Windows
Analysis Report
https://ee.mydnadigital.com/
Overview
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 5840 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5544 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2220 --fi eld-trial- handle=202 4,i,406360 9773814584 156,123002 7215182836 6041,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 3148 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://ee.my dnadigital .com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
64.233.177.94 | unknown | United States | 15169 | GOOGLEUS | false | |
3.228.43.187 | unknown | United States | 14618 | AMAZON-AESUS | false | |
1.1.1.1 | unknown | Australia | 13335 | CLOUDFLARENETUS | false | |
142.250.105.84 | unknown | United States | 15169 | GOOGLEUS | false | |
23.21.184.8 | unknown | United States | 14618 | AMAZON-AESUS | false | |
172.67.142.245 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
142.250.105.138 | unknown | United States | 15169 | GOOGLEUS | false | |
173.194.219.94 | unknown | United States | 15169 | GOOGLEUS | false | |
172.253.124.94 | unknown | United States | 15169 | GOOGLEUS | false | |
54.84.24.70 | unknown | United States | 14618 | AMAZON-AESUS | false | |
173.194.219.95 | unknown | United States | 15169 | GOOGLEUS | false | |
107.22.125.25 | unknown | United States | 14618 | AMAZON-AESUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
3.163.80.61 | unknown | United States | 16509 | AMAZON-02US | false | |
13.107.213.41 | unknown | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
108.177.122.95 | unknown | United States | 15169 | GOOGLEUS | false | |
108.177.122.147 | unknown | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1428253 |
Start date and time: | 2024-04-18 18:26:29 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 10s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://ee.mydnadigital.com/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@17/40@0/18 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Skipping network analysis since amount of network traffic is too extensive
- VT rate limit hit for: https://ee.mydnadigital.com/
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.975995607526219 |
Encrypted: | false |
SSDEEP: | 48:8qdCTOymHXidAKZdA19ehwiZUklqehGfy+3:8nH6hfy |
MD5: | 754A70BE1B92394A5F4276D911227BC5 |
SHA1: | B45C9795173767A6BF46480C13CE03440A375C8E |
SHA-256: | 12089ABA9A81A35DF295E4F95F1A0EA3F965C084D464AF7B5C78E36FB1783957 |
SHA-512: | 4AE4C9C2325216757EED0EDEB57DDFD5B0AFE350464F0DCDBA94DEF7A9F65BFEE5942F7818901CFBFC402FE50591576696B827D16EA89A930964F865834DF034 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9899177920594573 |
Encrypted: | false |
SSDEEP: | 48:8zdCTOymHXidAKZdA1weh/iZUkAQkqehRfy+2:8oHQ9QEfy |
MD5: | F8E9462D303035B76231D0BB8909B417 |
SHA1: | 345BD152294500A8DA941FF5BC25B9B810B769CF |
SHA-256: | 28159B497BA51369690EEB8463D946C34C6AD56F663555BC188A18FBFEBDC470 |
SHA-512: | 8805C298106DBEA9FD425AB26171D9EFC32C854141A27DAFA45C1A523B47AF726165A4B1759BA9BC4C147F195AA0F57B35A333C0B8B9E00F01CDC6092B4E65C2 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.001223536359989 |
Encrypted: | false |
SSDEEP: | 48:8xLdCTOysHXidAKZdA14tseh7sFiZUkmgqeh7sHfy+BX:8xwHinVfy |
MD5: | 4048822609D00E66AFCDA2D236F8B647 |
SHA1: | DAC9A354EFB82E1BE20614D1F62AB5F2CCD881A3 |
SHA-256: | 91E171A093ABE8AAA13A83D48EF41B5E2D603F684617B44FD71933A2E1B551FE |
SHA-512: | 972DF67BF00D8220694A89B2E09ED1DF112857313BB726344FDEC73B843824E967391A60DBFF3AAFEFC169BF69849750A12A388EDDF7075A8CF3FDFCFECCB969 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9898009265879035 |
Encrypted: | false |
SSDEEP: | 48:8bdCTOymHXidAKZdA1vehDiZUkwqehdfy+R:8AH7Pfy |
MD5: | 13E30C14F186251C7987E28D51E5DD30 |
SHA1: | BEFD7D2415E2D88B33F6DB3585DC3DE8A0D152AD |
SHA-256: | 1C05357C8E023039A1A5F5660C96D89B59CC1487B991B81B7FDE44B88221A24F |
SHA-512: | 6FC5615B9223D5FE6C73E0ECFDBE7DC31390D5800AA7A6FA4CC27192B7D50DD91FE1C2AD21572C327FF15B722E771E3DFC79CD3C86341BE718F34B76AD5FC3D4 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9809827688640045 |
Encrypted: | false |
SSDEEP: | 48:8iLdCTOymHXidAKZdA1hehBiZUk1W1qeh7fy+C:8HHb9bfy |
MD5: | ACAC2C569A6326909E8B93F2ACA0D993 |
SHA1: | 17A864E77D89D7A1112BB7029F0C536CCA31392B |
SHA-256: | 4B24ABAA3806EC1C944897A59169D716FC8563A7FE755C921DD4B63AB64FC4E8 |
SHA-512: | 58E7653D52D8D9514E43745C26D0C484BAE0A5390652E27A01B986695783DFA2069519763AD60AA3F59F34EFE23D3366298D5C90A7EDB1D47C194ED77B8D3C91 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.989090291388158 |
Encrypted: | false |
SSDEEP: | 48:8RdCTOymHXidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbVfy+yT+:8mH7T/TbxWOvTbVfy7T |
MD5: | 2EE74D1705E5B039535A8D08FFE26033 |
SHA1: | AFEAA6349F7BA6CE9EF56DD9D5EC64812450C35F |
SHA-256: | 0A7FF76FC0F0767EB324F6858985656C8E2D5170920ECFE3321F14DF8055FACB |
SHA-512: | 29EC623F9A32F324F3A053B5F3384724D44E09559037157FA9F70C004EEB60D986FE8E0732C3A1BA60D35267A31D7BB695127B285911AA48A727BD264CD366B0 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 796 |
Entropy (8bit): | 5.187005284382778 |
Encrypted: | false |
SSDEEP: | 12:hPYkX1b56MMCuNnEoGuaXifeDFAN05W4zId3gg9VDyHHJivV/fnfaKjKf+MGb:hPB68uVGa6405BzIFHuHHJivVX5jKGMM |
MD5: | 65DB02CD70BAB697EE4F3D4625B0C44B |
SHA1: | AA7D418FA4C1D8FDC6FABB414D229324A91B48B3 |
SHA-256: | 1C4E12D20420F1FD8FB13907A88BC64ACC15235E6792C29FE3082B5DB1A37047 |
SHA-512: | EB08CE8062EEC08CE282E21B5340A512EC4053A0E2C7896F9C4F08CECA2A5E23CC55ACFB147BE510DFD24818CF3EF08950848A41EC7DD82BEC12A59257293BBD |
Malicious: | false |
Reputation: | low |
URL: | https://ee.mydnadigital.com/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 7570 |
Entropy (8bit): | 7.952513583203953 |
Encrypted: | false |
SSDEEP: | 192:hHxGZgS5azBDFOK+yV57ljHJ+F6zzDKbcLV1in3wX5AR:hRGZgSE/zV57ljHJ+F6GbcLf6MAR |
MD5: | E47CC3475E975275C37735D675BCF217 |
SHA1: | 1846858E13611408496CE0FBBB24C3921911DFBC |
SHA-256: | 6F8D0983E02F49643E573FFB0D8A00125DC91601BC4D14CF11704F284A4D7D51 |
SHA-512: | 92FB67E72405CD8FF4178260BA8E903BC5385D1F08552B7CFF4B5BE00B93B74265FC9808E705BC1DD51F70161B95A27A1CB9022E1CB03AC7658E6C9A5C5E44C9 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 33092 |
Entropy (8bit): | 7.993894754675653 |
Encrypted: | true |
SSDEEP: | 768:c+2lFKscxQAuDJ5m/xiYEQNMJjFaf0TteqKt:cZlhcxJuDa/xiMMJhaItzKt |
MD5: | 057478083C1D55EA0C2182B24F6DD72F |
SHA1: | CAF557CD276A76992084EFC4C8857B66791A6B7F |
SHA-256: | BB2F90081933C0F2475883CA2C5CFEE94E96D7314A09433FFFC42E37F4CFFD3B |
SHA-512: | 98FF4416DB333E5A5A8F8F299C393DD1A50F574A2C1C601A0724A8EA7FB652F6EC0BA2267390327185EBEA55F5C5049AB486D88B4C5FC1585A6A975238507A15 |
Malicious: | false |
Reputation: | low |
URL: | https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16512 |
Entropy (8bit): | 5.444373931215875 |
Encrypted: | false |
SSDEEP: | 384:A3Dw3rF3o3m3P9whFKA1QwSFffpDdyov7IOaHaoOR2aV:0otcWzxDv7p |
MD5: | BF7F024FC61862931DA7F20F5AF1299C |
SHA1: | DC7231590EEBE12FB924C3A2F034D513CD33FB4C |
SHA-256: | BFF69A41E63CCA2980EC36ABED93BEDB95B7BF6F872E8869DB2E0F4B639AE0A0 |
SHA-512: | 232E7A31563AE58C550A0540C89633537BF8C32B59DFA3C07F06175AB68EF49BBA71D93F8F1AAC85CA46019F0DE743D257F92C8D44CC910ECA586F219DD7B90E |
Malicious: | false |
Reputation: | low |
URL: | "https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,300;0,400;0,500;0,600;0,700;1,100;1,300;1,400&display=swap" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 100 |
Entropy (8bit): | 4.590881379939835 |
Encrypted: | false |
SSDEEP: | 3:PSm/uSXI6on+iR9SzunS6winPt:qkuSXIxn+t6SWPt |
MD5: | CADF7A4AA8B0BE86D3144FD512CAA09A |
SHA1: | 6B12193CB3B41A6E0F4F32020B6FA4F17F957D82 |
SHA-256: | 3480A5F02C46CB27BD37C90F8CCEDF1A7CF554BE753A82F1DF7A648644127B7D |
SHA-512: | 697869ABFA3AB916D758657B976918B7C71837B62E6DFDE6C5A9DE59BFB085436164F05DE62E3DD5ECDAA8741FCBCAB1FAFA20076349FE11E82AEFE907D1313B |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISQQl2yUczWR08WxIFDZIFVM4SBQ0XuxUjEgUNQtIWwBIFDcDjsjUSBQ1nV2M8EgUNlFT6zxIFDXhvEhkSBQ3OQUx6?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 238654 |
Entropy (8bit): | 3.152381817021478 |
Encrypted: | false |
SSDEEP: | 384:F3h/ztztPUL8haTR/SVvkRMR5mNJTZdHJViG:FR/RxsL8haTR/mkRMR0NJrHJViG |
MD5: | CE17FB9E16F3AF400FAC2C481E0D308D |
SHA1: | CC9964463820226348EC79203E6EC9A23C8CD3D2 |
SHA-256: | B1674DD13D311486F795AE5D078FA73E1E185EFE61895CEEAE60452EB8A2C25E |
SHA-512: | BD5F775C3DE443CF0D11D471A19E431D7EAD9A61BB6775535E97E8FAF07F2E32E7214036D0ADC10C2942C39086714D75356A7E9749FC192D8DFD8DAD9DEF33DD |
Malicious: | false |
Reputation: | low |
URL: | https://ee.mydnadigital.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1704 |
Entropy (8bit): | 4.631340366099683 |
Encrypted: | false |
SSDEEP: | 48:DqNSPGajy9SDFOiB0uFd/o6Orl95Mbpy/ktltw11doOAfpRl:rRnX6qr |
MD5: | C0117546813B69AD64AD0A6B0788D509 |
SHA1: | 35D5157B7811A9721D3119782613A2433A967D80 |
SHA-256: | DC230274DFC966C002D4891198C5A89C5007D1C83CFEEBA53EF88998EC0C7428 |
SHA-512: | 41B8FA145719B98921F38C31F222D045C76FF4F79CEE3CB69729143EDCA34C72CDFAEDDB4E7A294B831DA5083EEF0B87114DD9F0D1AC7581F0957AE5E7876672 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 796 |
Entropy (8bit): | 5.187005284382778 |
Encrypted: | false |
SSDEEP: | 12:hPYkX1b56MMCuNnEoGuaXifeDFAN05W4zId3gg9VDyHHJivV/fnfaKjKf+MGb:hPB68uVGa6405BzIFHuHHJivVX5jKGMM |
MD5: | 65DB02CD70BAB697EE4F3D4625B0C44B |
SHA1: | AA7D418FA4C1D8FDC6FABB414D229324A91B48B3 |
SHA-256: | 1C4E12D20420F1FD8FB13907A88BC64ACC15235E6792C29FE3082B5DB1A37047 |
SHA-512: | EB08CE8062EEC08CE282E21B5340A512EC4053A0E2C7896F9C4F08CECA2A5E23CC55ACFB147BE510DFD24818CF3EF08950848A41EC7DD82BEC12A59257293BBD |
Malicious: | false |
Reputation: | low |
URL: | https://ee.mydnadigital.com/signup |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 55089 |
Entropy (8bit): | 5.460225139476126 |
Encrypted: | false |
SSDEEP: | 384:k3b03W3M3v3L33k3p3YW0V/m03ngP50E2hl3ivuk0zJAe3FWFn0a4D33gtUi0Z7H:Ykmg/zYFtXNfA6B3O |
MD5: | 9866393A1E557875F91F9F53966244E7 |
SHA1: | 1171440B922B7ACB4218C9D0DEB90F851C69A2A3 |
SHA-256: | 996F9EA0CAECD0685C253FE0781593871E4164BE3EDA2923A53A7A514ADFD8B1 |
SHA-512: | 1E7B95874D6D61E1A6B637AFC5AF637AFDD18A3348EAE12406B12DD6D7146D961F8A4F2CFC83F9F1C471396BC74ED16A2754AC6A3699030F5D88E03C44EFE5C5 |
Malicious: | false |
Reputation: | low |
URL: | "https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 479 |
Entropy (8bit): | 4.277084544482844 |
Encrypted: | false |
SSDEEP: | 6:L85wv3IOXkNwv3IOXu6jNv3IOXAF3cvv3IOXNF8Qvv3IOXwX5v3IOXI8l2Nv3IO1:L3I5E3Ii3IZU3I/QH3Ind3IB93IXd3I/ |
MD5: | E7E7054577F506C79AD77C8D73939018 |
SHA1: | 030BC2574D05EF7637DF0840D928B972F1F557BC |
SHA-256: | 5709670043666C752AB1CD19F48CD3C7C1FAF59716B534B2EAF79B84ED9E41B5 |
SHA-512: | 692115CC060CB1BD5B4F73B4222923AD6CA258414F6A31A7767418992DD0FF072A659444DF13D8130160E856C4469C011A49FA0AE900CD9610B8EC808EBC5B13 |
Malicious: | false |
Reputation: | low |
URL: | https://api.mydnadigital.com/v1/search/country |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2359 |
Entropy (8bit): | 5.344208482239382 |
Encrypted: | false |
SSDEEP: | 48:QOEaZRVc+ukOEaHN0osOwhapeRVc+ukOwhappRN0osObap3RVc+ukObapyRN0oD:QOEaDVc+ukOEaHNQOwhaEVc+ukOwhatX |
MD5: | BED8425E24B916AC55F01FDBED4118AB |
SHA1: | A71C39AF1A15F067DB78E3034AEFA11BE93B5601 |
SHA-256: | 3AE37C83333A9A3BB36BBFAF673993C79684E6484998C29CE0F37D6F47ACA736 |
SHA-512: | E4269A76C51B5AD1FB8CC5CC57ACE8AB152B47C5E97807801714D2B315DE3CA7A0D85FD7C2F3C33217769B564FCD2B2363BDF05D00CED97895702C90EDFE6108 |
Malicious: | false |
Reputation: | low |
URL: | https://fonts.googleapis.com/css2?family=Poppins:wght@400;800;900&display=swap |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1704 |
Entropy (8bit): | 4.631340366099683 |
Encrypted: | false |
SSDEEP: | 48:DqNSPGajy9SDFOiB0uFd/o6Orl95Mbpy/ktltw11doOAfpRl:rRnX6qr |
MD5: | C0117546813B69AD64AD0A6B0788D509 |
SHA1: | 35D5157B7811A9721D3119782613A2433A967D80 |
SHA-256: | DC230274DFC966C002D4891198C5A89C5007D1C83CFEEBA53EF88998EC0C7428 |
SHA-512: | 41B8FA145719B98921F38C31F222D045C76FF4F79CEE3CB69729143EDCA34C72CDFAEDDB4E7A294B831DA5083EEF0B87114DD9F0D1AC7581F0957AE5E7876672 |
Malicious: | false |
Reputation: | low |
URL: | https://api.mydnadigital.com/v1/search/industrytype |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 48292 |
Entropy (8bit): | 7.990000399414106 |
Encrypted: | true |
SSDEEP: | 768:+fswnDtn9PU67FPqb6o0DeE0Pn2Cb6s2F8q5l70/K+01tL84uWJ2VsR8n+o:fwnDvPU67Bqbz0l0P2Cb6sa5hZ+Ut44C |
MD5: | 4B0FF42EB0227169554C28F69263F780 |
SHA1: | A95699922AD6813ACDD66A77FF82BFCB97DB8160 |
SHA-256: | B57D2D94351F322EA7629C1CE9E9776043ED91B8B5E567B689404106D76FE00A |
SHA-512: | 1CF44801829209C603393C7577125E0A23F1602093A17234867E41E850923FC1551EB720B73895DD30381BD6A18D43D9593FF885182FB5B2D4117403F15C4AFF |
Malicious: | false |
Reputation: | low |
URL: | https://assets.mydna.company/mydna-fonts/Euclid-Circular-B-Regular.woff |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 238654 |
Entropy (8bit): | 3.152381817021478 |
Encrypted: | false |
SSDEEP: | 384:F3h/ztztPUL8haTR/SVvkRMR5mNJTZdHJViG:FR/RxsL8haTR/mkRMR0NJrHJViG |
MD5: | CE17FB9E16F3AF400FAC2C481E0D308D |
SHA1: | CC9964463820226348EC79203E6EC9A23C8CD3D2 |
SHA-256: | B1674DD13D311486F795AE5D078FA73E1E185EFE61895CEEAE60452EB8A2C25E |
SHA-512: | BD5F775C3DE443CF0D11D471A19E431D7EAD9A61BB6775535E97E8FAF07F2E32E7214036D0ADC10C2942C39086714D75356A7E9749FC192D8DFD8DAD9DEF33DD |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7570 |
Entropy (8bit): | 7.952513583203953 |
Encrypted: | false |
SSDEEP: | 192:hHxGZgS5azBDFOK+yV57ljHJ+F6zzDKbcLV1in3wX5AR:hRGZgSE/zV57ljHJ+F6GbcLf6MAR |
MD5: | E47CC3475E975275C37735D675BCF217 |
SHA1: | 1846858E13611408496CE0FBBB24C3921911DFBC |
SHA-256: | 6F8D0983E02F49643E573FFB0D8A00125DC91601BC4D14CF11704F284A4D7D51 |
SHA-512: | 92FB67E72405CD8FF4178260BA8E903BC5385D1F08552B7CFF4B5BE00B93B74265FC9808E705BC1DD51F70161B95A27A1CB9022E1CB03AC7658E6C9A5C5E44C9 |
Malicious: | false |
Reputation: | low |
URL: | https://aadcdn.msftauthimages.net/dbd5a2dd-q-vgx0wbu9ntyuhzdvuv5jk-4tjk439hs8ffouhilva/logintenantbranding/0/bannerlogo?ts=637565229533956374 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 40 |
Entropy (8bit): | 4.462814895472355 |
Encrypted: | false |
SSDEEP: | 3:Vdei3+TsfMS1CYYn:NKsxC |
MD5: | 3C560E159387506A5D1BC9A088BC017C |
SHA1: | AB8A05AB519E9A1DEDC740E540849CE0F3E2202A |
SHA-256: | 2DD76014791AE57281D085C683F9631BF322513E069F863195A2CF77A962312C |
SHA-512: | 2188BE78E3527FC4C6F87C2973BABE82ED54226AA672E77B20A4615BE5A29BD4C2392EE7C4037C9DD1BFF099F8F4E9613D23C108FC84D7C5550D3934264FE298 |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlkqvqLx0gzgRIFDXhvEhkSBQ3OQUx6?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 479 |
Entropy (8bit): | 4.277084544482844 |
Encrypted: | false |
SSDEEP: | 6:L85wv3IOXkNwv3IOXu6jNv3IOXAF3cvv3IOXNF8Qvv3IOXwX5v3IOXI8l2Nv3IO1:L3I5E3Ii3IZU3I/QH3Ind3IB93IXd3I/ |
MD5: | E7E7054577F506C79AD77C8D73939018 |
SHA1: | 030BC2574D05EF7637DF0840D928B972F1F557BC |
SHA-256: | 5709670043666C752AB1CD19F48CD3C7C1FAF59716B534B2EAF79B84ED9E41B5 |
SHA-512: | 692115CC060CB1BD5B4F73B4222923AD6CA258414F6A31A7767418992DD0FF072A659444DF13D8130160E856C4469C011A49FA0AE900CD9610B8EC808EBC5B13 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 50397 |
Entropy (8bit): | 4.718509782019148 |
Encrypted: | false |
SSDEEP: | 768:MJa31EzKOSd6FmUxUfXkQ1T/7Mzj3vbhBU92Q/h:MJrz706FmB/B1vgDjURZ |
MD5: | BEB60A9475685E87A9738A7306591E69 |
SHA1: | F5B6069DE431453CC49494BF6CA5C619FBCAB71F |
SHA-256: | 4D3B4D5D99F92DCC1F1C169DB00F76AA1DC65D5D82192AFCFF04CF8A018A7BA1 |
SHA-512: | FD151BB476A454C26B83520BB70BC321C79BFDC0E493DEEB58ABDF9C54933A635BCAD0B213296EB43A9E12BF5A7480727B7B2E0F745F72C5CB38B06A6115B883 |
Malicious: | false |
Reputation: | low |
URL: | https://use.fontawesome.com/releases/v5.4.1/css/all.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 299 |
Entropy (8bit): | 4.698432601138184 |
Encrypted: | false |
SSDEEP: | 6:3vgYOdEHbpwXLjQLMzmezk7TWKAKjgwr2GV/cgGTs:ftHbILQq/KUKV/cDTs |
MD5: | 5FB00D3B50A1CAB41EFBF2B7FBD6E190 |
SHA1: | CDB745ADC4B67703193F58B905791BD06018FD0E |
SHA-256: | 7BDEDB2F8D48827492FA90DC8063439FE33067098B5D79147211E11C21843A23 |
SHA-512: | BFF0B05B5765BCB49EDAED308513F5D946FA2345E1ACFA20961D6D9532287AC6FEDB4DA72FB2F2B6B2B5BCB1BA041B689F2B7C17229E694A10FBF34E79E7097F |
Malicious: | false |
Reputation: | low |
URL: | https://ee.mydnadigital.com/manifest.json |
Preview: |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 18:27:13 |
Start date: | 18/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 18:27:16 |
Start date: | 18/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 18:27:19 |
Start date: | 18/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |