Windows Analysis Report ATT78678#U007eCovid-19.HTM

Overview

General Information

Sample Name:	ATT78678#U007eCovid-19.HTM
Analysis ID:	486738
MD5:	ed5ebacca5f138fe79be8ae5b09741a8
SHA1:	b8a744687b2715f80072a889a9b0922eb140fde1
SHA256:	a121bc13a2f483960b1bf48551575396aed5a0c0b1528ca1ad7fb02c1566eddc
Infos:
Most interesting Screenshot:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

IP address seen in connection with other malware

Classification

Signatures

AV Detection:

Antivirus detection for URL or domain

Source: https://medisolhealthcare.com/00/	Avira URL Cloud: Label: phishing
Source: https://medisolhealthcare.com/00	Avira URL Cloud: Label: phishing
Source: https://medisolhealthcare.com/tamu.edu/index.html	Avira URL Cloud: Label: phishing

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Networking:

IP address seen in connection with other malware

Source: Joe Sandbox View

IP Address: 239.255.255.250 239.255.255.250

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /00 HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /00/ HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/index.html HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://medisolhealthcare.com/00/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/tether/tether.min.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/bootstrap/css/bootstrap.min.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/animate.css/animate.min.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/dropdown/css/style.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/theme/css/style.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/mobirise/css/mbr-additional.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/socicon/css/styles.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/web/assets/jquery/jquery.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gtag/js?id=UA-119896657-1 HTTP/1.1Host: www.googletagmanager.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/medisol-logo-n-90x100.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/tether/tether.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/bootstrap/js/bootstrap.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/bootstrap-carousel-swipe/bootstrap-carousel-swipe.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/smooth-scroll/smooth-scroll.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveOrigin: https://medisolhealthcare.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /maps/embed?pb=!1m18!1m12!1m3!1d3945.9165706755552!2d76.92436481460193!3d8.507481599281519!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3b05bbfc5555555b%3A0x951cc4a2b9385586!2sMedisol+Healthcare!5e0!3m2!1sen!2sin!4v1543508867808 HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://medisolhealthcare.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Montserrat:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://medisolhealthcare.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Montserrat:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /analytics.js HTTP/1.1Host: www.google-analytics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/banner-2-2000x750.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/banner-3-2000x750.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/banner-1-2000x750.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/banner-4-2000x750.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/dropdown/js/script.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/touch-swipe/jquery.touch-swipe.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/viewport-checker/jquery.viewportchecker.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/theme/js/script.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/files/Services_0001.png HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/health-banner-1400x702.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/files/Services_0003.png HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/files/Medisol.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: Reporting and NEL.1.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=Kkc0bVlDPnCF5dPVRayrcfJFRWz4E6np4DijPxgaOjyx7TFpRReJNlcNstM
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: e68aa0d72d457781_0.0.dr	String found in binary or memory: https://app.interakt.ai/kiwi-sdk/kiwi-sdk-17-prod-min.js?v=1632192138079
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: Reporting and NEL.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 2d2e9e75-5b41-49eb-843d-3551b8ec59e6.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://dns.google
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: Current Session.0.dr	String found in binary or memory: https://medisolhealthcare.com
Source: e68aa0d72d457781_0.0.dr	String found in binary or memory: https://medisolhealthcare.com/
Source: ATT78678#U007eCovid-19.HTM	String found in binary or memory: https://medisolhealthcare.com/00
Source: Current Session.0.dr	String found in binary or memory: https://medisolhealthcare.com/00/
Source: Current Session.0.dr	String found in binary or memory: https://medisolhealthcare.com/tamu.edu/index.html
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr	String found in binary or memory: https://r5---sn-4g5ednsl.gvt1.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr	String found in binary or memory: https://www.google-analytics.com
Source: 5313946ae3e46240_0.0.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: 008dc773b56dfd0d_0.0.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-119896657-1
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://www.gstatic.com

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\chrome_BITS_5476_872298783

Jump to behavior

Source: classification engine

Classification label: mal48.winHTM@12/87@6/14

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\ATT78678#U007eCovid-19.HTM'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1636,7231587960660174490,1524538055081236010,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1636,7231587960660174490,1524538055081236010,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61494681-1564.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.78	clients.l.google.com	United States	15169	GOOGLEUS	false
204.93.193.76	medisolhealthcare.com	United States	23352	SERVERCENTRALUS	false
142.250.180.237	accounts.google.com	United States	15169	GOOGLEUS	false
142.250.201.196	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.163	gstaticadssl.l.google.com	United States	15169	GOOGLEUS	false
142.250.180.200	www-googletagmanager.l.google.com	United States	15169	GOOGLEUS	false
142.250.186.110	www-google-analytics.l.google.com	United States	15169	GOOGLEUS	false
104.16.19.94	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.1
192.168.2.7
192.168.2.3
192.168.2.23
192.168.2.255

Contacted Domains

Name	IP	Active
gstaticadssl.l.google.com	142.250.185.163	true
accounts.google.com	142.250.180.237	true
www-google-analytics.l.google.com	142.250.186.110	true
medisolhealthcare.com	204.93.193.76	true
cdnjs.cloudflare.com	104.16.19.94	true
www-googletagmanager.l.google.com	142.250.180.200	true
www.google.com	142.250.201.196	true
clients.l.google.com	142.250.186.78	true
clients2.google.com	unknown	unknown
app.interakt.ai	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://medisolhealthcare.com/tamu.edu/assets/tether/tether.min.css	false	Avira URL Cloud: safe	unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0	false		high
https://medisolhealthcare.com/tamu.edu/assets/bootstrap-carousel-swipe/bootstrap-carousel-swipe.js	false	Avira URL Cloud: safe	unknown
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1	false		high
https://medisolhealthcare.com/tamu.edu/assets/theme/css/style.css	false	Avira URL Cloud: safe	unknown
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false		high
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css	false		high
https://medisolhealthcare.com/tamu.edu/assets/web/assets/jquery/jquery.min.js	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/dropdown/js/script.min.js	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/theme/js/script.js	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/bootstrap/css/bootstrap.min.css	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/dropdown/css/style.css	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/tether/tether.min.js	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/images/banner-4-2000x750.jpg	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/images/banner-2-2000x750.jpg	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/00/	true	Avira URL Cloud: phishing	unknown
https://medisolhealthcare.com/tamu.edu/assets/images/banner-3-2000x750.jpg	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/00	true	Avira URL Cloud: phishing	unknown
https://medisolhealthcare.com/tamu.edu/assets/touch-swipe/jquery.touch-swipe.min.js	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/images/medisol-logo-n-90x100.jpg	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/smooth-scroll/smooth-scroll.js	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/files/Services_0001.png	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/images/banner-1-2000x750.jpg	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/files/Services_0003.png	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/socicon/css/styles.css	false	Avira URL Cloud: safe	unknown
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3945.9165706755552!2d76.92436481460193!3d8.507481599281519!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3b05bbfc5555555b%3A0x951cc4a2b9385586!2sMedisol+Healthcare!5e0!3m2!1sen!2sin!4v1543508867808	false		high
https://medisolhealthcare.com/tamu.edu/assets/bootstrap/js/bootstrap.min.js	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/mobirise/css/mbr-additional.css	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/files/Medisol.jpg	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/viewport-checker/jquery.viewportchecker.js	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/assets/images/health-banner-1400x702.jpg	false	Avira URL Cloud: safe	unknown
https://medisolhealthcare.com/tamu.edu/index.html	true	Avira URL Cloud: phishing	unknown
https://medisolhealthcare.com/tamu.edu/assets/animate.css/animate.min.css	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic	data	A78AD14E77147E7DE3647E61964C0335	CECC3DD41F4CEA0192B24300C71E1911BD4FCE45	0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
C:\Users\user\AppData\Local\Google\Chrome\User Data\1afc58c0-7b5a-4efa-bb5a-a7d9c835788d.tmp	ASCII text, with very long lines, with no line terminators	4CA8442364871E3AE51A861F0A88FB8D	DFE8CB536D334D7A631633E0F3857364D50E5698	03B54694E7105C3D58795FE8DA447A979DBB3C2EED25B00AA63AC25FE5A24849
C:\Users\user\AppData\Local\Google\Chrome\User Data\39db147a-87c8-441d-95df-bf11781c5633.tmp	ASCII text, with very long lines, with no line terminators	EE69ED7BCAA1BFBF5E645A3B6DE00CE6	770BBD2069AC591227D39469D82656241879F60A	A84CA259F0F1D601051FBBC794C51096EF1B751C96B320826E20F940D89E5842
C:\Users\user\AppData\Local\Google\Chrome\User Data\73fa1c65-86aa-4351-8153-0c65dd5f6503.tmp	ASCII text, with very long lines, with no line terminators	31C26DF7F2748B226734B78692AD65B0	D1AA8AE4018FCC81A6380525E914B97C7C702D35	8AA4617DA3D7D82753CB7A813842BECFC8C61D3009D0532759EDC554A7FAB477
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	569FA64ACAA310B1DE1A6250CC7356B0	14251450C245F8612958BF94779E8B72AE6D6213	AEE20ADEBF2D35EB8A39BE2DC391B0E5966EFCB4AFDC971BB3A18115C929F563
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1761d2c9-60a0-4a8c-aa7b-a22c1a89b675.tmp	ASCII text, with very long lines, with no line terminators	7091D7045A007B3F88B714D6F17FEE66	A3800E43488FC6A2A5333EB640F0A3AC1FD93CCF	8EF8C88F821EFDEAE5A02B43899D364F03EA232591D7511AD569FF5B687801B6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\193da7c6-f409-4a4d-aad9-ba23fbf1f1a1.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp	ASCII text, with very long lines, with no line terminators	6A300EEB01B83E0B284E7C419970C997	180126834257A3B757F0FB912419AAAAE2E7E299	19176330C0C40F56A3599FDD635BBB77E833E8546FDBBE411F9B85C7A3053F81
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\272a7d03-4c35-4eab-8962-bae1443cd0f4.tmp	ASCII text, with very long lines, with no line terminators	4253BED4B4EB876C0D29B6B036737DDA	4549B7A455CE4CA8AAB184E8B59D95712EDB45CA	7BDD14F02EB7529437959F7C0B8AFBEA2C52EB47FC6E0D10CC0568402CD9C4AF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\50241162-5e97-435f-8b0f-d9eacf39c72c.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	FCE89819C95B8B71653954BEB7D77523	7FE0EC9DD63C34D1F83B8A9DF84D2C5F27177895	025F758B30CDC6C420CE866898DF7476663C6E9E1349D5255FAD6C96F511FBA3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp	ASCII text, with very long lines, with no line terminators	829D5654ADF098AD43036E24C47F2A94	506C8BA397509BA0357787950C538C1879047DF3	4D0B852D18FCA5C1A712904CF6DB3811FB905E86D8A7508A2D42F9C8D68E2211
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	F19AA5BB6D3E47A69E00013BE03477E6	4A18F38CAD0FE0F3BC02ACCAA7EFF9D23EACE978	220B586F1979FC8F7670C579260B9B348DC314D452FFD4F669507A8D1B10948E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)	ASCII text	F19AA5BB6D3E47A69E00013BE03477E6	4A18F38CAD0FE0F3BC02ACCAA7EFF9D23EACE978	220B586F1979FC8F7670C579260B9B348DC314D452FFD4F669507A8D1B10948E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	F348A23A372079615284663420E9D516	3F3791581C818107AC6E28991E3867FDB81F0B64	89821BA47DC2E1A9C9011DC285749E977415D3EEF5108EE8389888A4757DA508
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)	ASCII text	F348A23A372079615284663420E9D516	3F3791581C818107AC6E28991E3867FDB81F0B64	89821BA47DC2E1A9C9011DC285749E977415D3EEF5108EE8389888A4757DA508
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\008dc773b56dfd0d_0	data	41C5F1CA75A208186ED4043FA0E661DD	8B910D071ECCAD3318D45B55B07D3F7D3429040F	9B4BF1F35614D822CF10DB7D93C2384DB2A917BEE10EC250613C21AB5E8758EA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5313946ae3e46240_0	data	1A5B94313ADC7DBD069EAAC3D62704D6	D9AA744E64B824D07BDE5B5EA561FF2DD290D53F	6D73D616B4F44FE3FF2ADF486C58F9A39EA0AED4D571DD78F1A8737494435736
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e68aa0d72d457781_0	data	F5DE2F2141C24160B861D70C50FF1BF9	3719DADD036C87D28F693C7E448DDCD311C92BB0	E5296D5114D1563AAC81CBC313A92C3753E960308BB1F9E4B894184049E28E14
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index	data	9FDF19F9CE1B962C42D53A133D2EC306	5D63C3618DBBD1C470C28CA8E770932377DAB186	581A28FC959C6DA25F59B52245BEBB7319B25A6162F75DDA487A93E9A20B5E0C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexHo (copy)	data	9FDF19F9CE1B962C42D53A133D2EC306	5D63C3618DBBD1C470C28CA8E770932377DAB186	581A28FC959C6DA25F59B52245BEBB7319B25A6162F75DDA487A93E9A20B5E0C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3032001	1C0EAEEE6463CAE33B7A7CD9D9DF4DA5	FBC6A28A1501E40154FDC0A9D0C2F34A5F88AA65	ED8AE7C5E6885874A39F4E86258F552670352A18D29BE1FF4D372A2F4CD06C8A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal	data	8448B751CD5BBB986A16B79EAD6F7FA2	7064D6420FE1AE9994416DAFBA397A20FA14FB99	612337EBEAA7754D70DDC0FA9C32DB27578E78C974A72B0B1867148A703246F9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	2CC2A0BB9F93505ADCC6149240AB5DE7	ECFA356B8208F040BE88F2A321865EC6B25A43A4	7472B60E30BD2A9D4029EA0A1CDBEAA892D11ABAE3E47CEF4E68495F738C850F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	0686D6159557E1162D04C44240103333	053E9DB58E20A67D1E158E407094359BF61D0639	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	F9672B4DD4FE52E26F179EAF35E69B22	DE3C80E35851DFAD51E1FD0F35E90EC5C223B739	11F36B4E7449BA10E1E24571A5DE3A67918F8B971A2B2B43FFC549492C00DEC5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	BF79923AEEE39DE1C021497EC3B687BB	F1139A196687D1D008F904512F2B2DF4449C4B79	8CFAC5740D3D80FAD3B9FBFAB2101DCDF8C091C945DE0CD16634D6BD709CACF4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)	ASCII text	BF79923AEEE39DE1C021497EC3B687BB	F1139A196687D1D008F904512F2B2DF4449C4B79	8CFAC5740D3D80FAD3B9FBFAB2101DCDF8C091C945DE0CD16634D6BD709CACF4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	F23D2DF21A39AA8D814CADE6C37856C8	233E65707015A53F83A0D53DB03A4AF8FAB21EA6	C5CE9AAF8FFDCB8A00463A7BF24001885E0A792F110C8DB74A1E2F4392CB0E31
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	CFFF0D90E110221696A151BBB83953EE	A1DF2A49A85818563FA2B8AE546D04E905ADEEDD	DB8D7C71385000424BE84D54EA60DEFD9574FEF613E6BCCFF210D510D4341008
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)	ASCII text	CFFF0D90E110221696A151BBB83953EE	A1DF2A49A85818563FA2B8AE546D04E905ADEEDD	DB8D7C71385000424BE84D54EA60DEFD9574FEF613E6BCCFF210D510D4341008
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	0407B455F23E3655661BA46A574CFCA4	855CB7CC8EAC30458B4207614D046CB09EE3A591	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	D73CD9B626F018147E4F325A777157F7	8433D08B6F97E500757AE394858C2ECFC2BE39E8	3E2AB83394AF63676D1FECCD244BB477E6658B016DC8C9EEAA5E6C045F7B7408
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldY. (copy)	ASCII text	D73CD9B626F018147E4F325A777157F7	8433D08B6F97E500757AE394858C2ECFC2BE39E8	3E2AB83394AF63676D1FECCD244BB477E6658B016DC8C9EEAA5E6C045F7B7408
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	08818D3CBEA759B9F2E9A136279DB8B1	6D4FD59B79761098D0FA469FE40977FF728FFB1D	C46ADD484FE441AC4F2EBCF60F2A39E46B5D7D2C59F6E7FB41CA10CD806EAE65
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)	ASCII text	08818D3CBEA759B9F2E9A136279DB8B1	6D4FD59B79761098D0FA469FE40977FF728FFB1D	C46ADD484FE441AC4F2EBCF60F2A39E46B5D7D2C59F6E7FB41CA10CD806EAE65
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	51576EA8F9E51149E2ABEEF13B164654	2440607A1FCCDE9EA3A640A6EE0586B02718EBAF	3CE1D519CF948FD79072A17B2D35940C6827BE9794F1A87911A7C47DF63D65D4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldg (copy)	ASCII text	51576EA8F9E51149E2ABEEF13B164654	2440607A1FCCDE9EA3A640A6EE0586B02718EBAF	3CE1D519CF948FD79072A17B2D35940C6827BE9794F1A87911A7C47DF63D65D4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3032001	05DD0E73DEB97A926202F50F9ABD2181	E9298EC7B87E69B475818C3A94AA1B822446A760	6909C677C1FB91693C95FD34BEC43859CC6BC24DA5AE2C6C805CFAE0086EB610
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	CB691FFC42E73AC61FA45772EF8E552E	C480B834515A48A0C1E799635DEB0BC6F7823993	BD887621BA52E53092179CF03FDB98547EA0C1C109B7B3E6ED94F6C9BB65A396
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal	data	1049DE7694A0D2669537B97C6088A432	A5A96EAC0B93925E81AF2BF62FDED0D433B522FE	568A1159EEF10F34A7D254A208B7F1F8D202AEC800A1B54A5E0F3EFB0DCFCAD6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session.! (copy)	data	2CC2A0BB9F93505ADCC6149240AB5DE7	ECFA356B8208F040BE88F2A321865EC6B25A43A4	7472B60E30BD2A9D4029EA0A1CDBEAA892D11ABAE3E47CEF4E68495F738C850F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsld (copy)	data	0686D6159557E1162D04C44240103333	053E9DB58E20A67D1E158E407094359BF61D0639	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG	ASCII text	1600321C6FBDA56ED9DCC2D6BE887133	A47B2D9A4D08CC9B0B1DC5F0F2DBD273C85CDC02	600835D1F9281F481A6051F93265A93C52B3CACCE957905CE0F6280C473AC318
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)	ASCII text	1600321C6FBDA56ED9DCC2D6BE887133	A47B2D9A4D08CC9B0B1DC5F0F2DBD273C85CDC02	600835D1F9281F481A6051F93265A93C52B3CACCE957905CE0F6280C473AC318
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	6A300EEB01B83E0B284E7C419970C997	180126834257A3B757F0FB912419AAAAE2E7E299	19176330C0C40F56A3599FDD635BBB77E833E8546FDBBE411F9B85C7A3053F81
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State.N (copy)	ASCII text, with very long lines, with no line terminators	829D5654ADF098AD43036E24C47F2A94	506C8BA397509BA0357787950C538C1879047DF3	4D0B852D18FCA5C1A712904CF6DB3811FB905E86D8A7508A2D42F9C8D68E2211
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG	ASCII text	B033474707E1B3440F630935558E6B85	899FDFB9AAD107448E755C28712963CEC6409A19	04DEBFA93F97890C9802F8827112287C331E2E432B23D213AA7BF33E4DDCD0CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)	ASCII text	B033474707E1B3440F630935558E6B85	899FDFB9AAD107448E755C28712963CEC6409A19	04DEBFA93F97890C9802F8827112287C331E2E432B23D213AA7BF33E4DDCD0CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences.. (copy)	ASCII text, with very long lines, with no line terminators	1BD24CDCD74F0EF0489B618F7B37BAFE	C2099FD98E91D63D02818001BCF1FC61FCF32FFC	9021FA14A293FD303CB7B6791AEDDFDEDBA2F230769EAD4E92D7E41D01CBD030
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesTM (copy)	ASCII text, with very long lines, with no line terminators	4253BED4B4EB876C0D29B6B036737DDA	4549B7A455CE4CA8AAB184E8B59D95712EDB45CA	7BDD14F02EB7529437959F7C0B8AFBEA2C52EB47FC6E0D10CC0568402CD9C4AF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencest (copy)	ASCII text, with very long lines, with no line terminators	7091D7045A007B3F88B714D6F17FEE66	A3800E43488FC6A2A5333EB640F0A3AC1FD93CCF	8EF8C88F821EFDEAE5A02B43899D364F03EA232591D7511AD569FF5B687801B6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL	SQLite 3.x database, last written using SQLite version 3032001	E2935B6685B0BC06E5600757E4EBD592	FE127C863B7838A6ECAEAB426C574145C1189C93	DF025779400BA2E4069F2D0E2359D10693433425F5867CC1AA66D3F8D0455E5C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal	data	95B2B2AD98319A98BBF7FF848BA04766	82C645804C398ABF29FFBE1F475104F1A6AFA825	CC5035F19C97825A526C9F05DF42EE025D4C4470FAD5CE6311313690B7B00F60
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	FCE89819C95B8B71653954BEB7D77523	7FE0EC9DD63C34D1F83B8A9DF84D2C5F27177895	025F758B30CDC6C420CE866898DF7476663C6E9E1349D5255FAD6C96F511FBA3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences1 (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	CDD8B72956AD4E3D556EC122E6093E4C	1D8F1737322DBB05F6BA0CAC716BC65BBECA931B	2E1163955888B9E239BA9F4DF74FEF01B33DBFEF869879C0F0449FA868F78D42
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log	data	E24AD8AA6B0DA8DFE987E3E54D52EC5D	485CABA03E0DB2443EF0221755ABD8FC9F0C509F	7364E1A8D99A13C068521140E6D174EB583901D28962BFFFB4BEF49BE6C38298
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG	ASCII text	86D8A6325766CCB9683126911C6D9129	E1B641EE396A83F89A272FC3619D51BEDEBAEAB3	1DE5039F4FB320B55C4FDB53903EC974653286701EBD8B24C792401B5D14ECE1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)	ASCII text	86D8A6325766CCB9683126911C6D9129	E1B641EE396A83F89A272FC3619D51BEDEBAEAB3	1DE5039F4FB320B55C4FDB53903EC974653286701EBD8B24C792401B5D14ECE1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG	ASCII text	27921984E4BA4A7530EC134B7DFF5C2D	515521492C5A9E907CDD0C52AF6352646F5567ED	4DD9AE7DE2D274C997C9BFC5D63E6E0C32CA7664C311463C5FF5ADD61C92CD2C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)	ASCII text	27921984E4BA4A7530EC134B7DFF5C2D	515521492C5A9E907CDD0C52AF6352646F5567ED	4DD9AE7DE2D274C997C9BFC5D63E6E0C32CA7664C311463C5FF5ADD61C92CD2C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\2d2e9e75-5b41-49eb-843d-3551b8ec59e6.tmp	ASCII text, with very long lines, with no line terminators	0C03D530AC97788D62D27B2802C34D83	20F78B6B32D98FA52846C70DF78E4E5CEF663E2D	7941FADA9867DAAE08EBC196BAFC6952DD506842C3E7D8FB14DF9D4E402D894B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	C4DF0FB10C4332150B2C336396CE1B66	780A76E101DE3DE2E68D23E64AB1A44D47A73207	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG	ASCII text	00327F63BE3C5350896ACEB9D5CEE7E4	97A75F352BEF97B7D417FBBCD625F16C999DE55B	1ADAF09AB12EA73D8DC5A4AAB7BF9FF505C97BBD5C96F95F24646172916786FA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old. (copy)	ASCII text	00327F63BE3C5350896ACEB9D5CEE7E4	97A75F352BEF97B7D417FBBCD625F16C999DE55B	1ADAF09AB12EA73D8DC5A4AAB7BF9FF505C97BBD5C96F95F24646172916786FA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State.. (copy)	ASCII text, with very long lines, with no line terminators	0C03D530AC97788D62D27B2802C34D83	20F78B6B32D98FA52846C70DF78E4E5CEF663E2D	7941FADA9867DAAE08EBC196BAFC6952DD506842C3E7D8FB14DF9D4E402D894B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG	ASCII text	9CA3BB36F4B3E302166A9EF60F4E7A72	AFBDFB468B9F92E1AE6B471A0FD7E85CE53932C8	43142EE8BF824A15984075236FB109616F6A12D12E10B098D00E902C409EDAA5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.oldw" (copy)	ASCII text	9CA3BB36F4B3E302166A9EF60F4E7A72	AFBDFB468B9F92E1AE6B471A0FD7E85CE53932C8	43142EE8BF824A15984075236FB109616F6A12D12E10B098D00E902C409EDAA5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log	data	E556F26DF3E95C19DBAECA8F5DF0C341	247A89F0557FC3666B5173833DB198B188F3AA2E	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG	ASCII text	7C324C746EC42D30EBAAC6A7E2CA9740	99BC9D9CA0ED14EFDA86719CC2095830B73055F0	73EEF2A229041F19EA36C8760A69FE264BCD64DD2563FCD6295D5A3322650022
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old (copy)	ASCII text	7C324C746EC42D30EBAAC6A7E2CA9740	99BC9D9CA0ED14EFDA86719CC2095830B73055F0	73EEF2A229041F19EA36C8760A69FE264BCD64DD2563FCD6295D5A3322650022
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log	data	45A8ECA4E5C4A6B1395080C1B728B6C9	8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E	DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG	ASCII text	F49FF0F3A452007D3BEE777476BA12F0	A356216783573E429BEE6734B9C709FC98DA5311	BA1A0C63E367195B8438CD6C4E530909CAB0C3CAB3D3C33FF6A23FDFCDD77DF0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old. (copy)	ASCII text	F49FF0F3A452007D3BEE777476BA12F0	A356216783573E429BEE6734B9C709FC98DA5311	BA1A0C63E367195B8438CD6C4E530909CAB0C3CAB3D3C33FF6A23FDFCDD77DF0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links	data	411CDBD0571AB43F88C3AE0D078EDE4B	1331B78FA17CCBCA6265B45646332B098003C693	52C775B5BE75B14BA3A0F51263CE9DF4AF04A122CA5F6CF25977BE9DB580419E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bec917c6-5d49-45d5-b474-0c576ad57e25.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	CDD8B72956AD4E3D556EC122E6093E4C	1D8F1737322DBB05F6BA0CAC716BC65BBECA931B	2E1163955888B9E239BA9F4DF74FEF01B33DBFEF869879C0F0449FA868F78D42
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG	ASCII text	CAA9C7D80C18F20CAF99775D0571BE28	BE9D4A7E398291895939908E1A7E07A7A371CAF8	F6FF52FF8B3FDE85243EA4C97FAF6097DE874D14FD3E573FC69B02B8919A283F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.oldaa (copy)	ASCII text	CAA9C7D80C18F20CAF99775D0571BE28	BE9D4A7E398291895939908E1A7E07A7A371CAF8	F6FF52FF8B3FDE85243EA4C97FAF6097DE874D14FD3E573FC69B02B8919A283F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004	MPEG-4 LOAS	031D6D1E28FE41A9BDCBD8A21DA92DF1	38CEE81CB035A60A23D6E045E5D72116F2A58683	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\faf789f3-c2b1-4218-a8b4-529ed761717a.tmp	ASCII text, with very long lines, with no line terminators	1BD24CDCD74F0EF0489B618F7B37BAFE	C2099FD98E91D63D02818001BCF1FC61FCF32FFC	9021FA14A293FD303CB7B6791AEDDFDEDBA2F230769EAD4E92D7E41D01CBD030
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG	ASCII text	16328C8BD7D7AC9030E64E342B789954	55E94AED5C31BE8D473637E87D88D18B4223DA12	9AB4CF3F259F199C29CB25C85B3FFBDF4077A7BB00A0446FA3C507B41CA1F617
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)	ASCII text	16328C8BD7D7AC9030E64E342B789954	55E94AED5C31BE8D473637E87D88D18B4223DA12	9AB4CF3F259F199C29CB25C85B3FFBDF4077A7BB00A0446FA3C507B41CA1F617
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	C422F72BA41F662A919ED0B70E5C3289	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)	ASCII text, with very long lines, with no line terminators	31C26DF7F2748B226734B78692AD65B0	D1AA8AE4018FCC81A6380525E914B97C7C702D35	8AA4617DA3D7D82753CB7A813842BECFC8C61D3009D0532759EDC554A7FAB477
C:\Users\user\AppData\Local\Google\Chrome\User Data\d001ec69-44fc-4d8f-8ddd-73c57d9a32e3.tmp	ASCII text, with very long lines, with no line terminators	4CA8442364871E3AE51A861F0A88FB8D	DFE8CB536D334D7A631633E0F3857364D50E5698	03B54694E7105C3D58795FE8DA447A979DBB3C2EED25B00AA63AC25FE5A24849

AV Detection:

Antivirus detection for URL or domain

Source: https://medisolhealthcare.com/00/	Avira URL Cloud: Label: phishing
Source: https://medisolhealthcare.com/00	Avira URL Cloud: Label: phishing
Source: https://medisolhealthcare.com/tamu.edu/index.html	Avira URL Cloud: Label: phishing

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Networking:

IP address seen in connection with other malware

Source: Joe Sandbox View

IP Address: 239.255.255.250 239.255.255.250

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /00 HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /00/ HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/index.html HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://medisolhealthcare.com/00/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/tether/tether.min.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/bootstrap/css/bootstrap.min.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/animate.css/animate.min.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/dropdown/css/style.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/theme/css/style.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/mobirise/css/mbr-additional.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/socicon/css/styles.css HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/web/assets/jquery/jquery.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gtag/js?id=UA-119896657-1 HTTP/1.1Host: www.googletagmanager.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/medisol-logo-n-90x100.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/tether/tether.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/bootstrap/js/bootstrap.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/bootstrap-carousel-swipe/bootstrap-carousel-swipe.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/smooth-scroll/smooth-scroll.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveOrigin: https://medisolhealthcare.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /maps/embed?pb=!1m18!1m12!1m3!1d3945.9165706755552!2d76.92436481460193!3d8.507481599281519!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3b05bbfc5555555b%3A0x951cc4a2b9385586!2sMedisol+Healthcare!5e0!3m2!1sen!2sin!4v1543508867808 HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://medisolhealthcare.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Montserrat:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://medisolhealthcare.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Montserrat:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /analytics.js HTTP/1.1Host: www.google-analytics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/banner-2-2000x750.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/banner-3-2000x750.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/banner-1-2000x750.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/banner-4-2000x750.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/dropdown/js/script.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/touch-swipe/jquery.touch-swipe.min.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/viewport-checker/jquery.viewportchecker.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/theme/js/script.js HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/files/Services_0001.png HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/assets/images/health-banner-1400x702.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/files/Services_0003.png HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tamu.edu/files/Medisol.jpg HTTP/1.1Host: medisolhealthcare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medisolhealthcare.com/tamu.edu/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: Reporting and NEL.1.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=Kkc0bVlDPnCF5dPVRayrcfJFRWz4E6np4DijPxgaOjyx7TFpRReJNlcNstM
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: e68aa0d72d457781_0.0.dr	String found in binary or memory: https://app.interakt.ai/kiwi-sdk/kiwi-sdk-17-prod-min.js?v=1632192138079
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: Reporting and NEL.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 2d2e9e75-5b41-49eb-843d-3551b8ec59e6.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://dns.google
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: Current Session.0.dr	String found in binary or memory: https://medisolhealthcare.com
Source: e68aa0d72d457781_0.0.dr	String found in binary or memory: https://medisolhealthcare.com/
Source: ATT78678#U007eCovid-19.HTM	String found in binary or memory: https://medisolhealthcare.com/00
Source: Current Session.0.dr	String found in binary or memory: https://medisolhealthcare.com/00/
Source: Current Session.0.dr	String found in binary or memory: https://medisolhealthcare.com/tamu.edu/index.html
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr	String found in binary or memory: https://r5---sn-4g5ednsl.gvt1.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr	String found in binary or memory: https://www.google-analytics.com
Source: 5313946ae3e46240_0.0.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: 008dc773b56dfd0d_0.0.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-119896657-1
Source: 1bab34aa-98b6-436e-b760-27246e5ee0c1.tmp.1.dr, 93fbe77e-5319-44f9-bcae-4c6564f3d892.tmp.1.dr	String found in binary or memory: https://www.gstatic.com

Source: unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\chrome_BITS_5476_872298783

Jump to behavior

Source: classification engine

Classification label: mal48.winHTM@12/87@6/14

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\ATT78678#U007eCovid-19.HTM'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1636,7231587960660174490,1524538055081236010,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1636,7231587960660174490,1524538055081236010,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61494681-1564.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

ID:	486738
Product:	CloudBasic
Start time:	19:41:13
Start date:	20.09.2021
Sample:	ATT78678#U007eCovid-19.HTM
Cookbook:	defaultwindowshtmlcookbook.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS
MD5:	ed5ebacca5f138fe79be8ae5b09741a8
SHA1:	b8a744687b2715f80072a889a9b0922eb140fde1
SHA256:	a121bc13a2f483960b1bf48551575396aed5a0c0b1528ca1ad7fb02c1566eddc
Filetype:	HyperText Markup Language (12001/1) 34.29%

Windows Analysis Report ATT78678#U007eCovid-19.HTM

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection:

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs