Windows Analysis Report
https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/

Overview

General Information

Sample URL:	https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/
Analysis ID:	655307

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Phishing site detected (based on favicon image match)

Yara detected HtmlPhish10

Phishing site detected (based on image similarity)

Invalid 'forgot password' link found

HTML body contains low number of good links

Found iframes

No HTML title found

Classification

Signatures

Phishing

Phishing site detected (based on favicon image match)

Source: https://dryesimgurel.com/surburban/

Matcher: Template: microsoft matched with high similarity

Yara detected HtmlPhish10

Source: Yara match

File source: 83811.3.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://dryesimgurel.com/surburban/	Matcher: Found strong image similarity, brand: Microsoft image: 83811.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Source: https://dryesimgurel.com/surburban/	Matcher: Found strong image similarity, brand: Microsoft image: 83811.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Source: https://dryesimgurel.com/surburban/	Matcher: Found strong image similarity, brand: Microsoft image: 83811.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Source: https://dryesimgurel.com/surburban/	Matcher: Found strong image similarity, brand: Microsoft image: 83811.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Source: https://dryesimgurel.com/surburban/	Matcher: Found strong image similarity, brand: Microsoft image: 83811.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Source: https://dryesimgurel.com/surburban/	Matcher: Found strong image similarity, brand: Microsoft image: 83811.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Source: https://dryesimgurel.com/surburban/	Matcher: Found strong image similarity, brand: Microsoft image: 83811.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Source: https://dryesimgurel.com/surburban/	Matcher: Found strong image similarity, brand: Microsoft image: 83811.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Source: https://dryesimgurel.com/surburban/	Matcher: Found strong image similarity, brand: Microsoft image: 83811.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD

Invalid 'forgot password' link found

Source: https://dryesimgurel.com/surburban/	HTTP Parser: Invalid link: Forgot my password
Source: https://dryesimgurel.com/surburban/	HTTP Parser: Invalid link: Forgot my password

HTML body contains low number of good links

Source: https://dryesimgurel.com/surburban/	HTTP Parser: Number of links: 0
Source: https://dryesimgurel.com/surburban/	HTTP Parser: Number of links: 0

Found iframes

Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: Iframe src: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: Iframe src: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: Iframe src: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: Iframe src: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html

No HTML title found

Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: HTML title missing
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: HTML title missing
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: HTML title missing
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: HTML title missing
Source: https://dryesimgurel.com/surburban/	HTTP Parser: HTML title missing
Source: https://dryesimgurel.com/surburban/	HTTP Parser: HTML title missing

Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: No <meta name="author".. found
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: No <meta name="author".. found
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: No <meta name="author".. found
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: No <meta name="author".. found
Source: https://dryesimgurel.com/surburban/	HTTP Parser: No <meta name="author".. found
Source: https://dryesimgurel.com/surburban/	HTTP Parser: No <meta name="author".. found

Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: No <meta name="copyright".. found
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: No <meta name="copyright".. found
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: No <meta name="copyright".. found
Source: https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	HTTP Parser: No <meta name="copyright".. found
Source: https://dryesimgurel.com/surburban/	HTTP Parser: No <meta name="copyright".. found
Source: https://dryesimgurel.com/surburban/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 76.76.21.21:443 -> 192.168.2.3:60723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.76.21.21:443 -> 192.168.2.3:60724 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 9MB

Source: unknown

DNS traffic detected: queries for: accounts.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 64702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62284
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53170
Source: unknown	Network traffic detected: HTTP traffic on port 56156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60496
Source: unknown	Network traffic detected: HTTP traffic on port 59124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64332
Source: unknown	Network traffic detected: HTTP traffic on port 62618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65161
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49215
Source: unknown	Network traffic detected: HTTP traffic on port 61825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52131
Source: unknown	Network traffic detected: HTTP traffic on port 57579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62201
Source: unknown	Network traffic detected: HTTP traffic on port 62078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60959
Source: unknown	Network traffic detected: HTTP traffic on port 56773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57705
Source: unknown	Network traffic detected: HTTP traffic on port 62588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62618
Source: unknown	Network traffic detected: HTTP traffic on port 62201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60341 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57390
Source: unknown	Network traffic detected: HTTP traffic on port 61963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57390 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61400
Source: unknown	Network traffic detected: HTTP traffic on port 60496 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50407
Source: unknown	Network traffic detected: HTTP traffic on port 53752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53631
Source: unknown	Network traffic detected: HTTP traffic on port 60723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50762
Source: unknown	Network traffic detected: HTTP traffic on port 61399 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58136
Source: unknown	Network traffic detected: HTTP traffic on port 57705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62582
Source: unknown	Network traffic detected: HTTP traffic on port 60904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60723
Source: unknown	Network traffic detected: HTTP traffic on port 61400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62588
Source: unknown	Network traffic detected: HTTP traffic on port 52319 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52319
Source: unknown	Network traffic detected: HTTP traffic on port 64022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64022
Source: unknown	Network traffic detected: HTTP traffic on port 63759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52953
Source: unknown	Network traffic detected: HTTP traffic on port 54074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63208
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63564
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62078
Source: unknown	Network traffic detected: HTTP traffic on port 64701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54901
Source: unknown	Network traffic detected: HTTP traffic on port 56390 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60904
Source: unknown	Network traffic detected: HTTP traffic on port 54879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58700
Source: unknown	Network traffic detected: HTTP traffic on port 64709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57579
Source: unknown	Network traffic detected: HTTP traffic on port 58700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54074
Source: unknown	Network traffic detected: HTTP traffic on port 50407 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60341
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64708
Source: unknown	Network traffic detected: HTTP traffic on port 53631 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61399
Source: unknown	Network traffic detected: HTTP traffic on port 62837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64701
Source: unknown	Network traffic detected: HTTP traffic on port 54775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54879
Source: unknown	Network traffic detected: HTTP traffic on port 60959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64044
Source: unknown	Network traffic detected: HTTP traffic on port 60724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56257
Source: unknown	Network traffic detected: HTTP traffic on port 64708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61963
Source: unknown	Network traffic detected: HTTP traffic on port 65161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62423 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61687
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57916
Source: unknown	Network traffic detected: HTTP traffic on port 52994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57366 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55853
Source: unknown	Network traffic detected: HTTP traffic on port 64332 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57366
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56156
Source: unknown	Network traffic detected: HTTP traffic on port 62284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56390
Source: unknown	Network traffic detected: HTTP traffic on port 64699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62423
Source: unknown	Network traffic detected: HTTP traffic on port 49215 -> 443

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227

Source: unknown	HTTPS traffic detected: 76.76.21.21:443 -> 192.168.2.3:60723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.76.21.21:443 -> 192.168.2.3:60724 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Temp\956745a7-3837-408d-8b7b-fab746113d4b.tmp

Source: classification engine

Classification label: mal60.phis.win@28/107@28/329

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1720,6791933579505511980,15657868459491720046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1720,6791933579505511980,15657868459491720046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-62BE820B-143C.pma

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.109	accounts.google.com	United States	15169	GOOGLEUS	false
142.250.186.68	www.google.com	United States	15169	GOOGLEUS	false
172.217.16.138	unknown	United States	15169	GOOGLEUS	false
5.9.161.82	dryesimgurel.com	Germany	24940	HETZNER-ASDE	false
216.239.32.36	unknown	United States	15169	GOOGLEUS	false
104.16.123.175	unpkg.com	United States	13335	CLOUDFLARENETUS	false
34.243.225.21	bip-backend-prod-1840525834.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
18.66.115.169	d296je7bbdd650.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
172.217.23.99	unknown	United States	15169	GOOGLEUS	false
34.120.129.162	edge-eu.customer.io	United States	15169	GOOGLEUS	false
104.18.29.91	client.crisp.chat	United States	13335	CLOUDFLARENETUS	false
23.88.55.245	www.usetiful.com	United States	18978	ENZUINC-US	false
142.250.186.110	clients.l.google.com	United States	15169	GOOGLEUS	false
108.157.4.122	vars.hotjar.com	United States	16509	AMAZON-02US	false
76.76.21.21	bip.so	United States	16509	AMAZON-02US	false
216.58.212.170	unknown	United States	15169	GOOGLEUS	false
142.250.186.35	gstaticadssl.l.google.com	United States	15169	GOOGLEUS	false
18.66.97.49	static-cdn.hotjar.com	United States	3	MIT-GATEWAYSUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
34.104.35.123	unknown	United States	15169	GOOGLEUS	false
134.209.238.18	client.relay.crisp.chat	United States	14061	DIGITALOCEAN-ASNUS	false
172.217.18.3	unknown	United States	15169	GOOGLEUS	false
142.250.185.136	www-googletagmanager.l.google.com	United States	15169	GOOGLEUS	false
35.161.125.23	api.segment.io	United States	16509	AMAZON-02US	false
69.16.175.42	unknown	United States	20446	HIGHWINDS3US	false
142.250.181.227	unknown	United States	15169	GOOGLEUS	false
151.101.2.217	dualstack.osff.map.fastly.net	United States	54113	FASTLYUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
108.157.4.45	script.hotjar.com	United States	16509	AMAZON-02US	false
18.64.103.109	d1aadi0iayibtc.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
54.74.116.255	in-live.live.eks.hotjar.com	United States	16509	AMAZON-02US	false
152.199.23.37	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false
34.120.195.249	o301059.ingest.sentry.io	United States	15169	GOOGLEUS	false
18.66.92.15	d1uyo0yzpsnvfq.cloudfront.net	United States	3	MIT-GATEWAYSUS	false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name	IP	Active
gstaticadssl.l.google.com	142.250.186.35	true
d1uyo0yzpsnvfq.cloudfront.net	18.66.92.15	true
cs1100.wpc.omegacdn.net	152.199.23.37	true
dryesimgurel.com	5.9.161.82	true
bip-backend-prod-1840525834.eu-west-1.elb.amazonaws.com	34.243.225.21	true
edge-eu.customer.io	34.120.129.162	true
d296je7bbdd650.cloudfront.net	18.66.115.169	true
www.usetiful.com	23.88.55.245	true
script.hotjar.com	108.157.4.45	true
cdnjs.cloudflare.com	104.17.24.14	true
bip.so	76.76.21.21	true
api.segment.io	35.161.125.23	true
www.google.com	142.250.186.68	true
dualstack.osff.map.fastly.net	151.101.2.217	true
static-cdn.hotjar.com	18.66.97.49	true
client.relay.crisp.chat	134.209.238.18	true
accounts.google.com	142.250.185.109	true
www-googletagmanager.l.google.com	142.250.185.136	true
d1aadi0iayibtc.cloudfront.net	18.64.103.109	true
client.crisp.chat	104.18.29.91	true
o301059.ingest.sentry.io	34.120.195.249	true
vars.hotjar.com	108.157.4.122	true
in-live.live.eks.hotjar.com	54.74.116.255	true
clients.l.google.com	142.250.186.110	true
unpkg.com	104.16.123.175	true
api.bip.so	unknown	unknown
in.hotjar.com	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
cdn.segment.com	unknown	unknown
clients2.google.com	unknown	unknown
code.jquery.com	unknown	unknown
static.hotjar.com	unknown	unknown
assets.customer.io	unknown	unknown
track-eu.customer.io	unknown	unknown
vjs.zencdn.net	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html	false	high
https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/	true	unknown
https://dryesimgurel.com/surburban/	true	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\027f08cf-fe13-4c7c-bc9d-8b5e42040703.tmp	data	9E1E9123196835C9AC630B6C1701586B	D3D693964392200CCCA837FA43F055CD7279B064	2E64802A39F1840E6676DB63C8AE8D91E8220FC79712968F6D873F2CE22C1A54
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\2b09ffc9-d88e-4738-97c0-4d6ebec3c4ab.tmp	ASCII text, with very long lines, with no line terminators	7EC91D5487C4D5B470B65F21A26103EF	D246B9D7C00669ECD74554AAE77B4F874EFA2999	7496D08AE599F07E6AD65EDB212CB9FDA14AB10CBF51BAFC18E4CB96611BD4D4
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\4030d090-51c1-4db1-86d7-e01b1434c9da.tmp	ASCII text, with very long lines, with no line terminators	4D241DD2197E708A30B5D11362519F4D	046DE053F97326F67C73980E020824A90161CE4D	2B7E0093E611F81B17C07608ED8AA0AB82557BBB4F980BCE848D81854FE31F8A
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\9ef321b6-8107-4bc3-be56-b8dd1b9fb945.tmp	data	6B0600251DB3DEF8805FA43A308EFFD1	5312323805A8A6A7D1D6AE3C198CE120BAB8A7AF	86A16D5CAFB6969099AFDCE7257C97099F7C7E894714B7590A674FC66C9F6899
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	FA7200D6F80CD1757911C45559E59C0E	89C6E99BAEC4EBB3E9A97B928FB473D1498EBA88	D9779EA4D6DD544A23C2A1C53146B6A4E596927F47DFA0680B0A7EE751D43BB2
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\0f150be3-f161-4ba7-883b-047502718d0d.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	4C7A41E60BE7068343DD9D8E0C3A35CF	A12059E3A2877B75D5E0835521D0AA91F5932A3B	387B292A6BF67A14EF3FD7A744ADF299F76DF5B04147C580493E3CBA4C9F9178
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\1f81ace8-3761-47e1-b6f4-31f5e595b264.tmp	ASCII text, with very long lines, with no line terminators	D8C4EEEFC57C8D6049FDF41DE371162C	EC8EFB55FE6ECA404588C3E4FD2CB8C79CB6DC74	7426C2A5767FA03978C5DA9388A40EDCA6335653AEFC4D00DAE86282371DDAD7
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\2040be2f-dc72-4bf0-8dda-5f0f0ea089bb.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\47db3825-4064-4ac5-905b-66b46c48bbf8.tmp	ASCII text, with very long lines, with no line terminators	672637309E115619DC7CA34BC2419344	7BEA0F83CF5D5315BBD8037E25E8DEE81B7711B1	9F6FCEC3126C7C8D260B85AAA571437918EE02048DAA525F18F569545F9A176E
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\52b3b3b3-acd6-441f-afaa-8d8e65fc5db2.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	9F589472212A4EFA701803E8192D8544	EFB7FDF201598C160BD4003ED98FA40BAFF75E9A	9163F020A187C1159AEFF4A4B784F208000408D0D0FC525C5E47B3C4AAB5AC7A
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\5508b1ee-c2e8-44a4-bec8-698cff59e383.tmp	ASCII text, with no line terminators	7386953D3266B574250440FF96171EBB	84CC9AE534FBDC04CE5A5BDECDC98370FAA32E26	54981AA8CCD41C1AC6DE38A55B442A0FBC84EC14A4C46C1D5CCCFB3AEB982805
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\623b0677-394d-4ec7-87f9-cdc0df74050c.tmp	ASCII text, with very long lines, with no line terminators	CAB8BEABE7E66A4015C98A3C77B3698B	C960AAAEA7014E105290C7D0F09BFCA837C8E8CC	75431010BFE77818B8BEF4B0C4B328C00668DC6B13C09AAB769EBF58BDA4EDF7
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\66153d0a-8bbd-4504-9774-6ba0b8b7f6c0.tmp	ASCII text, with no line terminators	661760F65468E15DD28C1FD21FB55E6D	207638003735C9B113B1F47BB043CDCDBF4B0B5F	0A5F22651F8FE6179E924A10A444B7C394C56E1ED6015D3FC336198252984C0E
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\8c268923-fc75-4081-8f82-4cfca4226c02.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	786FF56ECEE7F6A62622B37138CEB4B6	D6DF900E46C530DAE984E050767C86A561FEF7B2	756FE95ADF90F4F6D1D03DB4898D1FB606F7E3693CF4C75E0EE33233DA6A3615
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	2E2110A99AD3AE9721A458C95C64C868	72AE17599EDC0B2DC61C41D946E3E296864F2CBA	BB46BA705D5F6F43F66B07EA5DA4CC7CC0BF8FE635CCC4EBBA30A5D4A54158DE
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	4063DF879A0B502C89FE163C1BFE81E1	D4C99C6A18AF2425CEE9F21FD62F6B4C3BF6A2B6	C913E85CF36832F3245B951A681E434BB7DFCC07E747D163CFA74DDD6F4299F6
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_bip.so_0.indexeddb.leveldb\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_bip.so_0.indexeddb.leveldb\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_bip.so_0.indexeddb.leveldb\MANIFEST-000001	data	3FD11FF447C1EE23538DC4D9724427A3	1335E6F71CC4E3CF7025233523B4760F8893E9C9	720A78803B84CBCC8EB204D5CF8EA6EE2F693BE0AB2124DDF2B81455DE02A3ED
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	CAB8BEABE7E66A4015C98A3C77B3698B	C960AAAEA7014E105290C7D0F09BFCA837C8E8CC	75431010BFE77818B8BEF4B0C4B328C00668DC6B13C09AAB769EBF58BDA4EDF7
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)	ASCII text, with very long lines, with no line terminators	D8C4EEEFC57C8D6049FDF41DE371162C	EC8EFB55FE6ECA404588C3E4FD2CB8C79CB6DC74	7426C2A5767FA03978C5DA9388A40EDCA6335653AEFC4D00DAE86282371DDAD7
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	6233908FD486B206568C7C1AB3BDFEC2	E5731FF74DA518CDDA4EC2F98710F6C18B2F07B7	D9C47396DAEB0CCF6350DA14074496B482E0607FF73561A510D1035887901090
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\5c42817e-6291-4351-84ba-c639d115aa96.tmp	ASCII text, with no line terminators	038931FF72A0C6AA0695A404960B1B22	90802F36B75C3CA70FC8CD1CF8BDFBAE0E8723A4	BEF93811AE263E2E9145A44205340015843B1D4485D084BB642EAEB500FE564C
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	F50F89A0A91564D0B8A211F8921AA7DE	112403A17DD69D5B9018B8CEDE023CB3B54EAB7D	B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)	ASCII text, with no line terminators	038931FF72A0C6AA0695A404960B1B22	90802F36B75C3CA70FC8CD1CF8BDFBAE0E8723A4	BEF93811AE263E2E9145A44205340015843B1D4485D084BB642EAEB500FE564C
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\MANIFEST-000001	PGP\011Secret Key -	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)	ASCII text, with no line terminators	7386953D3266B574250440FF96171EBB	84CC9AE534FBDC04CE5A5BDECDC98370FAA32E26	54981AA8CCD41C1AC6DE38A55B442A0FBC84EC14A4C46C1D5CCCFB3AEB982805
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\ac88775c-75d1-4550-8ae2-6dc3fa3547e7.tmp	ASCII text, with very long lines, with no line terminators	B25188B8BAFD346BBDE3B578ED8BC64E	3D26BE951F2F94F9410D0428218D3F8BEEFDFAA3	FFC96E9FF584BA5330C906F3DE02F8B12CB82916CEADE265177CD75371F581E0
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\b3ca980c-a4fe-4cf7-8cec-7007c2002a5c.tmp	ASCII text, with very long lines, with no line terminators	DD5F5EF0DFFE032775B8F898637DA11C	6CDED9E1E595133D4A2349E372B2ED40A55F0D7A	FFF1B4CD5FFEBA130577FCC39A30901AF8AEDB353D20A8EB605E042E6635E009
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp	ASCII text	AEFD77F47FB84FAE5EA194496B44C67A	DCFBB6A5B8D05662C4858664F81693BB7F803B82	4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	AEFD77F47FB84FAE5EA194496B44C67A	DCFBB6A5B8D05662C4858664F81693BB7F803B82	4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\e4d8acdb-3d1f-4a17-9fb4-676ec38e0704.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	6233908FD486B206568C7C1AB3BDFEC2	E5731FF74DA518CDDA4EC2F98710F6C18B2F07B7	D9C47396DAEB0CCF6350DA14074496B482E0607FF73561A510D1035887901090
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	3A0E5D4F452CF99191634D0FFAB744A0	F115BBB898EEFF640D8D19AD44A86C3FCDFFC0AD	B9D528D3AE283039F4700C7E4E790744C58A26353A91B536DD91CBA4F648A35F
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)	ASCII text, with very long lines, with no line terminators	4D241DD2197E708A30B5D11362519F4D	046DE053F97326F67C73980E020824A90161CE4D	2B7E0093E611F81B17C07608ED8AA0AB82557BBB4F980BCE848D81854FE31F8A
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\c9814282-dbaf-4435-b86f-726cb7515d49.tmp	ASCII text, with very long lines, with no line terminators	C7E00E63C4753CBF7C3D03E4B542B113	4592D8DF6A79325237125FE812DC091BCA1E11B8	0A3C1C05AE7D77BD3BEC3D557ADA952A6A5E2C66F6BC8CABF0A7B73954D154ED
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\e24447d8-a5ed-4a44-8b37-89121e485b24.tmp	ASCII text, with very long lines, with no line terminators	80CD57B27729049A8A5434AC3DD66D29	EC8087D6ED93105716F75E5720D20FCC445B96D2	641847AFE55D7C8B3AC769B68B97B9471B5D5BC82A37235DA08A0333B22AC9E1
C:\Users\alfredo\AppData\Local\Temp\141e7c95-92aa-47a9-a1a1-e3584951e389.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	2A37AD0EC191D53104BB46953AC6C43C	FD23FFC5B7E4A6B45FBD88A486D15FAA51DC07AE	51F075EB69486CB23B32A0776782B4A1B2AF204429AB94510469E02B115E56CC
C:\Users\alfredo\AppData\Local\Temp\198e4b47-1bf6-4a9b-817c-7d99ee04ef69.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	173CA02E5B06065771DEB2F28E4E5A9E	20F1774FB280C94C13082A255C27D7A786EFD5C7	634557AE2916F2FAA0CBF2557F8F96E26845ABE94D2784FD73B169EC5618B186
C:\Users\alfredo\AppData\Local\Temp\22a167a6-7032-4b5c-ad19-ef3b89f6e959.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	A83A2746B84F1CF573B02965B72ED592	85CC572D6F90029EB99AAFA56297D1BCA494313A	DF4B53C1C7C48E80753D4945E6EC7847084F51BF57F0ED9D341326C74651D6EC
C:\Users\alfredo\AppData\Local\Temp\5180_1043184760\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o	ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped	604FF8F351A88E7A1DBD7C836378AE86	9D8D89AE9F13D6306E619A4EAAD51EDE91A5F9F3	947E64BE43E821562CE894F1AFCC3D09CD7FF614C107FC94250CD3EA5C943302
C:\Users\alfredo\AppData\Local\Temp\5180_1043184760\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o	ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped	88C08CD63DE9EA244F70BFC53BBCADF6	8F38A113A66B18BAA02E2C995099CF1145A29DAA	127F903CC986466AA5A13C17DFDD37AC99762F81A794180339069F48986BC7A3
C:\Users\alfredo\AppData\Local\Temp\5180_1043184760\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a	current ar archive	4E8BEDA73EB7BD99528BF62B7835A3FA	DC0F263A7B2A649D11FF7B56FE9CFAC44F946036	6B835FD48DF505EB336FF6518CE7B93BB0ED854DADAA5C1EEED48D420291F62C
C:\Users\alfredo\AppData\Local\Temp\5180_1043184760\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a	current ar archive	F950F89D06C45E63CE9862BE59E937C9	9CFAD34139CC428CE0C07A869C15B71A9632365D	945B1C8A1666CBF05E8B8941B70D9D044BAAFB59B006F728F8995072DE7C4C40
C:\Users\alfredo\AppData\Local\Temp\5180_1043184760\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped	9DC3172630E525854B232FF71499D77C	0082C58EDCE3769E90DB48E7C26090CE706AD434	6AA1DA6C264E0AF4E32A004F4076C7557C6AC6D9C38B0C5DE97302D83FA248C3
C:\Users\alfredo\AppData\Local\Temp\5180_1606430971\Recovery.crx3	Google Chrome extension, version 3	EA1C1FFD3EA54D1FB117BFDBB3569C60	10958B0F690AE8F5240E1528B1CCFFFF28A33272	7C3A6A7D16AC44C3200F572A764BCE7D8FA84B9572DD028B15C59BDCCBC0A77D
C:\Users\alfredo\AppData\Local\Temp\5180_1606430971\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	45821E6EB1AEC30435949B553DB67807	B3CADEB17FE5B76B5DBB428B8D3A07B341F8B1BC	E5FAE91295BECF7F66BFA4BE1061CA5537ED763EB5D01485F23ECFB583304FEE
C:\Users\alfredo\AppData\Local\Temp\5180_1606430971\manifest.fingerprint	ASCII text, with no line terminators	2AE14F91312C4E8034366B09D49D5B18	AD4933A5D838D0FA0B960C327A5039A9E8249642	4F122332EF0F2BB490EF59619D3602C1A7277C0A7A19C132202DB4803A09BFA2
C:\Users\alfredo\AppData\Local\Temp\5180_1606430971\manifest.json	ASCII text	7A8E3A0B6417948DF4D49F3915428D7A	4FC084AABDB13483567D5C417C7ED8FD16726A80	D1AC274CF1018020F2D9635A518ED1A1F21CC2CBE9E2A4392EC792D54B5B52FE
C:\Users\alfredo\AppData\Local\Temp\a038723b-1bac-434a-b43b-a6638b3523ca.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	3E5CCD9B583763AF68E28C5101373167	2005CDC0A8070B65E321A197D576698ECC267496	41412C0863920BA95E9FDBD3AF000CBE926A73C078997A233DF55379A5C4D274
C:\Users\alfredo\AppData\Local\Temp\dbdc1e9b-b90e-4f4f-b3ee-5def2d2735b2.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\bg\messages.json	ASCII text, with very long lines	D7A97183BCBD5FB677AA84D464F0C564	CDBB279B864E2C0A51E0892B8714131802586506	76EFAD74EB8256B942727C42261147EB9CCA48DA284DB3CDCE5DC6A3B4346F02
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\ca\messages.json	ASCII text, with very long lines	58BA5F65ED971591D1F9D81848EE31D0	BDA3C8B74653334FC8F060CAFBCEA58DF0113AB7	CDD91587F5AF2C865776B36A5E9A07B10D21B9D911DE0B814B7A1E94B14AE885
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\cs\messages.json	ASCII text, with very long lines	43161EFFA28A0DBFC67B8F7DBE1B5184	FE0A9235A59B51B7F564F14FF564344927F035B8	3A04421DF5218E8ABD3B0E2AFE11E8338D7BDCBCD1ADB122416944B102BC9696
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\da\messages.json	ASCII text, with very long lines	31264DDBF251A95DE82D0A67FA47DB3A	3A48DC7AF26A153594C7849E1D92AAC31296459B	EDB51898A6C73D0090D6916B7B72EBAC71E964EABB5BA7CD68E21966024F0D23
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\de\messages.json	ASCII text, with very long lines	7639B300B40DDAF95318D2177D3265F9	BF9EFDF073231CB3FCFCA5CCCA25B079ECFC45BD	356A9D4ADFEC484DA824E7A72059B724B1686FC90082F4A4B667630436D593B0
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\el\messages.json	ASCII text, with very long lines	3026E922B17DBEE2674FDAEE960DF584	76602B1E3449F1B67DE42FD31A581B0821BFEFF0	876845B5A061FAB3CF2A1466E01015DC40DF8449F1CB4205F575CEBED8717BAD
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\en\messages.json	ASCII text, with very long lines	DBEDF86FA9AFB3A23DBB126674F166D2	5628AFFBCF6F897B9D7FD9C17DEB9AA75036F1CC	C0945DD5FDECAB40C45361BEC068D1996E6AE01196DCE524266D740808F753FE
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\es_419\messages.json	ASCII text, with very long lines	1FD5DAF46C4D7C4F571C263EC37B943B	A57EE5EF6861F88005C2230EA3D633A1B4CA105A	BCC2CF06F66E9E3BB4B7887D0EE0AE4A72A6C49F4B2A578A7733B78208984417
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\et\messages.json	ASCII text, with very long lines	0293A7BAE6EEE62C4067A80E262D6A2D	E76B07BD49FFBBFB6841B7335CBE7A9620714402	D06F20D4D68D1DBB89EF7D8E405D9499CB2EB2560217CD5B4A51AB1DD50CAB44
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\fi\messages.json	ASCII text, with very long lines	E5BBE7DBBE75F45BDCD49DB8C797106E	0F069D7D19768180945F0D8B67DC71262FD586A2	BFFB2248B4C66306133FA6ECBB1541F44B3BE22CC8D9A338D690E0B1D0C85532
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with very long lines	658DAD2AF2DC3AC1567D84E8B95F68B0	EE1121215960EC5ED5F7B6BDB8E4680731EBF83D	978BA6D814CF290016833BBAC22DC7C05C2C575B1D6429B9BB14F8C2156BCF29
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\fr\messages.json	ASCII text, with very long lines	1E32A78526E3AC8108E73D384F17450B	BFE2E47D888BA530A27DD1BDE25C46433C2A545C	80F6EE69F1E022812BCCC1DE1CDC53772CDF90F4E93224161B23FA607D45136A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\hi\messages.json	ASCII text, with very long lines	B739E3B798D3EEB8AFB3E368455A8E97	56E206DD0AC7EB7B179911BE3F7DD78059CBD4F3	BA7A53A1398168719F2ACD58CC5FE06AB0B769ECA896D70E7208B18085B42FFA
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\hr\messages.json	ASCII text, with very long lines	9CF848209FF50DBF68F5292B3421831C	D29880B7B15102469123D8747BF645706CE8595B	EA1744C3CFBAA684A31A00067E8493ED114EFF3E878C797C9C55A7B122D855CD
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\hu\messages.json	ASCII text, with very long lines	4AD92AFDE3408FBBE43B0C3C71677650	3488901077F336A3196F9AE116E36DF1674E1ACA	61258FE04C23AE14FDC99EE846CEA71CC703990CC0F80C3934299646E86C475E
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\id\messages.json	ASCII text, with very long lines	9008516AA1D8F8C2B8ECE70B7E4963AD	EA7AD4BE77A80A4B9FB1E59A340010830E494747	89CAB0AF2B53C6ABEB93C8C628DDCBDD286A7A2672FE03440411BB654E3A0675
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\it\messages.json	ASCII text, with very long lines	BB9C32BA62DDA02F9471C64B5F9CF916	9825037D5D9185C58456CDD887C77B10A41D8C84	43A0B113D3773BA78F82BB9E42DDC46F6892D0FBBB351F94A7C105E4A146E9C1
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\ja\messages.json	ASCII text, with very long lines	96C8CBD161D3CE9CB1A46CB2CD0C6583	78BBFCF035B5B620E353C8E520653ADD3F4E7DB8	81D8F1D9F72B3139BC5D9845BCF82990308FB6175D07514D8238B1E6D5D02E8A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\ko\messages.json	ASCII text, with very long lines	3CAF23A8EA2332D78B725B6C99EC3202	95C3504F55A929449EF2E3AB92014562AACD39AD	BFE72BBC492B9018A599CB6575366696E431E6A38400E4B2ED06EAE3340D3AE5
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\lt\messages.json	ASCII text, with very long lines	41F2D63952202E528DBBB683B480F99C	9DD998542DBE6609299D4A5A25364A32FA7D7865	FF7C083CD1E6134DD8263C634336EB852274BAD1BFAD18762814C42BC65309D8
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\lv\messages.json	ASCII text, with very long lines	1D21ED2D46338636E24401F6E56E326F	24497EDB25724BC4A57823C5CD06F50DB9647DD4	434A375C32B8A21C435511C551F740FD4D170EC528A8F4EFC3D798EA4A07B606
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\nb\messages.json	ASCII text, with very long lines	8F0168B9A546D5A99FD8A262C975C80E	B0718071BD0B7251D4459E9C87DF50C14622FBD6	F03FA7384DF79EBA6E0274D570996030F595A3BF6B781929DD9DB6593262E41F
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with very long lines	E7F74DCE7B6411E4E0D95E9252CF74FA	33CC6C73C5F8D0144C0260C2E5A9BD0DB3EF6477	3564AEF46C01602B19CC29FD8A79676C543427EDE98206D0C91B33AF0CCF3977
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\pl\messages.json	ASCII text, with very long lines	E16649D87E4CA6462192CF78EBE543EC	53097D592B13F3C1370366B25024EA72208B136A	EB435F7460A63576CA1ECB51948E7A3AD5168D2F175AE2B5836D469672923D84
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\pt_BR\messages.json	ASCII text, with very long lines	1F4BC8A5EFD59D61127ABEECD4B6CAE3	8647B4D2D643AE4F784ABDDC50D87A39AD02971A	E1950CBBF056F068EA56160DDB318F3E6232BFBBE096D221C7CA6FCAACE2A8B9
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\pt_PT\messages.json	ASCII text, with very long lines	D80ECE7E4B3741CD9CD29B89D006B864	8F0D587B78E36861ED00524ABF886FA20E14CAE4	C8FF9ACAEA1D3B6F8483339CB40F66BC563CCA8DD87F2337F813C492B20F451B
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\ro\messages.json	ASCII text, with very long lines	D63E66B94A4EA2085D80E76209582FB1	4ECAC3EB64DD6253310A0776E6D42257FC290D77	91A5AAD210C3E0241106E8821B3897EDEFEC9D85033C94DB2324FF3A5FDE5AC7
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\ru\messages.json	ASCII text, with very long lines	22F9E62ABAD82C2190A839851245A495	E7F79BD875918F0D0799DB5F45FAC6297FB66AF7	9FC1167626C97BCBFDAFF23C6033A44252F89A501AF1DF41C43CB3A994FEB09F
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\sk\messages.json	ASCII text, with very long lines	4BBAA10FD00AADBBA3EF6E805E8E1A62	1991901BD6A20C4A7977F09DF30C0CFF0524C504	906C4F7FDDE15DE4C841E7910BBF14D9175E894BCB244B56E8447A5ADFA5B7AB
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\sl\messages.json	ASCII text, with very long lines	F45DE58765A37FD095319D7DEB0F2FB6	B585A485C9BC1982EDF7AE0B9AC73A8E91D41CB5	8366774AA582035BC7D949F4E28FAEC371C305D01404DF56FFF5A78B4F6ECDB7
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\sr\messages.json	ASCII text, with very long lines	92C1FAC62EB7F92EC3794D4A141BEF32	2AFA41BF51BF9A1089B0B92A9D2DC74299B79813	9DF154C93B02695AF1CC39F085D9D178EC6AF131A62C2AFC65F125F8F9A5B7AC
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\sv\messages.json	ASCII text, with very long lines	6E1BE9CEE29818E54E3D1C7D483DD6F7	B9DD926B60E225C5BE8A1DBB7EF3ACE422A204A9	E348583D8C53F4A5DEC4551DA93785C17108466E427E06F84708AA383EA0E326
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\th\messages.json	ASCII text, with very long lines	283D5177FB2FC7082967988E2683EC7C	DEDE43967F3CEF9D9325F140872A63BFCE2AA8C5	E8D5820BDE31B66A7641068FDEDD1A5F20C1A783460B98887A670F38422099CF
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\tr\messages.json	ASCII text, with very long lines	1BF2AA4BB904B406C9C2B7DF769BB540	8D29C4B7A79AB0657747CA194D1934292A46D2A8	0F2E8285BA3E2BDBA6B16435FB941B07159AACFAC80196AD5941B79AB52B712A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\uk\messages.json	ASCII text, with very long lines	FD1C9890679036E1AD914218753B1E8E	58160F7A0FC94110A2876223E406A517C8E2660B	39D19CC3387FFCE13A8F11DAD72E2FCBB7CD1A4367EC699AD7C40D6F52ECE717
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\vi\messages.json	ASCII text, with very long lines	7D52E9357AB847B4CC8DBC8CC4DA93F5	AF877F3992D8056C8F08462BD575595BF79FE5B0	313F71F3FFDCEFC76FC746FF2029FBF8FBE38BD83DCF952FC3DDCD8AA96D5CFB
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\zh_CN\messages.json	ASCII text, with very long lines	393680A09DEE0CB9046A62BDC0750B74	54E7F8215061A4AB241B87AE4E81C8F860EB2C2B	D5FB52C2897FD5C294784DB63C933AC77C609D10AC91431CCB295D87452CBEE6
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\_locales\zh_TW\messages.json	ASCII text, with very long lines	CD30D132A7213FC1B7E03C6D0A49CCF7	1141DED39023B821FE9BB4682E0D1EB5469DAF76	5717F13D10E63255947F750C79CBB6BD04A6D97A08261E8D5764AF5EB0561A28
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\craw_background.js	ASCII text, with very long lines	6EEBED29E6A6301E92A9B8B347807F5F	65DFB69B650560551110B33DCBA50B25E5B876DE	04CD9494B0ED83924DAD12202630B20D053D9E2819C8E826A386C814CC0A1697
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\craw_window.js	ASCII text, with very long lines	1709B6F00A136241185161AA3DF46A06	33DA7D262FFED1A5C2D85B7390E9DBC830CBE494	5721A4B3F8E09C869A629EFFD350B51C9D46F0AC136717D4DB6265C0EE6F9AC8
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\css\craw_window.css	ASCII text	67BF9AABE17541852F9DDFF8245096CD	A4AC74DD258E8E0689034FAA1B15A5C7C56DC3BB	10DFBD2D98950B79EE12F6B8E3885AABE31543048DE56AD4FC0A5E34D0D9D4EC
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\html\craw_window.html	HTML document, ASCII text	34A839BC40DEBC746BBD181D9EF9310C	8B4EAA74D31EED5B0BABA3CA5460201F6B10DA46	BB8742615E4CD996AE5D0200E443AE6A6F0B473255F03AFFDB8FB4660DE4554D
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\images\flapper.gif	GIF image data, version 89a, 30 x 30	398ABB308EEBC355DA70BCE907B22E29	CFFB77B8A1724B8F81D98C6D6AD0071D10162252	2B73533F47A99FFEA9CC405FFAFA9C4C53623F62487AEBFBA415945120B22040
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	30899B6C4E4A757B8EC6DD2208ACDFB4	F2C5880A724C6D75CCE1B5191E0D82C3BC7DE768	4F17EFBD974A41D88CB36567AAB6BF4586579E78780F00B1826676819E14BFF4
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\images\icon_16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	344554D96E418120BD80EF5DE5194697	23E141C3A6CE368ACC1C299F062AB85914BCB17E	0A4BD08DB6422F8E7A8A218EF39C1B99A5A675F12697F26BE88F9AFC2E1F9378
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\images\topbar_floating_button.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	8803665A6328D23CC1014A7B0E9BE295	9DA6EE729D5A6E9F30658B8EC954710F107A641F	D5F9234DC36E7FFA85F35B2359A4F82276F8395EFA76E4553507EA990B27FC6C
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\images\topbar_floating_button_close.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	0599DFD9107C7647F27E69331B0A7D75	3198C0A5F34DB67F91A0035DBC297354CBC95525	131817CD9311C03DF22D769DD2AD7FA2E6E9558863A89F7E5E1657424031A937
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\images\topbar_floating_button_hover.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	7CB6B9DC1A30F63B8BD976924B75AD96	0C40B0C496D2F2B5F2021C117EC8610AC03AB469	721B7AAA9A42A54A349881615A12E3A26983ACA48E173FD2F66E66AA0D725735
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\images\topbar_floating_button_maximize.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	232CE72808B60CBE0F4FA788A76523DF	721A9C98C835D2CD734153BBE07833C6637ECD68	AFA4EA944CBDEC8543242E627EF46D5BFD3766DCAC664E7E50CDEEF2B352740C
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\images\topbar_floating_button_pressed.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	E0862317407F2D54C85E12945799413B	FA557F8F761A04C41C9A4BA81994E43C6C275DBB	5C10CE0589EB115600F77381130B70AE0B7B3752614D86D4C89E857658AA222B
C:\Users\alfredo\AppData\Local\Temp\scoped_dir5180_1640304514\CRX_INSTALL\manifest.json	ASCII text	6CA25F3EF585B63F01BCDF8635120704	00C063811E31EA5F9A00F175A71EA25E7821F621	49D9DE983F7436BA786E6E04A5A20C10F41687AE06B266B1B6553F696719563D
C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic	Little-endian UTF-16 Unicode text, with no line terminators	F3B25701FE362EC84616A93A45CE9998	D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB	B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209

ID:	655307
Product:	CloudBasic
Start time:	22:11:03
Start date:	30.06.2022
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:
Architecture:	WINDOWS

Windows Analysis Report
https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://bip.so/@cvpk/Comp-ZbQsc/Comp-GF67/