Windows Analysis Report https://vztnl-my.sharepoint.com/:o:/g/personal/mvanzaal_vzt_nl/EuuLOsYLcitAhOY9KZNqP9gBXbzHgWcXtG3S-zCfidXUXA?e=5%3ahV4RUj&at=9

Overview

General Information

Sample URL: https://vztnl-my.sharepoint.com/:o:/g/personal/mvanzaal_vzt_nl/EuuLOsYLcitAhOY9KZNqP9gBXbzHgWcXtG3S-zCfidXUXA?e=5%3ahV4RUj&at=9
Analysis ID: 516205
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score: 52
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Yara detected HtmlPhish20
Phishing site detected (based on image similarity)
Found iframes
Suspicious form URL found
No HTML title found

Classification

Phishing:

barindex
Yara detected HtmlPhish20
Source: Yara match File source: 44872.4.pages.csv, type: HTML
Phishing site detected (based on image similarity)
Source: https://officewayside.weebly.com/ Matcher: Found strong image similarity, brand: Microsoft image: 44872.4.img.1.gfk.csv 20202002a6b4b435
Found iframes
Source: https://www.vzt.nl/vacatures HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-MJF8JNF
Suspicious form URL found
Source: https://www.vzt.nl/vacatures HTTP Parser: Form action: agents/send_vacancy_application.php
No HTML title found
Source: https://www.vzt.nl/ HTTP Parser: HTML title missing
Source: https://www.vzt.nl/ HTTP Parser: HTML title missing
Source: https://www.vzt.nl/vacatures HTTP Parser: HTML title missing
Source: https://www.vzt.nl/algemenevoorwaarden HTTP Parser: HTML title missing
Source: https://www.vzt.nl/ HTTP Parser: No <meta name="copyright".. found
Source: https://www.vzt.nl/ HTTP Parser: No <meta name="copyright".. found
Source: https://www.vzt.nl/vacatures HTTP Parser: No <meta name="copyright".. found
Source: https://www.vzt.nl/algemenevoorwaarden HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
Source: unknown HTTPS traffic detected: 199.34.228.54:443 -> 192.168.2.6:49957 version: TLS 1.2
Source: unknown HTTPS traffic detected: 199.34.228.54:443 -> 192.168.2.6:49958 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.159.242.66:443 -> 192.168.2.6:50038 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.159.242.66:443 -> 192.168.2.6:50039 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.159.242.66:443 -> 192.168.2.6:50054 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.159.242.66:443 -> 192.168.2.6:50192 version: TLS 1.2
Source: unknown DNS traffic detected: queries for: vztnl-my.sharepoint.com
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50154 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50211 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50096 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown Network traffic detected: HTTP traffic on port 50062 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50119 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50178 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50210 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50166 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50208 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50110 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown Network traffic detected: HTTP traffic on port 50109 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50132 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50216
Source: unknown Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50215
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50218
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50217
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50219
Source: unknown Network traffic detected: HTTP traffic on port 50174 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50151 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50210
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50212
Source: unknown Network traffic detected: HTTP traffic on port 50059 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50202 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50211
Source: unknown Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50214
Source: unknown Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50162 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50197 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50230
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown Network traffic detected: HTTP traffic on port 50150 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50082 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50105 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50164 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50129 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50117 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50152 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50201 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50212 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50200 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50204
Source: unknown Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50196 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50206
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50208
Source: unknown Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50201
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50200
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50203
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50202
Source: unknown Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50185 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50174
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50179
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50178
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50180
Source: unknown Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50182
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50183
Source: unknown Network traffic detected: HTTP traffic on port 50068 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50125 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50194 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50185
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown Network traffic detected: HTTP traffic on port 50091 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50113 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown Network traffic detected: HTTP traffic on port 50216 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50183 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50193
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown Network traffic detected: HTTP traffic on port 50159 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50192
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50195
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50194
Source: unknown Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50204 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50195 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50147 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50197
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50196
Source: unknown Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown Network traffic detected: HTTP traffic on port 50170 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown Network traffic detected: HTTP traffic on port 50193 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50149 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50131
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50133
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50132
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50135
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50136
Source: unknown Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50161 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50215 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50230 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50149
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50143
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50146
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50145
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50148
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50147
Source: unknown Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50151
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50150
Source: unknown Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50103 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50153
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50152
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50155
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50154
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50157
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50156
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50159
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50158
Source: unknown Network traffic detected: HTTP traffic on port 50182 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50160
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50162
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50161
Source: unknown Network traffic detected: HTTP traffic on port 50066 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50203 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50164
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50163
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50166
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50165
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50168
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50167
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown Network traffic detected: HTTP traffic on port 50160 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50170
Source: unknown Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50126 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50214 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50145 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50168 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50180 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50219 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50088 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50076 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50133 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50156 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50167 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50192 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50111 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50218 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50098
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50206 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50075 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50158 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50052 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50135 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50123 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50098 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown Network traffic detected: HTTP traffic on port 50086 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50217 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50179 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50146 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50157 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50101 -> 443
Source: angular.js.0.dr String found in binary or memory: http://angularjs.org
Source: angular.js.0.dr String found in binary or memory: http://errors.angularjs.org/1.6.4-local
Source: pnacl_public_x86_64_pnacl_sz_nexe.0.dr String found in binary or memory: http://llvm.org/):
Source: mirroring_hangouts.js.0.dr String found in binary or memory: http://tools.ietf.org/html/rfc1950
Source: mirroring_hangouts.js.0.dr String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: mirroring_hangouts.js.0.dr String found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
Source: mirroring_hangouts.js.0.dr String found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, manifest.json.0.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://accounts.google.com
Source: craw_window.js.0.dr String found in binary or memory: https://accounts.google.com/MergeSession
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://ajax.googleapis.com
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, manifest.json.0.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://apis.google.com
Source: mirroring_common.js.0.dr String found in binary or memory: https://apis.google.com/js/client.js
Source: mirroring_common.js.0.dr String found in binary or memory: https://castedumessaging-pa.googleapis.com/v1
Source: pnacl_public_x86_64_libcrt_platform_a.0.dr String found in binary or memory: https://chromium.googlesource.com/a/native_client/pnacl-clang.git
Source: pnacl_public_x86_64_libcrt_platform_a.0.dr String found in binary or memory: https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://clients2.google.com
Source: mirroring_hangouts.js.0.dr, mirroring_cast_streaming.js.0.dr String found in binary or memory: https://clients2.google.com/cr/report
Source: manifest.json1.0.dr, manifest.json0.0.dr String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://clients2.googleusercontent.com
Source: mirroring_hangouts.js.0.dr String found in binary or memory: https://clients6.google.com
Source: pnacl_public_x86_64_ld_nexe.0.dr String found in binary or memory: https://code.google.com/p/nativeclient/issues/entry
Source: pnacl_public_x86_64_ld_nexe.0.dr String found in binary or memory: https://code.google.com/p/nativeclient/issues/entry%s:
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://content-autofill.googleapis.com
Source: manifest.json.0.dr String found in binary or memory: https://content.googleapis.com
Source: mirroring_cast_streaming.js.0.dr, common.js.0.dr String found in binary or memory: https://crash.corp.google.com/samples?reportid=&q=
Source: mirroring_hangouts.js.0.dr String found in binary or memory: https://creativecommons.org/publicdomain/zero/1.0/.
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, 6ae47188-9dea-4aa8-966c-f51e5997aee6.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, c9bf6c43-a4a6-46ab-a1d5-80529051edd3.tmp.2.dr, ab842098-936c-4d4d-8f14-db4c50a135a9.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://dns.google
Source: mirroring_common.js.0.dr String found in binary or memory: https://docs.google.com
Source: index.txt.tmp.0.dr String found in binary or memory: https://euc-onenote.officeapps.live.com/
Source: manifest.json.0.dr String found in binary or memory: https://feedback.googleusercontent.com
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json.0.dr String found in binary or memory: https://fonts.googleapis.com;
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json.0.dr String found in binary or memory: https://fonts.gstatic.com;
Source: material_css_min.css.0.dr String found in binary or memory: https://github.com/angular/material
Source: craw_window.js.0.dr, craw_background.js.0.dr String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: mirroring_hangouts.js.0.dr String found in binary or memory: https://github.com/madler/zlib/blob/master/zlib.h
Source: mirroring_hangouts.js.0.dr String found in binary or memory: https://hangouts.clients6.google.com
Source: manifest.json.0.dr String found in binary or memory: https://hangouts.google.com/
Source: mirroring_hangouts.js.0.dr String found in binary or memory: https://hangouts.google.com/hangouts/_/logpref
Source: mirroring_common.js.0.dr String found in binary or memory: https://meet.google.com
Source: mirroring_hangouts.js.0.dr String found in binary or memory: https://meetings.clients6.google.com
Source: mirroring_common.js.0.dr String found in binary or memory: https://networktraversal.googleapis.com/v1alpha
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://ogs.google.com
Source: craw_window.js.0.dr, manifest.json0.0.dr String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: mirroring_hangouts.js.0.dr String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: mirroring_hangouts.js.0.dr String found in binary or memory: https://preprod-hangouts-googleapis.sandbox.google.com
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://r5---sn-h0jeenle.gvt1.com
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://redirector.gvt1.com
Source: craw_window.js.0.dr, manifest.json0.0.dr String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://ssl.google-analytics.com
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://ssl.gstatic.com
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://stats.g.doubleclick.net
Source: messages.json15.0.dr, feedback.html.0.dr String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json15.0.dr, feedback.html.0.dr String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: History Provider Cache.0.dr String found in binary or memory: https://vztnl-my.sharepoint.com/:o:/g/personal/mvanzaal_vzt_nl/EuuLOsYLcitAhOY9KZNqP9gBXbzHgWcXtG3S-
Source: History Provider Cache.0.dr String found in binary or memory: https://vztnl-my.sharepoint.com/personal/mvanzaal_vzt_nl/_layouts/15/Doc.aspx?sourcedoc=
Source: History Provider Cache.0.dr String found in binary or memory: https://vztnl-my.sharepoint.com/personal/mvanzaal_vzt_nl/_layouts/15/Doc.aspx?sourcedoc=%7Bc63a8beb-
Source: craw_window.js.0.dr, craw_background.js.0.dr String found in binary or memory: https://www-googleapis-staging.sandbox.google.com
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://www.google-analytics.com
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, manifest.json.0.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://www.google.com
Source: manifest.json0.0.dr String found in binary or memory: https://www.google.com/
Source: craw_window.js.0.dr String found in binary or memory: https://www.google.com/accounts/OAuthLogin?issueuberauth=1
Source: craw_window.js.0.dr String found in binary or memory: https://www.google.com/images/cleardot.gif
Source: craw_window.js.0.dr String found in binary or memory: https://www.google.com/images/dot2.gif
Source: craw_window.js.0.dr String found in binary or memory: https://www.google.com/images/x2.gif
Source: craw_background.js.0.dr String found in binary or memory: https://www.google.com/intl/en-US/chrome/blank.html
Source: mirroring_hangouts.js.0.dr String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: feedback_script.js.0.dr String found in binary or memory: https://www.google.com/tools/feedback
Source: manifest.json.0.dr String found in binary or memory: https://www.google.com;
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, craw_window.js.0.dr, craw_background.js.0.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://www.googleapis.com
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: mirroring_common.js.0.dr String found in binary or memory: https://www.googleapis.com/calendar/v3
Source: mirroring_common.js.0.dr String found in binary or memory: https://www.googleapis.com/hangouts/v1
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://www.googletagmanager.com
Source: 04c6cca4-0188-475f-ac99-d1ed562bc353.tmp.2.dr, 8550e2f8-0d6d-4c99-817b-61e6ba47022a.tmp.2.dr, f17c999e-afa4-4050-9f49-f83a46622429.tmp.2.dr, 8683dfc9-5ae2-45e5-9c54-6836adc5dbce.tmp.2.dr String found in binary or memory: https://www.gstatic.com
Source: common.js.0.dr String found in binary or memory: https://www.gstatic.com/hangouts_echo_detector/release/%
Source: manifest.json.0.dr String found in binary or memory: https://www.gstatic.com;
Source: unknown HTTPS traffic detected: 199.34.228.54:443 -> 192.168.2.6:49957 version: TLS 1.2
Source: unknown HTTPS traffic detected: 199.34.228.54:443 -> 192.168.2.6:49958 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.159.242.66:443 -> 192.168.2.6:50038 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.159.242.66:443 -> 192.168.2.6:50039 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.159.242.66:443 -> 192.168.2.6:50054 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.159.242.66:443 -> 192.168.2.6:50192 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Temp\cb6479d2-1770-4a55-919f-2f059e3f9a3b.tmp Jump to behavior
Source: classification engine Classification label: mal52.phis.win@36/215@33/29
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://vztnl-my.sharepoint.com/:o:/g/personal/mvanzaal_vzt_nl/EuuLOsYLcitAhOY9KZNqP9gBXbzHgWcXtG3S-zCfidXUXA?e=5%3ahV4RUj&at=9
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1592,6233830419226784550,16524938468778052118,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1592,6233830419226784550,16524938468778052118,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: https://vztnl-my.sharepoint.com/:o:/g/personal/mvanzaal_vzt_nl/EuuLOsYLcitAhOY9KZNqP9gBXbzHgWcXtG3S-zCfidXUXA?e=5%3ahV4RUj&at=9 Joe Sandbox Cloud Basic: Detection: clean Score: 0 Perma Link
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-6185514E-1724.pma Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: Ok
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: Ok
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 516205 URL: https://vztnl-my.sharepoint... Startdate: 05/11/2021 Architecture: WINDOWS Score: 52 20 www.vzt.nl 2->20 22 pages-wildcard.weebly.com 2->22 24 officewayside.weebly.com 2->24 36 Yara detected HtmlPhish20 2->36 38 Phishing site detected (based on image similarity) 2->38 7 chrome.exe 15 491 2->7         started        signatures3 process4 dnsIp5 26 192.168.2.1 unknown unknown 7->26 28 239.255.255.250 unknown Reserved 7->28 14 C:\...\pnacl_public_x86_64_pnacl_sz_nexe, ELF 7->14 dropped 16 C:\...\pnacl_public_x86_64_pnacl_llc_nexe, ELF 7->16 dropped 18 C:\Users\user\...\pnacl_public_x86_64_ld_nexe, ELF 7->18 dropped 11 chrome.exe 164 7->11         started        file6 process7 dnsIp8 30 pages-wildcard.weebly.com 199.34.228.54, 443, 49921, 49922 WEEBLYUS United States 11->30 32 syndication.twitter.com 104.244.42.8, 443, 50045, 50103 TWITTERUS United States 11->32 34 59 other IPs or domains 11->34
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
157.240.17.35
 star-mini.c10r.facebook.com United States
32934 FACEBOOKUS false
151.101.1.46
 weebly.map.fastly.net United States
54113 FASTLYUS false
192.229.233.50
 cs672.wac.edgecastcdn.net United States
15133 EDGECASTUS false
74.125.140.157
 stats.l.doubleclick.net United States
15169 GOOGLEUS false
239.255.255.250
 unknown Reserved
unknown unknown false
142.250.185.196
 www.google.com United States
15169 GOOGLEUS false
142.250.186.142
 www-google-analytics.l.google.com United States
15169 GOOGLEUS false
142.250.184.237
 accounts.google.com United States
15169 GOOGLEUS false
216.58.212.161
 googlehosted.l.googleusercontent.com United States
15169 GOOGLEUS false
108.174.11.37
 pop-esv5.mix.linkedin.com United States
14413 LINKEDINUS false
185.159.242.66
 www.vzt.nl Netherlands
48635 ASTRALUSNL false
104.22.25.131
 embed.tawk.to United States
13335 CLOUDFLARENETUS false
199.34.228.54
 pages-wildcard.weebly.com United States
27647 WEEBLYUS false
157.240.17.15
 scontent.xx.fbcdn.net United States
32934 FACEBOOKUS false
104.26.7.220
 www.freeprivacypolicy.com United States
13335 CLOUDFLARENETUS false
152.199.21.141
 cs510.wpc.edgecastcdn.net United States
15133 EDGECASTUS false
216.58.212.174
 clients.l.google.com United States
15169 GOOGLEUS false
54.189.175.59
 sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com United States
16509 AMAZON-02US false
104.22.24.131
 va.tawk.to United States
13335 CLOUDFLARENETUS false
13.104.208.160
 i-db3p-cor005.api.p001.1drv.com United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
152.199.21.140
 cs511.wpc.edgecastcdn.net United States
15133 EDGECASTUS false
104.244.42.8
 syndication.twitter.com United States
13414 TWITTERUS false
40.108.231.27
 187270-ipv4.farm.dprodmgd104.aa-rt.sharepoint.com United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
142.250.185.131
 gstaticadssl.l.google.com United States
15169 GOOGLEUS false
93.184.220.70
 cs45.wac.edgecastcdn.net European Union
15133 EDGECASTUS false
142.250.186.168
 ssl-google-analytics.l.google.com United States
15169 GOOGLEUS false
199.232.136.157
 platform.twitter.map.fastly.net United States
54113 FASTLYUS false

Private
IP
192.168.2.1
127.0.0.1

Contacted Domains

Name IP Active
gstaticadssl.l.google.com 142.250.185.131 true
sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com 54.189.175.59 true
cs45.wac.edgecastcdn.net 93.184.220.70 true
weebly.map.fastly.net 151.101.1.46 true
platform.twitter.map.fastly.net 199.232.136.157 true
i-db3p-cor005.api.p001.1drv.com 13.104.208.160 true
embed.tawk.to 104.22.25.131 true
va.tawk.to 104.22.24.131 true
scontent.xx.fbcdn.net 157.240.17.15 true
ssl-google-analytics.l.google.com 142.250.186.168 true
www.google.com 142.250.185.196 true
cs510.wpc.edgecastcdn.net 152.199.21.141 true
star-mini.c10r.facebook.com 157.240.17.35 true
accounts.google.com 142.250.184.237 true
www-google-analytics.l.google.com 142.250.186.142 true
stats.l.doubleclick.net 74.125.140.157 true
pop-esv5.mix.linkedin.com 108.174.11.37 true
www-googletagmanager.l.google.com 142.250.186.168 true
www.freeprivacypolicy.com 104.26.7.220 true
syndication.twitter.com 104.244.42.8 true
187270-ipv4.farm.dprodmgd104.aa-rt.sharepoint.com 40.108.231.27 true
pages-wildcard.weebly.com 199.34.228.54 true
www.vzt.nl 185.159.242.66 true
cs511.wpc.edgecastcdn.net 152.199.21.140 true
cs672.wac.edgecastcdn.net 192.229.233.50 true
clients.l.google.com 216.58.212.174 true
googlehosted.l.googleusercontent.com 216.58.212.161 true
officewayside.weebly.com unknown unknown
abs.twimg.com unknown unknown
cdn2.editmysite.com unknown unknown
messaging.office.com unknown unknown
ajax.aspnetcdn.com unknown unknown
stats.g.doubleclick.net unknown unknown
clients2.googleusercontent.com unknown unknown
vztnl-my.sharepoint.com unknown unknown
clients2.google.com unknown unknown
amcdn.msftauth.net unknown unknown
cdn.syndication.twimg.com unknown unknown
www.onenote.com unknown unknown
platform.twitter.com unknown unknown
www.facebook.com unknown unknown
onenoteonlinesync.onenote.com unknown unknown
ton.twimg.com unknown unknown
www.linkedin.com unknown unknown
pbs.twimg.com unknown unknown
storage.live.com unknown unknown
connect.facebook.net unknown unknown
px.ads.linkedin.com unknown unknown
ec.editmysite.com unknown unknown
snap.licdn.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://www.vzt.nl/algemenevoorwaarden true
    		unknown
    https://vztnl-my.sharepoint.com/personal/mvanzaal_vzt_nl/_layouts/15/Doc.aspx?sourcedoc={c63a8beb-720b-402b-84e6-3d29936a3fd8}&action=view&wd=target%28VAN%20ZAAL%20TRANSPORT.one%7Cee96c080-a5a0-45b2-ab17-4c46e71e821a%2FVAN%20ZAAL%20TRANSPORT%7C8b790e4f-45a0-4569-b92d-4e687cda39f3%2F%29 true
      		unknown
      https://www.vzt.nl/ true unknown
      https://www.vzt.nl/vacatures true
        		unknown
        https://officewayside.weebly.com/ false
          		high
          https://vztnl-my.sharepoint.com/:o:/g/personal/mvanzaal_vzt_nl/EuuLOsYLcitAhOY9KZNqP9gBXbzHgWcXtG3S-zCfidXUXA?rtime=EMODEjCg2Ug true
            		unknown
            https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.vzt.nl false
              		high