Click to jump to signature section
Source: https://kasumbo.com/smarty/xls_v1.6/tail-spin.svg | Avira URL Cloud: Label: malware |
Source: kasumbo.com | Virustotal: Detection: 6% | Perma Link |
Source: Yara match | File source: 0.0.pages.csv, type: HTML |
Source: ACH payment confirmation careersindia@securview.com .HTML | HTTP Parser: Low number of body elements: 0 |
Source: ACH payment confirmation careersindia@securview.com .HTML | HTTP Parser: document.write |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | Tab title: Statement.xls - Microsoft Excel |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | Matcher: Template: microsoft matched |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | HTTP Parser: New script tag found |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | Matcher: Found strong image similarity, brand: MICROSOFT |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | HTTP Parser: Has password / email / username input fields |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | HTTP Parser: <input type="password" .../> found but no <form action="... |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | HTTP Parser: Number of links: 0 |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | HTTP Parser: Title: Statement.xls - Microsoft Excel does not match URL |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | HTTP Parser: <input type="password" .../> found |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | HTTP Parser: No <meta name="author".. found |
Source: file:///C:/Users/user/Desktop/ACH%20payment%20confirmation%20careersindia@securview.com%20.HTML | HTTP Parser: No <meta name="copyright".. found |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1498812047\LICENSE.txt | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_BITS_5844_1873454240 | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430 | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\ | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\ | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_pnacl_json | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\manifest.json | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_metadata\ | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\_metadata\verified_contents.json | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1598255430\manifest.fingerprint | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_BITS_5844_885381781 | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1498812047 | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1498812047\LICENSE.txt | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1498812047\Filtering Rules | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1498812047\manifest.json | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1498812047\_metadata\ | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1498812047\_metadata\verified_contents.json | Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_PuffinComponentUnpacker_BeginUnzipping5844_1498812047\manifest.fingerprint | Jump to behavior |
Source: Joe Sandbox View | IP Address: 174.127.104.94 174.127.104.94 |
Source: Joe Sandbox View | IP Address: 104.17.24.14 104.17.24.14 |
Source: unknown | Network traffic detected: HTTP traffic on port 49708 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49710 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49743 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49720 |
Source: unknown | Network traffic detected: HTTP traffic on port 49706 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49712 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49743 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49719 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49720 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49719 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49718 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49717 |
Source: unknown | Network traffic detected: HTTP traffic on port 49715 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49715 |
Source: unknown | Network traffic detected: HTTP traffic on port 49717 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49714 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49712 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49711 |
Source: unknown | Network traffic detected: HTTP traffic on port 49709 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49710 |
Source: unknown | Network traffic detected: HTTP traffic on port 49707 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49711 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49709 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49708 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49707 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49706 |
Source: unknown | Network traffic detected: HTTP traffic on port 49714 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49718 -> 443 |
Source: chromecache_256.1.dr | String found in binary or memory: http://fontawesome.io |
Source: chromecache_256.1.dr | String found in binary or memory: http://fontawesome.io/license |
Source: pnacl_public_x86_64_pnacl_sz_nexe.0.dr, pnacl_public_x86_64_pnacl_llc_nexe.0.dr | String found in binary or memory: http://llvm.org/): |
Source: chromecache_257.1.dr | String found in binary or memory: http://www.zend.com |
Source: chromecache_258.1.dr, chromecache_257.1.dr | String found in binary or memory: http://www.zend.com/images/store/safeguard_optimizer_img.gif |
Source: chromecache_258.1.dr, chromecache_257.1.dr | String found in binary or memory: http://www.zend.com/products/zend_engine |
Source: chromecache_258.1.dr, chromecache_257.1.dr | String found in binary or memory: http://www.zend.com/products/zend_guard |
Source: chromecache_258.1.dr, chromecache_257.1.dr | String found in binary or memory: http://www.zend.com/products/zend_optimizer |
Source: chromecache_258.1.dr, chromecache_257.1.dr | String found in binary or memory: http://www.zend.com/store/products/zend-safeguard-suite.php |
Source: pnacl_public_x86_64_libpnacl_irt_shim_dummy_a.0.dr | String found in binary or memory: https://chromium.googlesource.com/a/native_client/pnacl-clang.git |
Source: pnacl_public_x86_64_libpnacl_irt_shim_dummy_a.0.dr | String found in binary or memory: https://chromium.googlesource.com/a/native_client/pnacl-llvm.git |
Source: manifest.json.0.dr | String found in binary or memory: https://clients2.google.com/service/update2/crx |
Source: pnacl_public_x86_64_ld_nexe.0.dr | String found in binary or memory: https://code.google.com/p/nativeclient/issues/entry |
Source: pnacl_public_x86_64_ld_nexe.0.dr | String found in binary or memory: https://code.google.com/p/nativeclient/issues/entry%s: |
Source: LICENSE.txt.0.dr | String found in binary or memory: https://creativecommons.org/. |
Source: LICENSE.txt.0.dr | String found in binary or memory: https://creativecommons.org/compatiblelicenses |
Source: LICENSE.txt.0.dr | String found in binary or memory: https://easylist.to/) |
Source: LICENSE.txt.0.dr | String found in binary or memory: https://github.com/easylist) |
Source: unknown | HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: AEC=Ad49MVEVy5CxtQLtYrblzXz4DifLm5q80KxkAsZM0tGClBBQswyzDRIjhA; CONSENT=PENDING+494; SOCS=CAESHAgCEhJnd3NfMjAyMzA4MDMtMF9SQzIaAmVuIAEaBgiA0dCmBg; __Secure-ENID=14.SE=FEqwE5eimu_CzO8QanixDxMiVRDl1S74wJwxQG4kibYxHFlarNLstM6_FtN3tkTBDN7NI-PM3BH3uafw_juj7Kua5Sxw58UIqMyDvhq3JStE-0GsITWS9X0QrbjvmkA5MVBf-Eb4RLTTefnPk1F_g7MJo2hXw4TzaSRHE_HtskdpjjbT9g |
Source: unknown | DNS traffic detected: queries for: www.w3schools.com |
Source: global traffic | HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=115.0.5790.171&lang=en-GB&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-115.0.5790.171Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /smarty/xls_v1.6/tail-spin.svg HTTP/1.1Host: kasumbo.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /w3css/4/w3.css HTTP/1.1Host: www.w3schools.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /smarty/xls_v1.6/msoxcel_.svg HTTP/1.1Host: kasumbo.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /smarty/xls_v1.6/tail-spin.svg HTTP/1.1Host: kasumbo.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /smarty/xls_v1.6/msoxcel_.svg HTTP/1.1Host: kasumbo.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /smarty/xls_v1.6/tail-spin.svg HTTP/1.1Host: kasumbo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /smarty/xls_v1.6/msoxcel_.svg HTTP/1.1Host: kasumbo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: Name includes: ACH payment confirmation careersindia@securview.com .HTML | Initial sample: payment |
Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\ACH payment confirmation careersindia@securview.com .HTML | |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1924 --field-trial-handle=1860,i,10221190459973097732,13979483278592795457,262144 /prefetch:8 | |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | |