Windows Analysis Report
http://collectionsystem.veconinter.com:8002/Default.aspx?Pais=TMVb4l9krDsyWtcOACvZcw==&Tipo=5vw2xkejLdEpXNK8ckiYpA==&Val=Ju61jJ3lX3gIjnPLX+eDdQ==&Id=3243049&VR=1

Overview

General Information

Sample URL: http://collectionsystem.veconinter.com:8002/Default.aspx?Pais=TMVb4l9krDsyWtcOACvZcw==&Tipo=5vw2xkejLdEpXNK8ckiYpA==&Val=Ju61jJ3lX3gIjnPLX+eDdQ==&Id=3243049&VR=1
Analysis ID: 1435382
Infos:

Detection

Score: 48
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Downloads files with wrong headers with respect to MIME Content-Type
Uses known network protocols on non-standard ports
Drops files with a non-matching file extension (content does not match file extension)

Classification

Source: http://collectionsystem.veconinter.com:8002/Default.aspx?Pais=TMVb4l9krDsyWtcOACvZcw==&Tipo=5vw2xkejLdEpXNK8ckiYpA==&Val=Ju61jJ3lX3gIjnPLX+eDdQ==&Id=3243049&VR=1 HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.4:49743 version: TLS 1.2

Networking
barindex
Downloads files with wrong headers with respect to MIME Content-Type
Source: http Bad PDF prefix: HTTP/1.1 200 OK Cache-Control: private Transfer-Encoding: chunked Content-Type: application/pdf Server: Microsoft-IIS/10.0 content-disposition: inline;filename="A-291631.pdf" X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Thu, 02 May 2024 14:05:03 GMT Data Raw: 31 30 30 64 62 0d 0a 25 50 44 46 2d 31 2e 32 20 0a 25 e2 e3 cf d3 20 0a 31 20 30 20 6f 62 6a 20 0a 3c 3c 20 0a 2f 54 79 70 65 20 2f 43 61 74 61 6c 6f 67 20 0a 2f 50 61 67 65 73 20 32 20 30 20 52 20 0a 2f 50 61 67 65 4d 6f 64 65 20 2f 55 73 65 4e 6f 6e 65 20 0a 2f 56 69 65 77 65 72 50 72 65 66 65 72 65 6e 63 65 73 20 3c 3c 20 0a 2f 46 69 74 57 69 6e 64 6f 77 20 74 72 75 65 20 0a 2f 50 61 67 65 4c 61 79 6f 75 74 20 2f 53 69 6e 67 6c 65 50 61 67 65 20 0a 2f 4e 6f 6e 46 75 6c 6c 53 63 72 65 65 6e 50 61 67 65 4d 6f 64 65 20 2f 55 73 65 4e 6f 6e 65 20 0a 3e 3e 20 0a 3e 3e 20 0a 65 6e 64 6f 62 6a 20 0a 35 20 30 20 6f 62 6a 20 0a 3c 3c 20 0a 2f 4c 65 6e 67 74 68 20 32 35 31 38 20 0a 2f 46 69 6c 74 65 72 20 5b 20 2f 46 6c 61 74 65 44 65 63 6f 64 65 20 5d 20 0a 3e 3e 20 0a 73 74 72 65 61 6d 0a 78 9c b5 58 db 6e e3 b8 19 be f7 53 10 d8 1b 19 88 1c 92 a2 24 2a 57 eb 38 ce 8c 67 13 67 36 b2 27 28 76 7a a1 d8 4c a2 56 96 3c 92 9c 9d f4 31 fa c4 fd 78 90 ec 38 09 ba 28 50 04 08 28 f2 e7 7f fc fe 03 4d 47 34 24 14 7f 3e b5 ab 38 e1 64 b5 19 50 b3 59 3f ba c5 ed a7 01 93 94 f0 40 12 c6 24 56 2c 0c 22 41 6a 35 b8 1b 94 03 4e be 0c 38 25 7f 0e e8 28 11 09 c1 ff 88 e9 ff 71 44 9a d5 80 0b 4e 42 ce 22 dc 8c b9 24 09 a5 fa de fd 80 87 31 89 02 16 eb 7d 16 10 4e 83 44 1f a4 03 1e 43 0d 1e eb 83 28 e2 84 5b 41 0f 83 80 4a ec 07 66 1f 8c 78 ec f6 35 bd 14 51 a2 19 81 39 4f 0e f8 48 29 02 12 32 a8 c0 c2 38 b4 fb 51 0c ae 52 86 14 6a 81 25 93 91 74 17 f4 56 14 46 64 33 60 2c 81 7a e6 a3 d0 57 68 12 59 23 36 76 1d 41 07 73 92 50 d8 ea 4e cc ba 3f 09 38 0f bb 13 b3 ee 4f b4 45 51 14 06 56 0e b4 34 1f 85 d3 20 0e b9 70 1a 48 fb 61 b9 25 31 ac 87 bb 36 76 2d 83 c0 de 11 41 c2 ba 13 b3 ee 4f 42 19 f6 27 66 dd 9f 24 09 9c e7 4e cc ba 3f e1 46 05 7b 62 d6 7b 39 32 96 bd 1c bd ee 4f 18 8d 65 d2 1d d9 8f 3d bf a8 17 64 6d 35 1f d6 73 b1 8b e7 c6 ae fb 3b e7 8b 01 b3 a0 64 24 91 e0 c6 28 22 b6 e8 50 09 4c 9d 62 0f 70 59 3c 0c bc 59 f9 5c e5 2b 45 ca dd e6 5e d5 43 b2 f8 07 54 00 3c 28 59 ac 07 a7 19 61 fa 2a e8 ce 08 19 fb 3c 61 80 dc 77 ef eb f7 a1 a1 0c 10 16 3f 08 93 8e 16 9f 9a f6 6b f6 a8 08 61 a4 7a 20 84 1b c2 e9 62 f0 63 20 28 4f ac 5e 12 e0 e0 91 49 86 58 a7 cb 69 be 79 a4 84 5c 54 83 df 5f 69 1f 6a 7c 8b 24 d0 ca 1f e8 fc 6d 3a b9 99 cf e6 8b e9 2d 59 a6 e3 13 72 75 35 19 11 62 04 89 98 f8 9c f5 ca 03 bd fa c2 f9 ed 6c f2 db f4 ca 50 fc e1 5d 0d 05 f7 c8 64 b6 18 7a 7f 1b 32 e1 91 21 67 de 42 af 6e ee a6 b7 c3 bf 93 c5 97 81 cf 12 d9 73 f2 90 b1 e9 e8 6e 44 e4 e2 33 49 db 5a a9 f6 84 a4 bb bc 55 48 3b 16 58 57 d0 bd 64 ef 3a cf 36 f9 89 d3 08 0e b4 bb 97 af e4 5b 39 b8 ef 4e 83 80 05 54 db 63 a8 7c c6 61 76 cf f0 eb 53 55 2a 84 80 8d a4 94 23 29 d8 48 24 31 27 a7 6e 23 90 d1 28 48 02 6a 35 09 39 2e 0a a6 2f
Uses known network protocols on non-standard ports
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 8002
Source: unknown Network traffic detected: HTTP traffic on port 8002 -> 49735
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 8002
Source: unknown Network traffic detected: HTTP traffic on port 8002 -> 49735
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown TCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /Default.aspx?Pais=TMVb4l9krDsyWtcOACvZcw==&Tipo=5vw2xkejLdEpXNK8ckiYpA==&Val=Ju61jJ3lX3gIjnPLX+eDdQ==&Id=3243049&VR=1 HTTP/1.1Host: collectionsystem.veconinter.com:8002Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: collectionsystem.veconinter.com:8002Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://collectionsystem.veconinter.com:8002/Default.aspx?Pais=TMVb4l9krDsyWtcOACvZcw==&Tipo=5vw2xkejLdEpXNK8ckiYpA==&Val=Ju61jJ3lX3gIjnPLX+eDdQ==&Id=3243049&VR=1Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic DNS traffic detected: DNS query: collectionsystem.veconinter.com
Source: global traffic DNS traffic detected: DNS query: _8002._https.collectionsystem.veconinter.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0X-Powered-By: ASP.NETDate: Thu, 02 May 2024 14:05:05 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown HTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: classification engine Classification label: mal48.troj.win@18/4@4/5
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2204,i,6650186484633650709,15485496518386066990,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://collectionsystem.veconinter.com:8002/Default.aspx?Pais=TMVb4l9krDsyWtcOACvZcw==&Tipo=5vw2xkejLdEpXNK8ckiYpA==&Val=Ju61jJ3lX3gIjnPLX+eDdQ==&Id=3243049&VR=1"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2204,i,6650186484633650709,15485496518386066990,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Drops files with a non-matching file extension (content does not match file extension)
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 42
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 42 Jump to dropped file

Hooking and other Techniques for Hiding and Protection
barindex
Uses known network protocols on non-standard ports
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 8002
Source: unknown Network traffic detected: HTTP traffic on port 8002 -> 49735
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 8002
Source: unknown Network traffic detected: HTTP traffic on port 8002 -> 49735
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1435382 URL: http://collectionsystem.vec... Startdate: 02/05/2024 Architecture: WINDOWS Score: 48 26 Downloads files with wrong headers with respect to MIME Content-Type 2->26 28 Uses known network protocols on non-standard ports 2->28 6 chrome.exe 1 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.4, 138, 443, 49724 unknown unknown 6->14 16 192.168.2.5 unknown unknown 6->16 18 239.255.255.250 unknown Reserved 6->18 11 chrome.exe 6->11         started        process5 dnsIp6 20 _8002._https.collectionsystem.veconinter.com 11->20 22 collectionsystem.veconinter.com 209.208.210.36, 49735, 49736, 49737 QTS-MIAUS United States 11->22 24 www.google.com 142.251.40.196, 443, 49741, 49752 GOOGLEUS United States 11->24
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
239.255.255.250
 unknown Reserved
unknown unknown false
209.208.210.36
 collectionsystem.veconinter.com United States
11767 QTS-MIAUS false
142.251.40.196
 www.google.com United States
15169 GOOGLEUS false

Private

IP
192.168.2.4
192.168.2.5

Contacted Domains

Name IP Active
bg.microsoft.map.fastly.net 199.232.214.172 true
collectionsystem.veconinter.com 209.208.210.36 true
www.google.com 142.251.40.196 true
fp2e7a.wpc.phicdn.net 192.229.211.108 true
_8002._https.collectionsystem.veconinter.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
http://collectionsystem.veconinter.com:8002/Default.aspx?Pais=TMVb4l9krDsyWtcOACvZcw==&Tipo=5vw2xkejLdEpXNK8ckiYpA==&Val=Ju61jJ3lX3gIjnPLX+eDdQ==&Id=3243049&VR=1 false
    		unknown
    http://collectionsystem.veconinter.com:8002/favicon.ico false
    • Avira URL Cloud: safe
    		 unknown