Click to jump to signature section
Source: http://104.117.244.11/ | HTTP Parser: No favicon |
Source: http://104.117.244.11/ | HTTP Parser: No favicon |
Source: unknown | HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.18:49695 version: TLS 1.2 |
Source: chrome.exe | Memory has grown: Private usage: 25MB later: 34MB |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.117.244.11 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: 104.117.244.11Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 104.117.244.11Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://104.117.244.11/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: 104.117.244.11Connection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: 104.117.244.11Connection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: 104.117.244.11Connection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 104.117.244.11Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://104.117.244.11/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9 |
Source: unknown | DNS traffic detected: queries for: www.google.com |
Source: unknown | Network traffic detected: HTTP traffic on port 49695 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49695 |
Source: unknown | Network traffic detected: HTTP traffic on port 49694 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49694 |
Source: unknown | Network traffic detected: HTTP traffic on port 49704 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49704 |
Source: unknown | HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.18:49695 version: TLS 1.2 |
Source: classification engine | Classification label: clean0.win@14/3@5/102 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps |
Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://104.117.244.11/ |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1932,i,5818857505552934520,13580384859184764833,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1932,i,5818857505552934520,13580384859184764833,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk |