Local\URLBLOCK_FILEMAPSWITCH_MUTEX_3684"
"\Sessions\1\BaseNamedObjects\Local\URLBLOCK_HASHFILESWITCH_MUTEX"
"\Sessions\1\BaseNamedObjects\Local\URLBLOCK_DOWNLOAD_MUTEX"
"\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\IsoScope_e64_IE_EarlyTabStart_0xc20_Mutex"
"\Sessions\1\BaseNamedObjects\IsoScope_e64_ConnHashTable<3684>_HashTable_Mutex"
"\Sessions\1\BaseNamedObjects\{5312EE61-79E3-4A24-BFE1-132B85B23C3A}"
"\Sessions\1\BaseNamedObjects\IsoScope_e64_IESQMMUTEX_0_303"
"\Sessions\1\BaseNamedObjects\IsoScope_e64_IESQMMUTEX_0_331"
"\Sessions\1\BaseNamedObjects\{66D0969A-1E86-44CF-B4EC-3806DDDA3B5D}"
"Local\InternetShortcutMutex"
"Local\URLBLOCK_DOWNLOAD_MUTEX"
"Local\ZonesCacheCounterMutex"
"{66D0969A-1E86-44CF-B4EC-3806DDDA3B5D}"
"{5312EE61-79E3-4A24-BFE1-132B85B23C3A}"
"IsoScope_e64_ConnHashTable<3684>_HashTable_Mutex"
"IsoScope_e64_IESQMMUTEX_0_303"
"Local\ZonesLockedCacheCounterMutex"
"UpdatingNewTabPageData"
"IsoScope_e64_IESQMMUTEX_0_519"
"Local\VERMGMTBlockListFileMutex"
"IsoScope_e64_IESQMMUTEX_0_331" - source
- Created Mutant
- relevance
- 3/10
-
Drops files marked as clean
- details
-
Antivirus vendors marked dropped file "icon_large_1_.svg" as clean (type is "SVG Scalable Vector Graphics image")
Antivirus vendors marked dropped file "icon_large_2_.svg" as clean (type is "SVG Scalable Vector Graphics image")
Antivirus vendors marked dropped file "urlblockindex_1_.bin" as clean (type is "data") - source
- Binary File
- relevance
- 10/10
-
Found a reference to a known community page
- details
-
Found string "<meta name="twitter:title" content="Apple Legal - AppleDatenschutzrichtlinie - Apple"/>" (Indicator: "twitter"; File: "de-ww_1_.htm")
Found string "<meta name="twitter:description"/>" (Indicator: "twitter"; File: "de-ww_1_.htm")
Found string ""https://www.youtube.com/user/Apple"," (Indicator: "youtube"; File: "de-ww_1_.htm")
Found string ""https://www.linkedin.com/company/apple"," (Indicator: "linkedin.com"; File: "de-ww_1_.htm")
Found string ""https://www.facebook.com/Apple"," (Indicator: "facebook.com"; File: "de-ww_1_.htm")
Found string ""https://www.twitter.com/Apple"" (Indicator: "twitter"; File: "de-ww_1_.htm") - source
- File/Memory
- relevance
- 2/10
-
Queries DNS server
- details
- "images.apple.com"
- source
- Network Traffic
- relevance
- 1/10
- ATT&CK ID
- T1071.004 (Show technique in the MITRE ATT&CK™ matrix)
-
References JavaScript(s)
- details
-
Found string "<script src="/legal/v/legal/e/built/scripts/head.built.js" type="text/javascript" charset="utf-8" id="headScript" rtl-enabled="false"></script>" (Indicator: "text/javascript"; File: "de-ww_1_.htm")
Found string "<script src="/legal/v/legal/e/scripts/html5shiv.min.js" type="text/javascript" charset="utf-8"></script>" (Indicator: "text/javascript"; File: "de-ww_1_.htm")
Found string "<script type="text/javascript" src="/api-www/global-elements/global-header/v1/assets/globalheader.umd.js"></script>" (Indicator: "text/javascript"; File: "de-ww_1_.htm")
Found string "<script src="/metrics/ac-analytics/2.19.0/scripts/ac-analytics.js" type="text/javascript" charset="utf-8"></script>" (Indicator: "text/javascript"; File: "de-ww_1_.htm")
Found string "<script src="/metrics/ac-analytics/2.19.0/scripts/auto-init.js" type="text/javascript" charset="utf-8"></script>" (Indicator: "text/javascript"; File: "de-ww_1_.htm")
Found string "<script type="text/javascript" src="/ac/localnav/4/scripts/ac-localnav.built.js">" (Indicator: "text/javascript"; File: "de-ww_1_.htm")
Found string "<script type="text/javascript" src="/ac/globalfooter/8/en_US/scripts/ac-globalfooter.built.js"></script>" (Indicator: "text/javascript"; File: "de-ww_1_.htm")
Found string "<script type="text/javascript" src="/ac/localeswitcher/4/en_US/scripts/localeswitcher.built.js"></script>" (Indicator: "text/javascript"; File: "de-ww_1_.htm")
Found string "<script src="/legal/v/legal/e/built/scripts/main.built.js" type="text/javascript" charset="utf-8"></script>" (Indicator: "text/javascript"; File: "de-ww_1_.htm")
Found string "<script type="text/javascript" nonce="">" (Indicator: "text/javascript"; File: "PK0JEH3B.htm")
Found string "<script type="text/javascript" id="inlinehead-inline-script" nonce="">" (Indicator: "text/javascript"; File: "PK0JEH3B.htm")
file/memory contains long string with (Indicator: "text/javascript"; File: "PK0JEH3B.htm")
Found string "<script src='https://assets.msn.com/bundles/v1/homePage/latest/midlevel/vendors.836027f376edefc7b09a.js' type="text/javascript" nonce="" crossorigin="anonymous"></script>" (Indicator: "text/javascript"; File: "PK0JEH3B.htm")
Found string "<script src='https://assets.msn.com/bundles/v1/homePage/latest/midlevel/microsoft.f0dc8bbbc7b4d116660b.js' type="text/javascript" nonce="" crossorigin="anonymous"></script>" (Indicator: "text/javascript"; File: "PK0JEH3B.htm")
Found string "<script src='https://assets.msn.com/bundles/v1/homePage/latest/midlevel/common.f4d6737f460385e09d02.js' type="text/javascript" nonce="" crossorigin="anonymous"></script>" (Indicator: "text/javascript"; File: "PK0JEH3B.htm")
Found string "<script src='https://assets.msn.com/bundles/v1/homePage/latest/midlevel/experience.057b9084c6f702aa78a9.js' type="text/javascript" nonce="" crossorigin="anonymous"></script>" (Indicator: "text/javascript"; File: "PK0JEH3B.htm") - source
- File/Memory
- relevance
- 1/10
- ATT&CK ID
- T1059.007 (Show technique in the MITRE ATT&CK™ matrix)
-
Contacts server
-
Installation/Persistence
-
Dropped files
- details
-
"icon_large_1_.svg" has type "SVG Scalable Vector Graphics image"- [targetUID: N/A]
"icon_large_2_.svg" has type "SVG Scalable Vector Graphics image"- [targetUID: N/A]
"urlblockindex_1_.bin" has type "data"- [targetUID: N/A]
"main.built_1_.js" has type "UTF-8 Unicode text with very long lines"- [targetUID: N/A]
"main.built_1_.css" has type "UTF-8 Unicode text with very long lines with no line terminators"- [targetUID: N/A]
"ac-analytics_1_.js" has type "UTF-8 Unicode text with very long lines with no line terminators"- [targetUID: N/A]
"sf-pro-text_heavy_1_.woff" has type "Web Open Font Format TrueType length 257436 version 1.0"- [targetUID: N/A]
"sf-pro-text_semibold_1_.woff" has type "Web Open Font Format TrueType length 246708 version 1.0"- [targetUID: N/A]
"sf-pro-text_bold_1_.woff" has type "Web Open Font Format TrueType length 246092 version 1.0"- [targetUID: N/A]
"sf-pro-text_medium_1_.woff" has type "Web Open Font Format TrueType length 244464 version 1.0"- [targetUID: N/A]
"sf-pro-text_black_1_.woff" has type "Web Open Font Format TrueType length 238944 version 1.0"- [targetUID: N/A]
"sf-pro-display_heavy_1_.woff" has type "Web Open Font Format TrueType length 235644 version 1.0"- [targetUID: N/A]
"sf-pro-text_regular_1_.woff" has type "Web Open Font Format TrueType length 228152 version 1.0"- [targetUID: N/A]
"sf-pro-text_thin_1_.woff" has type "Web Open Font Format TrueType length 228084 version 1.0"- [targetUID: N/A]
"sf-pro-text_light_1_.woff" has type "Web Open Font Format TrueType length 226932 version 1.0"- [targetUID: N/A]
"sf-pro-text_ultralight_1_.woff" has type "Web Open Font Format TrueType length 225660 version 1.0"- [targetUID: N/A]
"sf-pro-display_black_1_.woff" has type "Web Open Font Format TrueType length 225332 version 1.0"- [targetUID: N/A]
"sf-pro-display_semibold_1_.woff" has type "Web Open Font Format TrueType length 224340 version 1.0"- [targetUID: N/A]
"sf-pro-display_bold_1_.woff" has type "Web Open Font Format TrueType length 224268 version 1.0"- [targetUID: N/A]
"sf-pro-display_medium_1_.woff" has type "Web Open Font Format TrueType length 223440 version 1.0"- [targetUID: N/A]
"sf-pro-display_light_1_.woff" has type "Web Open Font Format TrueType length 219108 version 1.0"- [targetUID: N/A]
"sf-pro-display_thin_1_.woff" has type "Web Open Font Format TrueType length 217108 version 1.0"- [targetUID: N/A]
"sf-pro-display_ultralight_1_.woff" has type "Web Open Font Format TrueType length 211368 version 1.0"- [targetUID: N/A]
"sf-pro-display_regular_1_.woff" has type "Web Open Font Format TrueType length 206900 version 1.0"- [targetUID: N/A]
"localeswitcher.built_1_.js" has type "UTF-8 Unicode text with very long lines with no line terminators"- [targetUID: N/A]
"PK0JEH3B.htm" has type "HTML document UTF-8 Unicode text with very long lines with CRLF NEL line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Windows\Temporary Internet Files\Content.IE5\37NU00GP\PK0JEH3B.htm]- [targetUID: 00000000-00003684]
"sf-pro-text_heavy-italic_1_.woff" has type "Web Open Font Format TrueType length 172636 version 1.0"- [targetUID: N/A]
"sf-pro-text_bold-italic_1_.woff" has type "Web Open Font Format TrueType length 170152 version 1.0"- [targetUID: N/A]
"sf-pro-text_semibold-italic_1_.woff" has type "Web Open Font Format TrueType length 169920 version 1.0"- [targetUID: N/A]
"globalheader_1_.css" has type "ASCII text with very long lines"- [targetUID: N/A]
"sf-pro-text_medium-italic_1_.woff" has type "Web Open Font Format TrueType length 168744 version 1.0"- [targetUID: N/A]
"sf-pro-text_black-italic_1_.woff" has type "Web Open Font Format TrueType length 159848 version 1.0"- [targetUID: N/A]
"globalheader.umd_1_.js" has type "ASCII text with very long lines"- [targetUID: N/A]
"sf-pro-text_regular-italic_1_.woff" has type "Web Open Font Format TrueType length 154256 version 1.0"- [targetUID: N/A]
"sf-pro-text_light-italic_1_.woff" has type "Web Open Font Format TrueType length 152984 version 1.0"- [targetUID: N/A]
"sf-pro-text_thin-italic_1_.woff" has type "Web Open Font Format TrueType length 151764 version 1.0"- [targetUID: N/A]
"sf-pro-text_ultralight-italic_1_.woff" has type "Web Open Font Format TrueType length 147952 version 1.0"- [targetUID: N/A]
"urlref_httpswww.apple.comlegalprivacyde" has type "HTML document UTF-8 Unicode text with very long lines with CRLF LF line terminators"- [targetUID: N/A]
"head.built_1_.js" has type "UTF-8 Unicode text with very long lines"- [targetUID: N/A]
"ac-localnav.built_1_.css" has type "UTF-8 Unicode text with very long lines"- [targetUID: N/A]
"ac-localnav.built_2_.css" has type "UTF-8 Unicode text with very long lines"- [targetUID: N/A]
"ac-localnav.built_1_.js" has type "UTF-8 Unicode text with very long lines"- [targetUID: N/A]
"ac-globalfooter.built_1_.css" has type "UTF-8 Unicode text with very long lines"- [targetUID: N/A]
"imagestore.dat" has type "Apple DiskCopy 4.2 image \366\365\302\010 1862299136 bytes 0x2e006900 tag size GCR CLV ssdd (400k) 0x0 format"- Location: [%LOCALAPPDATA%\Microsoft\Internet Explorer\imagestore\3mt7jhv\imagestore.dat]- [targetUID: 00000000-00003684]
"favicon_4_.ico" has type "MS Windows icon resource - 3 icons 16x16 32 bits/pixel 32x32 32 bits/pixel"- [targetUID: N/A]
"en-US.4" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Internet Explorer\DomainSuggestions\en-US.4]- [targetUID: 00000000-00003684]
"icon_dataprivacy_2x_1_.png" has type "PNG image data 124 x 118 8-bit/color RGBA non-interlaced"- [targetUID: N/A]
"~DF53CD9B3D2DAD4D54.TMP" has type "data"- Location: [%TEMP%\~DF53CD9B3D2DAD4D54.TMP]- [targetUID: 00000000-00003684]
"~DF6E4B6B5F64B4FC42.TMP" has type "data"- Location: [%TEMP%\~DF6E4B6B5F64B4FC42.TMP]- [targetUID: 00000000-00003684]
"~DF3482AA90D7A7BC8D.TMP" has type "data"- Location: [%TEMP%\~DF3482AA90D7A7BC8D.TMP]- [targetUID: 00000000-00003684]
"fonts_1_.css" has type "UTF-8 Unicode text with CRLF LF line terminators"- [targetUID: N/A]
"SFProIcons_medium_1_.woff" has type "Web Open Font Format TrueType length 10648 version 1.0"- [targetUID: N/A]
"SFProIcons_light_1_.woff" has type "Web Open Font Format TrueType length 10476 version 1.0"- [targetUID: N/A]
"SFProIcons_regular_1_.woff" has type "Web Open Font Format TrueType length 10380 version 1.0"- [targetUID: N/A]
"SFProIcons_semibold_1_.woff" has type "Web Open Font Format TrueType length 8868 version 1.0"- [targetUID: N/A]
"ac-globalfooter.built_1_.js" has type "ASCII text with very long lines with no line terminators"- [targetUID: N/A]
"_E65CDA0F-5219-11EE-A19D-00505691719A_.dat" has type "Composite Document File V2 Document Cannot read section info"- [targetUID: N/A]
"RecoveryStore._E65CDA0D-5219-11EE-A19D-00505691719A_.dat" has type "Composite Document File V2 Document Cannot read section info"- [targetUID: N/A]
"_EFCF5FD4-5219-11EE-A19D-00505691719A_.dat" has type "Composite Document File V2 Document Cannot read section info"- [targetUID: N/A]
"html5shiv.min_1_.js" has type "HTML document ASCII text with very long lines"- [targetUID: N/A]
"globe-icon-final_1_.png" has type "PNG image data 39 x 40 8-bit/color RGBA non-interlaced"- [targetUID: N/A]
"appleicons_ultralight_1_.woff" has type "Web Open Font Format TrueType length 1040 version 1.0"- [targetUID: N/A]
"appleicons_thin_1_.woff" has type "Web Open Font Format TrueType length 1040 version 1.0"- [targetUID: N/A]
"appleicons_text_1_.woff" has type "Web Open Font Format TrueType length 1032 version 1.0"- [targetUID: N/A]
"UCWPYVCU.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\UCWPYVCU.txt]- [targetUID: 00000000-00003684]
"UGERY8PQ.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\UGERY8PQ.txt]- [targetUID: 00000000-00003684]
"OKSKAZJV.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\OKSKAZJV.txt]- [targetUID: 00000000-00003684]
"LJO95EG0.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\LJO95EG0.txt]- [targetUID: 00000000-00003684]
"G2GE57R9.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\G2GE57R9.txt]- [targetUID: 00000000-00003684]
"de_1_.htm" has type "HTML document ASCII text"- [targetUID: N/A]
"KGAEJP0K.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\KGAEJP0K.txt]- [targetUID: 00000000-00003684]
"FUTZDH6X.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\FUTZDH6X.txt]- [targetUID: 00000000-00003684]
"DR3AHXQA.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\DR3AHXQA.txt]- [targetUID: 00000000-00003684]
"auto-init_1_.js" has type "ASCII text with no line terminators"- [targetUID: N/A]
"8JCBQSFQ.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\8JCBQSFQ.txt]- [targetUID: 00000000-00003684]
"8K2COX6W.txt" has type "ASCII text"- Location: [%APPDATA%\Microsoft\Windows\Cookies\8K2COX6W.txt]- [targetUID: 00000000-00003684]
"de-ww_1_.htm" has type "HTML document UTF-8 Unicode text with very long lines with CRLF LF line terminators"- [targetUID: N/A] - source
- Binary File
- relevance
- 3/10
- ATT&CK ID
- T1105 (Show technique in the MITRE ATT&CK™ matrix)
-
Dropped files
-
Network Related
-
Communicates with HTTPS webserver (GET/POST requests)
- details
- Found requests in header "GET /ac/localnav/4/styles/ac-localnav.built.css HTTP/1.1Accept: text/css, */*Referer: https://www.apple.com/legal/privacy/de-ww/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: images.apple.comDNT: 1Connection: Keep-AliveCookie: geo=US"; in File: "SSL")
- source
- File/Memory
- relevance
- 1/10
- ATT&CK ID
- T1071.001 (Show technique in the MITRE ATT&CK™ matrix)
-
Found potential URL in binary/memory
- details
-
Pattern match: "https://statici.icloud.com/emailimages/v4/familysharing/button_left.png"
Pattern match: "https://www.apple.com/legal/privacy/de/"
Pattern match: "https://www.apple.com"
Pattern match: "https://www.apple.com/legal/privacy/de"
Pattern match: "http://www.w3.org/2000/svg"
Pattern match: "XwM.or/gz=e&ApM^#/bv`]+/ieyx./%?Sgy5FirI^S3\^?_^ah"
Pattern match: "nlF.BrG/Cw71iI'AYV"
Pattern match: "9ZY9ys.AC/cCK#Bq3.uXvAb"
Pattern match: "ycbq.cz/9P^4"
Pattern match: "9l.iiA/SooWKNdAhm+k+,OHyLO`F"
Pattern match: "wN.tij/lXwxOI~saX3}u-"
Pattern match: "30LM.lJev/PA`AX]W"
Pattern match: "http://www.w3.org/1999/02/22-rdf-syntax-ns#"
Pattern match: "3pRFLE.zk/@H|XR:dLO+MZ3+B4%$qeNC:5k!O6yDTni9BmM%xDO'%n341lzgN?V:buMg~E,mRg{-8p!E{#N4Ub`oE="
Pattern match: "SUIDmicrosoft.com/92166665730563105756498405276431057447MUID23DDC997ADAA695310E3DA1CAC2E685Bmicrosoft.com/10257990622723113591898405276431057447_EDGE_Vmicrosoft.com/92167990622723113591898420876431057447SRCHDAF=NOFORMmicrosoft.com/1024332378944031085610279"
Pattern match: "SUIDmicrosoft.com/92166665730563105756498405276431057447MUID23DDC997ADAA695310E3DA1CAC2E685Bmicrosoft.com/10257990622723113591898405276431057447SRCHDAF=NOFORMmicrosoft.com/102433237894403108561027971357230938743SRCHUIDV=2&GUID=426377958C8445E3B4EA69482BD0E"
Pattern match: "SUIDmicrosoft.com/92166665730563105756498405276431057447SRCHDAF=NOFORMmicrosoft.com/102433237894403108561027971357230938743SRCHUIDV=2&GUID=426377958C8445E3B4EA69482BD0E747&dmnchg=1microsoft.com/102433237894403108561027971357230938743SRCHUSRDOB=20220131micr"
Pattern match: "55Zwww.msn.com/102429374585603120451598592476731057447MUIDB3BC99FBF77CB6C862A348C3476876D16www.msn.com/92168090622723113591898592476731057447"
Pattern match: "http://www.apple.com/legal/privacy/de-ww/"
Pattern match: "92168090622723113591898592476731057447MUID3BC99FBF77CB6C862A348C3476876D16msn.com/10258090622723113591898592476731057447USRLOCmsn.com/921729374585603120451598623676731057447"
Pattern match: "55Zwww.msn.com/102429374585603120451598592476731057447"
Pattern match: "92168090622723113591898592476731057447MUID3BC99FBF77CB6C862A348C3476876D16msn.com/10258090622723113591898592476731057447"
Pattern match: "MUIDB23DDC997ADAA695310E3DA1CAC2E685Bieonline.microsoft.com/92167990622723113591898405276431057447"
Pattern match: "MUID3BC99FBF77CB6C862A348C3476876D16msn.com/10258090622723113591898592476731057447"
Pattern match: "http://www.w3.org/2000/svg,o"
Pattern match: "https://${s}`:,this.amlSearch.locale=n.searchFieldLocale||a,n.searchSuggestionsEnabled!==!1?this.search.templateFunction=this._createAMLSearchTemplate:this.search.templateFunction=this._createAMLSearchDisabledTemplate},beforeMount(){const"
Pattern match: "https://${t}${e}`:e}const"
Pattern match: "www.apple.com,hasAbsoluteUrls:o=!1,useRelativeSearchRequest:g=!1,hasShopRedirectUrls:k=!0,subMenuData:T,setAcStoreInstance:I"
Pattern match: "http://jedwatson.github.io/classnames"
Pattern match: "https://preactjs.com"
Pattern match: "http://www.w3.org/1999/xhtml"
Pattern match: "https://www.apple.com/legal/privacy/de-ww/"
Pattern match: "www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1"
Pattern match: "https://www.apple.com/legal/images/open_graph_logo.png/"
Pattern match: "https://www.apple.com/legal/privacy/de-ww//"
Pattern match: "https://support.apple.com/?cid=gn-ols-home-hp-tab"
Pattern match: "https://www.apple.com/legal/images/icon_dataprivacy_2x.png"
Pattern match: "https://apple.com/de/legal/privacy/data"
Pattern match: "https://www.apple.com/de/privacy/contact/"
Pattern match: "https://www.apple.com/legal/privacy/pdfs/apple-privacy-policy-de-ww.pdf"
Pattern match: "https://www.apple.com/legal/privacy/apple-health-studies/de-ww/"
Pattern match: "https://www.apple.com/de/legal/privacy/de-ww/affiliated-company"
Pattern match: "https://privacy.apple.com"
Pattern match: "http://apple.com/de/legal/privacy/data"
Pattern match: "https://www.apple.com/de/privacy/contact"
Pattern match: "https://support.apple.com/de-de/guide/security/welcome/web"
Pattern match: "https://www.apple.com/de/legal/privacy/de-ww/parent-disclosure"
Pattern match: "https://www.apple.com/de/legal/privacy/de-ww/cookies"
Pattern match: "https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en"
Pattern match: "https://privacyseals.bbbprograms.org/seal/Confirmation/1114171343"
Pattern match: "https://privacyseals.bbbprograms.org/seal/Confirmation/195838664"
Pattern match: "http://schema.org/"
Pattern match: "https://www.apple.com/privacy/government-information-requests/"
Pattern match: "http://www.filemaker.com/company/legal/trademark_guidelines.html"
Pattern match: "http://images.apple.com/legal/sales-support/applecare/docs/remotesupport_terms.pdf"
Pattern match: "https://discussions.apple.com/terms"
Pattern match: "https://locate.apple.com/"
Pattern match: "http://schema.org"
Pattern match: "https://www.apple.com/#organization"
Pattern match: "https://www.apple.com/"
Pattern match: "https://www.apple.com/ac/structured-data/images/knowledge_graph_logo.png?202212222010"
Pattern match: "https://support.apple.com"
Pattern match: "https://support.apple.com/#organization"
Pattern match: "http://www.wikidata.org/entity/Q312"
Pattern match: "https://www.youtube.com/user/Apple"
Pattern match: "https://www.linkedin.com/company/apple"
Pattern match: "https://www.facebook.com/Apple"
Pattern match: "https://www.twitter.com/Apple"
Pattern match: "https://images.apple.com/ac/localnav/4/styles/ac-localnav.built.css/"
Pattern match: "https://assets.msn.com/config/v1/""
Pattern match: "https://+s+/OneCollector/1.0+function(t){return?+Object.keys(t).map"
Pattern match: "www.bing.com"
Pattern match: "https://assets.msn.com/bundles/v1/homePage/latest/midlevel/vendors.836027f376edefc7b09a.js"
Pattern match: "https://assets.msn.com/bundles/v1/homePage/latest/midlevel/microsoft.f0dc8bbbc7b4d116660b.js"
Pattern match: "https://assets.msn.com/bundles/v1/homePage/latest/midlevel/common.f4d6737f460385e09d02.js"
Pattern match: "https://assets.msn.com/bundles/v1/homePage/latest/midlevel/experience.057b9084c6f702aa78a9.js"
Heuristic match: "images.apple.com"
Pattern match: "http://www.quirksmode.org/js/detect.html"
Heuristic match: "* @name module:ac-browser.IE"
Heuristic match: "* @name module:ac-browser.name"
Pattern match: "http://msdn.microsoft.com/en-us/library/jj676915(v=vs.85).aspx"
Pattern match: "https://www.apple.com/legal/privacy/de-ww/Accept-Language"
Pattern match: "https://www.apple.comVary"
Pattern match: "http://www.w3.org/TR/SVG11/feature#Image"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/assign"
Pattern match: "https://developer.mozilla.org/en-US/docs/JavaScript/Reference/Global_Objects/Array/every"
Pattern match: "https://developer.mozilla.org/en-US/docs/JavaScript/Reference/Global_Objects/Array/filter"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/find"
Pattern match: "https://tc39.github.io/ecma262/#sec-array.prototype.find"
Pattern match: "https://tc39.github.io/ecma262/#sec-array.prototype.includes"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/includes"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/API/CustomEvent"
Pattern match: "http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-262.pdf"
Pattern match: "http://eligrey.com"
Pattern match: "http://purl.eligrey.com/github/classList.js/blob/master/classList.js*/"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/API/Element/matches#Polyfill"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/API/ChildNode/remove#Polyfill"
Pattern match: "http://www.JSON.org/js.html"
Pattern match: "http://javascript.crockford.com/jsmin.html"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/API/NodeList/forEach"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/assign#Polyfill"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/is"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/includes"
Pattern match: "https://raw.githubusercontent.com/jonathantneal/polyfill/master/source/Window.prototype.getComputedStyle.ie8.js"
Pattern match: "http://paulirish.com/2011/requestanimationframe-for-smart-animating/"
Pattern match: "http://my.opera.com/emoller/blog/2011/12/20/requestanimationframe-for-smart-er-animating"
Pattern match: "https://github.com/paulmillr/console-polyfill"
Pattern match: "https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/now#Compatibility" - source
- File/Memory
- relevance
- 3/10
- ATT&CK ID
- T1071 (Show technique in the MITRE ATT&CK™ matrix)
-
Communicates with HTTPS webserver (GET/POST requests)
-
Spyware/Information Retrieval
-
Found strings related to keylogger
- details
- file/memory contains long string with (Indicator: "<f6>"; File: "sf-pro-text_thin_1_.woff")
- source
- File/Memory
- relevance
- 1/10
- ATT&CK ID
- T1056.001 (Show technique in the MITRE ATT&CK™ matrix)
-
Found strings related to keylogger
-
Unusual Characteristics
-
Drops files with image extension
- details
-
"icon_dataprivacy_2x_1_.png" has type "PNG image data 124 x 118 8-bit/color RGBA non-interlaced" and extension "png"
"globe-icon-final_1_.png" has type "PNG image data 39 x 40 8-bit/color RGBA non-interlaced" and extension "png" - source
- Binary File
- ATT&CK ID
- T1105 (Show technique in the MITRE ATT&CK™ matrix)
-
Drops files with image extension
CrowdStrike AI
Session Details
No relevant data available.
Screenshots
Loading content, please wait...
Hybrid Analysis
Tip: Click an analysed process below to view more details.
Analysed 3 processes in total.
-
rundll32.exe
"%WINDIR%\System32\ieframe.dll",OpenURL C:\phish_alert_sp2_2.0.0.0_url_004.url
(PID: 2916)
-
iexplore.exe
https://www.apple.com/legal/privacy/de/
(PID: 3684)
- iexplore.exe SCODEF:3684 CREDAT:275457 /prefetch:2 (PID: 3860)
-
iexplore.exe
https://www.apple.com/legal/privacy/de/
(PID: 3684)
Network Analysis
DNS Requests
Domain | Address | Registrar | Country |
---|---|---|---|
images.apple.com
OSINT |
96.16.68.219
TTL: 2196 |
CSC CORPORATE DOMAINS, INC.
Organization: Apple Inc. Name Server: ADNS1.APPLE.COM Creation Date: 1987-02-19T00:00:00 |
United States |
Contacted Hosts
IP Address | Port/Protocol | Associated Process | Details |
---|---|---|---|
96.16.68.219 |
443
TCP |
iexplore.exe PID: 3860 |
United States |
Contacted Countries
HTTP Traffic
No relevant HTTP requests were made.
Extracted Strings
Extracted Files
Displaying 50 extracted file(s). The remaining 28 file(s) are available in the full version and XML/JSON reports.
-
Clean 3
-
-
icon_large_1_.svg
- Size
- 1.8KiB (1830 bytes)
- Type
- image svg
- Description
- SVG Scalable Vector Graphics image
- AV Scan Result
- 0/57
- MD5
- 43f6d574c1b481656ef0d0c9eeec4ca4
- SHA1
- 1348ab77439ca0db1ce4f6d8c14a5ec751f9ae73
- SHA256
- 29fe7c5209c89ac99992a109092914dc763ffa249a8fc9a2d58f90a0eaf7a169
-
icon_large_2_.svg
- Size
- 430B (430 bytes)
- Type
- image svg
- Description
- SVG Scalable Vector Graphics image
- AV Scan Result
- 0/58
- MD5
- d91b51dfe4d967a6699dcc4326067133
- SHA1
- 69451ba85e9b3ddc738bbc4d9c74b975dca79375
- SHA256
- 5ff47245e0223a563b81ed99892deafe2a3d5a14174adc17aa90bbe3fbbd4582
-
urlblockindex_1_.bin
- Size
- 16B (16 bytes)
- Type
- data
- AV Scan Result
- 0/83
- MD5
- fa518e3dfae8ca3a0e495460fd60c791
- SHA1
- e4f30e49120657d37267c0162fd4a08934800c69
- SHA256
- 775853600060162c4b4e5f883f9fd5a278e61c471b3ee1826396b6d129499aa7
-
-
Informative Selection 47
-
-
8JCBQSFQ.txt
- Size
- 108B (108 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- fee17ff5fa8c364146d7b4f15dbbffff
- SHA1
- e248e3997543d735f05e7c4eea0c18dc7211909b
- SHA256
- 5b5aa76975ebc15c69d98529035009b6ddcd551b434e904f85dd08387b47c886
-
8K2COX6W.txt
- Size
- 92B (92 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 386df8b6d711aee3731f27afa97ffb1b
- SHA1
- 441e651571dd2875316a1359dfeff0b1814d0da8
- SHA256
- 7f9cfe49dd782351bd8fa3e3253f1f3b5c6f8e8f5d913570f4774bd5283c34c5
-
DR3AHXQA.txt
- Size
- 156B (156 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- fb7222d00b4dee09e01e3b595129470c
- SHA1
- 79a26f18c355e08b1d31abde2d8bb6336d3f36e2
- SHA256
- 69f788fff90df9c78757f11c9409a8bb671d87acdf4ac0b229a44bd482a17652
-
FUTZDH6X.txt
- Size
- 161B (161 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 8f46352d4bb28d2485cbb3952a5c72ec
- SHA1
- 14205f35061a07d12f0d4720bec4998bb60e2dc5
- SHA256
- 5b64805f8e7099e8a6d32f3cb95828085d976b7e9ff4451236b99b2388dfb262
-
G2GE57R9.txt
- Size
- 258B (258 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 6e3fb7f97e654602b41ae63db5d9873a
- SHA1
- 4f52b706c0d7cbb892eec1e3139f7db9c2951904
- SHA256
- e24e9774d431090bf54b319c3a6ba198455971d1601f4eea5fdae4d66c016787
-
KGAEJP0K.txt
- Size
- 219B (219 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 39d00ecfcf9e68829d0c1c7a96bfa66d
- SHA1
- 293b96e11a0c02ea2cafe23d02dce729882a39ae
- SHA256
- 93fff8e31bef65f10bb495124d6096877367e22f3f2646562b3c1a6fb0960c0c
-
LJO95EG0.txt
- Size
- 430B (430 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- aa15503289ff226882afeb54cbd5f9e0
- SHA1
- 34640bae08fd6a49e9a6619d264194bb5f01fff8
- SHA256
- 35eb524476437bf32b0169a09cab70bd53fb6bbd28931fc8a954aef1edd6ab0c
-
OKSKAZJV.txt
- Size
- 528B (528 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 535b525dceacf0d7f6a35d486f300a09
- SHA1
- 8d0e4dfb179220f62be3d209782e3d981e929b0c
- SHA256
- d681f33fff856fe8456d35cbcb832e6c5ce7a15e8589e3b23f36b5802c739468
-
UCWPYVCU.txt
- Size
- 634B (634 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 7b0f44fd531ea9659720ccfe81f09de8
- SHA1
- 921ba704e8a783d7e686d16890e950030c570ed1
- SHA256
- 0cb37ddfe707aa564970e8ee0f5c3892e8c2b2faf094f24afec322101ca12a7d
-
UGERY8PQ.txt
- Size
- 598B (598 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 15dd0f684c64775df2e7ad0c2c32afd0
- SHA1
- 9cf5901d737cb524116f92f59ad8b16e141868fa
- SHA256
- 98555bacff1267159ac4a570b431ceee0fed64478d1b74eedba98ec26e9bff36
-
en-US.4
- Size
- 18KiB (18176 bytes)
- Type
- data
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 5a34cb996293fde2cb7a4ac89587393a
- SHA1
- 3c96c993500690d1a77873cd62bc639b3a10653f
- SHA256
- c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
-
imagestore.dat
- Size
- 22KiB (22714 bytes)
- Type
- unknown
- Description
- Apple DiskCopy 4.2 image \366\365\302\010, 1862299136 bytes, 0x2e006900 tag size, GCR CLV ssdd (400k), 0x0 format
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- a6907461a9d9c7ebaad94b3db0bfa305
- SHA1
- b1dfe448e243e313cb677c6eca5d2db12a6821b9
- SHA256
- 2c9747342f4002bfadba02afbcd362023991053f7d2cfcdf686206d2787a395f
-
PK0JEH3B.htm
- Size
- 180KiB (183828 bytes)
- Type
- html
- Description
- HTML document, UTF-8 Unicode text, with very long lines, with CRLF, NEL line terminators
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- dd4c3eada4f7bd6995c57a2f6722ea11
- SHA1
- 4f55e64106cb0d73287845b540c72ba59ff2d3e0
- SHA256
- a0057a55b4e5cb2f47616ccdb187583d47178b60c954542968388ecfa398742f
-
~DF3482AA90D7A7BC8D.TMP
- Size
- 16KiB (16384 bytes)
- Type
- data
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 05bff376cf7a9c66d666e2340096127f
- SHA1
- 7a9e34298850e349e2108a122b416b2723593ec6
- SHA256
- 566da8c43d096975ea6c214a078578d06c06083d03c81e43b3ef4e052ceeb7d5
-
~DF53CD9B3D2DAD4D54.TMP
- Size
- 16KiB (16384 bytes)
- Type
- data
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- bdd9803d5ed64de9f02e2072a95e5026
- SHA1
- ec74b54457e12bfd849283f6d692e9fe8a537334
- SHA256
- 6785a86738850e47a302aec0059542216c7d30920ecee2d90b8cc10effade603
-
~DF6E4B6B5F64B4FC42.TMP
- Size
- 16KiB (16384 bytes)
- Type
- data
- Runtime Process
- iexplore.exe (PID: 3684)
- MD5
- 40410055b653640759413e4777bd19a0
- SHA1
- 3ad0051d157cfb03d9a432233875cc4f21bbe084
- SHA256
- 7c4a15f429f23caea7275073430b72c13a9468be2f808797cddaf1c177d5ffc8
-
main.built_1_.js
- Size
- 912KiB (933533 bytes)
- Type
- script javascript
- Description
- UTF-8 Unicode text, with very long lines
- MD5
- d239a3714a419fca668845b9bad6e470
- SHA1
- 027e8b6c26cd02ba5e93910f3c9e5dfbaeaf8e60
- SHA256
- 32b89d3549f3b589d403822acc79f0ebabfea823aa983290456ba312a651d0e8
-
main.built_1_.css
- Size
- 823KiB (842792 bytes)
- Type
- text
- Description
- UTF-8 Unicode text, with very long lines, with no line terminators
- MD5
- 3c18afe471aad9cad8e53b2284dfa171
- SHA1
- 053e3b6b4d2bd51e27f8479080a09c52f9da3f9e
- SHA256
- badd7f1da254688a0b4baa75274407d8dc934fa108ef7fcd0da000e7c234e472
-
ac-analytics_1_.js
- Size
- 322KiB (329372 bytes)
- Type
- script javascript
- Description
- UTF-8 Unicode text, with very long lines, with no line terminators
- MD5
- e29385d744cd21609a949dbf1aab86e3
- SHA1
- f691243c2d7d800c2da6022b30568954f3a9f72e
- SHA256
- 9c1687efa1f9fd58fcbe05dc562b17410d872f4d37c066c168a6f159e16d1d8b
-
sf-pro-text_heavy_1_.woff
- Size
- 251KiB (257436 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 257436, version 1.0
- MD5
- 751bbcba6c055664cf27a0e28ed75905
- SHA1
- d38ef03e8d810ac0a3299475bd9fd1c52ee0fb2b
- SHA256
- b15ce2fc81cbbd8669294125e3878d93eedd5baca6b985b13959941ed04a5c04
-
sf-pro-text_semibold_1_.woff
- Size
- 241KiB (246708 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 246708, version 1.0
- MD5
- 9452f717c927512d84cc2d0af79f2bf4
- SHA1
- 5cb91a52b0031ca147e8df1e7efa2baa91c14d8b
- SHA256
- 558465ba767be86d1ed4ada6c683b68bed2fae010fd9fd734afba0c3c0ee878c
-
sf-pro-text_bold_1_.woff
- Size
- 240KiB (246092 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 246092, version 1.0
- MD5
- 2253dca585c3a1c27cdefdc91610c1e2
- SHA1
- e464eb270978c087239cf39a3580dd938b460550
- SHA256
- 381a14d04a0337e8f70d673f9fddb4bf79203b2d96a7808cf106eb8dc3ae4468
-
sf-pro-text_medium_1_.woff
- Size
- 239KiB (244464 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 244464, version 1.0
- MD5
- 3c681eeacfc6c34e148a24b419b42baa
- SHA1
- 2391068fa486f14b8503eb18d60ef5e6acf683f8
- SHA256
- 470ed7956751f8d11903403943f2d9ad41c9993f805000effabcc16e9ba91a18
-
sf-pro-text_black_1_.woff
- Size
- 233KiB (238944 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 238944, version 1.0
- MD5
- 7c004f67ff5451fb667477d51daf5874
- SHA1
- 610fbdcd9c2d612491adc3444b32867dbb2c1c8a
- SHA256
- 67c3495c2f71ecf32a1c9aa7cf3fe9930fcf2185a10eb6ae854b0a6fc127ab1c
-
sf-pro-display_heavy_1_.woff
- Size
- 230KiB (235644 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 235644, version 1.0
- MD5
- 97711b80be717b514e0d6a3eca64a5aa
- SHA1
- c9b1a336fe891a4848fb8644281dbcaadccc2cdb
- SHA256
- ffb53e438a378f306b77d1e3a254b6275728b96c2877a5482e5e15b758fb3e0f
-
sf-pro-text_regular_1_.woff
- Size
- 223KiB (228152 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 228152, version 1.0
- MD5
- bb45100751a5119aa7ab4a73c3bf0222
- SHA1
- 4db28c1c2ad88aa62afd0c2e70091ed7293eb740
- SHA256
- 36628897cb10f593b00ddd4ab8fddfe0e98995ecbc414822c252f041450d9623
-
sf-pro-text_thin_1_.woff
- Size
- 223KiB (228084 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 228084, version 1.0
- MD5
- 4c80ddc0551974dd7fe7ff278afcd2c3
- SHA1
- c3dbffebb59c37fa56581f701373b26bbce6a7ef
- SHA256
- 2e11d3a679634806624e79d741994b5014012a9a450609163baf37db8e1bd916
-
sf-pro-text_light_1_.woff
- Size
- 222KiB (226932 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 226932, version 1.0
- MD5
- 86035d80a23d89d0187b19b5ae6eafd1
- SHA1
- 933a9fb0c20605ea04219b2164863d845bfb6ce9
- SHA256
- 7a3cae97c52dda472c7b8c351f6f3e7e7742ecc85a641fbd93d2784e738bb841
-
sf-pro-text_ultralight_1_.woff
- Size
- 220KiB (225660 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 225660, version 1.0
- MD5
- 5a75d837417a01da165d4180bf8e5d0e
- SHA1
- d516948644da07cf9cd4231f7850f20968dcf938
- SHA256
- a0dc9264140dd87e476c589f6c379139769ff317a488cd1ecd554d6fbf67582e
-
sf-pro-display_black_1_.woff
- Size
- 220KiB (225332 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 225332, version 1.0
- MD5
- fa3e093370b92f4d7166521909fb938a
- SHA1
- da12adf74bfa2897d05e2efb3cda4038e4dccc58
- SHA256
- f7c9f8956173b787a85a386337a7608706d145b160523157982d01eca4890f6e
-
sf-pro-display_semibold_1_.woff
- Size
- 219KiB (224340 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 224340, version 1.0
- MD5
- 978e5fe2cc4281c939a273afcec8258d
- SHA1
- 45769d7f5112b44f36a053872d1bf1e03332d745
- SHA256
- 072823109ef400b9fa5d959dd1bdd3c96ad6857c7c2b49854706a888b9a8caf5
-
sf-pro-display_bold_1_.woff
- Size
- 219KiB (224268 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 224268, version 1.0
- MD5
- 07c614bb2da265eb5e81b0eda1cbc7ea
- SHA1
- 520601085a4f8e07bf8c303068b9288067891c3b
- SHA256
- 9fc46b9b374417a7d98a98d66443154d269947bf7a9634d1058f09c521e20fd6
-
sf-pro-display_medium_1_.woff
- Size
- 218KiB (223440 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 223440, version 1.0
- MD5
- b11d436da3b83cb2015e14809fb9b73d
- SHA1
- 6a85985286185e975b036311374dd058e07e0031
- SHA256
- a2eef31076969a20838c6eb7162c003590787913531e7798bf2964cb115fc32c
-
sf-pro-display_light_1_.woff
- Size
- 214KiB (219108 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 219108, version 1.0
- MD5
- 6ca37f011119cb7b4a963f15292dbbb9
- SHA1
- b0f6d3bee2ac887c9c6dc19ba12820e78d6a8114
- SHA256
- 223013c0b6a0095da36b8a9df230d418818be7cf67650bd913ed6fad1db94176
-
sf-pro-display_thin_1_.woff
- Size
- 212KiB (217108 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 217108, version 1.0
- MD5
- b34fdc67c053f4b1b19a2e41d9e7157e
- SHA1
- 7b0ca46555eca6e37f161556b134d8c87a633b29
- SHA256
- 001c203404acbe0690e8b59e45b305e18199fcba723e16c3d7e7618793f2e4cc
-
sf-pro-display_ultralight_1_.woff
- Size
- 206KiB (211368 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 211368, version 1.0
- MD5
- 02928ae3c0903acd2d6af625787de57b
- SHA1
- f73b934601e560e733e4b47f99eddce30b5259ae
- SHA256
- db49f12acd4d40a389f8abddec2b0dbe5af7407f07dc13c1f4931be09acc8e32
-
sf-pro-display_regular_1_.woff
- Size
- 202KiB (206900 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 206900, version 1.0
- MD5
- 9b98a8274b8aff6c607e17820a76cfef
- SHA1
- 875ff29202530692476f36eb5d6174cf60f555e6
- SHA256
- 33b594b5f97d52f152c468e9d6784de242a295a9a5b1eea4158fca69d97935be
-
localeswitcher.built_1_.js
- Size
- 187KiB (191290 bytes)
- Type
- script javascript
- Description
- UTF-8 Unicode text, with very long lines, with no line terminators
- MD5
- c17dba03b8b5ab0b2fc105d62aef9e03
- SHA1
- 5c92a61040dc7f0e80962dd4c09600eb497a8c9f
- SHA256
- 9fd9ea26a0f61b2f1b701b4483668fcb604074627c406e5275e4f27878ee9b25
-
sf-pro-text_heavy-italic_1_.woff
- Size
- 169KiB (172636 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 172636, version 1.0
- MD5
- 62bb92e42ca79c6acf4a5b77577ed6a5
- SHA1
- 3bf98df20f7432c1e363352588f8b0690720b11c
- SHA256
- 85d754b45e9bc430613dbcded8977537d3d19077e40e3e1c4ad23a52822b1dbb
-
sf-pro-text_bold-italic_1_.woff
- Size
- 166KiB (170152 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 170152, version 1.0
- MD5
- d7679c95a481b1e61fcbe1f6aec495bd
- SHA1
- 866c12a10cf58a334df826459e2618cf9b5a67a9
- SHA256
- 8def7bb2084a12ee3e8a341dbc9b788bd4a04a06b399c567d6f7218c108035c3
-
sf-pro-text_semibold-italic_1_.woff
- Size
- 166KiB (169920 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 169920, version 1.0
- MD5
- e728bc970a164292d2e405c8248fd2d7
- SHA1
- 0de9131d420152c4bb673f8f349dad0d3e78d771
- SHA256
- 05a8f8cea54105d71685704520afef90c4612762d5acc00a8efc77e869a9372d
-
globalheader_1_.css
- Size
- 165KiB (169418 bytes)
- Type
- text
- Description
- ASCII text, with very long lines
- MD5
- b0fb96c00f624f9fde863cd8ab20b7d6
- SHA1
- 5fb2a3ed76576c05db590f4229f2d072e4096ab0
- SHA256
- 0f8740de05aa6dab513e757ff81b242adcc6c6733bea5194006b2c4a44d548b1
-
sf-pro-text_medium-italic_1_.woff
- Size
- 165KiB (168744 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 168744, version 1.0
- MD5
- 1e92efa0d9675a01fd0293b2c9e9c3cc
- SHA1
- 84f2be77b70983296301e4310e3b03e89a539e4c
- SHA256
- c91631d85b8be23592ecdfb8d9b1d3cc484585d37720ad0cd9463867d66cacf0
-
sf-pro-text_black-italic_1_.woff
- Size
- 156KiB (159848 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 159848, version 1.0
- MD5
- 5e2f9b0710cdf770f4ef6b5d163d70c2
- SHA1
- 7a35b621607bbc9fb6c87703c917beeb8777d5b1
- SHA256
- 40b70fde2c57b0dd918f805a66a89238fd75d607c8cdfd4936ab910a0e22e9f0
-
globalheader.umd_1_.js
- Size
- 153KiB (156403 bytes)
- Type
- script javascript
- Description
- ASCII text, with very long lines
- MD5
- 39ea5908a130988823a9201052b43a27
- SHA1
- 41845bdff83c8a5d94d2990764866c12bae30602
- SHA256
- 537e92b3eb67a5ac078bdb29941fe9bbc5e26b361efbfee1568615871683fab6
-
sf-pro-text_regular-italic_1_.woff
- Size
- 151KiB (154256 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 154256, version 1.0
- MD5
- eb57a0dda4b8c5def1521cde5f089a46
- SHA1
- 9cf5b3f996b35a893bdc4f777fe4d60d890f6ff2
- SHA256
- 30a3922f6c984ed2c4039d3b4c8ac2de83a720532cb2695f4d51ff83e27bdadc
-
sf-pro-text_light-italic_1_.woff
- Size
- 149KiB (152984 bytes)
- Type
- unknown
- Description
- Web Open Font Format, TrueType, length 152984, version 1.0
- MD5
- 0a4b1dc06979780cd34014f61bd4f61e
- SHA1
- 450572bce55d1d6f6d695d8c23248c878eb7ef2b
- SHA256
- 6d23fdb985e5cc163ae80e2a610237208fa9e330fd3aba9f8d379ad94d4edf51
-
Notifications
-
Runtime
- Not all IP/URL string resources were checked online
- Not all file accesses are visible for iexplore.exe (PID: 3684)
- Not all file accesses are visible for iexplore.exe (PID: 3860)
- Some low-level data is hidden, as this is only a slim report
- This URL analysis has missing honeyclient data
- Not all sources for indicator ID "mutant-0" are available in the report
- Not all sources for indicator ID "api-92" are available in the report