Windows Analysis Report http://covid-19.in.th

Overview

General Information

Sample URL: http://covid-19.in.th
Analysis ID: 451063
Infos:

Most interesting Screenshot:

Detection

Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

Found iframes

Classification

Phishing:

barindex
Found iframes
Source: https://www.cloudflare.com/trademark/ HTTP Parser: Iframe src: https://info.cloudflare.com/rs/713-XSC-918/images/marketo-xdframe-relative.html
Source: https://www.cloudflare.com/trademark/ HTTP Parser: Iframe src: https://info.cloudflare.com/rs/713-XSC-918/images/marketo-xdframe-relative.html
Source: https://www.cloudflare.com/disclosure/ HTTP Parser: Iframe src: https://info.cloudflare.com/rs/713-XSC-918/images/marketo-xdframe-relative.html
Source: https://www.cloudflare.com/disclosure/ HTTP Parser: Iframe src: https://info.cloudflare.com/rs/713-XSC-918/images/marketo-xdframe-relative.html
Source: https://www.cloudflare.com/trademark/ HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/trademark/ HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/disclosure/ HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/disclosure/ HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/trademark/ HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/trademark/ HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/disclosure/ HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/disclosure/ HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
Source: unknown HTTPS traffic detected: 52.31.250.1:443 -> 192.168.2.3:49754 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.31.250.1:443 -> 192.168.2.3:49803 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.99.49:443 -> 192.168.2.3:49823 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.99.49:443 -> 192.168.2.3:49822 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.28.144.124:443 -> 192.168.2.3:49866 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.28.144.124:443 -> 192.168.2.3:49867 version: TLS 1.2
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: covid-19.in.thConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/styles/main.css HTTP/1.1Host: covid-19.in.thConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Referer: http://covid-19.in.th/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/bm/cv/669835187/api.js HTTP/1.1Host: covid-19.in.thConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Referer: http://covid-19.in.th/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: covid-19.in.thConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://covid-19.in.th/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: unknown DNS traffic detected: queries for: clients2.google.com
Source: unknown HTTP traffic detected: POST /cdn-cgi/bm/cv/result?req_id=6719bc2a08eb97c6 HTTP/1.1Host: covid-19.in.thConnection: keep-aliveContent-Length: 423User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Content-Type: application/jsonAccept: */*Origin: http://covid-19.in.thReferer: http://covid-19.in.th/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Data Raw: 7b 22 6d 22 3a 22 36 37 36 32 32 66 63 33 31 34 39 62 66 65 35 66 31 63 33 36 31 30 31 66 63 35 64 62 37 64 63 38 32 62 33 33 31 37 39 32 2d 31 36 32 36 37 35 38 33 37 30 2d 31 38 30 30 2d 41 62 42 38 57 72 4a 66 50 66 59 32 39 45 5a 43 74 37 54 68 6f 31 71 79 53 43 31 47 58 6a 74 76 59 57 47 62 57 57 36 31 76 38 75 72 58 6d 59 68 38 48 68 4f 38 71 62 66 63 6e 49 31 59 43 76 79 65 49 6b 6a 46 70 31 34 57 31 66 6e 4b 74 62 76 59 6c 44 41 47 4e 2b 35 30 46 4c 78 56 7a 34 2b 7a 4f 57 77 65 78 6d 41 46 54 34 6f 39 39 51 6c 54 45 68 49 35 54 6f 77 41 4d 52 64 41 33 4e 62 37 51 3d 3d 22 2c 22 72 65 73 75 6c 74 73 22 3a 5b 22 61 37 30 63 30 62 31 62 64 32 35 33 33 36 61 61 66 31 61 31 64 31 32 31 64 33 39 37 37 30 33 39 22 2c 22 38 34 30 35 38 30 35 39 32 37 33 31 33 62 34 66 30 36 33 37 30 32 64 62 65 32 64 30 39 65 30 63 22 5d 2c 22 74 69 6d 69 6e 67 22 3a 31 33 32 2c 22 66 70 22 3a 7b 22 69 64 22 3a 33 2c 22 65 22 3a 7b 22 72 22 3a 5b 31 32 38 30 2c 31 30 32 34 5d 2c 22 61 72 22 3a 5b 39 38 34 2c 31 32 38 30 5d 2c 22 70 72 22 3a 31 2c 22 63 64 22 3a 32 34 2c 22 77 62 22 3a 74 72 75 65 2c 22 77 70 22 3a 66 61 6c 73 65 2c 22 77 6e 22 3a 66 61 6c 73 65 2c 22 63 68 22 3a 74 72 75 65 2c 22 77 73 22 3a 66 61 6c 73 65 2c 22 77 64 22 3a 66 61 6c 73 65 7d 7d 7d Data Ascii: {"m":"67622fc3149bfe5f1c36101fc5db7dc82b331792-1626758370-1800-AbB8WrJfPfY29EZCt7Tho1qySC1GXjtvYWGbWW61v8urXmYh8HhO8qbfcnI1YCvyeIkjFp14W1fnKtbvYlDAGN+50FLxVz4+zOWwexmAFT4o99QlTEhI5TowAMRdA3Nb7Q==","results":["a70c0b1bd25336aaf1a1d121d3977039","8405805927313b4f063702dbe2d09e0c"],"timing":132,"fp":{"id":3,"e":{"r":[1280,1024],"ar":[984,1280],"pr":1,"cd":24,"wb":true,"wp":false,"wn":false,"ch":true,"ws":false,"wd":false}}}
Source: 9f6eb263354d9328_0.0.dr, Current Session.0.dr, History-journal.0.dr String found in binary or memory: http://covid-19.in.th/
Source: History-journal.0.dr String found in binary or memory: http://covid-19.in.th/=&-t
Source: History-journal.0.dr String found in binary or memory: http://covid-19.in.th/Access
Source: History-journal.0.dr String found in binary or memory: http://covid-19.in.th/S
Source: 9f6eb263354d9328_0.0.dr String found in binary or memory: http://covid-19.in.th/cdn-cgi/bm/cv/669835187/api.js
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://9309168.fls.doubleclick.net
Source: Current Session.0.dr String found in binary or memory: https://9309168.fls.doubleclick.net/activityi;dc_pre=CKDH-KTz8PECFRAIiwodbzgMAw;src=9309168;type=pri
Source: Current Session.0.dr String found in binary or memory: https://9309168.fls.doubleclick.net/activityi;dc_pre=CMros6bz8PECFVf2dwod6hEM9w;src=9309168;type=res
Source: Reporting and NEL.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=Rj4mhEirwmIBOpkKGfgjE6ncFPtAOclUPRDoj5IP1f%2ByZWCcBVZQx1tkF
Source: Reporting and NEL.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=S73H39r2dU3fSWTCWqnwyqDch%2F4HiAoKcHpV1EsjMfoppacjMI3sChKvb
Source: Reporting and NEL.2.dr, Reporting and NEL-journal.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=VyMAJpPqzkU2OSrIVI7HnJkxjLDQwOfweIjzSdBd%2BYE4rh6YAUYdiidjC
Source: Reporting and NEL.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=cB7sAlE1VUzvaEnPgg%2FEDAwjZX%2FRDtqexr9c2P4VgIibzj9pJKMiLKs
Source: Reporting and NEL.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=hvE0LM7f8TSQDedoVUx0HSYY3bagnsqzfw7aC7Pm1E1Yxx2w46a3gbc%2BA
Source: Reporting and NEL.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=jCNBlvNrIdJ%2BnUvVx0XhyEW62SdqTzlw%2BK9s5OC7SYrxSjU7Vafg0g7
Source: Reporting and NEL.2.dr, Reporting and NEL-journal.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=rTWOF8%2BlOenWUdSREdn5gODNVLKb4dBVHPYW%2BK6v6y16wlhnP28RlYB
Source: Reporting and NEL.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=vHxu2NB8XNlrL9JRu8oQvvq%2B%2BIc2jD4%2Fmd05GpxlB4MOW03Yoku5Z
Source: Reporting and NEL.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=vuhLpLTw7FkOepdqHJLXoTXXmib8YcfZbSm4XLvWA9KaGh1HjSSHGJjiAL9
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, manifest.json0.0.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://accounts.google.com
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://ad.doubleclick.net
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://adservice.google.ch
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://adservice.google.com
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, manifest.json0.0.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://apis.google.com
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://assets.www.cloudflare.com/
Source: 73fffadacae25d8a_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-01f71c423e068664057e.js
Source: aca5ffcd3b597dad_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-06380521ff19239efe05.js
Source: 321b4bc5e1cc0bf2_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-1560bda32b9d6d231e95.js
Source: 18b97f4ce89cc052_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-232ffa51e57f882f0534.js
Source: c2ffe14a07d86383_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-27eef9fa207b28718df2.js
Source: 86ef09a943d02485_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-3125ea56e87c986b133e.js
Source: e218b56339a9333c_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-55ad6e1817237ece29a0.js
Source: 33a8355209af0d89_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-55d37f7935d3778f0709.js
Source: dfff23a80e98adeb_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-5c6ec7c6f9d0b6f9dd57.js
Source: 368dad393f6af4f0_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-5d677ef1b4eeb74635d3.js
Source: 09d0a59a0de48c50_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-5f991135348b5b16cb1b.js
Source: 0c84bc0ecf0dee96_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-962e1864decb73b3a75a.js
Source: d3c83df3d6e4942e_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-cc3c9c6363f24544e951.js
Source: 77bae649a8ae54c2_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-cd8895b507ee9e702e17.js
Source: a92f690aa7e5682e_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-e06d79a8c06c0d46865a.js
Source: 509801de2644843d_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-e50bafad0559f7d0a0f0.js
Source: bb472feda361e78e_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/chunk-e6a0177c9a8b595a3dd2.js
Source: 0a5bddda536af763_0.0.dr String found in binary or memory: https://assets.www.cloudflare.com/js/runtime-6a16446847617098e330.js
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://clients2.google.com
Source: manifest.json1.0.dr String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://clients2.googleusercontent.com
Source: 321b4bc5e1cc0bf2_0.0.dr, 0c84bc0ecf0dee96_0.0.dr, bb472feda361e78e_0.0.dr, 509801de2644843d_0.0.dr, 0a5bddda536af763_0.0.dr, 30624e5df392084a_0.0.dr String found in binary or memory: https://cloudflare.com/
Source: 6527596934c8107b_0.0.dr String found in binary or memory: https://cloudflare.com/$
Source: 77bae649a8ae54c2_0.0.dr String found in binary or memory: https://cloudflare.com/-
Source: 09d0a59a0de48c50_0.0.dr String found in binary or memory: https://cloudflare.com/-K
Source: a92f690aa7e5682e_0.0.dr String found in binary or memory: https://cloudflare.com/4
Source: 856d1204b1f6e469_0.0.dr String found in binary or memory: https://cloudflare.com/5
Source: cambria.ttc.0.dr String found in binary or memory: https://cloudflare.com/5D
Source: 58b307e504086606_0.0.dr String found in binary or memory: https://cloudflare.com/;
Source: 321b4bc5e1cc0bf2_0.0.dr String found in binary or memory: https://cloudflare.com/=a
Source: 368dad393f6af4f0_0.0.dr String found in binary or memory: https://cloudflare.com/A
Source: 09fb8741326e0b46_0.0.dr String found in binary or memory: https://cloudflare.com/B
Source: 462ff694af2c9745_0.0.dr String found in binary or memory: https://cloudflare.com/L
Source: a156729f543b6d56_0.0.dr String found in binary or memory: https://cloudflare.com/M
Source: 09fb8741326e0b46_0.0.dr String found in binary or memory: https://cloudflare.com/Q;d
Source: ad4da03ad6699463_0.0.dr String found in binary or memory: https://cloudflare.com/Qv
Source: e7fd65a93a982fcf_0.0.dr String found in binary or memory: https://cloudflare.com/TNt
Source: 73fffadacae25d8a_0.0.dr String found in binary or memory: https://cloudflare.com/U
Source: ad4da03ad6699463_0.0.dr String found in binary or memory: https://cloudflare.com/Y
Source: 18b97f4ce89cc052_0.0.dr String found in binary or memory: https://cloudflare.com/Z
Source: 18b97f4ce89cc052_0.0.dr String found in binary or memory: https://cloudflare.com/_
Source: a9a61d9a8445425f_0.0.dr String found in binary or memory: https://cloudflare.com/b
Source: 8f460b3eded3029f_0.0.dr String found in binary or memory: https://cloudflare.com/d
Source: 73fffadacae25d8a_0.0.dr String found in binary or memory: https://cloudflare.com/j
Source: 33a8355209af0d89_0.0.dr String found in binary or memory: https://cloudflare.com/jW
Source: a156729f543b6d56_0.0.dr String found in binary or memory: https://cloudflare.com/mju
Source: 20208095690143df_0.0.dr String found in binary or memory: https://cloudflare.com/rp
Source: 7d34d7942ee0ee97_0.0.dr String found in binary or memory: https://cloudflareinsights.com/cdn-cgi/rum
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://content-autofill.googleapis.com
Source: manifest.json0.0.dr String found in binary or memory: https://content.googleapis.com
Source: 132f44c2689e2c96_0.0.dr String found in binary or memory: https://cookiepedia.co.uk/host/.app.onetrust.com?_ga=2.157675898.1572084395.1556120090-1266459230.15
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://d.adroll.com
Source: e37297eb-01e5-42f6-a84d-72bc34fb272b.tmp.2.dr, be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, c194859a-3b00-4ffd-8486-c9f184e0b711.tmp.2.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://dns.google
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://embed.videodelivery.net
Source: dddb8d98c3534241_0.0.dr String found in binary or memory: https://embed.videodelivery.net/embed/4.ef69d404.chunk.js
Source: e039148fbae90272_0.0.dr String found in binary or memory: https://embed.videodelivery.net/embed/5.068adc7c.chunk.js
Source: f665d1821da95ab9_0.0.dr String found in binary or memory: https://embed.videodelivery.net/embed/sdk-iframe-integration.fla9.latest.js
Source: e7fd65a93a982fcf_0.0.dr String found in binary or memory: https://embed.videodelivery.net/embed/sdk.latest.js
Source: aee831ff5029c966_0.0.dr String found in binary or memory: https://fb.me/react-async-component-lifecycle-hooks
Source: aee831ff5029c966_0.0.dr String found in binary or memory: https://fb.me/react-polyfills
Source: manifest.json0.0.dr String found in binary or memory: https://feedback.googleusercontent.com
Source: 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.googleapis.com;
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.dr String found in binary or memory: https://hangouts.google.com/
Source: 000003.log5.0.dr String found in binary or memory: https://iframe.videodelivery.net
Source: Current Session.0.dr String found in binary or memory: https://iframe.videodelivery.net/36e2ecf71363317a16bd2236dfa3b8b1?poster=https%3A%2F%2Fwww.cloudflar
Source: Current Session.0.dr String found in binary or memory: https://iframe.videodelivery.net/5efe5eca1517ad1a2f9ff3e75cc9cf5a?poster=https%3A%2F%2Fwww.cloudflar
Source: Current Session.0.dr String found in binary or memory: https://iframe.videodelivery.net/652f2749728df84fc32f9a6480438364?poster=https%3A%2F%2Fwww.cloudflar
Source: Current Session.0.dr String found in binary or memory: https://iframe.videodelivery.net/e696e3b6be9ada0fc9e9674aedb54b17?poster=https%3A%2F%2Fwww.cloudflar
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://images.ctfassets.net
Source: 000003.log5.0.dr, be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://info.cloudflare.com
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://info.cloudflare.com/
Source: 74e8f9a2a1a9c3e1_0.0.dr, 30624e5df392084a_0.0.dr String found in binary or memory: https://info.cloudflare.com/index.php/form/getForm?munchkinId=713-XSC-918&form=1649&url=https%3A%2F%
Source: 26ce44646e1a1769_0.0.dr String found in binary or memory: https://info.cloudflare.com/js/forms2/js/forms2.min.js
Source: Current Session.0.dr String found in binary or memory: https://info.cloudflare.com/rs/713-XSC-918/images/marketo-xdframe-relative.html
Source: 58b307e504086606_0.0.dr String found in binary or memory: https://munchkin.marketo.net/160/munchkin.js
Source: 58b307e504086606_0.0.dr String found in binary or memory: https://munchkin.marketo.net/160/munchkin.jsa
Source: 58b307e504086606_0.0.dr String found in binary or memory: https://munchkin.marketo.net/160/munchkin.jsaD
Source: 462ff694af2c9745_0.0.dr String found in binary or memory: https://munchkin.marketo.net/munchkin.js
Source: 462ff694af2c9745_0.0.dr String found in binary or memory: https://munchkin.marketo.net/munchkin.jsa
Source: 462ff694af2c9745_0.0.dr String found in binary or memory: https://munchkin.marketo.net/munchkin.jsaD
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://ogs.google.com
Source: manifest.json1.0.dr String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://play.google.com
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://r4---sn-h0jeener.gvt1.com
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://redirector.gvt1.com
Source: manifest.json1.0.dr String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://ssl.gstatic.com
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://static.cloudflareinsights.com
Source: 7d34d7942ee0ee97_0.0.dr String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.js
Source: 7d34d7942ee0ee97_0.0.dr String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.jsaD
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://stats.g.doubleclick.net
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: a156729f543b6d56_0.0.dr String found in binary or memory: https://tr.www.cloudflare.com/analytics.js
Source: ad4da03ad6699463_0.0.dr, Current Session.0.dr String found in binary or memory: https://tr.www.cloudflare.com/gtm.js?id=GTM-PKQFGQB
Source: Current Session.0.dr String found in binary or memory: https://tr.www.cloudflare.com/ns.html?id=GTM-PKQFGQB
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://videodelivery.net
Source: dddb8d98c3534241_0.0.dr, f665d1821da95ab9_0.0.dr String found in binary or memory: https://videodelivery.net/
Source: e039148fbae90272_0.0.dr String found in binary or memory: https://videodelivery.net/Q
Source: Current Session.0.dr, be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://www.cloudflare.com
Source: 000003.log0.0.dr String found in binary or memory: https://www.cloudflare.com/
Source: 6527596934c8107b_0.0.dr String found in binary or memory: https://www.cloudflare.com/0d625897b26b36d368c45fce14325a7ae0ab1d92-a57847f1d12b4b9c26be.js
Source: 6527596934c8107b_0.0.dr String found in binary or memory: https://www.cloudflare.com/0d625897b26b36d368c45fce14325a7ae0ab1d92-a57847f1d12b4b9c26be.jsaD
Source: Favicons-journal.0.dr String found in binary or memory: https://www.cloudflare.com/1
Source: 20208095690143df_0.0.dr String found in binary or memory: https://www.cloudflare.com/1c5e1e1e37532e5d3e12606c412d346b1e41bfcd-93c6d6b82e344fb29469.js
Source: 20208095690143df_0.0.dr String found in binary or memory: https://www.cloudflare.com/1c5e1e1e37532e5d3e12606c412d346b1e41bfcd-93c6d6b82e344fb29469.jsaD
Source: 856d1204b1f6e469_0.0.dr String found in binary or memory: https://www.cloudflare.com/4b2a42a93029629026b3b5bf51209ba1171ffdfd-1f5b96576ed0703e6889.js
Source: 856d1204b1f6e469_0.0.dr String found in binary or memory: https://www.cloudflare.com/4b2a42a93029629026b3b5bf51209ba1171ffdfd-1f5b96576ed0703e6889.jsaD
Source: 31910c091738eab4_0.0.dr String found in binary or memory: https://www.cloudflare.com/5e009dc030717571c643fcc1a1f8adeaa5c9aea9-d7bacc3e33dea420a560.js
Source: 31910c091738eab4_0.0.dr String found in binary or memory: https://www.cloudflare.com/5e009dc030717571c643fcc1a1f8adeaa5c9aea9-d7bacc3e33dea420a560.jsaD
Source: Current Session.0.dr, Favicons-journal.0.dr String found in binary or memory: https://www.cloudflare.com/5xx-error-landing
Source: Favicons-journal.0.dr String found in binary or memory: https://www.cloudflare.com/5xx-error-landing%
Source: Current Session.0.dr String found in binary or memory: https://www.cloudflare.com/5xx-error-landing/
Source: Favicons-journal.0.dr String found in binary or memory: https://www.cloudflare.com/5xx-error-landing/0
Source: History-journal.0.dr String found in binary or memory: https://www.cloudflare.com/5xx-error-landing/5xx
Source: History-journal.0.dr String found in binary or memory: https://www.cloudflare.com/5xx-error-landing5xx
Source: Favicons-journal.0.dr String found in binary or memory: https://www.cloudflare.com/5xx-error-landingP
Source: f0640f7148c6300d_0.0.dr, 8f3dbefcef26296d_0.0.dr String found in binary or memory: https://www.cloudflare.com/78ea267daafe81328bdca4e600e3c86b21c254f4-565aff763e8d9fd664bd.js
Source: 8f3dbefcef26296d_0.0.dr String found in binary or memory: https://www.cloudflare.com/78ea267daafe81328bdca4e600e3c86b21c254f4-565aff763e8d9fd664bd.jsaD
Source: 031e396cb6831fa7_0.0.dr String found in binary or memory: https://www.cloudflare.com/8eaff4a1-b7a7207301c7b03b97d8.js
Source: 031e396cb6831fa7_0.0.dr String found in binary or memory: https://www.cloudflare.com/8eaff4a1-b7a7207301c7b03b97d8.jsaD
Source: History-journal.0.dr String found in binary or memory: https://www.cloudflare.com/Cloudflare
Source: Current Session.0.dr String found in binary or memory: https://www.cloudflare.com/Cw
Source: 4e292f0da84a8806_0.0.dr String found in binary or memory: https://www.cloudflare.com/ac9eeed4e6d0e0162060928fa2fbb56350368406-996346b0d397c6efbf45.js
Source: 4e292f0da84a8806_0.0.dr String found in binary or memory: https://www.cloudflare.com/ac9eeed4e6d0e0162060928fa2fbb56350368406-996346b0d397c6efbf45.jsaD
Source: 4c76748133762fdf_0.0.dr String found in binary or memory: https://www.cloudflare.com/afce47c9ba5426869dbc5a926461a546e054f2e1-f00f87555f2a2eb1ac9a.js
Source: 4c76748133762fdf_0.0.dr String found in binary or memory: https://www.cloudflare.com/afce47c9ba5426869dbc5a926461a546e054f2e1-f00f87555f2a2eb1ac9a.jsaD
Source: e0288702def24326_0.0.dr String found in binary or memory: https://www.cloudflare.com/app-0b1250e637689a34706c.js
Source: e0288702def24326_0.0.dr String found in binary or memory: https://www.cloudflare.com/app-0b1250e637689a34706c.jsaD
Source: Current Session.0.dr String found in binary or memory: https://www.cloudflare.com/case-studies/
Source: Favicons-journal.0.dr String found in binary or memory: https://www.cloudflare.com/case-studies/%
Source: History-journal.0.dr String found in binary or memory: https://www.cloudflare.com/case-studies/Cloudflare
Source: 8f460b3eded3029f_0.0.dr String found in binary or memory: https://www.cloudflare.com/cdn-cgi/bm/cv/669835187/api.js
Source: dffa7aed83798cac_0.0.dr String found in binary or memory: https://www.cloudflare.com/commons-6269fe301a1aa3b81ea1.js
Source: 40c2219e5f5a1e88_0.0.dr String found in binary or memory: https://www.cloudflare.com/compiledNav/navigation.js
Source: aee831ff5029c966_0.0.dr String found in binary or memory: https://www.cloudflare.com/compiledNav/navigation.jsa
Source: aee831ff5029c966_0.0.dr String found in binary or memory: https://www.cloudflare.com/compiledNav/navigation.jsaD
Source: 2f37f2b08fea58ef_0.0.dr String found in binary or memory: https://www.cloudflare.com/component---src-components-case-studies-templates-case-studies-template-t
Source: c720d3196762a96b_0.0.dr String found in binary or memory: https://www.cloudflare.com/component---src-components-page-page-template-tsx-d90133272e40419501a8.js
Source: f81ec822cd6c4871_0.0.dr String found in binary or memory: https://www.cloudflare.com/component---src-components-plans-plans-template-tsx-810ea8962b1a98c105bb.
Source: Current Session.0.dr, Favicons-journal.0.dr String found in binary or memory: https://www.cloudflare.com/disclosure/
Source: History.0.dr String found in binary or memory: https://www.cloudflare.com/disclosure/Vulnerability
Source: Favicons.0.dr String found in binary or memory: https://www.cloudflare.com/favicon.ico
Source: 36436e71f619b2fa_0.0.dr String found in binary or memory: https://www.cloudflare.com/framework-a37fee216cd2ef2ee260.js
Source: 36436e71f619b2fa_0.0.dr String found in binary or memory: https://www.cloudflare.com/framework-a37fee216cd2ef2ee260.jsa
Source: 36436e71f619b2fa_0.0.dr String found in binary or memory: https://www.cloudflare.com/framework-a37fee216cd2ef2ee260.jsaD
Source: Current Session.0.dr String found in binary or memory: https://www.cloudflare.com/plans/
Source: Favicons-journal.0.dr String found in binary or memory: https://www.cloudflare.com/plans/#
Source: History-journal.0.dr String found in binary or memory: https://www.cloudflare.com/plans/Our
Source: Current Session.0.dr, Favicons-journal.0.dr String found in binary or memory: https://www.cloudflare.com/ssl/
Source: Current Session.0.dr String found in binary or memory: https://www.cloudflare.com/ssl/;Cloudflare
Source: History-journal.0.dr String found in binary or memory: https://www.cloudflare.com/ssl/Cloudflare
Source: Current Session.0.dr, Favicons.0.dr, History.0.dr String found in binary or memory: https://www.cloudflare.com/trademark/
Source: Current Session.0.dr String found in binary or memory: https://www.cloudflare.com/trademark/2Our
Source: History.0.dr String found in binary or memory: https://www.cloudflare.com/trademark/Our
Source: 723e13dfdf85457a_0.0.dr, 132f44c2689e2c96_0.0.dr String found in binary or memory: https://www.cloudflare.com/vendor/onetrust/scripttemplates/6.8.0/otBannerSdk.js
Source: 132f44c2689e2c96_0.0.dr String found in binary or memory: https://www.cloudflare.com/vendor/onetrust/scripttemplates/6.8.0/otBannerSdk.jsaD
Source: 99e650ddc603eeab_0.0.dr String found in binary or memory: https://www.cloudflare.com/vendor/onetrust/scripttemplates/otSDKStub.js
Source: 99e650ddc603eeab_0.0.dr String found in binary or memory: https://www.cloudflare.com/vendor/onetrust/scripttemplates/otSDKStub.jsaD
Source: a9a61d9a8445425f_0.0.dr String found in binary or memory: https://www.cloudflare.com/webpack-runtime-0c2d5ef5fd75908e2dac.js
Source: a9a61d9a8445425f_0.0.dr String found in binary or memory: https://www.cloudflare.com/webpack-runtime-0c2d5ef5fd75908e2dac.jsaD
Source: 000003.log5.0.dr String found in binary or memory: https://www.cloudflare.com3_https://www.cloudflare.com
Source: Current Session.0.dr String found in binary or memory: https://www.cloudflare.comh
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://www.google.ch
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, manifest.json0.0.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://www.google.com
Source: manifest.json1.0.dr String found in binary or memory: https://www.google.com/
Source: manifest.json0.0.dr String found in binary or memory: https://www.google.com;
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://www.googleapis.com
Source: manifest.json1.0.dr String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json1.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json1.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json1.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json1.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr String found in binary or memory: https://www.googleoptimize.com
Source: 09fb8741326e0b46_0.0.dr String found in binary or memory: https://www.googleoptimize.com/optimize.js?id=GTM-N4JSZJ8
Source: be9dd431-ae86-4cbe-9485-89ef2fde2be6.tmp.2.dr, 8a4bd52e-baaa-4d1c-8111-1cc82c2bfcc4.tmp.2.dr String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.dr String found in binary or memory: https://www.gstatic.com;
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown HTTPS traffic detected: 52.31.250.1:443 -> 192.168.2.3:49754 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.31.250.1:443 -> 192.168.2.3:49803 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.99.49:443 -> 192.168.2.3:49823 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.99.49:443 -> 192.168.2.3:49822 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.28.144.124:443 -> 192.168.2.3:49866 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.28.144.124:443 -> 192.168.2.3:49867 version: TLS 1.2
Source: classification engine Classification label: clean0.win@48/290@27/22
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60F6DB6E-C18.pma Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Temp\d086651b-4f9a-4704-9eca-0f82178ce6ad.tmp Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://covid-19.in.th'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,17804831982283933720,7344052518000277292,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1764 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1544,17804831982283933720,7344052518000277292,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=3720 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,17804831982283933720,7344052518000277292,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1764 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1544,17804831982283933720,7344052518000277292,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=3720 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs