Windows Analysis Report https://www.google.com/maps/place/Delval+Equipment+Corporation/@40.1246558,-75.387604,14z/data=!4m8!1m2!2m1!1sDELVAL+WEST+NORRITON!3m4!1s0x89c6968dfae6af9f:0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071

Overview

General Information

Sample URL: https://www.google.com/maps/place/Delval+Equipment+Corporation/@40.1246558,-75.387604,14z/data=!4m8!1m2!2m1!1sDELVAL+WEST+NORRITON!3m4!1s0x89c6968dfae6af9f:0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071
Analysis ID: 438546
Infos:

Most interesting Screenshot:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

Found iframes
Unusual large HTML page

Classification

Phishing:

barindex
Found iframes
Source: https://accounts.google.com/signin/v2/identifier?hl=es&continue=https%3A%2F%2Fwww.google.com%2Fmaps%2Fplace%2FDelval%2BEquipment%2BCorporation%2F%4040.1246558%2C-75.387604%2C14z%2Fdata%3D!4m8!1m2!2m1!1sDELVAL%2BWEST%2BNORRITON!3m4!1s0x89c6968dfae6af9f%3A0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1015242962&timestamp=1624411623861
Source: https://accounts.google.com/signin/v2/identifier?hl=es&continue=https%3A%2F%2Fwww.google.com%2Fmaps%2Fplace%2FDelval%2BEquipment%2BCorporation%2F%4040.1246558%2C-75.387604%2C14z%2Fdata%3D!4m8!1m2!2m1!1sDELVAL%2BWEST%2BNORRITON!3m4!1s0x89c6968dfae6af9f%3A0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1015242962&timestamp=1624411623861
Unusual large HTML page
Source: https://accounts.google.com/signin/v2/identifier?hl=es&continue=https%3A%2F%2Fwww.google.com%2Fmaps%2Fplace%2FDelval%2BEquipment%2BCorporation%2F%4040.1246558%2C-75.387604%2C14z%2Fdata%3D!4m8!1m2!2m1!1sDELVAL%2BWEST%2BNORRITON!3m4!1s0x89c6968dfae6af9f%3A0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: Total size: 1750826
Source: https://accounts.google.com/signin/v2/identifier?hl=es&continue=https%3A%2F%2Fwww.google.com%2Fmaps%2Fplace%2FDelval%2BEquipment%2BCorporation%2F%4040.1246558%2C-75.387604%2C14z%2Fdata%3D!4m8!1m2!2m1!1sDELVAL%2BWEST%2BNORRITON!3m4!1s0x89c6968dfae6af9f%3A0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/signin/v2/identifier?hl=es&continue=https%3A%2F%2Fwww.google.com%2Fmaps%2Fplace%2FDelval%2BEquipment%2BCorporation%2F%4040.1246558%2C-75.387604%2C14z%2Fdata%3D!4m8!1m2!2m1!1sDELVAL%2BWEST%2BNORRITON!3m4!1s0x89c6968dfae6af9f%3A0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/signin/v2/identifier?hl=es&continue=https%3A%2F%2Fwww.google.com%2Fmaps%2Fplace%2FDelval%2BEquipment%2BCorporation%2F%4040.1246558%2C-75.387604%2C14z%2Fdata%3D!4m8!1m2!2m1!1sDELVAL%2BWEST%2BNORRITON!3m4!1s0x89c6968dfae6af9f%3A0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/signin/v2/identifier?hl=es&continue=https%3A%2F%2Fwww.google.com%2Fmaps%2Fplace%2FDelval%2BEquipment%2BCorporation%2F%4040.1246558%2C-75.387604%2C14z%2Fdata%3D!4m8!1m2!2m1!1sDELVAL%2BWEST%2BNORRITON!3m4!1s0x89c6968dfae6af9f%3A0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071&gae=cb-&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 184.24.8.125
Source: unknown TCP traffic detected without corresponding DNS query: 184.24.8.125
Source: unknown TCP traffic detected without corresponding DNS query: 184.24.8.125
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.35.237.194
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 131.253.33.200
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: dd6e760ecddcbf6a_0.0.dr String found in binary or memory: ://secure-...imrworldwide.com/ ://cdn.imrworldwide.com/ ://aksecure.imrworldwide.com/ ://[^.]*.moatads.com ://youtube[0-9]+.moatpixel.com ://pm.adsafeprotected.com/youtube ://pm.test-adsafeprotected.com/youtube ://e[0-9]+.yt.srs.doubleverify.com www.google.com/pagead/xsul www.youtube.com/pagead/slav equals www.youtube.com (Youtube)
Source: dd6e760ecddcbf6a_0.0.dr String found in binary or memory: www.youtube-nocookie.com youtube-nocookie.com www.youtube-nocookie.com:443 youtube.googleapis.com www.youtubeedu.com www.youtubeeducation.com video.google.com redirector.gvt1.com equals www.youtube.com (Youtube)
Source: unknown DNS traffic detected: queries for: clients2.googleusercontent.com
Source: 000003.log4.0.dr, b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://accounts.google.com
Source: Current Session.0.dr String found in binary or memory: https://accounts.google.com#
Source: c659b178545a5294_0.0.dr String found in binary or memory: https://accounts.google.com/
Source: 51cc322b210997f5_0.0.dr String found in binary or memory: https://accounts.google.com/2
Source: f38d20d5ff81dbd1_0.0.dr String found in binary or memory: https://accounts.google.com/2q
Source: 3a21cd3e4c395ad1_0.0.dr String found in binary or memory: https://accounts.google.com/6
Source: f67be43d107e5824_0.0.dr String found in binary or memory: https://accounts.google.com/R
Source: Current Session.0.dr, History-journal.0.dr, Favicons-journal.0.dr String found in binary or memory: https://accounts.google.com/ServiceLogin?hl=es&continue=https://www.google.com/maps/place/Delval%2BE
Source: Current Session.0.dr String found in binary or memory: https://accounts.google.com/_/bscframe
Source: 85e6c2fde96c08fa_0.0.dr, 816d7943c4877c56_0.0.dr String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: 85e6c2fde96c08fa_0.0.dr, 816d7943c4877c56_0.0.dr String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: Current Session.0.dr, History-journal.0.dr, Favicons-journal.0.dr String found in binary or memory: https://accounts.google.com/signin/v2/identifier?hl=es&continue=https%3A%2F%2Fwww.google.com%2Fmaps%
Source: Current Session.0.dr String found in binary or memory: https://accounts.google.comh
Source: Current Session.0.dr String found in binary or memory: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=10152
Source: 85e6c2fde96c08fa_0.0.dr, manifest.json0.0.dr, b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://apis.google.com
Source: Network Action Predictor.0.dr String found in binary or memory: https://apis.google.com/
Source: 57d57a6376f2ba4d_0.0.dr String found in binary or memory: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.7yBiF1UUXzY.O/m=client/exm=gapi_iframes
Source: 5791574709173403_0.0.dr String found in binary or memory: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.7yBiF1UUXzY.O/m=gapi_iframes
Source: 816d7943c4877c56_0.0.dr String found in binary or memory: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.7yBiF1UUXzY.O/m=googleapis_proxy/rt=j/s
Source: 08e7ae749bec7197_0.0.dr String found in binary or memory: https://apis.google.com/js/api.js
Source: 3653004befb613c5_0.0.dr String found in binary or memory: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Source: b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://clients2.googleusercontent.com
Source: 85e6c2fde96c08fa_0.0.dr String found in binary or memory: https://clients6.google.com
Source: Current Session.0.dr String found in binary or memory: https://consent.google.com
Source: Favicons-journal.0.dr String found in binary or memory: https://consent.google.com/m?continue=https://www.google.com/maps/place/Delval%2BEquipment%2BCorpora
Source: 85e6c2fde96c08fa_0.0.dr, manifest.json0.0.dr String found in binary or memory: https://content.googleapis.com
Source: 23fe3cd5-ae51-4f57-a74d-ed9dcd56e566.tmp.2.dr, 8439b20c-961f-4687-99c3-2ca64c1482b1.tmp.2.dr, b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://dns.google
Source: 85e6c2fde96c08fa_0.0.dr, 816d7943c4877c56_0.0.dr String found in binary or memory: https://domains.google.com/suggest/flow
Source: manifest.json0.0.dr String found in binary or memory: https://feedback.googleusercontent.com
Source: b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.googleapis.com;
Source: b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://fonts.gstatic.com
Source: Network Action Predictor.0.dr String found in binary or memory: https://fonts.gstatic.com/
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.gstatic.com;
Source: 9038246d34326fa9_0.0.dr, 8cd3a1228e9900b4_0.0.dr String found in binary or memory: https://google.com/
Source: be4ce6b6fc50b727_0.0.dr String found in binary or memory: https://google.com/8
Source: d27369725641ebc4_0.0.dr String found in binary or memory: https://google.com/?w
Source: a4485c6583f6deb4_0.0.dr String found in binary or memory: https://google.com/BV
Source: e6cb2aea545ae502_0.0.dr String found in binary or memory: https://google.com/E
Source: 86bbf3edabec7fb8_0.0.dr String found in binary or memory: https://google.com/I
Source: 3dbe54b7c92541c6_0.0.dr String found in binary or memory: https://google.com/Io
Source: c5bae2fa2f9380eb_0.0.dr String found in binary or memory: https://google.com/K
Source: 3dbe54b7c92541c6_0.0.dr String found in binary or memory: https://google.com/R
Source: e5cd2c9657da368a_0.0.dr String found in binary or memory: https://google.com/S
Source: 3653004befb613c5_0.0.dr String found in binary or memory: https://google.com/U
Source: 5791574709173403_0.0.dr String found in binary or memory: https://google.com/_
Source: dbcd1475da787efd_0.0.dr String found in binary or memory: https://google.com/a
Source: bc7c7f901f8bda2c_0.0.dr String found in binary or memory: https://google.com/c
Source: 9cd062c83f67688d_0.0.dr String found in binary or memory: https://google.com/g9
Source: 9038246d34326fa9_0.0.dr String found in binary or memory: https://google.com/k
Source: 125bfe9d4488d48d_0.0.dr String found in binary or memory: https://google.com/l
Source: 6a0ee8e325f42ded_0.0.dr String found in binary or memory: https://google.com/u
Source: 01e4ce39fc76d4c4_0.0.dr String found in binary or memory: https://google.com/w
Source: manifest.json0.0.dr String found in binary or memory: https://hangouts.google.com/
Source: Current Session.0.dr, b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://ogs.google.com
Source: Current Session.0.dr String found in binary or memory: https://ogs.google.com/widget/callout?prid=19022645&pgid=1151720448&puid=2fbf8241a908c042&cce=1&dc=1
Source: Current Session.0.dr String found in binary or memory: https://ogs.google.comh
Source: dd6e760ecddcbf6a_0.0.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/osd.js
Source: manifest.json.0.dr String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://play.google.com
Source: 85e6c2fde96c08fa_0.0.dr String found in binary or memory: https://plus.google.com
Source: 85e6c2fde96c08fa_0.0.dr String found in binary or memory: https://plus.googleapis.com
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com#
Source: Network Action Predictor.0.dr String found in binary or memory: https://policies.google.com/
Source: Current Session.0.dr, History-journal.0.dr, Favicons-journal.0.dr String found in binary or memory: https://policies.google.com/?hl=es&utm_source=ucbhttps://policies.google.com/terms?hl%3Des&utm_sourc
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/?hl=es&utm_soure=ucb
Source: History-journal.0.dr String found in binary or memory: https://policies.google.com/?hl=es&utm_soure=ucbPrivacidad
Source: History-journal.0.dr String found in binary or memory: https://policies.google.com/privacy?hl=es&utm_source=ucbhttps://policies.google.com/terms?hl=es&utm_
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/privacy?hl=es&utm_soure=ucb
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/privacy?hl=es&utm_soure=ucb:Pol
Source: History-journal.0.dr String found in binary or memory: https://policies.google.com/privacy?hl=es&utm_soure=ucbPol
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/technologies/cookies?hl=es&utm_source=ucb
Source: History-journal.0.dr String found in binary or memory: https://policies.google.com/technologies/cookies?hl=es&utm_source=ucbC
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/technologies/cookies?hl=es&utm_source=ucbCC
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/terms?hl=es&utm_soure=ucb
Source: Current Session.0.dr String found in binary or memory: https://policies.google.com/terms?hl=es&utm_soure=ucbCT
Source: History-journal.0.dr String found in binary or memory: https://policies.google.com/terms?hl=es&utm_soure=ucbT
Source: Current Session.0.dr String found in binary or memory: https://policies.google.comh
Source: manifest.json.0.dr String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: Current Session.0.dr String found in binary or memory: https://scone-pa.clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_
Source: b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://ssl.gstatic.com
Source: f38d20d5ff81dbd1_0.0.dr String found in binary or memory: https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.es.d5PrSxMcAXY.O/am=B0BxhgUlABkAAOAA
Source: Favicons-journal.0.dr String found in binary or memory: https://ssl.gstatic.com/policies/favicon.ico
Source: Favicons-journal.0.dr String found in binary or memory: https://ssl.gstatic.com/policies/favicon.ico&
Source: 01c7ff38d60464e2_0.0.dr String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: 000003.log4.0.dr String found in binary or memory: https://support.google.com
Source: 000003.log4.0.dr String found in binary or memory: https://support.google.com-_https://support.google.com
Source: 000003.log0.0.dr String found in binary or memory: https://support.google.com/
Source: Current Session.0.dr String found in binary or memory: https://support.google.com/accounts?hl=es
Source: Current Session.0.dr String found in binary or memory: https://support.google.com/accounts?hl=es#topic=3382296
Source: History.0.dr String found in binary or memory: https://support.google.com/accounts?hl=es#topic=3382296Ayuda
Source: Current Session.0.dr String found in binary or memory: https://support.google.com/accounts?hl=es9
Source: History.0.dr String found in binary or memory: https://support.google.com/accounts?hl=esAyuda
Source: Current Session.0.dr String found in binary or memory: https://support.google.com/accounts?hl=esq
Source: Current Session.0.dr String found in binary or memory: https://support.google.com/chrome/answer/6130773?hl=es
Source: Current Session.0.dr String found in binary or memory: https://support.google.com/chrome/answer/6130773?hl=esDNavegar
Source: History.0.dr String found in binary or memory: https://support.google.com/chrome/answer/6130773?hl=esNavegar
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: Current Session.0.dr String found in binary or memory: https://support.google.comh
Source: 01c7ff38d60464e2_0.0.dr String found in binary or memory: https://tagassistant.google.com/
Source: 08e7ae749bec7197_0.0.dr String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: 85e6c2fde96c08fa_0.0.dr String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: 3dbe54b7c92541c6_0.0.dr, 01c7ff38d60464e2_0.0.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: 01c7ff38d60464e2_0.0.dr String found in binary or memory: https://www.google-analytics.com/analytics.jsaD
Source: 01c7ff38d60464e2_0.0.dr String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: 01c7ff38d60464e2_0.0.dr String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: manifest.json0.0.dr, b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr String found in binary or memory: https://www.google.com/
Source: Favicons-journal.0.dr String found in binary or memory: https://www.google.com/favicon.ico
Source: Favicons-journal.0.dr String found in binary or memory: https://www.google.com/favicon.icoW
Source: b3736917ea8854fa_0.0.dr String found in binary or memory: https://www.google.com/js/th/MjCYotvJWNINfZp23tTH0DdLeclK2NAHEdlE3YRAVxk.js
Source: b3736917ea8854fa_0.0.dr String found in binary or memory: https://www.google.com/js/th/MjCYotvJWNINfZp23tTH0DdLeclK2NAHEdlE3YRAVxk.jsaD
Source: 1f5cf54e0ee17ead_0.0.dr, b54507eaf4325a24_0.0.dr String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: History-journal.0.dr String found in binary or memory: https://www.google.com/maps/place/Delval
Source: manifest.json0.0.dr String found in binary or memory: https://www.google.com;
Source: b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: 85e6c2fde96c08fa_0.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: 85e6c2fde96c08fa_0.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: b0f4e9b4-5f0f-4bb0-9a46-72172095edc5.tmp.2.dr String found in binary or memory: https://www.gstatic.com
Source: Network Action Predictor.0.dr String found in binary or memory: https://www.gstatic.com/
Source: 125bfe9d4488d48d_0.0.dr, c5bae2fa2f9380eb_0.0.dr String found in binary or memory: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.es.-KSBiUyKNmY.es5.O/ck=boq
Source: bd891022fa1ecff8_0.0.dr String found in binary or memory: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.es.4K5Qy-RaI2s.es5
Source: be4ce6b6fc50b727_0.0.dr String found in binary or memory: https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.es.T4AWMH2OU6A.
Source: ef573254f07aabf4_0.0.dr String found in binary or memory: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Source: 157ac5dc69855318_0.0.dr String found in binary or memory: https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Source: fe83fdac34096722_0.0.dr String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: fe83fdac34096722_0.0.dr String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: fe83fdac34096722_0.0.dr String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: 8cd3a1228e9900b4_0.0.dr, 910cac20305a50df_0.0.dr String found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.UKfh4Jard14.O/rt=j/m=q_d
Source: fe83fdac34096722_0.0.dr, 86bbf3edabec7fb8_0.0.dr String found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.UKfh4Jard14.O/rt=j/m=q_dnp
Source: manifest.json0.0.dr String found in binary or memory: https://www.gstatic.com;
Source: 000003.log4.0.dr String found in binary or memory: https://www.youtube-nocookie.com
Source: Current Session.0.dr String found in binary or memory: https://www.youtube-nocookie.com#
Source: 000003.log0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/
Source: Current Session.0.dr String found in binary or memory: https://www.youtube-nocookie.com/embed/KPjh42Twb0g?rel=0&showinfo=0&theme=light&version=3&hl=es&cc_l
Source: Current Session.0.dr String found in binary or memory: https://www.youtube-nocookie.com/embed/YIXQu2ijLV4?rel=0&showinfo=0&theme=light&version=3&hl=es&cc_l
Source: Current Session.0.dr String found in binary or memory: https://www.youtube-nocookie.com/embed/oYBL453b0QM?rel=0&showinfo=0&theme=light&version=3&hl=es&cc_l
Source: Current Session.0.dr String found in binary or memory: https://www.youtube-nocookie.com/embed/xSlGbqtTC08?rel=0&showinfo=0&theme=light&version=3&hl=es&cc_l
Source: 317ac464b7b62c54_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/2fa3f946/fetch-polyfill.vflset/fetch-polyfill.js
Source: 302e1d540efa0ab3_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/2fa3f946/player_ias.vflset/es_ES/base.js
Source: 66339d5b2887040c_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/2fa3f946/player_ias.vflset/es_ES/embed.js
Source: b1e4576030830359_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/2fa3f946/player_ias.vflset/es_ES/remote.js
Source: c503977d75c05286_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/2fa3f946/www-embed-player.vflset/www-embed-player.js
Source: msyhl.ttc.0.dr, ac36549247412c64_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/fetch-polyfill.vflset/fetch-polyfill.js
Source: msyhl.ttc.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/fetch-polyfill.vflset/fetch-polyfill.jsaD
Source: dd6e760ecddcbf6a_0.0.dr, aecb9300245c30de_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/player_ias.vflset/es_ES/base.js
Source: dd6e760ecddcbf6a_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/player_ias.vflset/es_ES/base.jsaD
Source: 62c9748a4e20d5dd_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/player_ias.vflset/es_ES/embed.js
Source: 62c9748a4e20d5dd_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/player_ias.vflset/es_ES/embed.jsaD
Source: e966a481626e8574_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/player_ias.vflset/es_ES/remote.js
Source: e966a481626e8574_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/player_ias.vflset/es_ES/remote.jsa
Source: e966a481626e8574_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/player_ias.vflset/es_ES/remote.jsaD
Source: 114677e6c36ebcbb_0.0.dr, d713b988c47a1c68_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/www-embed-player.vflset/www-embed-player.js
Source: d713b988c47a1c68_0.0.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/da9443d1/www-embed-player.vflset/www-embed-player.jsaD
Source: c503977d75c05286_0.0.dr, aecb9300245c30de_0.0.dr String found in binary or memory: https://youtube-nocookie.com/
Source: ef573254f07aabf4_0.0.dr String found in binary or memory: https://youtube-nocookie.com/#
Source: b1e4576030830359_0.0.dr String found in binary or memory: https://youtube-nocookie.com/B0r
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49694 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49686 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: classification engine Classification label: clean1.win@42/244@8/11
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60D28DD5-129C.pma Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Temp\2483e8c6-a122-4d70-8571-7e7a20c9b8cb.tmp Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://www.google.com/maps/place/Delval+Equipment+Corporation/@40.1246558,-75.387604,14z/data=!4m8!1m2!2m1!1sDELVAL+WEST+NORRITON!3m4!1s0x89c6968dfae6af9f:0x98b78b24e6b0ae!8m2!3d40.1258217!4d-75.399071'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,7785239963903625034,8054298018900182234,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1792 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1536,7785239963903625034,8054298018900182234,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=4816 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1536,7785239963903625034,8054298018900182234,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=5920 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,7785239963903625034,8054298018900182234,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1792 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1536,7785239963903625034,8054298018900182234,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=4816 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1536,7785239963903625034,8054298018900182234,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=5920 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 438546 URL: https://www.google.com/maps... Startdate: 22/06/2021 Architecture: WINDOWS Score: 1 5 chrome.exe 15 468 2->5         started        dnsIp3 15 192.168.2.1 unknown unknown 5->15 17 192.168.2.5 unknown unknown 5->17 19 2 other IPs or domains 5->19 8 chrome.exe 63 5->8         started        11 chrome.exe 5->11         started        13 chrome.exe 1 6 5->13         started        process4 dnsIp5 21 142.250.186.161, 443, 57070 GOOGLEUS United States 8->21 23 photos-ugc.l.googleusercontent.com 142.250.74.193, 443, 49818 GOOGLEUS United States 8->23 25 12 other IPs or domains 8->25
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
142.250.74.193
 photos-ugc.l.googleusercontent.com United States
15169 GOOGLEUS false
142.250.186.161
 unknown United States
15169 GOOGLEUS false
172.217.23.118
 i.ytimg.com United States
15169 GOOGLEUS false
74.125.140.156
 stats.l.doubleclick.net United States
15169 GOOGLEUS false
239.255.255.250
 unknown Reserved
unknown unknown false
216.58.212.161
 googlehosted.l.googleusercontent.com United States
15169 GOOGLEUS false

Private
IP
192.168.2.1
192.168.2.7
192.168.2.3
192.168.2.5
127.0.0.1

Contacted Domains

Name IP Active
stats.l.doubleclick.net 74.125.140.156 true
i.ytimg.com 172.217.23.118 true
photos-ugc.l.googleusercontent.com 142.250.74.193 true
googlehosted.l.googleusercontent.com 216.58.212.161 true
clients2.googleusercontent.com unknown unknown
yt3.ggpht.com unknown unknown
accounts.youtube.com unknown unknown
lh3.googleusercontent.com unknown unknown
lh4.ggpht.com unknown unknown
www.youtube-nocookie.com unknown unknown
stats.g.doubleclick.net unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://www.youtube-nocookie.com/embed/xSlGbqtTC08?rel=0&showinfo=0&theme=light&version=3&hl=es&cc_lang_pref=es&cc_load_policy=1 false
    		high
    https://www.youtube-nocookie.com/embed/oYBL453b0QM?rel=0&showinfo=0&theme=light&version=3&hl=es&cc_lang_pref=es&cc_load_policy=1 false
      		high
      https://www.youtube-nocookie.com/embed/KPjh42Twb0g?rel=0&showinfo=0&theme=light&version=3&hl=es&cc_lang_pref=es&cc_load_policy=1 false
        		high
        https://www.youtube-nocookie.com/embed/YIXQu2ijLV4?rel=0&showinfo=0&theme=light&version=3&hl=es&cc_lang_pref=es&cc_load_policy=1 false
          		high