Source: https://nsjw.newf.workers.dev/ |
SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering |
Source: Yara match |
File source: 0.0.pages.csv, type: HTML |
Source: Yara match |
File source: 0.0.pages.csv, type: HTML |
Source: https://nsjw.newf.workers.dev/ |
Matcher: Found strong image similarity, brand: MICROSOFT |
Source: https://nsjw.newf.workers.dev/ |
Matcher: Template: microsoft matched |
Source: https://nsjw.newf.workers.dev/ |
HTTP Parser: Number of links: 0 |
Source: https://nsjw.newf.workers.dev/ |
HTTP Parser: <input type="password" .../> found but no <form action="... |
Source: https://nsjw.newf.workers.dev/ |
HTTP Parser: <input type="password" .../> found |
Source: https://nsjw.newf.workers.dev/ |
HTTP Parser: No favicon |
Source: https://nsjw.newf.workers.dev/ |
HTTP Parser: No <meta name="author".. found |
Source: https://nsjw.newf.workers.dev/ |
HTTP Parser: No <meta name="copyright".. found |
Source: unknown |
HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49753 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49754 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.201.212.130 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.40.205.73 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 96.7.245.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 96.7.245.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.40.205.73 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1Host: nsjw.newf.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /style.css HTTP/1.1Host: nsjw.newf.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nsjw.newf.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nsjw.newf.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nsjw.newf.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /q/Screen-Shot-2022-01-30-at-10.27.21-PM.png HTTP/1.1Host: www.linkpicture.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nsjw.newf.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nsjw.newf.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nsjw.newf.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nsjw.newf.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1Host: nsjw.newf.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://nsjw.newf.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /style.css HTTP/1.1Host: nsjw.newf.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nsjw.newf.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /q/Screen-Shot-2022-01-30-at-10.27.21-PM.png HTTP/1.1Host: www.linkpicture.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nsjw.newf.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nsjw.newf.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nsjw.newf.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nsjw.newf.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: unknown |
DNS traffic detected: queries for: nsjw.newf.workers.dev |
Source: unknown |
HTTP traffic detected: POST /report/v4?s=BzVR%2BDQANlMmi0bxjzPy6NPaOgBMhrmC%2BQGBeOKUVWkFyUgguBNYwzcgVdDezKxaWkyNas486e0m2gX8FOgR%2FRfbMht%2Bdi9ElQTl%2Fvptpo3YbSIik%2Bqa8p5ma1voQYmrKla%2FynsB HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 463Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 17 Apr 2024 23:13:12 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closevary: Accept-Encodingx-turbo-charged-by: LiteSpeedCache-Control: max-age=31536000CF-Cache-Status: HITAge: 947374Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BzVR%2BDQANlMmi0bxjzPy6NPaOgBMhrmC%2BQGBeOKUVWkFyUgguBNYwzcgVdDezKxaWkyNas486e0m2gX8FOgR%2FRfbMht%2Bdi9ElQTl%2Fvptpo3YbSIik%2Bqa8p5ma1voQYmrKla%2FynsB"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87601ab22b2badcf-ATL |
Source: global traffic |
HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 17 Apr 2024 23:13:27 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closevary: Accept-Encodingx-turbo-charged-by: LiteSpeedCache-Control: max-age=31536000CF-Cache-Status: HITAge: 947389Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0y9wf02%2B0sMuQfKjzUbPKI%2BE4ejHAzTfitHdf%2BZQDimsDIjJSC5cI1k%2F1id0BHYMYhjCyTk5fLErWgLQATFNZ1BWKz3SvDJ6Ze93MlwdjCXGcRS0TXfM5y9HbDaK%2BKtFkQvI9Uk"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87601b111aaa453e-ATL |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49744 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49743 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49764 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49672 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49763 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49762 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49761 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49760 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49743 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49760 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49762 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49746 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49764 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49745 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49769 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49739 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49738 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49736 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49737 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49736 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49735 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49753 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49738 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49675 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49754 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49753 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49752 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49672 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49761 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49767 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49749 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49747 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49763 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49744 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49768 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49752 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49749 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49754 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49735 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49747 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49769 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49737 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49746 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49768 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49739 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49745 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49767 |
Source: unknown |
HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49753 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49754 version: TLS 1.2 |
Source: classification engine |
Classification label: mal72.phis.win@16/15@10/9 |
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 --field-trial-handle=2224,i,7554063841504006908,15893093035192475524,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
|
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://nsjw.newf.workers.dev/" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 --field-trial-handle=2224,i,7554063841504006908,15893093035192475524,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: Window Recorder |
Window detected: More than 3 window changes detected |