Analysis Report http://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=136&afmt=140&cpn=5DggZi95_9aw-qp-&ei=GQTIX_K_AciR8wSMoJj4Dw&el=detailpage&docid=EXTOcETE9uE&ns=yt&fexp=23735348,23744176,23748146,23804281,23839597,23856950,23857949,23858057,23868333,23882502,23884386,23890959,23895671,23911055,23915991,23918597,23932524,23934970,23942338,23942633,23944779,23946420,23948841,23950597,23951620,23958692,23961733,23967043,23969486,23969935,23970399,23970896,23970974,23973496,23974520,23976579,24631715,24631885,3300113,3300133,3300161,3313321,3316843,3318011,3318700,3318773,3319220,3320540,3329299,9449243&cl=344723416&live=dvr&seq=88&cbr=Chrome&cbrver=87.0.4280.66&c=WEB&cver=2.20201201.03.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&bh=851.298:22.482,857.799:20.974,860.004:18.974&e2el=851.298:27.573,857.799:27.570&vps=860.004:PL&bwm=860.004:813153:11.755&bwe=860.004:1062927&bat=860.004:1:1&cmt=860.004:37236.227
Overview
General Information
Sample URL: | http://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=136&afmt=140&cpn=5DggZi95_9aw-qp-&ei=GQTIX_K_AciR8wSMoJj4Dw&el=detailpage&docid=EXTOcETE9uE&ns=yt&fexp=23735348,23744176,23748146,23804281,23839597,23856950,23857949,23858057,23868333,23882502,23884386,23890959,23895671,23911055,23915991,23918597,23932524,23934970,23942338,23942633,23944779,23946420,23948841,23950597,23951620,23958692,23961733,23967043,23969486,23969935,23970399,23970896,23970974,23973496,23974520,23976579,24631715,24631885,3300113,3300133,3300161,3313321,3316843,3318011,3318700,3318773,3319220,3320540,3329299,9449243&cl=344723416&live=dvr&seq=88&cbr=Chrome&cbrver=87.0.4280.66&c=WEB&cver=2.20201201.03.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&bh=851.298:22.482,857.799:20.974,860.004:18.974&e2el=851.298:27.573,857.799:27.570&vps=860.004:PL&bwm=860.004:813153:11.755&bwe=860.004:1062927&bat=860.004:1:1&cmt=860.004:37236.227 |
Analysis ID: | 326176 |
Most interesting Screenshot: | |
Errors
|
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
Startup |
---|
|
Malware Configuration |
---|
No configs have been found |
---|
Yara Overview |
---|
No yara matches |
---|
Sigma Overview |
---|
No Sigma rule has matched |
---|
Signature Overview |
---|
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | File opened: | Jump to behavior |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | Path Interception | Process Injection1 | Masquerading1 | OS Credential Dumping | File and Directory Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Non-Application Layer Protocol1 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Process Injection1 | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Application Layer Protocol1 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe |
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
No Antivirus matches |
---|
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
No Antivirus matches |
---|
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.youtube.com | unknown | unknown | false | high |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
Contacted IPs |
---|
No contacted IP infos |
---|
General Information |
---|
Joe Sandbox Version: | 31.0.0 Red Diamond |
Analysis ID: | 326176 |
Start date: | 03.12.2020 |
Start time: | 01:11:08 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 2m 6s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=136&afmt=140&cpn=5DggZi95_9aw-qp-&ei=GQTIX_K_AciR8wSMoJj4Dw&el=detailpage&docid=EXTOcETE9uE&ns=yt&fexp=23735348,23744176,23748146,23804281,23839597,23856950,23857949,23858057,23868333,23882502,23884386,23890959,23895671,23911055,23915991,23918597,23932524,23934970,23942338,23942633,23944779,23946420,23948841,23950597,23951620,23958692,23961733,23967043,23969486,23969935,23970399,23970896,23970974,23973496,23974520,23976579,24631715,24631885,3300113,3300133,3300161,3313321,3316843,3318011,3318700,3318773,3319220,3320540,3329299,9449243&cl=344723416&live=dvr&seq=88&cbr=Chrome&cbrver=87.0.4280.66&c=WEB&cver=2.20201201.03.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&bh=851.298:22.482,857.799:20.974,860.004:18.974&e2el=851.298:27.573,857.799:27.570&vps=860.004:PL&bwm=860.004:813153:11.755&bwe=860.004:1062927&bat=860.004:1:1&cmt=860.004:37236.227 |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 4 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | UNKNOWN |
Classification: | unknown0.win@3/13@1/0 |
Cookbook Comments: |
|
Warnings: | Show All
|
Errors: |
|
Simulations |
---|
Behavior and APIs |
---|
No simulations |
---|
Joe Sandbox View / Context |
---|
Created / dropped Files |
---|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 30296 |
Entropy (8bit): | 1.854961295866747 |
Encrypted: | false |
SSDEEP: | 192:rFZGZa2f9WPtNnf0d6+M0SmTccHlfAdruX:rLiZfUVl1k9dp |
MD5: | 980A751404AD5F11EF740B81AE4784D6 |
SHA1: | B19BAB3C3BE9666AC146C0044C5521B6C659FAD5 |
SHA-256: | AB6B2EF8AF6BA380C72C2A191732D029BDBCCB0AE716A8E3EEBA07F4C0AB182F |
SHA-512: | 8B7DFB1F0C02FCCE9687186A4860B4F42BD5B01131C9EDCF0E206CE7FC29D6271D7953D5516C8A7D4000E9DC0385DB1875329BAA4A59F9FFB2ED9B715D663CAD |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 25940 |
Entropy (8bit): | 1.9302740102735119 |
Encrypted: | false |
SSDEEP: | 96:rUZAQE6qBSWFjN20kWqMlYpSvsOhTl8IMsa8TRg:rUZAQE6qkWFjN20kWqMlYpWTi+/Rg |
MD5: | 918F61567ADC9F87EDDFF3ED0A596AD8 |
SHA1: | 8ACABDA1221023BA37E3F3AD2076CBFAAFA48273 |
SHA-256: | 59109C7D7A1621C458ACC8E3BC4C0857900E555AEF8A35BFB0E61F2AF04B5006 |
SHA-512: | 93FBD2DB39299B919D309341C289F2614DFFCB3E0100168116AC3FAC7436D054BC60622C0A354999ADDB539B88C1B93E8CA1C5C54230A3DEAAC633245355895D |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16984 |
Entropy (8bit): | 1.5665473838269448 |
Encrypted: | false |
SSDEEP: | 48:IwsQhGcprdGwpaQhG4pQQGrapbSyrGQpKnG7HpRzsTGIpG:rFZHQU6uBSyFAGTz4A |
MD5: | C2A9A2F14969140ADA687BC4167A6F2F |
SHA1: | 6F2E61442C95C79C3BF421B90BED02FA9FEC7684 |
SHA-256: | D4979410A66F848BA8C6FBF6B69DEC11D55C9A84B0831B4AAD54779AF47D1253 |
SHA-512: | EA87AFA0C5F7109A412602D837E6DA6F92DC6D4594028410F40802B4E45946798C2B19D14F72FA450C2A6FCD5F855BCCFC3983667D8DB4650C4A7B682237AC2F |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 453 |
Entropy (8bit): | 5.019973044227213 |
Encrypted: | false |
SSDEEP: | 6:3llVuiPjlXJYhg5suRd8PImMo23C/kHrJ8yA/NIeYoWg78C/vTFvbKLAh3:V/XPYhiPRd8j7+9LoIrobtHTdbKi |
MD5: | 20F0110ED5E4E0D5384A496E4880139B |
SHA1: | 51F5FC61D8BF19100DF0F8AADAA57FCD9C086255 |
SHA-256: | 1471693BE91E53C2640FE7BAEECBC624530B088444222D93F2815DFCE1865D5B |
SHA-512: | 5F52C117E346111D99D3B642926139178A80B9EC03147C00E27F07AAB47FE38E9319FE983444F3E0E36DEF1E86DD7C56C25E44B14EFDC3F13B45EDEDA064DB5A |
Malicious: | false |
Reputation: | low |
IE Cache URL: | res://ieframe.dll/background_gradient.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4720 |
Entropy (8bit): | 5.164796203267696 |
Encrypted: | false |
SSDEEP: | 96:z9UUiqRxqH211CUIRgRLnRynjZbRXkRPRk6C87Apsat/5/+mhPcF+5g+mOQb7A9o:JsUOG1yNlX6ZzWpHOWLia16Cb7bk |
MD5: | D65EC06F21C379C87040B83CC1ABAC6B |
SHA1: | 208D0A0BB775661758394BE7E4AFB18357E46C8B |
SHA-256: | A1270E90CEA31B46432EC44731BF4400D22B38EB2855326BF934FE8F1B169A4F |
SHA-512: | 8A166D26B49A5D95AEA49BC649E5EA58786A2191F4D2ADAC6F5FBB7523940CE4482D6A2502AA870A931224F215CB2010A8C9B99A2C1820150E4D365CAB28299E |
Malicious: | false |
Reputation: | low |
IE Cache URL: | res://ieframe.dll/errorPageStrings.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2168 |
Entropy (8bit): | 5.207912016937144 |
Encrypted: | false |
SSDEEP: | 24:5+j5xU5k5N0ndgvoyeP0yyiyQCDr3nowMVworDtX3orKxWxDnCMA0da+hieyuSQK:5Q5K5k5pvFehWrrarrZIrHd3FIQfOS6 |
MD5: | F4FE1CB77E758E1BA56B8A8EC20417C5 |
SHA1: | F4EDA06901EDB98633A686B11D02F4925F827BF0 |
SHA-256: | 8D018639281B33DA8EB3CE0B21D11E1D414E59024C3689F92BE8904EB5779B5F |
SHA-512: | 62514AB345B6648C5442200A8E9530DFB88A0355E262069E0A694289C39A4A1C06C6143E5961074BFAC219949102A416C09733F24E8468984B96843DC222B436 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | res://ieframe.dll/ErrorPageTemplate.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 447 |
Entropy (8bit): | 7.304718288205936 |
Encrypted: | false |
SSDEEP: | 12:6v/71Cyt/JNTWxGdr+kZDWO7+4dKIv0b1GKuxu+R:/yBJNTqsSk9BTwE05su+R |
MD5: | 26F971D87CA00E23BD2D064524AEF838 |
SHA1: | 7440BEFF2F4F8FABC9315608A13BF26CABAD27D9 |
SHA-256: | 1D8E5FD3C1FD384C0A7507E7283C7FE8F65015E521B84569132A7EABEDC9D41D |
SHA-512: | C62EB51BE301BB96C80539D66A73CD17CA2021D5D816233853A37DB72E04050271E581CC99652F3D8469B390003CA6C62DAD2A9D57164C620B7777AE99AA1B15 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | res://ieframe.dll/bullet.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12105 |
Entropy (8bit): | 5.451485481468043 |
Encrypted: | false |
SSDEEP: | 192:x20iniOciwd1BtvjrG8tAGGGVWnvyJVUrUiki3ayimi5ezLCvJG1gwm3z:xPini/i+1Btvjy815ZVUwiki3ayimi5f |
MD5: | 9234071287E637F85D721463C488704C |
SHA1: | CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152 |
SHA-256: | 65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649 |
SHA-512: | 87D691987E7A2F69AD8605F35F94241AB7E68AD4F55AD384F1F0D40DC59FFD1432C758123661EE39443D624C881B01DCD228A67AFB8700FE5E66FC794A6C0384 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | res://ieframe.dll/httpErrorPagesScripts.js |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4113 |
Entropy (8bit): | 7.9370830126943375 |
Encrypted: | false |
SSDEEP: | 96:WNTJL8szf79M8FUjE39KJoUUuJPnvmKacs6Uq7qDMj1XPL:WNrzFoQSJPnvzs6rL |
MD5: | 5565250FCC163AA3A79F0B746416CE69 |
SHA1: | B97CC66471FCDEE07D0EE36C7FB03F342C231F8F |
SHA-256: | 51129C6C98A82EA491F89857C31146ECEC14C4AF184517450A7A20C699C84859 |
SHA-512: | E60EA153B0FECE4D311769391D3B763B14B9A140105A36A13DAD23C2906735EAAB9092236DEB8C68EF078E8864D6E288BEF7EF1731C1E9F1AD9B0170B95AC134 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | res://ieframe.dll/info_48.png |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2713 |
Entropy (8bit): | 4.1712007174415895 |
Encrypted: | false |
SSDEEP: | 24:r3avxU5hzsIVmVMeLmVMyHf63lboxMCLxvriN6LOAPAnQay78eLx5Tb87nVkEhML:upU0GVeLVGBXvrp4n/1a5TI7Ve/G79KX |
MD5: | 4BCFE9F8DB04948CDDB5E31FE6A7F984 |
SHA1: | 42464C70FC16F3F361C2419751ACD57D51613CDF |
SHA-256: | BEE0439FCF31DE76D6E2D7FD377A24A34AC8763D5BF4114DA5E1663009E24228 |
SHA-512: | BB0EF3D32310644285F4062AD5F27F30649C04C5A442361A5DBE3672BD8CB585160187070872A31D9F30B70397D81449623510365A371E73BDA580E00EEF0E4E |
Malicious: | false |
Reputation: | low |
IE Cache URL: | res://ieframe.dll/navcancl.htm |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 13029 |
Entropy (8bit): | 0.48033947188153875 |
Encrypted: | false |
SSDEEP: | 24:c9lLh9lLh9lIn9lIn9logDF9logJ9lWgf9GiDU9G/fMG/fKjDUj2:kBqoIgSgMgf9GiDU9G/fMG/fKjDUj2 |
MD5: | BFC451484EF1E6CBD11051F1B2ADFC96 |
SHA1: | D4FE921AF204CE366B5BB9CA950D6D314053ABE5 |
SHA-256: | 90DADCDBA45AB839C19D93E88F6E0E5D242B55803D1DDA89E6886FE4D26481CA |
SHA-512: | DBF58E5BF347CAC7123BF9B7E9ED9BCD3F08CB0C35D793212E010E9106ABE806E573415B6AE1C42358C99999EE5E9D1FA9AC0BA78620884399D5EE649084D194 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 25441 |
Entropy (8bit): | 0.27918767598683664 |
Encrypted: | false |
SSDEEP: | 24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laA:kBqoxxJhHWSVSEab |
MD5: | AB889A32AB9ACD33E816C2422337C69A |
SHA1: | 1190C6B34DED2D295827C2A88310D10A8B90B59B |
SHA-256: | 4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA |
SHA-512: | BD250855747BB4CEC61814D0E44F810156D390E3E9F120A12935EFDF80ACA33C4777AD66257CCA4E4003FEF0741692894980B9298F01C4CDD2D8A9C7BB522FB6 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 36133 |
Entropy (8bit): | 0.6079658115291952 |
Encrypted: | false |
SSDEEP: | 96:kBqoxKAuvScS+V75orySvsOhTl8IMsa8/:kBqoxKAuqR+V75oryWTi+L |
MD5: | 3B3ECCDCD3E9314CEE92B0F264A0AEE9 |
SHA1: | 0E1FC1C23CE25D25820E8AAFD71C90E442E53F5C |
SHA-256: | 3BF8F8C9DA3771CD8E6039F4482C44CB7251F8FAE1CD9F05D3806D02183B7584 |
SHA-512: | AFBF75C09453F0914B2D2AA3FE6898278733B710BDFAE03BF2EB64F04A4E73AF79C34051F7EF6D31265114B0164AD1825C2777E96687523039CA2BA5EBCCBD44 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Static File Info |
---|
No static file info |
---|
Network Behavior |
---|
Network Port Distribution |
---|
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 3, 2020 01:11:55.508356094 CET | 65110 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:11:55.545583010 CET | 53 | 65110 | 8.8.8.8 | 192.168.2.3 |
Dec 3, 2020 01:11:56.539987087 CET | 58361 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:11:56.584353924 CET | 53 | 58361 | 8.8.8.8 | 192.168.2.3 |
Dec 3, 2020 01:12:04.670046091 CET | 63492 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:12:04.697257042 CET | 53 | 63492 | 8.8.8.8 | 192.168.2.3 |
Dec 3, 2020 01:12:05.815538883 CET | 60831 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:12:05.851093054 CET | 53 | 60831 | 8.8.8.8 | 192.168.2.3 |
Dec 3, 2020 01:12:07.531785011 CET | 60100 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:12:07.558980942 CET | 53 | 60100 | 8.8.8.8 | 192.168.2.3 |
Dec 3, 2020 01:12:09.478586912 CET | 53195 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:12:09.506007910 CET | 53 | 53195 | 8.8.8.8 | 192.168.2.3 |
Dec 3, 2020 01:12:13.126857042 CET | 50141 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:12:13.154124975 CET | 53 | 50141 | 8.8.8.8 | 192.168.2.3 |
Dec 3, 2020 01:12:13.772126913 CET | 53023 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:12:13.799205065 CET | 53 | 53023 | 8.8.8.8 | 192.168.2.3 |
Dec 3, 2020 01:12:15.984715939 CET | 49563 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:12:16.011781931 CET | 53 | 49563 | 8.8.8.8 | 192.168.2.3 |
Dec 3, 2020 01:12:16.626868963 CET | 51352 | 53 | 192.168.2.3 | 8.8.8.8 |
Dec 3, 2020 01:12:16.653974056 CET | 53 | 51352 | 8.8.8.8 | 192.168.2.3 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Dec 3, 2020 01:11:56.539987087 CET | 192.168.2.3 | 8.8.8.8 | 0x7b60 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Dec 3, 2020 01:11:56.584353924 CET | 8.8.8.8 | 192.168.2.3 | 0x7b60 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) |
Code Manipulations |
---|
Statistics |
---|
CPU Usage |
---|
Click to jump to process
Memory Usage |
---|
Click to jump to process
Behavior |
---|
Click to jump to process
System Behavior |
---|
General |
---|
Start time: | 01:11:54 |
Start date: | 03/12/2020 |
Path: | C:\Program Files\internet explorer\iexplore.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6e9810000 |
File size: | 823560 bytes |
MD5 hash: | 6465CB92B25A7BC1DF8E01D8AC5E7596 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
General |
---|
Start time: | 01:11:55 |
Start date: | 03/12/2020 |
Path: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x200000 |
File size: | 822536 bytes |
MD5 hash: | 071277CC2E3DF41EEEA8013E2AB58D5A |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Disassembly |
---|