Edit tour

Windows Analysis Report
https://www.bing.com/search?q=%e8%8f%af%e7%a2%a9+TUF+GAMING+B760M-PLUS+WIFI%e4%b8%bb%e6%a9%9f%e6%9d%bf&cvid=8ed3431d674542bbaed6934068e7242d&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIGCAEQABhAMgYIAhAAGEAyBggDEAAYQDIGCAQQABhAMgYIBRAAGEAyBggGEAAYQDIGCAcQABhAMgYICBAAGEAyBwgJEEUY_FXSAQgxMDUwajBqNKgCALACAA&PC=U531&

Overview

General Information

Sample URL:	https://www.bing.com/search?q=%e8%8f%af%e7%a2%a9+TUF+GAMING+B760M-PLUS+WIFI%e4%b8%bb%e6%a9%9f%e6%9d%bf&cvid=8ed3431d674542bbaed6934068e7242d&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIGCAEQABhAMgYIAhAAGEAyBggDEAA
Analysis ID:	1408436

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Snort IDS alert for network traffic

Connects to several IPs in different countries

HTML body contains low number of good links

HTML body with high number of embedded images detected

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 4984 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.bing.com/search?q=%e8%8f%af%e7%a2%a9+TUF+GAMING+B760M-PLUS+WIFI%e4%b8%bb%e6%a9%9f%e6%9d%bf&cvid=8ed3431d674542bbaed6934068e7242d&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIGCAEQABhAMgYIAhAAGEAyBggDEAAYQDIGCAQQABhAMgYIBRAAGEAyBggGEAAYQDIGCAcQABhAMgYICBAAGEAyBwgJEEUY_FXSAQgxMDUwajBqNKgCALACAA&PC=U531&FPIG=7973DC1DA237417B95A39D883F2961E8&first=121&FORM=PERE2 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 1660 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1888,i,4785117546262055158,10531648245264842045,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 7612 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5432 --field-trial-handle=1888,i,4785117546262055158,10531648245264842045,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 2952 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5664 --field-trial-handle=1888,i,4785117546262055158,10531648245264842045,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Snort Signatures

ET CURRENT_EVENTS TA569 Keitaro TDS Domain in DNS Lookup (gspiceyl .com) - Source IP: 192.168.2.17 - Destination IP: 1.1.1.1

Timestamp:	03/13/24-16:31:26.192656
SID:	2050719
Source Port:	62060
Destination Port:	53
Protocol:	UDP
Classtype:	A Network Trojan was detected

ET CURRENT_EVENTS TA569 Keitaro TDS Domain in TLS SNI (gspiceyl .com) - Source IP: 192.168.2.17 - Destination IP: 87.251.79.15

Timestamp:	03/13/24-16:31:26.738463
SID:	2050722
Source Port:	49985
Destination Port:	443
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET CURRENT_EVENTS TA569 Keitaro TDS Domain in DNS Lookup (gspiceyl .com) - Source IP: 192.168.2.17 - Destination IP: 1.1.1.1

Timestamp:	03/13/24-16:31:25.178110
SID:	2050719
Source Port:	54657
Destination Port:	53
Protocol:	UDP
Classtype:	A Network Trojan was detected

ET CURRENT_EVENTS TA569 Keitaro TDS Domain in TLS SNI (gspiceyl .com) - Source IP: 192.168.2.17 - Destination IP: 87.251.79.15

Timestamp:	03/13/24-16:32:00.845010
SID:	2050722
Source Port:	50224
Destination Port:	443
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET CURRENT_EVENTS TA569 Keitaro TDS Domain in DNS Lookup (gspiceyl .com) - Source IP: 192.168.2.17 - Destination IP: 1.1.1.1

Timestamp:	03/13/24-16:31:25.178387
SID:	2050719
Source Port:	58254
Destination Port:	53
Protocol:	UDP
Classtype:	A Network Trojan was detected

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=5d1c64b5-8d39-4557-b250-a8e64cf3f937&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%222F1CF1A502074E288B0CAD7804A7AD9A%22%7d

HTTP Parser: Number of links: 0

Source: https://www.bing.com/search?q=%e8%8f%af%e7%a2%a9+TUF+GAMING+B760M-PLUS+WIFI%e4%b8%bb%e6%a9%9f%e6%9d%bf&cvid=8ed3431d674542bbaed6934068e7242d&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIGCAEQABhAMgYIAhAAGEAyBggDEAAYQDIGCAQQABhAMgYIBRAAGEAyBggGEAAYQDIGCAcQABhAMgYICBAAGEAyBwgJEEUY_FXSAQgxMDUwajBqNKgCALACAA&PC=U531&FPIG=7973DC1DA237417B95A39D883F2961E8&first=121&FORM=PERE2

HTTP Parser: Total embedded image size: 42505

Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8892768077882804&output=html&h=300&slotname=4879218354&adk=3229585123&adf=2371199492&pi=t.ma~as.4879218354&w=300&lmt=1710343886&format=300x300&url=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xNDkiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTQ5Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xNDkiXV0sMF0.&dt=1710343885099&bpp=1&bdt=2255&idt=998&shv=r20240311&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C660x200&nras=1&correlator=7127179962831&frm=20&pv=1&ga_vid=319674620.1710343886&ga_sid=1710343886&ga_hid=75658237&ga_fc=1&u_tz=60&u_his=2&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=832&ady=878&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95326316%2C95320376%2C95325785%2C31078663%2C31078665%2C31078668%2C31078670&oid=2&pvsid=404282682768476&tmod=185121702...

HTTP Parser: Base64 decoded: _mmL_DeZpsasGx02EUyTDjSoJ0tDhwKeiIA6Yiha6yVdmpoC3J04y0OUhOAsFYN4-7sf2cAEu9aWrdMEiAW93bStTqAGZoAHoaO_nQGoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7ECqAfKqbECqAfrpbECqAfqsbECqAeZtbECqAe...

HTTP Parser: Title: Redirecting does not match URL

Source: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.computerdiy.com.tw&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__#rpctoken=695174117&forcesecure=1	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8892768077882804&output=html&h=300&slotname=4879218354&adk=3229585123&adf=2371199492&pi=t.ma~as.4879218354&w=300&lmt=1710343886&format=300x300&url=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xNDkiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTQ5Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xNDkiXV0sMF0.&dt=1710343885099&bpp=1&bdt=2255&idt=998&shv=r20240311&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C660x200&nras=1&correlator=7127179962831&frm=20&pv=1&ga_vid=319674620.1710343886&ga_sid=1710343886&ga_hid=75658237&ga_fc=1&u_tz=60&u_his=2&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=832&ady=878&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95326316%2C95320376%2C95325785%2C31078663%2C31078665%2C31078668%2C31078670&oid=2&pvsid=404282682768476&tmod=185121702...	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8892768077882804&output=html&h=200&slotname=4610783378&adk=2905040485&adf=884091971&pi=t.ma~as.4610783378&w=660&lmt=1710343886&format=660x200&url=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xNDkiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTQ5Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xNDkiXV0sMF0.&dt=1710343885098&bpp=1&bdt=2255&idt=985&shv=r20240311&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7127179962831&frm=20&pv=1&ga_vid=319674620.1710343886&ga_sid=1710343886&ga_hid=75658237&ga_fc=1&u_tz=60&u_his=2&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=142&ady=352&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95326316%2C95320376%2C95325785%2C31078663%2C31078665%2C31078668%2C31078670&oid=2&pvsid=404282682768476&tmod=1851217022&uas=0&nvt...	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8892768077882804&output=html&h=200&slotname=4610783378&adk=2905040485&adf=884091971&pi=t.ma~as.4610783378&w=660&lmt=1710343920&format=660x200&url=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xNDkiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTQ5Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xNDkiXV0sMF0.&dt=1710343920172&bpp=1&bdt=349&idt=126&shv=r20240311&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4efc4f18c9e079d%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MZWu3a5Bq_dRB77dD0sNJCyssDveg&gpic=UID%3D00000dd221a3d1e5%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MbEjmYfAyqXktu_G2Biht_8fna_yw&eo_id_str=ID%3D26ca8a4bd8636313%3AT%3D1710343887%3ART%3D1710343887%3AS%3DAA-AfjYamPpCANzD_X8Q_jI_K9CX&prev_fmts=0x0&nras=1&correlator=2367211286664&frm=20&pv=1&ga_vid=319674620.1710343886&ga_sid=1710343920&ga_hid=470113...	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8892768077882804&output=html&h=300&slotname=4879218354&adk=3229585123&adf=2371199492&pi=t.ma~as.4879218354&w=300&lmt=1710343920&format=300x300&url=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xNDkiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTQ5Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xNDkiXV0sMF0.&dt=1710343920172&bpp=1&bdt=349&idt=255&shv=r20240311&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4efc4f18c9e079d%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MZWu3a5Bq_dRB77dD0sNJCyssDveg&gpic=UID%3D00000dd221a3d1e5%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MbEjmYfAyqXktu_G2Biht_8fna_yw&eo_id_str=ID%3D26ca8a4bd8636313%3AT%3D1710343887%3ART%3D1710343887%3AS%3DAA-AfjYamPpCANzD_X8Q_jI_K9CX&prev_fmts=0x0%2C660x200&nras=1&correlator=2367211286664&frm=20&pv=1&ga_vid=319674620.1710343886&ga_sid=1710343920&ga...	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8892768077882804&output=html&h=300&slotname=4879218354&adk=3229585123&adf=2371199492&pi=t.ma~as.4879218354&w=300&lmt=1710343920&format=300x300&url=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xNDkiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTQ5Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xNDkiXV0sMF0.&dt=1710343920172&bpp=1&bdt=349&idt=255&shv=r20240311&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4efc4f18c9e079d%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MZWu3a5Bq_dRB77dD0sNJCyssDveg&gpic=UID%3D00000dd221a3d1e5%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MbEjmYfAyqXktu_G2Biht_8fna_yw&eo_id_str=ID%3D26ca8a4bd8636313%3AT%3D1710343887%3ART%3D1710343887%3AS%3DAA-AfjYamPpCANzD_X8Q_jI_K9CX&prev_fmts=0x0%2C660x200&nras=1&correlator=2367211286664&frm=20&pv=1&ga_vid=319674620.1710343886&ga_sid=1710343920&ga...	HTTP Parser: No favicon
Source: https://www.facebook.com/v2.3/plugins/like.php?app_id=1038349339543512&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb4258d60de7f26df%26domain%3Dwww.computerdiy.com.tw%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.computerdiy.com.tw%252Ffe5dd2313bc44fc6d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&layout=button_count&locale=zh_TW&sdk=joey&send=false&share=true&show_faces=true&width=30	HTTP Parser: No favicon
Source: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/aframe	HTTP Parser: No favicon
Source: https://www.facebook.com/plugins/feedback.php?app_id=1038349339543512&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa5995dd8ac00f9fa%26domain%3Dwww.computerdiy.com.tw%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.computerdiy.com.tw%252Ffe5dd2313bc44fc6d%26relation%3Dparent.parent&color_scheme=light&container_width=680&height=100&href=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&locale=zh_TW&numposts=10&order_by=reverse_time&sdk=joey&version=v2.3&width=650	HTTP Parser: No favicon
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=5d1c64b5-8d39-4557-b250-a8e64cf3f937&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%222F1CF1A502074E288B0CAD7804A7AD9A%22%7d	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8892768077882804&output=html&h=300&slotname=4879218354&adk=3229585123&adf=2371199492&pi=t.ma~as.4879218354&w=300&lmt=1710343960&format=300x300&url=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xNDkiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTQ5Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xNDkiXV0sMF0.&dt=1710343960357&bpp=1&bdt=280&idt=99&shv=r20240311&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4efc4f18c9e079d%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MZWu3a5Bq_dRB77dD0sNJCyssDveg&gpic=UID%3D00000dd221a3d1e5%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MbEjmYfAyqXktu_G2Biht_8fna_yw&eo_id_str=ID%3D26ca8a4bd8636313%3AT%3D1710343887%3ART%3D1710343887%3AS%3DAA-AfjYamPpCANzD_X8Q_jI_K9CX&prev_fmts=0x0%2C660x200&nras=1&correlator=7501047851305&frm=20&pv=1&ga_vid=319674620.1710343886&ga_sid=1710343960&ga_...	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8892768077882804&output=html&h=200&slotname=4610783378&adk=2905040485&adf=884091971&pi=t.ma~as.4610783378&w=660&lmt=1710343960&format=660x200&url=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xNDkiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTQ5Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xNDkiXV0sMF0.&dt=1710343960355&bpp=2&bdt=278&idt=87&shv=r20240311&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd4efc4f18c9e079d%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MZWu3a5Bq_dRB77dD0sNJCyssDveg&gpic=UID%3D00000dd221a3d1e5%3AT%3D1710343887%3ART%3D1710343887%3AS%3DALNI_MbEjmYfAyqXktu_G2Biht_8fna_yw&eo_id_str=ID%3D26ca8a4bd8636313%3AT%3D1710343887%3ART%3D1710343887%3AS%3DAA-AfjYamPpCANzD_X8Q_jI_K9CX&prev_fmts=0x0&nras=1&correlator=7501047851305&frm=20&pv=1&ga_vid=319674620.1710343886&ga_sid=1710343960&ga_hid=2520161...	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/aframe	HTTP Parser: No favicon
Source: https://www.facebook.com/v2.3/plugins/like.php?app_id=1038349339543512&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0f2b9050b8838251%26domain%3Dwww.computerdiy.com.tw%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.computerdiy.com.tw%252Ff511b2dd1bc574030%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&layout=button_count&locale=zh_TW&sdk=joey&send=false&share=true&show_faces=true&width=30	HTTP Parser: No favicon
Source: https://www.facebook.com/plugins/feedback.php?app_id=1038349339543512&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc81d04bd017eb31d%26domain%3Dwww.computerdiy.com.tw%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.computerdiy.com.tw%252Ff511b2dd1bc574030%26relation%3Dparent.parent&color_scheme=light&container_width=680&height=100&href=https%3A%2F%2Fwww.computerdiy.com.tw%2Ftuf-gaming-b760-plus-wifi-d4%2F&locale=zh_TW&numposts=10&order_by=reverse_time&sdk=joey&version=v2.3&width=650	HTTP Parser: No favicon

HTTP Parser: No <meta name="author".. found

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.17:49948 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.17:49957 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:50062 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:50331 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 13MB later: 34MB

Networking

Snort IDS alert for network traffic

Source: Traffic	Snort IDS: 2050719 ET CURRENT_EVENTS TA569 Keitaro TDS Domain in DNS Lookup (gspiceyl .com) 192.168.2.17:54657 -> 1.1.1.1:53
Source: Traffic	Snort IDS: 2050719 ET CURRENT_EVENTS TA569 Keitaro TDS Domain in DNS Lookup (gspiceyl .com) 192.168.2.17:58254 -> 1.1.1.1:53
Source: Traffic	Snort IDS: 2050719 ET CURRENT_EVENTS TA569 Keitaro TDS Domain in DNS Lookup (gspiceyl .com) 192.168.2.17:62060 -> 1.1.1.1:53
Source: Traffic	Snort IDS: 2050722 ET CURRENT_EVENTS TA569 Keitaro TDS Domain in TLS SNI (gspiceyl .com) 192.168.2.17:49985 -> 87.251.79.15:443
Source: Traffic	Snort IDS: 2050722 ET CURRENT_EVENTS TA569 Keitaro TDS Domain in TLS SNI (gspiceyl .com) 192.168.2.17:50224 -> 87.251.79.15:443

Source: unknown

Network traffic detected: IP country count 10

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26

Source: unknown

DNS traffic detected: queries for: www.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50501
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50503
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50505
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50500
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50509
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 50359 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50512
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50517
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50519
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50518
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50510
Source: unknown	Network traffic detected: HTTP traffic on port 50291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 50326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 50062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50525
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50527
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50529
Source: unknown	Network traffic detected: HTTP traffic on port 50507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50522
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50521
Source: unknown	Network traffic detected: HTTP traffic on port 50348 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 50235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50510 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 50382 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50485 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50324 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50293 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 50381 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 50358 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50302 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50386 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50459
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50450
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50570
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50331
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50330
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50572
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50212
Source: unknown	Network traffic detected: HTTP traffic on port 50202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50332
Source: unknown	Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50213
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50227
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50348
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50229
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50349
Source: unknown	Network traffic detected: HTTP traffic on port 50505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50342
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50462
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50344
Source: unknown	Network traffic detected: HTTP traffic on port 50352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50343
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50224
Source: unknown	Network traffic detected: HTTP traffic on port 50289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50512 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50363 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50359
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50358
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50472
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50232
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50353
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50352
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50233
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50357
Source: unknown	Network traffic detected: HTTP traffic on port 50374 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50235
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50356
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50198 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50248
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50362
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50483
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50361
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50364
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50485
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50363
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50484
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50366
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50365
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 50224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50247
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50368
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50367
Source: unknown	Network traffic detected: HTTP traffic on port 50266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50250
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50492
Source: unknown	Network traffic detected: HTTP traffic on port 50535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50370
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50534
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50536
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50531
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50533
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50532
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50306
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50305
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50308
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50307
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50309
Source: unknown	Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50300
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50302
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50301
Source: unknown	Network traffic detected: HTTP traffic on port 50373 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50315
Source: unknown	Network traffic detected: HTTP traffic on port 50361 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50384 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50316
Source: unknown	Network traffic detected: HTTP traffic on port 50256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50319
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50318
Source: unknown	Network traffic detected: HTTP traffic on port 50525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50311
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50432
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50312
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50349 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50326
Source: unknown	Network traffic detected: HTTP traffic on port 50503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50325
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50567
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50328
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50327
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50560
Source: unknown	Network traffic detected: HTTP traffic on port 50316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50320
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50562
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50561
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50321
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50324
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50323
Source: unknown	Network traffic detected: HTTP traffic on port 50372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50327 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50297
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50299
Source: unknown	Network traffic detected: HTTP traffic on port 50319 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50343 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50366 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 50331 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 50537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50308 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 50332 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50198
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 50492 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50297 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50572 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 50365 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 50527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50259
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50373
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50372
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50493
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50254
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50375
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50253
Source: unknown	Network traffic detected: HTTP traffic on port 50330 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50374
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50256
Source: unknown	Network traffic detected: HTTP traffic on port 50376 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50376
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50353 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50378
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50382
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50381
Source: unknown	Network traffic detected: HTTP traffic on port 50253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50299 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50384
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50262
Source: unknown	Network traffic detected: HTTP traffic on port 50318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50391 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50386
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50266
Source: unknown	Network traffic detected: HTTP traffic on port 50501 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50268
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50391
Source: unknown	Network traffic detected: HTTP traffic on port 50342 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50279
Source: unknown	Network traffic detected: HTTP traffic on port 50265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50282
Source: unknown	Network traffic detected: HTTP traffic on port 50307 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50364 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50284
Source: unknown	Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50286
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50288
Source: unknown	Network traffic detected: HTTP traffic on port 50375 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50292
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50291
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50293
Source: unknown	Network traffic detected: HTTP traffic on port 50562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50311 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50357 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50500 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50517 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50300 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50450 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50368 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50312 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50484 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50518 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 50229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50238 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 50309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 50310 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50261 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50356 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50285 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 50367 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 50250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50459 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50493 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50378 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50483 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50322 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443

Source: unknown	HTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.17:49948 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.17:49957 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:50062 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:50331 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@43/270@127/742

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.bing.com/search?q=%e8%8f%af%e7%a2%a9+TUF+GAMING+B760M-PLUS+WIFI%e4%b8%bb%e6%a9%9f%e6%9d%bf&cvid=8ed3431d674542bbaed6934068e7242d&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIGCAEQABhAMgYIAhAAGEAyBggDEAAYQDIGCAQQABhAMgYIBRAAGEAyBggGEAAYQDIGCAcQABhAMgYICBAAGEAyBwgJEEUY_FXSAQgxMDUwajBqNKgCALACAA&PC=U531&FPIG=7973DC1DA237417B95A39D883F2961E8&first=121&FORM=PERE2
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1888,i,4785117546262055158,10531648245264842045,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1888,i,4785117546262055158,10531648245264842045,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5432 --field-trial-handle=1888,i,4785117546262055158,10531648245264842045,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5432 --field-trial-handle=1888,i,4785117546262055158,10531648245264842045,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5664 --field-trial-handle=1888,i,4785117546262055158,10531648245264842045,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5664 --field-trial-handle=1888,i,4785117546262055158,10531648245264842045,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Extra Window Memory Injection	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails