Windows Analysis Report
http://onedrive.live.com/download?cid=7BB5E286F12776DD&resid=7BB5E286F12776DD%21105&authkey=AMOExoSCD2ywjes

Overview

General Information

Sample URL: http://onedrive.live.com/download?cid=7BB5E286F12776DD&resid=7BB5E286F12776DD%21105&authkey=AMOExoSCD2ywjes
Analysis ID: 708230

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

Found iframes
No HTML title found

Classification

Source: https://login.live.com/login.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fonedrive.live.com%2F%3Fauthkey%3D%2521AMOExoSCD2ywjes%26cid%3D7BB5E286F12776DD%26id%3D7BB5E286F12776DD%2521105%26parId%3Droot%26o%3DOneUp HTTP Parser: Iframe src: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Source: https://login.live.com/login.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fonedrive.live.com%2F%3Fauthkey%3D%2521AMOExoSCD2ywjes%26cid%3D7BB5E286F12776DD%26id%3D7BB5E286F12776DD%2521105%26parId%3Droot%26o%3DOneUp HTTP Parser: Iframe src: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Source: https://login.live.com/login.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fonedrive.live.com%2F%3Fauthkey%3D%2521AMOExoSCD2ywjes%26cid%3D7BB5E286F12776DD%26id%3D7BB5E286F12776DD%2521105%26parId%3Droot%26o%3DOneUp HTTP Parser: HTML title missing
Source: https://login.live.com/login.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fonedrive.live.com%2F%3Fauthkey%3D%2521AMOExoSCD2ywjes%26cid%3D7BB5E286F12776DD%26id%3D7BB5E286F12776DD%2521105%26parId%3Droot%26o%3DOneUp HTTP Parser: HTML title missing
Source: https://login.live.com/login.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fonedrive.live.com%2F%3Fauthkey%3D%2521AMOExoSCD2ywjes%26cid%3D7BB5E286F12776DD%26id%3D7BB5E286F12776DD%2521105%26parId%3Droot%26o%3DOneUp HTTP Parser: No <meta name="author".. found
Source: https://login.live.com/login.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fonedrive.live.com%2F%3Fauthkey%3D%2521AMOExoSCD2ywjes%26cid%3D7BB5E286F12776DD%26id%3D7BB5E286F12776DD%2521105%26parId%3Droot%26o%3DOneUp HTTP Parser: No <meta name="author".. found
Source: https://login.live.com/login.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fonedrive.live.com%2F%3Fauthkey%3D%2521AMOExoSCD2ywjes%26cid%3D7BB5E286F12776DD%26id%3D7BB5E286F12776DD%2521105%26parId%3Droot%26o%3DOneUp HTTP Parser: No <meta name="copyright".. found
Source: https://login.live.com/login.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fonedrive.live.com%2F%3Fauthkey%3D%2521AMOExoSCD2ywjes%26cid%3D7BB5E286F12776DD%26id%3D7BB5E286F12776DD%2521105%26parId%3Droot%26o%3DOneUp HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\GoogleUpdater
Source: chrome.exe Memory has grown: Private usage: 1MB later: 27MB
Source: unknown DNS traffic detected: queries for: onedrive.live.com
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49689
Source: unknown Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49688
Source: unknown Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49689 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknown TCP traffic detected without corresponding DNS query: 104.91.71.141
Source: unknown TCP traffic detected without corresponding DNS query: 104.91.71.141
Source: unknown TCP traffic detected without corresponding DNS query: 104.91.71.141
Source: unknown TCP traffic detected without corresponding DNS query: 104.91.71.141
Source: unknown TCP traffic detected without corresponding DNS query: 104.91.71.141
Source: unknown TCP traffic detected without corresponding DNS query: 104.91.71.141
Source: unknown TCP traffic detected without corresponding DNS query: 104.91.71.141
Source: classification engine Classification label: clean1.win@29/0@18/372
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://onedrive.live.com/download?cid=7BB5E286F12776DD&resid=7BB5E286F12776DD%21105&authkey=AMOExoSCD2ywjes
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1912 --field-trial-handle=1800,i,18321044787883545475,3443962279196911152,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1912 --field-trial-handle=1800,i,18321044787883545475,3443962279196911152,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Program Files\Google\GoogleUpdater
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\GoogleUpdater
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs