Windows
Analysis Report
https://outlook.office365.com/owa/calendar/CarstenBahneDeussing@xingag.onmicrosoft.com/bookings/
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 6408 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4324 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2616 --fi eld-trial- handle=248 0,i,100615 4826621817 9732,62584 8431254585 0005,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 3692 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://outlo ok.office3 65.com/owa /calendar/ CarstenBah neDeussing @xingag.on microsoft. com/bookin gs/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | Sample URL: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
ooc-g2.tm-4.office.com | 52.96.181.98 | true | false | high | |
www.google.com | 142.251.111.105 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false |
| unknown |
windowsupdatebg.s.llnwi.net | 69.164.0.0 | true | false |
| unknown |
outlook.office365.com | unknown | unknown | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
52.96.181.98 | ooc-g2.tm-4.office.com | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
142.251.111.105 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.7 |
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1417080 |
Start date and time: | 2024-03-28 15:36:59 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 28s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://outlook.office365.com/owa/calendar/CarstenBahneDeussing@xingag.onmicrosoft.com/bookings/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@17/6@4/5 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.251.163.94, 142.251.16.84, 142.251.179.101, 142.251.179.100, 142.251.179.113, 142.251.179.139, 142.251.179.138, 142.251.179.102, 34.104.35.123, 40.68.123.157, 104.97.85.151, 192.229.211.108, 72.21.81.240, 13.95.31.18, 52.165.164.15, 172.253.122.94
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9764063542411834 |
Encrypted: | false |
SSDEEP: | 48:8DdgTEYYH1UidAKZdA19ehwiZUklqehvty+3:8ef5Gy |
MD5: | CF8FB883CCB439CB92422D9703776153 |
SHA1: | 773E55FF0A3AB2B9DE589B979DE60F073974B83D |
SHA-256: | F9F208D7BF583EE206618F180CFBCA926053A04F607BC2CA610BF714517CF325 |
SHA-512: | 11CB3E4D3DCFCF0DF568B81E4BDD1D58CBBA2F8E16D2F812CDEDF3CC1CF341D35D09EED739C964A4D0C8B52CBE54637C161CAC713482DD575B8086DA5DD1F43E |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9924940213755296 |
Encrypted: | false |
SSDEEP: | 48:8JdgTEYYH1UidAKZdA1weh/iZUkAQkqehwty+2:8sfr9Qby |
MD5: | AED77645C083A5B11754F2011A943F36 |
SHA1: | BEBD470BCD0084DE56127849826B10F14CDF60A1 |
SHA-256: | E1D36FA143007360E5CD47826073C40812C6682E457872B9257F30DFAE7B5D61 |
SHA-512: | 39DC9C6761F4880F8900908C7BBA372F10267A7D29350F319C1FF0AD49A0C035A1518359C1AC04815C29686657673FF901595D27F502DCF61060FB280F147805 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.001548593461184 |
Encrypted: | false |
SSDEEP: | 48:8xhdgTEYsH1UidAKZdA14tseh7sFiZUkmgqeh7s6ty+BX:8xEfHnqy |
MD5: | 771B5034DD54DD213107C95F97B491F2 |
SHA1: | 18395CB7F662B098B35C05FD47D1805C169B0302 |
SHA-256: | 01754621F9B625ECDD9FD4D4DD2FBD11F475B241227297E7A9199C2A83743F6D |
SHA-512: | DB7F4C67ACDE95AFF15ADADE98151B4A54556DEB8CD9E58AF6367FB1489F95DB046C473A22A413AFD81DD4F608402876DEB5030562D6BFFB7B347284C5002C63 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9908370251382346 |
Encrypted: | false |
SSDEEP: | 48:8YdgTEYYH1UidAKZdA1vehDiZUkwqeh8ty+R:8Lfo8y |
MD5: | 085AE27F6A6A03A487219AD2194A2900 |
SHA1: | 9EC7BF132C7F6C304904D8CF540174364298FF21 |
SHA-256: | 9EADD6B31DEA91154B7BFD1EA700924CC3CD09D96934BD812ED5575181B8FAF5 |
SHA-512: | 2E775A5E4734073E2253B68EF6D756C660012E9E374B0896CB362333BD2FE220E89C05A9558A9109642FD451D13540CA4E91FD20B6685993767DBBB7BB709070 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.981669308514895 |
Encrypted: | false |
SSDEEP: | 48:8eDhdgTEYYH1UidAKZdA1hehBiZUk1W1qeh+ty+C:8gEf494y |
MD5: | C0AF858F44B0159E204F7D3FD40CF60C |
SHA1: | 6E40BF37307CEBA7A5E6ADBE267931E8229DD6CB |
SHA-256: | 601266C3B2F37C222D2886A1F9432DF7DBF98CBD78014607F814A3C840C6FFF6 |
SHA-512: | 9A130810349AFD526E0C05C3FFD3059C1D15EE7F8AE95F90D41592232C8FF404F1DC7013C917573ED0F2EA9F9F98255E80B644405C0FDC2E38D36ACC7213B548 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.991532654105601 |
Encrypted: | false |
SSDEEP: | 48:8vdgTEYYH1UidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbUty+yT+:8KfWT/TbxWOvTbqy7T |
MD5: | DB632A68845C2CA01DCF808CEA84961E |
SHA1: | 98BE526F2652DB2F686A3F2140D8BDDCED4B0CD5 |
SHA-256: | C290CAB88D9D79D4C8A943F5382833B53F8940B3E04A94D40CA6F1FD0E8B6D4D |
SHA-512: | A5D851F785DA2D901AD82342C427A9EFA5108A8AA715875604FC048D6C759F261EA3A18EA77CF1F0C2AAFFFB411221E06C229419DE1184F3D7D627437B3D5D08 |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 28, 2024 15:37:48.446090937 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:37:48.446099043 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:37:48.555458069 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:37:54.806018114 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:54.806066990 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:54.806293011 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:54.806790113 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:54.806792974 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:54.806807041 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:54.806814909 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:54.806940079 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:54.807096958 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:54.807110071 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.134301901 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.134340048 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.152275085 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.152307987 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.152486086 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.152506113 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.153573036 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.153652906 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.153701067 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.153716087 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.153748989 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.153757095 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.153785944 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.153945923 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.160140991 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.160253048 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.160423994 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.160511017 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.160836935 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.160845041 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.201291084 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.201303005 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.216602087 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.249080896 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.406786919 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.406898975 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.407601118 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.418670893 CET | 49711 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.418694973 CET | 443 | 49711 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.427033901 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.472233057 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.607415915 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.607526064 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:55.607578993 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.608159065 CET | 49710 | 443 | 192.168.2.5 | 52.96.181.98 |
Mar 28, 2024 15:37:55.608181000 CET | 443 | 49710 | 52.96.181.98 | 192.168.2.5 |
Mar 28, 2024 15:37:56.965184927 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:37:56.965236902 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:37:56.965365887 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:37:56.965745926 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:37:56.965761900 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:37:57.250456095 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:37:57.250749111 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:37:57.250761986 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:37:57.252742052 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:37:57.252805948 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:37:57.418210030 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:37:57.418361902 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:37:57.466109991 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:37:57.466130972 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:37:57.512993097 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:37:58.059868097 CET | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:37:58.059935093 CET | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:37:58.169250965 CET | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:37:58.316476107 CET | 49715 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:58.316526890 CET | 443 | 49715 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:58.316633940 CET | 49715 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:58.350879908 CET | 49715 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:58.350918055 CET | 443 | 49715 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:58.710737944 CET | 443 | 49715 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:58.710830927 CET | 49715 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:58.714549065 CET | 49715 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:58.714562893 CET | 443 | 49715 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:58.714823008 CET | 443 | 49715 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:58.762491941 CET | 49715 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:58.808243036 CET | 443 | 49715 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.059281111 CET | 443 | 49715 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.059367895 CET | 443 | 49715 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.059437037 CET | 49715 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.072607040 CET | 49715 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.072633982 CET | 443 | 49715 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.127134085 CET | 49716 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.127181053 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.127320051 CET | 49716 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.127723932 CET | 49716 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.127736092 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.495675087 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.495750904 CET | 49716 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.498179913 CET | 49716 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.498197079 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.498435020 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.501347065 CET | 49716 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.533540010 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:37:59.533658028 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:37:59.548232079 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.866250038 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.866354942 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.866446972 CET | 49716 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.867552996 CET | 49716 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.867571115 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:37:59.867602110 CET | 49716 | 443 | 192.168.2.5 | 23.221.242.90 |
Mar 28, 2024 15:37:59.867608070 CET | 443 | 49716 | 23.221.242.90 | 192.168.2.5 |
Mar 28, 2024 15:38:07.242542028 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:38:07.242613077 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:38:07.242885113 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:38:07.438281059 CET | 49714 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:38:07.438308954 CET | 443 | 49714 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:38:09.948751926 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:09.948751926 CET | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:09.949340105 CET | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:09.949366093 CET | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:09.949489117 CET | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:09.953501940 CET | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:09.953515053 CET | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:10.106302023 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:10.106332064 CET | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:10.287157059 CET | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:10.287241936 CET | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:10.904975891 CET | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:10.904989004 CET | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:10.905401945 CET | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:10.905441046 CET | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:10.906939983 CET | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:10.906970024 CET | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:10.907556057 CET | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:10.907562971 CET | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:11.273051977 CET | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:11.273118973 CET | 443 | 49720 | 23.1.237.91 | 192.168.2.5 |
Mar 28, 2024 15:38:11.273220062 CET | 49720 | 443 | 192.168.2.5 | 23.1.237.91 |
Mar 28, 2024 15:38:56.931914091 CET | 49726 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:38:56.931960106 CET | 443 | 49726 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:38:56.932027102 CET | 49726 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:38:56.932315111 CET | 49726 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:38:56.932327032 CET | 443 | 49726 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:38:57.199095964 CET | 443 | 49726 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:38:57.199578047 CET | 49726 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:38:57.199595928 CET | 443 | 49726 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:38:57.199933052 CET | 443 | 49726 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:38:57.200813055 CET | 49726 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:38:57.200896978 CET | 443 | 49726 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:38:57.247549057 CET | 49726 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:39:07.203142881 CET | 443 | 49726 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:39:07.203202009 CET | 443 | 49726 | 142.251.111.105 | 192.168.2.5 |
Mar 28, 2024 15:39:07.203252077 CET | 49726 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:39:07.437108040 CET | 49726 | 443 | 192.168.2.5 | 142.251.111.105 |
Mar 28, 2024 15:39:07.437145948 CET | 443 | 49726 | 142.251.111.105 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 28, 2024 15:37:53.197459936 CET | 53 | 62981 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:37:53.213401079 CET | 53 | 55521 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:37:53.844574928 CET | 53 | 59322 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:37:54.708992004 CET | 54394 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 15:37:54.708992004 CET | 60522 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 15:37:54.804394007 CET | 53 | 54394 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:37:54.805380106 CET | 53 | 60522 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:37:56.867402077 CET | 51929 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 15:37:56.867913008 CET | 64158 | 53 | 192.168.2.5 | 1.1.1.1 |
Mar 28, 2024 15:37:56.963062048 CET | 53 | 51929 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:37:56.963608027 CET | 53 | 64158 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:38:11.360498905 CET | 53 | 62202 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:38:30.220683098 CET | 53 | 57737 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:38:52.892729998 CET | 53 | 54927 | 1.1.1.1 | 192.168.2.5 |
Mar 28, 2024 15:38:53.050218105 CET | 53 | 56548 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 28, 2024 15:37:54.708992004 CET | 192.168.2.5 | 1.1.1.1 | 0x24bf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 28, 2024 15:37:54.708992004 CET | 192.168.2.5 | 1.1.1.1 | 0xd1f | Standard query (0) | 65 | IN (0x0001) | false | |
Mar 28, 2024 15:37:56.867402077 CET | 192.168.2.5 | 1.1.1.1 | 0x22 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 28, 2024 15:37:56.867913008 CET | 192.168.2.5 | 1.1.1.1 | 0xe085 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 28, 2024 15:37:54.804394007 CET | 1.1.1.1 | 192.168.2.5 | 0x24bf | No error (0) | ooc-g2.tm-4.office.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.804394007 CET | 1.1.1.1 | 192.168.2.5 | 0x24bf | No error (0) | 52.96.181.98 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.804394007 CET | 1.1.1.1 | 192.168.2.5 | 0x24bf | No error (0) | 52.96.88.66 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.804394007 CET | 1.1.1.1 | 192.168.2.5 | 0x24bf | No error (0) | 52.96.109.194 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.804394007 CET | 1.1.1.1 | 192.168.2.5 | 0x24bf | No error (0) | 52.96.9.2 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.804394007 CET | 1.1.1.1 | 192.168.2.5 | 0x24bf | No error (0) | 52.96.64.130 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.804394007 CET | 1.1.1.1 | 192.168.2.5 | 0x24bf | No error (0) | 52.96.111.2 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.804394007 CET | 1.1.1.1 | 192.168.2.5 | 0x24bf | No error (0) | 52.96.15.2 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.804394007 CET | 1.1.1.1 | 192.168.2.5 | 0x24bf | No error (0) | 52.96.35.178 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.805380106 CET | 1.1.1.1 | 192.168.2.5 | 0xd1f | No error (0) | ooc-g2.tm-4.office.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.805380106 CET | 1.1.1.1 | 192.168.2.5 | 0xd1f | No error (0) | outlook.ms-acdc.office.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:54.805380106 CET | 1.1.1.1 | 192.168.2.5 | 0xd1f | No error (0) | MNZ-efz.ms-acdc.office.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:56.963062048 CET | 1.1.1.1 | 192.168.2.5 | 0x22 | No error (0) | 142.251.111.105 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:56.963062048 CET | 1.1.1.1 | 192.168.2.5 | 0x22 | No error (0) | 142.251.111.103 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:56.963062048 CET | 1.1.1.1 | 192.168.2.5 | 0x22 | No error (0) | 142.251.111.104 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:56.963062048 CET | 1.1.1.1 | 192.168.2.5 | 0x22 | No error (0) | 142.251.111.99 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:56.963062048 CET | 1.1.1.1 | 192.168.2.5 | 0x22 | No error (0) | 142.251.111.106 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:56.963062048 CET | 1.1.1.1 | 192.168.2.5 | 0x22 | No error (0) | 142.251.111.147 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:56.963608027 CET | 1.1.1.1 | 192.168.2.5 | 0xe085 | No error (0) | 65 | IN (0x0001) | false | |||
Mar 28, 2024 15:38:09.548083067 CET | 1.1.1.1 | 192.168.2.5 | 0xf1c1 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:38:09.548083067 CET | 1.1.1.1 | 192.168.2.5 | 0xf1c1 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:38:45.358764887 CET | 1.1.1.1 | 192.168.2.5 | 0x6a59 | No error (0) | 69.164.0.0 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:38:45.358764887 CET | 1.1.1.1 | 192.168.2.5 | 0x6a59 | No error (0) | 69.164.0.128 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:39:05.640348911 CET | 1.1.1.1 | 192.168.2.5 | 0x9e6d | No error (0) | 69.164.0.128 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:39:05.640348911 CET | 1.1.1.1 | 192.168.2.5 | 0x9e6d | No error (0) | 69.164.0.0 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49711 | 52.96.181.98 | 443 | 4324 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 14:37:55 UTC | 730 | OUT | |
2024-03-28 14:37:55 UTC | 1569 | IN | |
2024-03-28 14:37:55 UTC | 196 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49710 | 52.96.181.98 | 443 | 4324 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 14:37:55 UTC | 772 | OUT | |
2024-03-28 14:37:55 UTC | 705 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49715 | 23.221.242.90 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 14:37:58 UTC | 161 | OUT | |
2024-03-28 14:37:59 UTC | 468 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49716 | 23.221.242.90 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 14:37:59 UTC | 239 | OUT | |
2024-03-28 14:37:59 UTC | 774 | IN | |
2024-03-28 14:37:59 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
4 | 192.168.2.5 | 49720 | 23.1.237.91 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 14:38:10 UTC | 2148 | OUT | |
2024-03-28 14:38:10 UTC | 1 | OUT | |
2024-03-28 14:38:10 UTC | 2483 | OUT | |
2024-03-28 14:38:11 UTC | 476 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 15:37:48 |
Start date: | 28/03/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 15:37:50 |
Start date: | 28/03/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 15:37:53 |
Start date: | 28/03/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |