Automated Malware Analysis IOC Report for

Files

File Path

Type

Processes

Path

Cmdline

Malicious

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"

Details

Is windows:	true
Is dropped:	false
PID:	4888
Target ID:	0
Parent PID:	1076
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Size:	3242272
MD5:	45DE480806D1B5D462A7DDE4DCEFC4E4
Time:	15:27:51
Date:	26/04/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff76e190000
Modulesize:	3325952
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1828,i,3970195251696910120,13788360159969536646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	5436
Target ID:	2
Parent PID:	4888
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1828,i,3970195251696910120,13788360159969536646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Size:	3242272
MD5:	45DE480806D1B5D462A7DDE4DCEFC4E4
Time:	15:27:58
Date:	26/04/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff76e190000
Modulesize:	3325952
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://31127442751603.docs.google.com/drawings/d/10ZZZ9n1JasGBmH5CaOAfx27pWT_nVM2yetp-8M1sWzI/preview"

Details

Is windows:	true
Is dropped:	false
PID:	6388
Target ID:	3
Parent PID:	1076
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://31127442751603.docs.google.com/drawings/d/10ZZZ9n1JasGBmH5CaOAfx27pWT_nVM2yetp-8M1sWzI/preview"
Size:	3242272
MD5:	45DE480806D1B5D462A7DDE4DCEFC4E4
Time:	15:28:00
Date:	26/04/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff76e190000
Modulesize:	3325952
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

URLs

Name

Malicious

https://31127442751603.docs.google.com/drawings/d/10ZZZ9n1JasGBmH5CaOAfx27pWT_nVM2yetp-8M1sWzI/preview

https://stats.g.doubleclick.net/g/collect

unknown

https://feedback.googleusercontent.com/resources/annotator.css

unknown

https://www.google.com/generate_204

142.250.64.228

http://www.broofa.com

unknown

https://apis.google.com/js/client.js

unknown

https://feedback2-test.corp.googleusercontent.com/tools/feedback/%

unknown

https://support.google.com

unknown

https://www.youtube.com/embed/

unknown

http://localhost.proxy.googlers.com/inapp/

unknown

https://policies.google.com/terms?hl=

unknown

https://stagingqual-feedback-pa-googleapis.sandbox.google.com

unknown

https://policies.google.com/terms/service-specific

unknown

https://moltron-pa.clients6.google.com

unknown

https://support.google.com/docs/answer/148505?visit_id=638497349106407893-2017100099&hl=en&rd=1

https://ampcid.google.com/v1/publisher:getClientId

unknown

https://help.youtube.com/tools/feedback/

unknown

https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1

unknown

https://docs.google.com/

unknown

https://policies.google.com/terms

unknown

https://asx-frontend-staging.corp.google.com/tools/feedback/

unknown

https://www.google.com

unknown

https://content-googleapis-test.sandbox.google.com

unknown

https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/

unknown

https://stats.g.doubleclick.net/j/collect

unknown

https://myaccount.google.com/privacypolicy?hl=

unknown

https://www.google.com/tools/feedback

unknown

https://support.google.com/apis/caseslist?hl=en&key=support-content&request_source=1&mendel_ids=10800112%2C1706538%2C1714242%2C10800561%2C10800621%2C10800672%2C10800695%2C10800700%2C10800707%2C10800738%2C10800761%2C10800763%2C10800848%2C10800880%2C10800922%2C10800950%2C10800957%2C10801032%2C10801042%2C10801150%2C10801288%2C10801345%2C10801510%2C10801539%2C10801601%2C10801704%2C10801736%2C10801757%2C10802104%2C10802277%2C10802281%2C10802381%2C10802419%2C10802540%2C10802571%2C10802616%2C10802624%2C10802781%2C10803188%2C10803213%2C10803447%2C10803680&authuser=0&v=1&helpcenter=docs

142.250.64.238

https://sandbox.google.com/inapp/%

unknown

https://www.google.com/tools/feedback/

unknown

https://support.google.com/communities/answer/7424249

unknown

https://adservice.google.com/pagead/regclk

unknown

https://schema.org

unknown

https://feedback2-test.corp.google.com/tools/feedback/%

unknown

https://cct.google/taggy/agent.js

unknown

https://plus.google.com

unknown

https://asx-frontend-autopush.corp.google.de/tools/feedback/

unknown

https://support.google.com/communities/answer/7425194

unknown

https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/

unknown

https://play.google.com/log?format=json&hasfast=true

unknown

https://asx-frontend-autopush.corp.google.com/inapp/

unknown

https://feedback.googleusercontent.com/resources/render_frame2.html

unknown

https://sandbox.google.com/tools/feedback/%

unknown

https://www.google.%/ads/ga-audiences

unknown

https://content-googleapis-staging.sandbox.google.com

unknown

https://localhost.corp.google.com/inapp/

unknown

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0

142.250.217.238

https://stats.g.doubleclick.net/g/collect?v=2&

unknown

https://asx-frontend-staging.corp.google.com/inapp/

unknown

https://docs.google.com/drawings/d/10ZZZ9n1JasGBmH5CaOAfx27pWT_nVM2yetp-8M1sWzI/preview

https://fonts.google.com/license/googlerestricted

unknown

https://www.youtube.com/howyoutubeworks/policies/community-guidelines/

unknown

https://clients6.google.com

unknown

https://support.google.com/drive/bin/answer.py?hl=en&answer=148505

142.250.64.238

https://support.google.com/apis/prefinsert?v=0&helpcenter=docs&hl=en&key=support-content&request_source=1&service_configuration=&mendel_ids=10800112,1706538,1714242,10800561,10800621,10800672,10800695,10800700,10800707,10800738,10800761,10800763,10800848,10800880,10800922,10800950,10800957,10801032,10801042,10801150,10801288,10801345,10801510,10801539,10801601,10801704,10801736,10801757,10802104,10802277,10802281,10802381,10802419,10802540,10802571,10802616,10802624,10802781,10803188,10803213,10803447,10803680

142.250.64.238

http://localhost.corp.google.com/inapp/

unknown

https://play.google.com

unknown

https://support.google.com/inapp/%

unknown

https://asx-help-frontend-autopush.corp.youtube.com/inapp/

unknown

https://support.google.com/apis/logjourney?hl=en&key=support-content&request_source=1&mendel_ids=10800112%2C1706538%2C1714242%2C10800561%2C10800621%2C10800672%2C10800695%2C10800700%2C10800707%2C10800738%2C10800761%2C10800763%2C10800848%2C10800880%2C10800922%2C10800950%2C10800957%2C10801032%2C10801042%2C10801150%2C10801288%2C10801345%2C10801510%2C10801539%2C10801601%2C10801704%2C10801736%2C10801757%2C10802104%2C10802277%2C10802281%2C10802381%2C10802419%2C10802540%2C10802571%2C10802616%2C10802624%2C10802781%2C10803188%2C10803213%2C10803447%2C10803680&authuser=0&v=1&helpcenter=docs

142.250.64.238

https://www.google.com/recaptcha/api.js?trustedtypes=true&onload=

unknown

https://support.google.com/docs/answer/148505

unknown

https://support.google.com/

unknown

https://support.google.com/drive/answer/148505?hl=en

142.250.64.238

https://csp.withgoogle.com/csp/lcreport/

unknown

https://play.google.com/about/developer-content-policy/

unknown

https://support.google.com/favicon.ico

142.250.64.238

https://scone-pa.clients6.google.com

unknown

https://safebrowsing.google.com/#policies

unknown

https://support.google.com/inapp/

unknown

https://asx-frontend-autopush.corp.google.co.uk/inapp/

unknown

https://apis.google.com

unknown

https://asx-frontend-autopush.corp.google.com/tools/feedback/

unknown

https://asx-frontend-autopush.corp.youtube.com/tools/feedback/

unknown

https://www.google.com/policies/terms/

unknown

https://domains.google.com/suggest/flow

unknown

https://feedback2-test.corp.google.com/inapp/%

unknown

https://www.google.com/accounts/TOS?hl=en&loc=US

unknown

https://guidebooks.google.com

unknown

https://feedback2-test.corp.googleusercontent.com/inapp/%

unknown

https://localhost.proxy.googlers.com/inapp/

unknown

https://tagassistant.google.com/

unknown

https://www.google.cn/tools/feedback/

unknown

https://play.google.com/log?format=json&hasfast=true&authuser=0

172.217.165.206

https://asx-frontend-autopush.corp.google.de/inapp/

unknown

https://www.google.cn/tools/feedback/%

unknown

https://www.google.com/tools/feedback/help_panel_binary.js

unknown

https://sandbox.google.com/inapp/

unknown

https://test-scone-pa-googleapis.sandbox.google.com

unknown

https://policies.google.com/terms/generative-ai

unknown

https://31127442751603.docs.google.com/drawings/d/10ZZZ9n1JasGBmH5CaOAfx27pWT_nVM2yetp-8M1sWzI/preview

142.250.97.189

https://www.google.com/ads/ga-audiences

unknown

https://sandbox.google.com/tools/feedback/

unknown

https://td.doubleclick.net

unknown

https://www.merchant-center-analytics.goog

unknown

http://www.google.com/support/websearch/bin/answer.py?hl=

unknown

https://asx-frontend-autopush.corp.youtube.com/inapp/

unknown

https://feedback-pa.clients6.google.com

unknown

https://www.google.com/tools/feedback/%

unknown

There are 88 hidden URLs, click here to show them.

Domains

Name

Malicious

docs.google.com

142.250.217.206

bg.microsoft.map.fastly.net

199.232.214.172

browserchannel-sites.l.google.com

142.250.97.189

play.google.com

172.217.165.206

plus.l.google.com

142.250.217.238

www.google.com

142.250.64.228

support.google.com

142.250.64.238

fp2e7a.wpc.phicdn.net

192.229.211.108

31127442751603.docs.google.com

unknown

apis.google.com

unknown

IPs

Domain

Country

Malicious

172.217.165.206

play.google.com

United States

192.178.50.78

unknown

United States

142.250.64.238

support.google.com

United States

142.250.217.238

plus.l.google.com

United States

192.168.2.4

unknown

142.250.64.142

unknown

United States

142.250.97.189

browserchannel-sites.l.google.com

United States

142.250.64.228

www.google.com

United States

239.255.255.250

unknown

Reserved

DOM / HTML

URL

Malicious

https://docs.google.com/drawings/d/10ZZZ9n1JasGBmH5CaOAfx27pWT_nVM2yetp-8M1sWzI/preview

https://support.google.com/docs/answer/148505?visit_id=638497349106407893-2017100099&hl=en&rd=1

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
https://31127442751603.docs.google.com/drawings/d/10ZZZ9n1JasGBmH5CaOAfx27pWT_nVM2yetp-8M1sWzI/preview

Files

Processes

URLs

Domains

IPs

DOM / HTML

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reporthttps://31127442751603.docs.google.com/drawings/d/10ZZZ9n1JasGBmH5CaOAfx27pWT_nVM2yetp-8M1sWzI/preview

Files

Processes

URLs

Domains

IPs

DOM / HTML

IOC Report
https://31127442751603.docs.google.com/drawings/d/10ZZZ9n1JasGBmH5CaOAfx27pWT_nVM2yetp-8M1sWzI/preview