Loading ...

Play interactive tourEdit tour

Analysis Report https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9

Overview

General Information

Sample URL:https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9
Analysis ID:404212
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Yara detected HtmlPhish10
Phishing site detected (based on image similarity)
Phishing site detected (based on logo template match)
HTML body contains low number of good links
HTML title does not match URL
Submit button contains javascript call

Classification

Startup

  • System is w10x64
  • chrome.exe (PID: 5452 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 5356 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,18096239399295463889,9978372159968168147,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1752 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

Phishing:

barindex
Yara detected HtmlPhish10Show sources
Source: Yara matchFile source: 14170.pages.csv, type: HTML
Phishing site detected (based on image similarity)Show sources
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9Matcher: Found strong image similarity, brand: Microsoft image: 14170.img.1.gfk.csv EF884BDEDEF280DF97A4C5604058D8DB
Phishing site detected (based on logo template match)Show sources
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9Matcher: Template: microsoft matched
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: Number of links: 0
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: Number of links: 0
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: Title: Sharing Link Validation does not match URL
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: Title: Sharing Link Validation does not match URL
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: No <meta name="author".. found
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: No <meta name="author".. found
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: No <meta name="copyright".. found
Source: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixkbIBo6Fxf4icM7ifDVlEjJjLDQ?e=4:UEiJCn&at=9HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: unknownHTTPS traffic detected: 92.122.145.220:443 -> 192.168.2.6:49704 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.122.145.220:443 -> 192.168.2.6:49705 version: TLS 1.2
Source: unknownHTTPS traffic detected: 95.101.18.109:443 -> 192.168.2.6:49867 version: TLS 1.2
Source: unknownHTTPS traffic detected: 95.101.18.109:443 -> 192.168.2.6:49866 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownTCP traffic detected without corresponding DNS query: 92.122.145.220
Source: unknownDNS traffic detected: queries for: cccounty-my.sharepoint.com
Source: manifest.json0.0.dr, 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://accounts.google.com
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.drString found in binary or memory: https://ajax.aspnetcdn.com
Source: Network Action Predictor-journal.0.drString found in binary or memory: https://ajax.aspnetcdn.com/
Source: c94540d4c86c0448_0.0.drString found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.1.min.js
Source: e15eb212a2772b9f_0.0.dr, 094e2d6bf2abec98_0.0.drString found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js
Source: e15eb212a2772b9f_0.0.drString found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.jsaD
Source: b180e6523891105c_0.0.drString found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js
Source: 82e92344281b46a9_0.0.drString found in binary or memory: https://ajax.aspnetcdn.com/ajax/jquery.ui/1.11.1/jquery-ui.min.js
Source: Current Session.0.drString found in binary or memory: https://aka.ms/PrivacyReport
Source: History-journal.0.drString found in binary or memory: https://aka.ms/PrivacyReportMicrosoft
Source: 166ee82c52b87e97_0.0.drString found in binary or memory: https://amp.azure.net/libs/amp/1.8.0/azuremediaplayer.min.js
Source: manifest.json0.0.dr, 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://apis.google.com
Source: 9fb9a3618de06a54_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RC2c82363df66d4caeadff9a77d1ccc03
Source: 1a3fe3efbb1027b2_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RC30b69654d14a4895ae64b6e5cf0cf81
Source: 23322ee59dc41c6e_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RC4552f1fbf4374dc3b64139dd4e13d49
Source: bccf700eb62dec8e_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RC5f812135e64f48ad85ea100034bc60a
Source: 5739f9384748d70d_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RC66fad9a29d7e4a4abc78c265ab6c03b
Source: 615515b8150c16cb_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RC69b31008c50e44318e064df1bd9de72
Source: dcb5d003017747da_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RC6fb1221373044729bc7f25fb104ba85
Source: 4dfac1355e8f8096_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RC95d5954deda24aa780e2bd87a6eabf8
Source: 33da100f622730f4_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RCbec07f7149ab4e7d832205be01626a5
Source: 646e3b1ea015a4c2_0.0.drString found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/e6b4ca74378c/aa3111bbe123/RCd898c8a8376b41f88f24c93b8645f17
Source: 3c4d40e130a6a467_0.0.drString found in binary or memory: https://assets.adobedtm.com/launch-ENbb9d0de7cc374dc99259df2c4b823cef.min.js
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.drString found in binary or memory: https://assets.onestore.ms
Source: Network Action Predictor-journal.0.drString found in binary or memory: https://assets.onestore.ms/
Source: 9edc3bcc45a63d3b_0.0.drString found in binary or memory: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.19.1/scripts/mwf-main.var.js
Source: 38b572a46376d5b4_0.0.drString found in binary or memory: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.22.1/scripts/mwf-auto-init-main.var.min.
Source: a427860bca0ae4c4_0.0.drString found in binary or memory: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Source: 000003.log0.0.drString found in binary or memory: https://cccounty-my.sharepoint.com/
Source: History-journal.0.dr, Favicons-journal.0.drString found in binary or memory: https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTv1rLIFgpIo1AA3nixk
Source: ae966ea7cdbe242d_0.0.drString found in binary or memory: https://cccounty-my.sharepoint.com/ScriptResource.axd?d=1fDsP7T8iuixVwu-fVH5iZr4cSvnLTO52_v1doY-7Fhg
Source: 087e843a6a77f2e0_0.0.drString found in binary or memory: https://cccounty-my.sharepoint.com/ScriptResource.axd?d=XLHvvuqUg5InnNgZ7caYxePwb7iO9lfyUqU9z6CieiK1
Source: 5563163b962da706_0.0.drString found in binary or memory: https://cccounty-my.sharepoint.com/ScriptResource.axd?d=XjLkEB_vSvznU474E48kPJA1H9JTKlbxQRrF9mf4oevb
Source: en-US-9-0.bdic.0.drString found in binary or memory: https://cccounty-my.sharepoint.com/WebResource.axd?d=M5O6KBnw2Kc30Ye7wKtYeOmA0-ax1yV1j7R_PuQmXE74ijK
Source: Favicons-journal.0.drString found in binary or memory: https://cccounty-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
Source: Current Session.0.drString found in binary or memory: https://cccounty-my.sharepoint.com/personal/dcdresources_dcd_cccounty_us/_layouts/15/guestaccess.asp
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://clients2.googleusercontent.com
Source: d07553f235aa16f4_0.0.drString found in binary or memory: https://consentreceiverfd-prod.azurefd.net/v1
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: Reporting and NEL.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.dr, 0a282aed-570b-4e43-af9c-ef79a9927c55.tmp.1.dr, 47f7035d-fa5e-4a32-98b0-7459aedf1312.tmp.1.drString found in binary or memory: https://dns.google
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
Source: 38c7c19d1d0ee3c7_0.0.drString found in binary or memory: https://live.com/
Source: Network Action Predictor-journal.0.drString found in binary or memory: https://login.live.com/
Source: Current Session.0.drString found in binary or memory: https://login.live.com/Me.srf?wa=wsignin1.0&rpsnv=13&ct=1620151413&rver=7.0.6738.0&wp=MBI_SSL&wreply
Source: History-journal.0.drString found in binary or memory: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1620151412&rver=7.0.6738.0&wp=S
Source: 38c7c19d1d0ee3c7_0.0.drString found in binary or memory: https://logincdn.msauth.net/16.000/content/js/MeControl_cT3-bL3bZ5AAnjmz77cksQ2.js
Source: 38c7c19d1d0ee3c7_0.0.drString found in binary or memory: https://logincdn.msauth.net/16.000/content/js/MeControl_cT3-bL3bZ5AAnjmz77cksQ2.jsaD
Source: 4ac2f448771ab57b_0.0.drString found in binary or memory: https://mem.gfx.ms/meversion?partner=OfficeProducts&market=de-ch&uhf=1
Source: 462d64d34aad30da_0.0.drString found in binary or memory: https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-us&uhf=1
Source: 300bb9fb98ab63f0_0.0.drString found in binary or memory: https://mem.gfx.ms/meversion?partner=amc&market=en-us&uhf=1
Source: a5b18de7662d18f2_0.0.drString found in binary or memory: https://mem.gfx.ms/meversion?partner=windows&market=en-us&uhf=1
Source: 6686b0c92e7fc912_0.0.drString found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.js
Source: 0481116f3cd8293f_0.0.drString found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.js
Source: 0b6a779b97f6aaad_0.0.drString found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/en-US/meBoot.min.js
Source: 0b6a779b97f6aaad_0.0.drString found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/en-US/meBoot.min.jsaD
Source: 225853b3d3cc9c98_0.0.drString found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/en-US/meCore.min.js
Source: 225853b3d3cc9c98_0.0.drString found in binary or memory: https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/en-US/meCore.min.jsaD
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.drString found in binary or memory: https://modern.akamai.odsp.cdn.office.net
Source: a4e37f7fb809c2dc_0.0.drString found in binary or memory: https://modern.akamai.odsp.cdn.office.net/files/odsp-web-prod_2021-04-23.001/spoguestaccess-74b74b08
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.drString found in binary or memory: https://mwf-service.akamaized.net
Source: Network Action Predictor-journal.0.drString found in binary or memory: https://mwf-service.akamaized.net/
Source: 94d12f6ce814ffd5_0.0.drString found in binary or memory: https://mwf-service.akamaized.net/mwf/js/bundle/1.57.8/mwf-main.umd.min.js
Source: 07724463a48b302b_0.0.drString found in binary or memory: https://mwf-service.akamaized.net/mwf/js/bundle/1.58.0/mwf-auto-init-main.var.min.js
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://ogs.google.com
Source: manifest.json.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.drString found in binary or memory: https://r7---sn-n02xgoxufvg3-2gbs.gvt1.com
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.drString found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: en-US-9-0.bdic.0.dr, 5563163b962da706_0.0.drString found in binary or memory: https://sharepoint.com/
Source: ae966ea7cdbe242d_0.0.drString found in binary or memory: https://sharepoint.com/9
Source: 087e843a6a77f2e0_0.0.drString found in binary or memory: https://sharepoint.com/I
Source: a4e37f7fb809c2dc_0.0.drString found in binary or memory: https://sharepoint.com/s
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.drString found in binary or memory: https://spoprod-a.akamaihd.net
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://ssl.gstatic.com
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.drString found in binary or memory: https://statica.akamai.odsp.cdn.office.net
Source: 1addd37645bc92bb_0.0.drString found in binary or memory: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21221.12005/require.js
Source: Network Action Predictor-journal.0.drString found in binary or memory: https://statics-marketingsites-eus-ms-com.akamaized.net/
Source: Network Action Predictor-journal.0.drString found in binary or memory: https://statics-marketingsites-wcus-ms-com.akamaized.net/
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: manifest.json0.0.dr, 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://www.google.com
Source: manifest.json.0.drString found in binary or memory: https://www.google.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 4563e23d-3474-4d43-b201-bc7833ec9a58.tmp.1.dr, 54613d82-fa77-4961-b53b-660c7b191de5.tmp.1.drString found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49686 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49696
Source: unknownNetwork traffic detected: HTTP traffic on port 49696 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49692 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49688
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49686
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49684
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49680
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49684 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49688 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownHTTPS traffic detected: 92.122.145.220:443 -> 192.168.2.6:49704 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.122.145.220:443 -> 192.168.2.6:49705 version: TLS 1.2
Source: unknownHTTPS traffic detected: 95.101.18.109:443 -> 192.168.2.6:49867 version: TLS 1.2
Source: unknownHTTPS traffic detected: 95.101.18.109:443 -> 192.168.2.6:49866 version: TLS 1.2