Analysis Report https://www.google.com/search?client=ms-android-sprint-us-revc&cds=0&hl=en-US&v=10.99.8.21.arm64&output=search&q=American+Signature+Furniture&ludocid=15209532359233317364&ibp=gwp;0,7&lsig=AB86z5VPw9g7heJzi-zp58GAjI2J&kgs=44d93a1682d99354&shndl=-1&source=sh/x/kp/local&entrypoint=sh/x/kp/local

Overview

General Information

Sample URL: https://www.google.com/search?client=ms-android-sprint-us-revc&cds=0&hl=en-US&v=10.99.8.21.arm64&output=search&q=American+Signature+Furniture&ludocid=15209532359233317364&ibp=gwp;0,7&lsig=AB86z5VPw9g7heJzi-zp58GAjI2J&kgs=44d93a1682d99354&shndl=-1&source=sh/x/kp/local&entrypoint=sh/x/kp/local
Analysis ID: 321422

Most interesting Screenshot:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Found iframes
Unusual large HTML page

Classification

Phishing:

barindex
Found iframes
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=268122652&timestamp=1606034095154
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: Iframe src: /_/bscframe
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=268122652&timestamp=1606034095154
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: Iframe src: /_/bscframe
Unusual large HTML page
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: Total size: 1574748
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: Total size: 1574748
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fsearch%3Fclient%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.8.21.arm64%26output%3Dsearch%26q%3DAmerican%2BSignature%2BFurniture%26ludocid%3D15209532359233317364%26lsig%3DAB86z5VPw9g7heJzi-zp58GAjI2J%26kgs%3D44d93a1682d99354%26shndl%3D-1%26source%3Dsh%2Fx%2Fkp%2Flocal%26entrypoint%3Dsh%2Fx%2Fkp%2Flocal&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: No <meta name="copyright".. found
Source: QuotaManager.0.dr String found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: 254860627ea58bfd_0.0.dr String found in binary or memory: +_keyhttps://www.youtube.com/s/player/a3726513/player_ias.vflset/en_GB/base.js equals www.youtube.com (Youtube)
Source: 000003.log3.0.dr String found in binary or memory: -_https://www.youtube.com equals www.youtube.com (Youtube)
Source: LOG20.0.dr String found in binary or memory: 2020/11/22-00:35:09.092 12b8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb/MANIFEST-000001 equals www.youtube.com (Youtube)
Source: 000003.log3.0.dr String found in binary or memory: 5_https://www.youtube.com equals www.youtube.com (Youtube)
Source: QuotaManager.0.dr String found in binary or memory: =https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: 144ef21f45f1e743_0.0.dr String found in binary or memory: G_keyhttps://www.youtube.com/s/player/a3726513/player_ias.vflset/en_GB/embed.js equals www.youtube.com (Youtube)
Source: 000003.log0.0.dr String found in binary or memory: Gnamespace-5c249d5c_d5da_4647_8443_06a0b67c252e-https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: 000003.log3.0.dr String found in binary or memory: META:https://www.youtube.com equals www.youtube.com (Youtube)
Source: 000003.log3.0.dr String found in binary or memory: _https://www.youtube.com equals www.youtube.com (Youtube)
Source: 254860627ea58bfd_0.0.dr String found in binary or memory: _keyhttps://www.youtube.com/s/player/a3726513/player_ias.vflset/en_GB/base.js equals www.youtube.com (Youtube)
Source: 144ef21f45f1e743_0.0.dr String found in binary or memory: _keyhttps://www.youtube.com/s/player/a3726513/player_ias.vflset/en_GB/embed.js equals www.youtube.com (Youtube)
Source: 454fa601ebb6d503_0.0.dr String found in binary or memory: _keyhttps://www.youtube.com/s/player/a3726513/player_ias.vflset/en_GB/remote.js equals www.youtube.com (Youtube)
Source: f7265c5a246ef76d_0.0.dr String found in binary or memory: _keyhttps://www.youtube.com/s/player/a3726513/www-embed-player.vflset/www-embed-player.js equals www.youtube.com (Youtube)
Source: c9c88edbb2f2b0dc_0.0.dr String found in binary or memory: _keyhttps://www.youtube.com/yts/jsbin/fetch-polyfill-vfl6MZH8P/fetch-polyfill.js equals www.youtube.com (Youtube)
Source: QuotaManager.0.dr String found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: Current Session.0.dr String found in binary or memory: https://www.youtube.com/embed/TBR-xtJVq7E?rel=0&showinfo=0&theme=light&version=3&hl=en-GB&cc_lang_pref=en-GB&cc_load_policy=1&enablejsapi=1 equals www.youtube.com (Youtube)
Source: 000005.ldb.0.dr String found in binary or memory: https_www.youtube.com_0@1 equals www.youtube.com (Youtube)
Source: 77EC63BDA74BD0D0E0426DC8F8008506.1.dr String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: 32c3d672cc1d2ffe_0.0.dr String found in binary or memory: http://hammerjs.github.io/
Source: 80bd3b9deb2fc231_0.0.dr String found in binary or memory: https://abusereporting-pa.googleapis.com/
Source: 000003.log3.0.dr, Current Session.0.dr, bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr, manifest.json0.0.dr String found in binary or memory: https://accounts.google.com
Source: Current Session.0.dr String found in binary or memory: https://accounts.google.com#
Source: 5d1021dd1c886521_0.0.dr String found in binary or memory: https://accounts.google.com/
Source: 9a2c6b1bc5bad11b_0.0.dr String found in binary or memory: https://accounts.google.com/F
Source: Current Session.0.dr, History-journal.0.dr, Favicons-journal.0.dr String found in binary or memory: https://accounts.google.com/ServiceLogin?hl=en-GB&continue=https://www.google.com/search?client%3Dms
Source: Current Session.0.dr String found in binary or memory: https://accounts.google.com/_/bscframe
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: Current Session.0.dr, History-journal.0.dr, Favicons-journal.0.dr String found in binary or memory: https://accounts.google.com/signin/v2/identifier?hl=en-GB&continue=https%3A%2F%2Fwww.google.com%2Fse
Source: Current Session.0.dr String found in binary or memory: https://accounts.google.comh
Source: Current Session.0.dr String found in binary or memory: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=26812
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr, manifest.json0.0.dr, 0938faa2c7382ff6_0.0.dr String found in binary or memory: https://apis.google.com
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uhBKOtz6fOw.O/m=gapi_iframes
Source: 32c3d672cc1d2ffe_0.0.dr String found in binary or memory: https://apis.google.com/js/api.js
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr String found in binary or memory: https://clients2.googleusercontent.com
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://clients6.google.com
Source: Current Session.0.dr String found in binary or memory: https://consent.google.com
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://consent.google.com/
Source: History-journal.0.dr String found in binary or memory: https://consent.google.com/intro/?continue=https://www.google.com/search?client%3Dms-android-sprint-
Source: Current Session.0.dr String found in binary or memory: https://consent.google.com/intro/?continue=https://www.google.com/search?output%3Dsearch%26q%3DAmeri
Source: Current Session.0.dr String found in binary or memory: https://consent.google.comh
Source: manifest.json0.0.dr, f962611846867f6f_0.0.dr String found in binary or memory: https://content.googleapis.com
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr, 5585c53e-1514-4341-b413-6a85fd8207a3.tmp.1.dr, 1cc6f51f-0d7a-49e2-8c69-e8e543754c15.tmp.1.dr String found in binary or memory: https://dns.google
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://domains.google.com/suggest/flow
Source: manifest.json0.0.dr String found in binary or memory: https://feedback.googleusercontent.com
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.googleapis.com;
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr String found in binary or memory: https://fonts.gstatic.com
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://fonts.gstatic.com/
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.gstatic.com;
Source: Current Session.0.dr String found in binary or memory: https://g.co/privacytools
Source: Favicons.0.dr String found in binary or memory: https://g.co/privacytoolsB
Source: History-journal.0.dr String found in binary or memory: https://g.co/privacytoolsGoogle
Source: Current Session.0.dr String found in binary or memory: https://g.co/privacytoolsPa
Source: b40c327146099004_0.0.dr, 86386a3af2353208_0.0.dr, b7c992804103db90_0.0.dr, 8a55507a4f362365_0.0.dr, 0958718521ed43d6_0.0.dr, c70d512434b6e272_0.0.dr, f015d622cd069f06_0.0.dr, 5dd4a1a7a333c37c_0.0.dr String found in binary or memory: https://google.com/
Source: 69cebd24b3078263_0.0.dr String found in binary or memory: https://google.com/#
Source: 97ac745c09ac40ee_0.0.dr String found in binary or memory: https://google.com/%
Source: ba76321cc144ca23_0.0.dr String found in binary or memory: https://google.com//
Source: 1acc121542ffa875_0.0.dr String found in binary or memory: https://google.com/1g
Source: 5e7582dba997c456_0.0.dr String found in binary or memory: https://google.com/3
Source: 2ded1a5cf15402f2_0.0.dr String found in binary or memory: https://google.com/6
Source: acf8c0290fd753c8_0.0.dr String found in binary or memory: https://google.com/7
Source: c2b3c7750882be55_0.0.dr String found in binary or memory: https://google.com/8(
Source: 9e2b7167df9e7c32_0.0.dr String found in binary or memory: https://google.com/:
Source: b9a421c6599725ee_0.0.dr String found in binary or memory: https://google.com/?
Source: a70ed95b7e4d660b_0.0.dr String found in binary or memory: https://google.com/C
Source: 18ea8ffbc75b74b4_0.0.dr String found in binary or memory: https://google.com/EE
Source: 3bd902ca2fd015c3_0.0.dr String found in binary or memory: https://google.com/H
Source: 3dbe54b7c92541c6_0.0.dr String found in binary or memory: https://google.com/L
Source: bb8deacc9f015eb5_0.0.dr String found in binary or memory: https://google.com/O
Source: da715ed3177f8676_0.0.dr String found in binary or memory: https://google.com/Q
Source: ef6202e5aa1f462c_0.0.dr String found in binary or memory: https://google.com/UPk=D
Source: 30f8dbaa515b59e9_0.0.dr String found in binary or memory: https://google.com/VH
Source: e1a2f8a29b5d4b61_0.0.dr String found in binary or memory: https://google.com/XW
Source: 2bd3df993c1f2c0d_0.0.dr String found in binary or memory: https://google.com/_
Source: 4fd513903f00e879_0.0.dr String found in binary or memory: https://google.com/ate
Source: b8fc3ca04d990138_0.0.dr, 3823e368f1287c79_0.0.dr String found in binary or memory: https://google.com/e
Source: 47a04016281937c6_0.0.dr String found in binary or memory: https://google.com/f
Source: 84c6cec054292ece_0.0.dr String found in binary or memory: https://google.com/f/
Source: b58f7f10cc4128a1_0.0.dr String found in binary or memory: https://google.com/h
Source: 6cc1b32ba87be0a6_0.0.dr String found in binary or memory: https://google.com/j
Source: 2f792944c51bfba8_0.0.dr String found in binary or memory: https://google.com/l
Source: da6180db41b46c04_0.0.dr String found in binary or memory: https://google.com/m
Source: dbada67b2b04875a_0.0.dr String found in binary or memory: https://google.com/o7
Source: dc58d7b2a820fbfa_0.0.dr String found in binary or memory: https://google.com/t
Source: 6e8a55a99d416521_0.0.dr String found in binary or memory: https://google.com/v
Source: 1b8631eb143483e6_0.0.dr, aca25b605b4e036e_0.0.dr String found in binary or memory: https://google.com/~
Source: manifest.json0.0.dr String found in binary or memory: https://hangouts.google.com/
Source: Current Session.0.dr String found in binary or memory: https://myaccount.google.com
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://myaccount.google.com/
Source: Current Session.0.dr, History-journal.0.dr, Favicons.0.dr String found in binary or memory: https://myaccount.google.com/intro/data-and-personalization
Source: History-journal.0.dr String found in binary or memory: https://myaccount.google.com/intro/data-and-personalizationGoogle
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr String found in binary or memory: https://ogs.google.com
Source: manifest.json.0.dr String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr String found in binary or memory: https://play.google.com
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://plus.google.com
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://plus.googleapis.com
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com#
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://policies.google.com/
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/privacy/google-partners?hl=en-GB
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/privacy/google-partners?hl=en-GB5
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/privacy/google-partners?hl=en-GB5Who
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/privacy/google-partners?hl=en-GB?N
Source: History-journal.0.dr String found in binary or memory: https://policies.google.com/privacy/google-partners?hl=en-GBWho
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/technologies/cookies?hl=en-GB
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/technologies/cookies?hl=en-GB2How
Source: History-journal.0.dr String found in binary or memory: https://policies.google.com/technologies/cookies?hl=en-GBHow
Source: manifest.json.0.dr String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: Web Data-journal.0.dr String found in binary or memory: https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
Source: Web Data-journal.0.dr String found in binary or memory: https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: df2db86ec0c3b16d_0.0.dr String found in binary or memory: https://ssl.google-analytics.com/ga.js
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr String found in binary or memory: https://ssl.gstatic.com
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://ssl.gstatic.com/
Source: 5d1021dd1c886521_0.0.dr, 123d9cf47eb9acc1_0.0.dr, 9a2c6b1bc5bad11b_0.0.dr String found in binary or memory: https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.-ALgbehIEd4.O/am=LwACPnABNOAHA
Source: 32c3d672cc1d2ffe_0.0.dr String found in binary or memory: https://ssl.gstatic.com/local/constellations/save_icon
Source: Favicons.0.dr String found in binary or memory: https://ssl.gstatic.com/policies/favicon.ico
Source: Favicons.0.dr String found in binary or memory: https://ssl.gstatic.com/policies/favicon.ico&
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: fb115ac48ce43fac_0.0.dr, 6a0676885a5ba6a3_0.0.dr String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: 3dbe54b7c92541c6_0.0.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: 000003.log3.0.dr, Current Session.0.dr, bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr, manifest.json0.0.dr String found in binary or memory: https://www.google.com
Source: 000003.log0.0.dr String found in binary or memory: https://www.google.com/
Source: Web Data-journal.0.dr, Favicons-journal.0.dr String found in binary or memory: https://www.google.com/favicon.ico
Source: Web Data-journal.0.dr String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: ef6202e5aa1f462c_0.0.dr String found in binary or memory: https://www.google.com/js/bg/4IW46-sErkYtdG90vazNGetG_O2G-npaJ7F7BI5RzXE.js
Source: 24db904a44e6e21b_0.0.dr String found in binary or memory: https://www.google.com/js/bg/7ACX1ll8pxmp-W5IFnwplmFbwq_vDvpxp5bFF4q7ftk.js
Source: a2b8415b36b20380_0.0.dr String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: Favicons.0.dr, 000003.log0.0.dr, History.0.dr String found in binary or memory: https://www.google.com/search?client%3Dms-android-sprint-us-revc%26cds%3D0%26hl%3Den-US%26v%3D10.99.
Source: History.0.dr String found in binary or memory: https://www.google.com/search?client=ms-android-sprint-us-revc&cds=0&hl=en-US&v=10.99.8.21.arm64&out
Source: 898189f0ee53ebfd_0.0.dr, 97ac745c09ac40ee_0.0.dr, c2b3c7750882be55_0.0.dr, b401b77d11ec44bf_0.0.dr, 6cc1b32ba87be0a6_0.0.dr String found in binary or memory: https://www.google.com/xjs/_/js/k=xjs.s.en_GB.X69kBR15KlE.O/ck=xjs.s.71pDTcRKLKw.L.W.O/am=AAgAAAAAAI
Source: 6a0676885a5ba6a3_0.0.dr String found in binary or memory: https://www.google.com/xjs/_/js/k=xjs.s.en_GB.X69kBR15KlE.O/ck=xjs.s.71pDTcRKLKw.L.W.O/m=ZyRBae
Source: aca25b605b4e036e_0.0.dr String found in binary or memory: https://www.google.com/xjs/_/js/k=xjs.s.en_GB.X69kBR15KlE.O/ck=xjs.s.71pDTcRKLKw.L.W.O/m=sb
Source: manifest.json0.0.dr String found in binary or memory: https://www.google.com;
Source: Current Session.0.dr String found in binary or memory: https://www.google.comh
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: f962611846867f6f_0.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: bf58626b-659d-41ab-9ae5-8ebd2d7fac2c.tmp.1.dr String found in binary or memory: https://www.gstatic.com
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://www.gstatic.com/
Source: bdb3e98ddc29842d_0.0.dr, 3e2620275aa04276_0.0.dr, ba76321cc144ca23_0.0.dr, 379b5dfb1ebaf14a_0.0.dr String found in binary or memory: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountSettingsUi.en_US.sM9_cyDJhDM.2
Source: 3b7f8d8816278017_0.0.dr String found in binary or memory: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.kBmSBeixNb8.es5.O/ck=
Source: e14444d84ee75da0_0.0.dr, b974b23e3fa4bdff_0.0.dr, cbe145cc73781e65_0.0.dr String found in binary or memory: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en_GB.MBDOVljkoZg.
Source: 2f792944c51bfba8_0.0.dr, da6180db41b46c04_0.0.dr, 5dd4a1a7a333c37c_0.0.dr, 3823e368f1287c79_0.0.dr String found in binary or memory: https://www.gstatic.com/_/mss/boq-search/_/js/k=boq-search.VisualFrontendUi.en_US.FCax_lLEE3A.es5.O/
Source: 0938faa2c7382ff6_0.0.dr, 328e3e7e1ea85c6d_0.0.dr String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: 0938faa2c7382ff6_0.0.dr, 328e3e7e1ea85c6d_0.0.dr String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: 0938faa2c7382ff6_0.0.dr, 328e3e7e1ea85c6d_0.0.dr String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: 0938faa2c7382ff6_0.0.dr, 3bd902ca2fd015c3_0.0.dr String found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.Uy00yW1PZ_k.O/rt=j/m=q_d
Source: 328e3e7e1ea85c6d_0.0.dr String found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.Uy00yW1PZ_k.O/rt=j/m=qabr
Source: manifest.json0.0.dr String found in binary or memory: https://www.gstatic.com;
Source: 000003.log3.0.dr String found in binary or memory: https://www.youtube.com
Source: QuotaManager.0.dr, 000003.log0.0.dr String found in binary or memory: https://www.youtube.com/
Source: Current Session.0.dr String found in binary or memory: https://www.youtube.com/embed/TBR-xtJVq7E?rel=0&showinfo=0&theme=light&version=3&hl=en-GB&cc_lang_pr
Source: 254860627ea58bfd_0.0.dr String found in binary or memory: https://www.youtube.com/s/player/a3726513/player_ias.vflset/en_GB/base.js
Source: 144ef21f45f1e743_0.0.dr String found in binary or memory: https://www.youtube.com/s/player/a3726513/player_ias.vflset/en_GB/embed.js
Source: 454fa601ebb6d503_0.0.dr String found in binary or memory: https://www.youtube.com/s/player/a3726513/player_ias.vflset/en_GB/remote.js
Source: f7265c5a246ef76d_0.0.dr String found in binary or memory: https://www.youtube.com/s/player/a3726513/www-embed-player.vflset/www-embed-player.js
Source: c9c88edbb2f2b0dc_0.0.dr String found in binary or memory: https://www.youtube.com/yts/jsbin/fetch-polyfill-vfl6MZH8P/fetch-polyfill.js
Source: c9c88edbb2f2b0dc_0.0.dr String found in binary or memory: https://youtube.com/
Source: 24db904a44e6e21b_0.0.dr String found in binary or memory: https://youtube.com/T
Source: 454fa601ebb6d503_0.0.dr String found in binary or memory: https://youtube.com/r
Source: classification engine Classification label: clean1.win@51/289@0/44
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-5FBA229D-F6C.pma Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Temp\cf770466-20e4-4862-91e1-db4f0399dfe3.tmp Jump to behavior
Source: QuotaManager.0.dr Binary or memory string: CREATE TABLE HostQuotaTable(host TEXT NOT NULL, type INTEGER NOT NULL, quota INTEGER DEFAULT 0, UNIQUE(host, type));
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://www.google.com/search?client=ms-android-sprint-us-revc&cds=0&hl=en-US&v=10.99.8.21.arm64&output=search&q=American+Signature+Furniture&ludocid=15209532359233317364&ibp=gwp;0,7&lsig=AB86z5VPw9g7heJzi-zp58GAjI2J&kgs=44d93a1682d99354&shndl=-1&source=sh/x/kp/local&entrypoint=sh/x/kp/local'
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,7296235884342804738,17520152805246436840,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1892 /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1504,7296235884342804738,17520152805246436840,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=3568 /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1504,7296235884342804738,17520152805246436840,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=3876 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,7296235884342804738,17520152805246436840,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1892 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1504,7296235884342804738,17520152805246436840,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=3568 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1504,7296235884342804738,17520152805246436840,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=3876 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 321422 URL: https://www.google.com/sear... Startdate: 22/11/2020 Architecture: WINDOWS Score: 1 5 chrome.exe 15 501 2->5         started        dnsIp3 15 10.99.8.21 unknown unknown 5->15 17 192.168.2.1 unknown unknown 5->17 19 239.255.255.250 unknown Reserved 5->19 8 chrome.exe 195 5->8         started        11 chrome.exe 1 6 5->11         started        13 chrome.exe 5->13         started        process4 dnsIp5 21 74.208.236.86 ONEANDONE-ASBrauerstrasse48DE United States 8->21 23 142.250.74.206 GOOGLEUS United States 8->23 25 39 other IPs or domains 8->25
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
142.250.74.206
unknown United States
15169 GOOGLEUS false
74.208.236.86
unknown United States
8560 ONEANDONE-ASBrauerstrasse48DE false
172.217.18.14
unknown United States
15169 GOOGLEUS false
216.58.207.46
unknown United States
15169 GOOGLEUS false
216.58.206.14
unknown United States
15169 GOOGLEUS false
2.20.142.210
unknown European Union
20940 AKAMAI-ASN1EU false
216.58.208.36
unknown United States
15169 GOOGLEUS false
13.224.89.61
unknown United States
16509 AMAZON-02US false
172.217.21.238
unknown United States
15169 GOOGLEUS false
8.8.8.8
unknown United States
15169 GOOGLEUS false
216.58.205.226
unknown United States
15169 GOOGLEUS false
216.58.205.227
unknown United States
15169 GOOGLEUS false
172.217.22.46
unknown United States
15169 GOOGLEUS false
172.217.18.99
unknown United States
15169 GOOGLEUS false
216.58.212.174
unknown United States
15169 GOOGLEUS false
172.217.18.110
unknown United States
15169 GOOGLEUS false
172.217.16.142
unknown United States
15169 GOOGLEUS false
104.83.86.111
unknown United States
16625 AKAMAI-ASUS false
172.217.16.202
unknown United States
15169 GOOGLEUS false
172.217.18.173
unknown United States
15169 GOOGLEUS false
173.194.182.74
unknown United States
15169 GOOGLEUS false
216.58.207.74
unknown United States
15169 GOOGLEUS false
172.217.16.129
unknown United States
15169 GOOGLEUS false
216.58.212.134
unknown United States
15169 GOOGLEUS false
172.217.23.118
unknown United States
15169 GOOGLEUS false
172.217.21.206
unknown United States
15169 GOOGLEUS false
104.83.122.17
unknown United States
16625 AKAMAI-ASUS false
74.125.140.157
unknown United States
15169 GOOGLEUS false
172.217.23.163
unknown United States
15169 GOOGLEUS false
239.255.255.250
unknown Reserved
unknown unknown false
172.217.21.194
unknown United States
15169 GOOGLEUS false
216.58.212.162
unknown United States
15169 GOOGLEUS false
216.58.212.163
unknown United States
15169 GOOGLEUS false
173.194.187.8
unknown United States
15169 GOOGLEUS false
172.217.16.193
unknown United States
15169 GOOGLEUS false
172.217.18.104
unknown United States
15169 GOOGLEUS false
172.217.23.161
unknown United States
15169 GOOGLEUS false
172.217.16.130
unknown United States
15169 GOOGLEUS false
172.217.16.174
unknown United States
15169 GOOGLEUS false
104.79.91.108
unknown United States
16625 AKAMAI-ASUS false
172.217.16.131
unknown United States
15169 GOOGLEUS false

Private

IP
192.168.2.1
10.99.8.21
127.0.0.1

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://www.youtube.com/embed/TBR-xtJVq7E?rel=0&showinfo=0&theme=light&version=3&hl=en-GB&cc_lang_pref=en-GB&cc_load_policy=1&enablejsapi=1 false
    high