Windows Analysis Report
https://jzebra.com/wp-admin/css/colors/blue/telpiiaaa?OyNmbSPjwj

Overview

General Information

Sample URL: https://jzebra.com/wp-admin/css/colors/blue/telpiiaaa?OyNmbSPjwj
Analysis ID: 1606871
Infos:

Detection

Score: 48
Range: 0 - 100
Confidence: 100%

Signatures

Antivirus / Scanner detection for submitted sample
Stores files to the Windows start menu directory

Classification

AV Detection

barindex
Source: https://jzebra.com/wp-admin/css/colors/blue/telpiiaaa?OyNmbSPjwj Avira URL Cloud: detection malicious, Label: malware
Source: unknown HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.17:64512 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:64531 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:64532 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.17:64533 version: TLS 1.2
Source: chrome.exe Memory has grown: Private usage: 18MB later: 31MB
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: global traffic DNS traffic detected: DNS query: jzebra.com
Source: global traffic DNS traffic detected: DNS query: cdn.shopify.com
Source: global traffic DNS traffic detected: DNS query: gtm.shopify.com
Source: global traffic DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: unknown Network traffic detected: HTTP traffic on port 64513 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64485 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64488 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64516 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64491 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64499 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64510 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64531 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64473
Source: unknown Network traffic detected: HTTP traffic on port 64504 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64468 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown Network traffic detected: HTTP traffic on port 64482 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64505
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64504
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64506
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64509
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64508
Source: unknown Network traffic detected: HTTP traffic on port 64479 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64466
Source: unknown Network traffic detected: HTTP traffic on port 64496 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64501
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64468
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64500
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64503
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64502
Source: unknown Network traffic detected: HTTP traffic on port 64509 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64480
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64482
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64484
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64483
Source: unknown Network traffic detected: HTTP traffic on port 64515 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64483 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64516
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64515
Source: unknown Network traffic detected: HTTP traffic on port 64486 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64518
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64517
Source: unknown Network traffic detected: HTTP traffic on port 64501 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64520 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64475
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64474
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64477
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64510
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64476
Source: unknown Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64479
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64512
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64478
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64511
Source: unknown Network traffic detected: HTTP traffic on port 64474 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64514
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64513
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64491
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64490
Source: unknown Network traffic detected: HTTP traffic on port 64497 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64493
Source: unknown Network traffic detected: HTTP traffic on port 64506 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64537 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64492
Source: unknown Network traffic detected: HTTP traffic on port 64512 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64495
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64494
Source: unknown Network traffic detected: HTTP traffic on port 64466 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64480 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64527
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64526
Source: unknown Network traffic detected: HTTP traffic on port 64517 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64523 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64486
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64485
Source: unknown Network traffic detected: HTTP traffic on port 64494 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64488
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64487
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64520
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64523
Source: unknown Network traffic detected: HTTP traffic on port 64477 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64489
Source: unknown Network traffic detected: HTTP traffic on port 64475 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64498 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64532 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64503 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64537
Source: unknown Network traffic detected: HTTP traffic on port 64526 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64497
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64496
Source: unknown Network traffic detected: HTTP traffic on port 64495 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64499
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64532
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64498
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64531
Source: unknown Network traffic detected: HTTP traffic on port 64478 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64533
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 64535
Source: unknown Network traffic detected: HTTP traffic on port 64535 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64508 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64514 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64500 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64489 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64492 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64511 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64505 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64518 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64493 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64476 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64533 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64502 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64484 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64487 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64527 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64473 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64490 -> 443
Source: unknown HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.17:64512 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:64531 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:64532 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.17:64533 version: TLS 1.2
Source: classification engine Classification label: mal48.win@17/6@14/154
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1900,i,9773269369724412599,3458966232268932431,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://jzebra.com/wp-admin/css/colors/blue/telpiiaaa?OyNmbSPjwj"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1900,i,9773269369724412599,3458966232268932431,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk