Loading ...

Analysis Report https://www.gstatic.com/docs/forms/google_forms_logo_lockup_white_2x.png

Overview

General Information

Joe Sandbox Version:25.0.0 Tiger's Eye
Analysis ID:109760
Start date:11.02.2019
Start time:17:23:19
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 5m 5s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:browseurl.jbs
Sample URL:https://www.gstatic.com/docs/forms/google_forms_logo_lockup_white_2x.png
Analysis system description:Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113
Number of analysed new started processes analysed:6
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies
  • EGA enabled
  • HDC enabled
Analysis stop reason:Timeout
Detection:CLEAN
Classification:clean0.win@3/16@0/0
Cookbook Comments:
  • Adjust boot time
Warnings:
Show All
  • Exclude process from analysis (whitelisted): dllhost.exe, ielowutil.exe, conhost.exe, CompatTelRunner.exe

Detection

StrategyScoreRangeReportingWhitelistedDetection
Threshold00 - 100Report FP / FNfalseclean

Confidence

StrategyScoreRangeFurther Analysis Required?Confidence
Threshold50 - 5false
ConfidenceConfidence


Classification

Mitre Att&ck Matrix

No Mitre Att&ck techniques found

Signature Overview

Click to jump to signature section


Networking:

barindex
Found strings which match to known social media urlsShow sources
Source: msapplication.xml0.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xbc0f3ead,0x01d4c271</date><accdate>0xbc0f3ead,0x01d4c271</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml0.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xbc0f3ead,0x01d4c271</date><accdate>0xbc0fcc32,0x01d4c271</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml5.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xbc1e284f,0x01d4c271</date><accdate>0xbc1e284f,0x01d4c271</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml5.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xbc1e284f,0x01d4c271</date><accdate>0xbc1f18c4,0x01d4c271</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml7.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xbc2186a1,0x01d4c271</date><accdate>0xbc2186a1,0x01d4c271</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: msapplication.xml7.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xbc2186a1,0x01d4c271</date><accdate>0xbc2403db,0x01d4c271</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Urls found in memory or binary dataShow sources
Source: msapplication.xml.1.drString found in binary or memory: http://www.amazon.com/
Source: msapplication.xml1.1.drString found in binary or memory: http://www.google.com/
Source: msapplication.xml2.1.drString found in binary or memory: http://www.live.com/
Source: msapplication.xml3.1.drString found in binary or memory: http://www.nytimes.com/
Source: msapplication.xml4.1.drString found in binary or memory: http://www.reddit.com/
Source: msapplication.xml5.1.drString found in binary or memory: http://www.twitter.com/
Source: msapplication.xml6.1.drString found in binary or memory: http://www.wikipedia.com/
Source: msapplication.xml7.1.drString found in binary or memory: http://www.youtube.com/
Source: ~DF143809F673D20A29.TMP.1.drString found in binary or memory: https://www.gstatic.com/docs/forms/google_forms_logo_lockup_white_2x.png
Source: {E5E2B24F-2E64-11E9-AAD9-C25F135D3C65}.dat.1.drString found in binary or memory: https://www.gstatic.com/docs/forms/google_forms_logo_lockup_white_2x.pngRoot

System Summary:

barindex
Classification labelShow sources
Source: classification engineClassification label: clean0.win@3/16@0/0
Creates files inside the user directoryShow sources
Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\HighJump to behavior
Creates temporary filesShow sources
Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Temp\~DFE021482A0B5FB0C5.TMPJump to behavior
Reads ini filesShow sources
Source: C:\Program Files\internet explorer\iexplore.exeFile read: C:\Users\desktop.iniJump to behavior
Spawns processesShow sources
Source: unknownProcess created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknownProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4216 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4216 CREDAT:17410 /prefetch:2Jump to behavior
Found graphical window changes (likely an installer)Show sources
Source: Window RecorderWindow detected: More than 3 window changes detected
Uses new MSVCR DllsShow sources
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_171\bin\msvcr100.dllJump to behavior

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
behaviorgraph top1 process2 2 Behavior Graph ID: 109760 URL: https://www.gstatic.com/docs/forms/google_forms_logo_lock... Startdate: 11/02/2019 Architecture: WINDOWS Score: 0 5 iexplore.exe 6 84 2->5         started        process3 7 iexplore.exe 1 33 5->7         started       

Simulations

Behavior and APIs

No simulations

Antivirus Detection

Initial Sample

SourceDetectionScannerLabelLink
https://www.gstatic.com/docs/forms/google_forms_logo_lockup_white_2x.png0%virustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Yara Overview

Initial Sample

No yara matches

PCAP (Network Traffic)

No yara matches

Dropped Files

No yara matches

Memory Dumps

No yara matches

Unpacked PEs

No yara matches

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Startup

  • System is w10x64
  • iexplore.exe (PID: 4216 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)
    • iexplore.exe (PID: 3512 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4216 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)
  • cleanup

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E5E2B24D-2E64-11E9-AAD9-C25F135D3C65}.dat Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:Microsoft Word Document
Size (bytes):30296
Entropy (8bit):1.8498020909869604
Encrypted:false
MD5:EC2C17FF2E5CCD2D0406F1280808F99F
SHA1:3259338297A18F6EA97A14658AA9F0682F157660
SHA-256:BE4F48A8AAE689A38F10710FCCA40648CEE8FDD7CAF2D1A3FB4C287877497C5B
SHA-512:EA0A824CF698040D08AC8ABAF52A30593457D78D961B46874CDD6C529916A26A722570E0A34A2F05DE78ABB63EE329DA7B39A28F5D0989B7A3C95BEBF4F8969D
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E5E2B24F-2E64-11E9-AAD9-C25F135D3C65}.dat Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:Microsoft Word Document
Size (bytes):24256
Entropy (8bit):1.6478174427287076
Encrypted:false
MD5:9967C5E029331786438FC89DADBEE773
SHA1:4A0971635C7388261F72CB52C560F938E82EC601
SHA-256:9156161BCD80275E1DE3C092AB193A8DCD6FFBEEFBDF866BDCF5908262F2EBE9
SHA-512:2E49F1D79A1447EE29738C02FE5C812C5DB81B253DE81C81D61FC708CB9D26A86C028CAA8831BEF4B11377CBB744B24298CBB3EA51C7C4697883533AB252BA68
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E5E2B250-2E64-11E9-AAD9-C25F135D3C65}.dat Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:Microsoft Word Document
Size (bytes):16984
Entropy (8bit):1.5662282579387514
Encrypted:false
MD5:4C752B54FAF5D6E722B0AAB0816325DB
SHA1:C5F3F67E943FDF1514EEBBC89FAE653F750AE6EF
SHA-256:F283925F00426954CAB4E29346EB135C04266BC4673957A579A10353E656F9A5
SHA-512:F41D17879F36773F408A30A74DD56C8285AEB75E9843E06C5154D1D70C98087B522DAD64DD1C77FDD2E2420012504B7D186D30D00D3586649C7B6D518334847D
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes):656
Entropy (8bit):5.081738263181813
Encrypted:false
MD5:EB358DC002ECE530147B3BF35EC1C496
SHA1:156D7B90DA5CCC31F7B10D5687CA28C01E3DA20F
SHA-256:F7DF79AC3099AB2E351D46232B158CDC7B4A393E198529B60416E9C1736A4263
SHA-512:ABB4DB1DD1F5A69209A02AED9A0EA8833BBC77C21C4969F09D11711053E2569AF2247E96A0C610B5B8F10742D8E07158BBD120FB254C8123A98A58B610831A89
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes):653
Entropy (8bit):5.101879961994511
Encrypted:false
MD5:DAB8C4E36850219D612D136897E3D998
SHA1:2430011A75078AD282202389E610AB8CE7961D39
SHA-256:179D1DE9150200A0D1F0EFA1A48AE38DF0EC540F89678FAFB26354FE5CDDA034
SHA-512:8501432A009550FC6B4EBAD0C16C9268A826E682B1C0A47896C910540D6344A888D64BAEB3E8DAC02E2AF3AE4F38EA5A455F88D8771ABBBAE6BB6D8AD94ED478
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes):662
Entropy (8bit):5.10108030286228
Encrypted:false
MD5:0709CE99D7A9ABE55BE7C2E7E3B58DF5
SHA1:C5C45B29279326AAE0B88A3FC010D340B19B9754
SHA-256:2F50F08004E91C5DF8E2318D91C3FA520D865604A15115A44A832581919F0747
SHA-512:0931F74B1FE5A65F1F3CA51DD4B8F468D3529FE0FAF29A6E586417B97C6B372AFE77BDEFC7C7042CF3A173C938ABA0C5F05D220807343FCD95FE4DAEC27087C2
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes):647
Entropy (8bit):5.087717002940104
Encrypted:false
MD5:33595CB6E2EB6827758CA16F1C2AC6A9
SHA1:A39EFA3CECD3B474D89D75D4BC636858BACCF796
SHA-256:F72D0AFB8C5DF87C14D8ABDF6A8FA9C5830611D7D75355E6939A48B55AEB90BB
SHA-512:CAAF34F4383A7A15AD3DDE957FCE96AF3B23A0E72BAC4D195E542E595B62133EB79E8139E04416E6FE0CCA0EBE404EE0E4AAE6184BA020B4BD97CB2E79FD6AA1
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes):656
Entropy (8bit):5.124805623821512
Encrypted:false
MD5:7E0151034449D017584F2E4E27EF9782
SHA1:BF8EF3A546D81ED20D1CEF785B475B674E01EEAC
SHA-256:9FD2F799544E9DF0C0AF8234BCE2452A62F23F6C3BF86A2B31BA1EF8F75CA511
SHA-512:C265FE8D8FC8C8C475F100136E47ABED284CD2F7F4684285B37455C2E16E9BA0DD676069C715F30D33F1E78D755A4EE1F993D4858F02A3BD55DF3D18A59CC6A1
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes):653
Entropy (8bit):5.107532782537231
Encrypted:false
MD5:7529C20720D65AFD0A7C2B67ACFE58E2
SHA1:26FFF341A5CA22EFE42F8F055C36AAFEA27BADA2
SHA-256:68E0EA9905C56A21C2868B53D7856D53CA1199CD5519104F8C57F5D54F989D61
SHA-512:ABA9AF3061CFF2BB364E5AA7D7D503ECFFC90751A3558C8A98C469E332424A6F84B819020D7AAD3814C9DC99FEF1C4A223EE6FD2629928C8DC335FAAB85C1D72
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes):656
Entropy (8bit):5.126466176185917
Encrypted:false
MD5:4F8C5B6A1C4D28198C243A1BB270A545
SHA1:528AED5CE9054EE2FA46D4F6B3C4BDA7716BFE54
SHA-256:9DD37D3F8E560E3884F0B079B51C3800B66BC6954DD366C7FE07830155CF9792
SHA-512:B9DC49DD75DD6650964F7E5216344DB30EC4EEA8D294734BECA801B640E45BF80E365D7AC3B0A0A9720281213558439B769BA8B89F97D2249837C60B2DB9A032
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes):659
Entropy (8bit):5.067972338910035
Encrypted:false
MD5:032914A64CDCAB2BEDCCE08A63CE68FA
SHA1:6768BAC39749432807B6C11F29221EA1954F952D
SHA-256:1B836EA95384971B6DE643630669CED889B0785A893913A23DC693B27C222D7B
SHA-512:13548CEE1E4165922CF316CF4CD3292A3D914031DA3A9EE6623F38EFF84CE8EB9380986A04EB024DC15C8B29B96760D9B258CE93D290E4417B91A4D32C4AD576
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes):653
Entropy (8bit):5.054705842797107
Encrypted:false
MD5:C13CDD1D4CE1FA04A32EA8B04B2319A9
SHA1:27627BB75969A82F175B2B4D6287B596D7D811A6
SHA-256:352ACE566DBB4AF0798A8BB5E8624E29B1195B6EDDB1C49C4D30AEA913439191
SHA-512:1736893BEB5C4A76FC846BC83AF72EEBDA79B44A9ECAB8FC4F05D6EE96564074D5B26D26AF3449EB65E372E11AB766180DC5D9F773A6BA8A65D8AAF013AB12E5
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\google_forms_logo_lockup_white_2x[1].png Download File
Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:PNG image data, 286 x 52, 8-bit/color RGBA, non-interlaced
Size (bytes):5756
Entropy (8bit):7.945588082107773
Encrypted:false
MD5:641346AD4ED4AE8289A3172ACD237A80
SHA1:5D0FBE25BE2109165A3C49C4D97051A2635FA213
SHA-256:B1B57F7F46398D63CA39ECD642984607BBF016538DBEFD7D36B56EB3A5DBB4B0
SHA-512:24FD8B37A84C5785A18692C801FF92C12DF3D290646E81C50AEF272A43C8A65531F77252DB0625915F02C470F92B111EAB517D4D49228350542F570EFA833CB9
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Temp\~DF143809F673D20A29.TMP Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:data
Size (bytes):34449
Entropy (8bit):0.3658653729946957
Encrypted:false
MD5:99D15F77D933CB035F96AE9C863466D1
SHA1:ED1CEEDBDF237CC0FC59F435D04D8C61893977D7
SHA-256:7F49C81553456E0CCD2034F2B6046AFBC6B4E2B3E4A710339D369284752E4A7D
SHA-512:0DA360189E0C97BDEADD688D299B7E2D26A5FB188BCFEA757842C301D50B389F539D1392094229B209A409555AA4C9105BA8FDFF2F02138A1A2615E4851DB76F
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Temp\~DF2089901051E59D6A.TMP Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:data
Size (bytes):25441
Entropy (8bit):0.27918767598683664
Encrypted:false
MD5:AB889A32AB9ACD33E816C2422337C69A
SHA1:1190C6B34DED2D295827C2A88310D10A8B90B59B
SHA-256:4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA
SHA-512:BD250855747BB4CEC61814D0E44F810156D390E3E9F120A12935EFDF80ACA33C4777AD66257CCA4E4003FEF0741692894980B9298F01C4CDD2D8A9C7BB522FB6
Malicious:false
Reputation:low
C:\Users\user\AppData\Local\Temp\~DFE021482A0B5FB0C5.TMP Download File
Process:C:\Program Files\internet explorer\iexplore.exe
File Type:data
Size (bytes):13029
Entropy (8bit):0.47763599287735004
Encrypted:false
MD5:A012F0A397895DB5BA08B911976113F1
SHA1:7DA25A33420BB4D9D7C049F5A0EA9121E7BA5641
SHA-256:54A0AA55878DF67B6250CDE7519FCDA44E7A583691AF4A4FAD97B1495A98CD43
SHA-512:AA2F152FD0E26E2F844D8197C6810A54B2BE74509CD7338DC3C663610C16A9C14DE2376CAD18198B65186EBB172A8F42CF756996ED2D295CF91A2BB7ECC9443F
Malicious:false
Reputation:low

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
http://www.wikipedia.com/msapplication.xml6.1.drfalse
    high
    http://www.amazon.com/msapplication.xml.1.drfalse
      high
      http://www.nytimes.com/msapplication.xml3.1.drfalse
        high
        http://www.live.com/msapplication.xml2.1.drfalse
          high
          http://www.reddit.com/msapplication.xml4.1.drfalse
            high
            http://www.twitter.com/msapplication.xml5.1.drfalse
              high
              http://www.youtube.com/msapplication.xml7.1.drfalse
                high

                Contacted IPs

                No contacted IP infos

                Static File Info

                No static file info

                Network Behavior

                Network Port Distribution

                TCP Packets

                TimestampSource PortDest PortSource IPDest IP
                Feb 11, 2019 17:24:11.836131096 CET5893753192.168.2.58.8.8.8
                Feb 11, 2019 17:24:11.849740028 CET53589378.8.8.8192.168.2.5
                Feb 11, 2019 17:24:13.362365961 CET6254853192.168.2.58.8.8.8
                Feb 11, 2019 17:24:13.392832994 CET53625488.8.8.8192.168.2.5
                Feb 11, 2019 17:24:30.023973942 CET5331153192.168.2.58.8.8.8
                Feb 11, 2019 17:24:30.037597895 CET53533118.8.8.8192.168.2.5

                UDP Packets

                TimestampSource PortDest PortSource IPDest IP
                Feb 11, 2019 17:24:11.836131096 CET5893753192.168.2.58.8.8.8
                Feb 11, 2019 17:24:11.849740028 CET53589378.8.8.8192.168.2.5
                Feb 11, 2019 17:24:13.362365961 CET6254853192.168.2.58.8.8.8
                Feb 11, 2019 17:24:13.392832994 CET53625488.8.8.8192.168.2.5
                Feb 11, 2019 17:24:30.023973942 CET5331153192.168.2.58.8.8.8
                Feb 11, 2019 17:24:30.037597895 CET53533118.8.8.8192.168.2.5

                Code Manipulations

                Statistics

                CPU Usage

                Click to jump to process

                Memory Usage

                Click to jump to process

                Behavior

                Click to jump to process

                System Behavior

                General

                Start time:17:24:10
                Start date:11/02/2019
                Path:C:\Program Files\internet explorer\iexplore.exe
                Wow64 process (32bit):false
                Commandline:'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
                Imagebase:0x7ff6ef4a0000
                File size:823560 bytes
                MD5 hash:6465CB92B25A7BC1DF8E01D8AC5E7596
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low

                General

                Start time:17:24:11
                Start date:11/02/2019
                Path:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                Wow64 process (32bit):true
                Commandline:'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4216 CREDAT:17410 /prefetch:2
                Imagebase:0xa50000
                File size:822536 bytes
                MD5 hash:071277CC2E3DF41EEEA8013E2AB58D5A
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low

                Disassembly

                Reset < >