Windows Analysis Report
http://lionsclubs.org.au/wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5E

Overview

General Information

Sample URL:	http://lionsclubs.org.au/wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5E
Analysis ID:	1427176
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

No high impact signatures.

Classification

Signatures

There are no high impact signatures.

Source: http://lionsclubs.org.au/wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5E

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.4:49743 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: Sucuri/CloudproxyDate: Wed, 17 Apr 2024 05:45:05 GMTContent-Type: application/javascript; charset=UTF-8Content-Length: 1188Connection: keep-aliveX-Sucuri-ID: 14006X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffcache-control: max-age=315360000expires: Thu, 31 Dec 2037 23:55:55 GMTlast-modified: Tue, 09 Apr 2024 20:44:22 GMTaccept-ranges: bytescontent-encoding: gzipvary: Accept-Encoding,Accept-Encoding,User-Agentx-turbo-charged-by: LiteSpeedX-Sucuri-Cache: MISSData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 5d 6f db 36 14 7d cf af 60 b4 c0 15 33 49 69 5e 65 78 5d 91 6e 58 0b ac c0 9a 3e 0c 18 86 80 11 af 2d 26 32 99 91 b4 dd cc f1 7f df a5 28 eb c3 b6 6c 27 d9 f6 12 58 e2 bd e7 1e 9e fb 41 2a 17 e7 e7 27 e4 9c 7c cd 85 21 9f ae c9 58 14 40 16 cc 10 36 b3 2a 9e 80 04 cd 2c 70 32 17 8c 7c 05 6d 40 27 68 ee 3c ae 94 b4 5a dc a2 99 36 c4 e4 6a 56 70 c2 e6 4a 70 02 5c 58 21 27 c4 3a 4c 07 18 11 34 23 42 1a 0b cc 2f e3 1a 10 66 8c ca 84 83 77 78 52 49 32 15 52 8c 05 86 2b 69 b8 3f 09 f9 59 69 32 55 1a d0 7f ac f4 94 59 a1 64 44 b2 1c b2 7b a2 10 56 cd 34 01 39 11 12 40 bb a8 5c 65 c6 e1 21 5c ae 16 64 01 24 67 92 23 1c ee ce e3 67 25 06 e2 ed f4 5d ef ef 47 03 90 92 dc da 07 93 5e 5c c0 5c da 44 98 0b 0e f3 d8 59 c5 6d 28 34 bf 38 39 71 6a 40 02 73 90 d6 8c da 0f 4f 4f cb 55 d4 7e 91 cc 05 2c ba 36 fe 55 8f 65 32 45 ad f3 5f d5 2d 0a f2 93 c7 47 bb f1 4c 66 2e 7a 78 16 a9 db 3b ba 0c 66 06 88 41 ef cc 06 c3 39 d3 e4 0c 89 ce a6 68 3e 3a 0b d7 3f e9 10 6d 13 03 05 64 2e 71 a3 65 c6 0a 90 9c e9 f4 cd 1f 9c 59 16 df 99 51 50 32 88 3d 83 b8 8c 1d 4f b4 e0 c1 9f 6f a2 b5 f9 07 f6 d8 eb b1 b6 a9 5c 39 7b 8c 33 28 0a 7c 74 1b d8 40 b9 2e a9 00 bf 2a b0 1c d2 20 d9 83 74 73 53 43 c5 a6 72 0b a2 69 4b 96 63 29 79 9f 6a d1 11 6a 83 78 9d 1d 35 ac 9f 23 68 75 d1 6e 6e aa 47 c7 35 c6 be 58 74 29 7e 80 31 9b 15 f6 b3 b2 22 83 2d e4 1c 1b 04 34 62 80 31 6c 02 26 ae c0 53 a9 6c 78 c8 14 23 d2 60 e5 8a 21 c9 0a 65 e0 7d 51 54 d5 d2 94 4a 86 8c 19 d6 bb a6 cb e6 77 32 16 92 87 9d c2 48 5a 29 a2 09 b0 2c 0f c3 1a 05 ad e1 5b e4 09 d0 65 59 6a fe 01 0b ad 7a 1b 39 70 8c fd 91 8f aa b5 84 59 ab c3 80 69 c1 62 b7 a8 55 61 02 1a 9d 55 86 e8 1a 04 74 58 bb 0d 06 61 b3 b4 c1 34 f8 2e f8 be 36 a4 bb 1a 86 65 99 d2 1c b9 56 4a ac 1f c3 8a 4c 1d 96 d2 46 af 76 83 6d 1b ae 28 f5 da fa 71 52 57 c9 55 21 b2 fb 5d 0a 47 2e f9 dd 74 57 62 f1 ce cb ad ed 75 13 d1 5f 3c 34 e2 4d ff 3c 03 65 bb c0 69 82 c9 9e d8 fc 87 b7 c3 6d d2 83 c1 69 2b ce bb 0d f6 89 86 a9 9a 43 09 13 56 4d 97 a9 29 76 46 cc 2e 2f 1f e3 5c 70 0e 32 a0 e9 a6 1f e3 fc a0 93 17 5c 3d 80 ec 0c bf 46 ec cd 24 2d f7 16 db 60 b0 b7 54 5c 9c 3d 95 12 d5 d8 6b e6 bd 1d d3 19 Data Ascii: X]o6}`3Ii^ex]nX>-&2(l'XA'\|!X@6,p2\|m@'h<Z6jVpJp\X!':L4#B/fwxRI2R+i?Yi2UYdD{V49@\e!\d$g#g%]G^\\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: Sucuri/CloudproxyDate: Wed, 17 Apr 2024 05:45:06 GMTContent-Type: image/x-iconContent-Length: 1022Connection: keep-aliveX-Sucuri-ID: 14006X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffcache-control: max-age=315360000expires: Thu, 31 Dec 2037 23:55:55 GMTlast-modified: Wed, 27 Dec 2006 04:39:45 GMTaccept-ranges: bytescontent-encoding: gzipvary: Accept-Encoding,Accept-Encoding,User-Agentx-turbo-charged-by: LiteSpeedX-Sucuri-Cache: MISSData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 93 6b 54 14 44 18 86 9f 4d 34 c3 54 bc b0 a2 a9 ab 81 4a c8 45 6e c2 ba 22 cb 02 8b 0a 04 28 08 2a 2d 0a a2 40 0a 0a 69 28 20 0a 2e 24 98 19 20 48 21 82 4b 28 2d 97 95 8b 08 68 88 22 6e 96 9c 53 49 1d ef 96 76 d0 20 b5 08 d4 22 69 a1 e3 3f ff f5 af 77 ce 77 66 9e f9 e6 9c 99 6f e6 1d 10 e8 9a 81 01 43 8a 18 0e 42 5d 6f aa 8b c1 a9 19 ba 10 30 72 28 27 15 f0 52 0d 0c 0c c0 b9 47 d4 3a 40 54 92 92 42 6d 07 fa be 0a 42 dc cc 31 4c 2f 62 85 e6 22 22 33 2b ae fd d0 41 d5 f1 52 56 07 54 e2 1f b8 06 6b ab 2d c8 da 1f 32 b5 fc 3c 8b 73 8a d9 dc 7e 8f 69 8a 4c 52 83 1d 39 9c a3 25 53 32 9a 8c 7c 15 0b 37 27 20 59 ea 4e fd 8d fb b8 cd 9b ce 48 5b 0f 6e 77 3d a2 ba ae 15 c7 9a 6f 11 9d ef 26 ae f1 2b 4c 82 37 61 93 9a c3 98 ec 46 e6 44 95 60 91 5d 8e fe 89 6b c4 84 79 e2 9b 9a 41 bc eb 74 14 d1 e5 b4 68 b5 f8 5f b8 83 f1 b6 34 c4 a1 61 84 96 d6 e1 97 df ca 8c aa db 1c 51 9f 41 ee 6a 4b d1 a2 11 6c 88 8b a5 a7 fb 01 e3 d6 27 72 fa d2 0d 96 07 79 e1 70 f6 0e e6 0e b6 28 9b 2f 33 de 33 1a 59 59 1b 65 57 6e a3 48 c9 25 d1 d7 8c aa 8b 97 b0 54 b7 22 2b d0 e0 10 14 c0 72 2f 31 8f 9f f6 23 cd cc 65 d9 86 10 64 89 e9 64 c9 85 dc bd fb 13 ae 21 d1 cc 4e 2f 60 ca 91 d3 58 6f 4f 21 72 95 0b 2a 6b f0 3f d6 c0 37 5d 3d 18 b8 07 32 bb f6 3b 8e 36 9c 21 49 3c 16 a3 93 df 53 d8 f2 25 7a 4d f7 c8 b6 d7 a3 e0 ca 8f 48 0e 14 e3 bd 2f 0f c3 22 2d 63 13 55 18 9a 98 e1 11 19 8e dd a6 58 1e f7 3d c6 ac ed 3e b2 96 bb 94 a8 4b d1 5c be 4e c3 d5 5b 58 c6 ec c1 68 f7 21 bc fc 7c b0 c9 50 63 ac 6a c6 62 67 06 12 8d 16 49 6e 19 0a a7 59 cc 77 95 12 52 d3 8a 5a 02 a2 1d fb 99 5c f1 35 a2 7d 45 24 38 0b 11 47 44 f1 a0 a7 97 ce 5f ba 38 28 35 20 50 6a ce a4 b5 f1 78 a4 64 62 5a 71 89 88 f6 4e 0a db af f3 e4 c9 53 7c 74 7e 70 f1 70 c1 39 54 81 32 c8 06 61 42 31 92 b4 1c f2 24 c3 a9 e9 b8 49 a9 ba 19 61 e9 05 ec ca 2f 32 ca d2 8d 5d 12 43 7e fb a3 8f 70 b9 05 f2 bd b9 cc 54 e6 33 aa fe 1a c2 c3 a7 18 e8 ff 93 a6 9b f7 98 e0 bb 91 80 25 f6 d8 87 47 20 cd 3b 4e 95 23 24 e9 de d6 7b 6f 36 bb 57 da b3 c6 c5 04 93 63 2d 38 2b b3 30 55 b7 e1 9e 9c c6 cf 9d bf 22 52 9d a5 6c 70 ad d3 44 fa fa 7a b1 db 91 8a 63 5a 36 95 ba 1a 93 17 8c 63 e0 79 3f d5 62 08 93 cf 25 62 6b 1c 4f 9e 3d c3 71 5d 18 7e 3b 95 54 eb bc fd 7b 6f af Data Ascii: kTDM4TJEn"(*-@i( .$ H!K(-h"nSIv "i?wwfoCB]o0r('RG:@TBmB1L/b""3+ARVTk-2<s~
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: Sucuri/CloudproxyDate: Wed, 17 Apr 2024 05:45:08 GMTContent-Type: image/x-iconContent-Length: 1022Connection: keep-aliveX-Sucuri-ID: 14006X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffcache-control: max-age=315360000expires: Thu, 31 Dec 2037 23:55:55 GMTlast-modified: Wed, 27 Dec 2006 04:39:45 GMTcontent-encoding: gzipvary: Accept-Encoding,Accept-Encoding,User-Agentx-turbo-charged-by: LiteSpeedX-Sucuri-Cache: MISSAccept-Ranges: bytesData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 93 6b 54 14 44 18 86 9f 4d 34 c3 54 bc b0 a2 a9 ab 81 4a c8 45 6e c2 ba 22 cb 02 8b 0a 04 28 08 2a 2d 0a a2 40 0a 0a 69 28 20 0a 2e 24 98 19 20 48 21 82 4b 28 2d 97 95 8b 08 68 88 22 6e 96 9c 53 49 1d ef 96 76 d0 20 b5 08 d4 22 69 a1 e3 3f ff f5 af 77 ce 77 66 9e f9 e6 9c 99 6f e6 1d 10 e8 9a 81 01 43 8a 18 0e 42 5d 6f aa 8b c1 a9 19 ba 10 30 72 28 27 15 f0 52 0d 0c 0c c0 b9 47 d4 3a 40 54 92 92 42 6d 07 fa be 0a 42 dc cc 31 4c 2f 62 85 e6 22 22 33 2b ae fd d0 41 d5 f1 52 56 07 54 e2 1f b8 06 6b ab 2d c8 da 1f 32 b5 fc 3c 8b 73 8a d9 dc 7e 8f 69 8a 4c 52 83 1d 39 9c a3 25 53 32 9a 8c 7c 15 0b 37 27 20 59 ea 4e fd 8d fb b8 cd 9b ce 48 5b 0f 6e 77 3d a2 ba ae 15 c7 9a 6f 11 9d ef 26 ae f1 2b 4c 82 37 61 93 9a c3 98 ec 46 e6 44 95 60 91 5d 8e fe 89 6b c4 84 79 e2 9b 9a 41 bc eb 74 14 d1 e5 b4 68 b5 f8 5f b8 83 f1 b6 34 c4 a1 61 84 96 d6 e1 97 df ca 8c aa db 1c 51 9f 41 ee 6a 4b d1 a2 11 6c 88 8b a5 a7 fb 01 e3 d6 27 72 fa d2 0d 96 07 79 e1 70 f6 0e e6 0e b6 28 9b 2f 33 de 33 1a 59 59 1b 65 57 6e a3 48 c9 25 d1 d7 8c aa 8b 97 b0 54 b7 22 2b d0 e0 10 14 c0 72 2f 31 8f 9f f6 23 cd cc 65 d9 86 10 64 89 e9 64 c9 85 dc bd fb 13 ae 21 d1 cc 4e 2f 60 ca 91 d3 58 6f 4f 21 72 95 0b 2a 6b f0 3f d6 c0 37 5d 3d 18 b8 07 32 bb f6 3b 8e 36 9c 21 49 3c 16 a3 93 df 53 d8 f2 25 7a 4d f7 c8 b6 d7 a3 e0 ca 8f 48 0e 14 e3 bd 2f 0f c3 22 2d 63 13 55 18 9a 98 e1 11 19 8e dd a6 58 1e f7 3d c6 ac ed 3e b2 96 bb 94 a8 4b d1 5c be 4e c3 d5 5b 58 c6 ec c1 68 f7 21 bc fc 7c b0 c9 50 63 ac 6a c6 62 67 06 12 8d 16 49 6e 19 0a a7 59 cc 77 95 12 52 d3 8a 5a 02 a2 1d fb 99 5c f1 35 a2 7d 45 24 38 0b 11 47 44 f1 a0 a7 97 ce 5f ba 38 28 35 20 50 6a ce a4 b5 f1 78 a4 64 62 5a 71 89 88 f6 4e 0a db af f3 e4 c9 53 7c 74 7e 70 f1 70 c1 39 54 81 32 c8 06 61 42 31 92 b4 1c f2 24 c3 a9 e9 b8 49 a9 ba 19 61 e9 05 ec ca 2f 32 ca d2 8d 5d 12 43 7e fb a3 8f 70 b9 05 f2 bd b9 cc 54 e6 33 aa fe 1a c2 c3 a7 18 e8 ff 93 a6 9b f7 98 e0 bb 91 80 25 f6 d8 87 47 20 cd 3b 4e 95 23 24 e9 de d6 7b 6f 36 bb 57 da b3 c6 c5 04 93 63 2d 38 2b b3 30 55 b7 e1 9e 9c c6 cf 9d bf 22 52 9d a5 6c 70 ad d3 44 fa fa 7a b1 db 91 8a 63 5a 36 95 ba 1a 93 17 8c 63 e0 79 3f d5 62 08 93 cf 25 62 6b 1c 4f 9e 3d c3 71 5d 18 7e 3b 95 54 eb bc fd 7b 6f af Data Ascii: kTDM4TJEn"(*-@i( .$ H!K(-h"nSIv "i?wwfoCB]o0r('RG:@TBmB1L/b""3+ARVTk-2<s~

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5E HTTP/1.1Host: lionsclubs.org.auConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: lionsclubs.org.auConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://lionsclubs.org.au/wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5EAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: lionsclubs.org.auConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: lionsclubs.org.au

Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Source: unknown	HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.4:49743 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@16/5@7/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2024,i,16078203422542096364,6056119984045768340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://lionsclubs.org.au/wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5E"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2024,i,16078203422542096364,6056119984045768340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
74.125.138.105	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
192.124.249.106	lionsclubs.org.au	United States	30148	SUCURI-SECUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.210.172	true
lionsclubs.org.au	192.124.249.106	true
www.google.com	74.125.138.105	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://lionsclubs.org.au/favicon.ico	false		unknown
http://lionsclubs.org.au/wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5E	false		unknown

ID:	1427176
Product:	CloudBasic
Start time:	07:44:11
Start date:	17.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 40	gzip compressed data, from Unix, original size modulo 2^32 1406	3C29128645992C372F9191045E1F1F69	D2FB79C4538AEEF3E2CB4027098D5221A287E4FC	80E8FC7B04BA573E496D0F2DDE5DB9C13F1291D25F50A1B40BB481F7DF30D8BB
Chrome Cache Entry: 41	gzip compressed data, from Unix, original size modulo 2^32 4614	F6CAB815843A8794392B401E915EC43E	E25FC68767D3325DB66B3D545730BEF3003BE33D	50B6827349E5FC1F49D3747472F1B0BEE255D4F514EFFC1052167CCA655197A9
Chrome Cache Entry: 42	gzip compressed data, from Unix, original size modulo 2^32 1406	3C29128645992C372F9191045E1F1F69	D2FB79C4538AEEF3E2CB4027098D5221A287E4FC	80E8FC7B04BA573E496D0F2DDE5DB9C13F1291D25F50A1B40BB481F7DF30D8BB

Windows Analysis Report
http://lionsclubs.org.au/wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5E

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://lionsclubs.org.au/wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5E

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://lionsclubs.org.au/wp-content/plugins/the-events-calendar/src/resources/js/views/month-mobile-events.min.js?ver=6.3.6%5E%5E