Automated Malware Analysis IOC Report for

Files

File Path

Type

Processes

Path

Cmdline

Malicious

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank

Details

Is windows:	true
Is dropped:	false
PID:	6128
Target ID:	0
Parent PID:	1844
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Size:	2851656
MD5:	0FEC2748F363150DC54C1CAFFB1A9408
Time:	16:11:35
Date:	03/10/2022
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff614650000
Modulesize:	2916352
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1808,i,10812047769471386771,6805671885659538109,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	5200
Target ID:	1
Parent PID:	6128
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1808,i,10812047769471386771,6805671885659538109,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Size:	2851656
MD5:	0FEC2748F363150DC54C1CAFFB1A9408
Time:	16:11:36
Date:	03/10/2022
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff614650000
Modulesize:	2916352
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe" "https://camservices.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZkcmFjb29uLnRlYW0lMkZwdWJsaWMlMkZkb3dubG9hZC1zaGFyZXMlMkZiblFMVjUyeEFQWHRHMTRHc1Frdk83RWlXbUpldTJXcw==&sig=7BXGdPpscYTJDrVmNKVcsJMUFqVTiobP6GgMqPFZKzMj&iat=1664797054&a=%7C%7C27821780%7C%7C&account=camservices%2Eactivehosted%2Ecom&email=V1inbcilbyhq5q3GQe2WGyBAWaAotQkn8fTjdS3g5M8%3D&s=d0f7bfb8e988e50796ae4b5ee42e911e&i=1A3A1A3

Details

Is windows:	true
Is dropped:	false
PID:	2792
Target ID:	2
Parent PID:	1844
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	C:\Program Files\Google\Chrome\Application\chrome.exe" "https://camservices.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZkcmFjb29uLnRlYW0lMkZwdWJsaWMlMkZkb3dubG9hZC1zaGFyZXMlMkZiblFMVjUyeEFQWHRHMTRHc1Frdk83RWlXbUpldTJXcw==&sig=7BXGdPpscYTJDrVmNKVcsJMUFqVTiobP6GgMqPFZKzMj&iat=1664797054&a=%7C%7C27821780%7C%7C&account=camservices%2Eactivehosted%2Ecom&email=V1inbcilbyhq5q3GQe2WGyBAWaAotQkn8fTjdS3g5M8%3D&s=d0f7bfb8e988e50796ae4b5ee42e911e&i=1A3A1A3
Size:	2851656
MD5:	0FEC2748F363150DC54C1CAFFB1A9408
Time:	16:11:37
Date:	03/10/2022
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff614650000
Modulesize:	2916352
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

URLs

Name

Malicious

https://camservices.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZkcmFjb29uLnRlYW0lMkZwdWJsaWMlMkZkb3dubG9hZC1zaGFyZXMlMkZiblFMVjUyeEFQWHRHMTRHc1Frdk83RWlXbUpldTJXcw==&sig=7BXGdPpscYTJDrVmNKVcsJMUFqVTiobP6GgMqPFZKzMj&iat=1664797054&a=%7C%7C27821780%7C%7C&account=camservices%2Eactivehosted%2Ecom&email=V1inbcilbyhq5q3GQe2WGyBAWaAotQkn8fTjdS3g5M8%3D&s=d0f7bfb8e988e50796ae4b5ee42e911e&i=1A3A1A3

https://dracoon.team/190.1bb4f6e781a798f0.js

141.95.22.201

https://www.dracoon.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4411134&pg=f665d544-1412-47fd-a4af-286f2c589a0e&lt=1664838732797&dt=1664838732798&at=1664838738993&an=1

199.60.103.227

https://dracoon.team/3877.4f677868fd222ecb.js

141.95.22.201

https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1479220%26time%3D1664838737864%26url%3Dhttps%253A%252F%252Fwww.dracoon.com%252Fde%252Fhome%253Futm_source%253Ddracoon.team%2526utm_medium%253Dwebapp-public-ingredient%2526utm_campaign%253Dingredient%2526content%253Ddownload-share%26liSync%3Dtrue

13.107.43.14

https://www.dracoon.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4411134&pg=0117add9-99af-4e72-83c5-af0deff39d68&lt=1664838733387&dt=1664838733391&at=1664838738997&an=1

199.60.103.227

https://www.dracoon.com/hubfs/Dracoon_Files_Website/images/ressourcen/Success-Story_Exficon.png

199.60.103.227

https://www.cognitoforms.com/f/1hY1LR-SIkCC-lohyPfzGg/1

https://dracoon.team/2864.ea907e3dd1386ddb.js

141.95.22.201

https://www.dracoon.com/hubfs/Dracoon_Files_Website/general-images/dracoon_fi-n.png

199.60.103.227

https://design-assets.hubspot.com/hubfs/Slick%20Slider/ajax-loader.gif

199.60.103.254

https://dracoon.team/4231.3b6476099c2a48b7.js

141.95.22.201

https://dracoon.team/4188.b8551a46d367493c.js

141.95.22.201

https://www.google.com/pagead/1p-user-list/1067903788/?random=1664838746852&cv=9&fst=1664838000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome%3Futm_source%3Ddracoon.team%26utm_medium%3Dwebapp-public-ingredient%26utm_campaign%3Dingredient%26content%3Ddownload-share&tiba=DRACOON%20%E2%80%93%20Enterprise%20File%20Service%20Plattform&async=1&fmt=3&is_vtc=1&random=878913581&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

142.250.203.100

https://static.cognitoforms.com/form/modern/3.ad5848803136b4e0a540.js

13.107.246.60

https://www.dracoon.com/hubfs/Dracoon_Files_Website/Logos/pngs/AOK.png

199.60.103.227

https://www.cookiebot.com/img/images/info-price.png

141.193.213.20

https://www.dracoon.com/_hcms/forms/v2.js

199.60.103.227

https://a.nel.cloudflare.com/report/v3?s=r2%2BzqT5Eaxj1Z1JhOGA1ddPa3h21X9vW%2BgSOagFobboympNVTXl5Iw1AHyDSAcCNNPoHLOAYewDZhQIi1vgEabrFzTK9TGMcn5msOiamqIwxUN4Zj9jpa8fgZZSBWySLYQ%3D%3D

35.190.80.1

https://dracoon.team/7156.fc654ef1fb7dcdf6.js

141.95.22.201

https://static.cognitoforms.com/form/modern/109.87f2162044a9e0041459.js

13.107.246.60

https://no-cache.hubspot.com/cta/default/4411134/8c63b838-ba29-4860-b44e-622252ffdb9b.png

104.19.154.83

https://www.cookiebot.com/wp-content/uploads/sites/7/2022/05/forbes-2-1.svg

141.193.213.20

https://www.cognitoforms.com/f/1hY1LR-SIkCC-lohyPfzGg/1

unknown

https://no-cache.hubspot.com/cta/default/4411134/bec483fc-7570-49fe-ae9b-f5b8782d0820.png

104.19.154.83

https://dracoon.team/1050.7a3e29784ba9193b.js

141.95.22.201

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome&pageId=45396106131&pid=4411134&sv=cta-embed-js-static-1.93&utm_campaign=ingredient&utm_medium=webapp-public-ingredient&rdy=1&cos=1&df=t&pg=f665d544-1412-47fd-a4af-286f2c589a0e&pg=0117add9-99af-4e72-83c5-af0deff39d68&pg=f8ed3fa4-2418-4d93-a1c0-0047ea7a5e90&pg=4f1c8f51-158f-40ea-8430-d60c26c6cbd4&pg=f8ed3fa4-2418-4d93-a1c0-0047ea7a5e90&pg=4f1c8f51-158f-40ea-8430-d60c26c6cbd4&pg=bec483fc-7570-49fe-ae9b-f5b8782d0820&pg=7be61d8a-fe7c-4bab-bfb3-0e7a6e860049&pg=47a953e5-8807-458e-a4d5-23334307d756&pg=fa2ff578-3833-4c84-9c40-c68c0bf20d6f&pg=814073b8-2446-4f0e-9ff0-4d3821d0c12a&pg=088a6243-de76-4914-8eab-0d35a22cef58&pg=b80ed34f-d053-4a75-ace2-329d20748e44&pg=d2e2b9d1-58b5-4cc9-8ea1-0fc83ab93d01&pg=ea7f3491-9e71-4983-9f36-a28097130bb8&pg=8c63b838-ba29-4860-b44e-622252ffdb9b&pg=d11e1f17-a15c-4876-9db0-9ed9804bfa01

104.19.155.83

https://www.dracoon.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4411134&pg=ea7f3491-9e71-4983-9f36-a28097130bb8&lt=1664838735840&dt=1664838735841&at=1664838738996&an=1

199.60.103.227

https://www.dracoon.com/hs/cta/cta/current.js

199.60.103.227

https://dracoon.team/main.eb1d981b114c46d5.js

141.95.22.201

https://dracoon.team/656.90fc8beb93d6422f.js

141.95.22.201

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js?_=1664838737729

104.17.24.14

https://www.dracoon.com/hubfs/Dracoon_Files_Website/images/home/Home%20neu%202021-10/DRACOON-Header_Home_Body2.jpg

199.60.103.227

https://www.dracoon.com/hs-fs/hubfs/Dracoon_Files_Website/images/home/Home%20neu%202021-10/husare_success-story.png?width=200&name=husare_success-story.png

199.60.103.227

https://track.hubspot.com/__ptq.gif?k=16&fi=b6528fa1-e321-4f06-bb67-76c7ea70458e&lfi=3036003&ft=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4285505810&v=1.1&a=4411134&pi=45396106131&ct=standard-page&ccu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome&cpi=45396106131&lpi=45396106131&abi=59236623921&lvi=45396106131&lvc=de&pu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome%3Futm_source%3Ddracoon.team%26utm_medium%3Dwebapp-public-ingredient%26utm_campaign%3Dingredient%26content%3Ddownload-share&t=DRACOON+%E2%80%93+Enterprise+File+Service+Plattform&cts=1664838741409&vi=37546955804357582f90e505db2bd357&nc=true&u=46543416.37546955804357582f90e505db2bd357.1664838739744.1664838739744.1664838739744.1&b=46543416.1.1664838739744&cc=15

104.19.154.83

https://www.dracoon.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4411134&pg=f8ed3fa4-2418-4d93-a1c0-0047ea7a5e90&lt=1664838733528&dt=1664838733888&at=1664838738972&an=1

199.60.103.227

https://www.cookiebot.com/wp-content/uploads/sites/7/2022/05/bbc-logo-1-1.svg

141.193.213.20

https://dracoon.team/api/v4/public/shares/downloads/bnQLV52xAPXtG14GsQkvO7EiWmJeu2Ws

141.95.22.201

https://www.dracoon.com/hs-fs/hubfs/Dracoon_Files_Website/images/home/Home%20neu%202021-10/DRACOON-Header_Home_neu2.png?width=1280&height=600&name=DRACOON-Header_Home_neu2.png

199.60.103.227

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22088a6243-de76-4914-8eab-0d35a22cef58%22%2C%22ac291f39-a546-4982-ac3e-4c282f1852aa%22%5D&rfc=8&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4285505810&v=1.1&a=4411134&pi=45396106131&ct=standard-page&ccu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome&cpi=45396106131&lpi=45396106131&abi=59236623921&lvi=45396106131&lvc=de&pu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome%3Futm_source%3Ddracoon.team%26utm_medium%3Dwebapp-public-ingredient%26utm_campaign%3Dingredient%26content%3Ddownload-share&t=DRACOON+%E2%80%93+Enterprise+File+Service+Plattform&cts=1664838740197&vi=37546955804357582f90e505db2bd357&nc=true&u=46543416.37546955804357582f90e505db2bd357.1664838739744.1664838739744.1664838739744.1&b=46543416.1.1664838739744&cc=15

104.19.154.83

https://static.cognitoforms.com/form/modern/137.cb0a683ad4506adaaba6.js

13.107.246.60

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js?_=1664838737726

104.17.24.14

https://www.cookiebot.com/wp-content/plugins/uc-leadgen-bubble/assets/css/bubble.css?ver=1.0.13

141.193.213.20

https://www.cookiebot.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3

141.193.213.20

https://dracoon.team/217.a9dc19e03d1e7d89.js

141.95.22.201

https://static.cognitoforms.com/form/modern/57.1dcce137607cda5b1232.js

13.107.246.60

https://consentcdn.cookiebot.eu/sdk/bc-v4.min.html

89.187.165.194

https://www.dracoon.com/hs/hsstatic/cos-LanguageSwitcher/static-1.11/sass/LanguageSwitcher.css

199.60.103.227

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2247a953e5-8807-458e-a4d5-23334307d756%22%2C%222883d8fd-d5e3-4c6f-af97-a067d5048928%22%5D&rfc=8&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4285505810&v=1.1&a=4411134&pi=45396106131&ct=standard-page&ccu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome&cpi=45396106131&lpi=45396106131&abi=59236623921&lvi=45396106131&lvc=de&pu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome%3Futm_source%3Ddracoon.team%26utm_medium%3Dwebapp-public-ingredient%26utm_campaign%3Dingredient%26content%3Ddownload-share&t=DRACOON+%E2%80%93+Enterprise+File+Service+Plattform&cts=1664838739824&vi=37546955804357582f90e505db2bd357&nc=true&u=46543416.37546955804357582f90e505db2bd357.1664838739744.1664838739744.1664838739744.1&b=46543416.1.1664838739744&cc=15

104.19.154.83

https://4411134.fs1.hubspotusercontent-na1.net/hubfs/4411134/Dracoon_Files_Website/fonts/roboto-v30-latin-700.woff2

104.18.33.40

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.84

157.240.236.1

https://consentcdn.cookiebot.eu/sdk/bc-v4.min.html

https://www.dracoon.com/hubfs/Dracoon_Files_Website/Logos/pngs/Barmer.png

199.60.103.227

https://a.nel.cloudflare.com/report/v3?s=AjRaXMMf4YzCv1D1uREd4nVxUGdJ0NNcMsMH%2FQJ1e37lSJE68qx39XWGkttkl3tALFLyVi%2BjTsMwiC2idvKEh0g4gseVaw%2B1NjzzUunKNpK3c%2FEDCzchxzD0kbkZfKZ7q%2BDe1j2D

35.190.80.1

https://f.hubspotusercontent20.net/hubfs/273774/fontawesome/v5/webfonts-5.15.1/fa-regular-400.woff2

104.16.187.114

https://www.dracoon.com/hubfs/Dracoon_Files_Website/images/home/made-in-germany_bitmi_dracoon.png

199.60.103.227

https://dracoon.team/public/download-shares/bnQLV52xAPXtG14GsQkvO7EiWmJeu2Ws

https://dracoon.team/roboto-latin-500.1dfbc3dbf815e3f3.woff2

141.95.22.201

https://dracoon.team/dw/config

141.95.22.201

https://dracoon.team/3834.12b87329906f4970.js

141.95.22.201

https://dracoon.team/9572.c39501a51292f670.js

141.95.22.201

https://dracoon.team/common.0c1ade8bfaddbfcd.js

141.95.22.201

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

104.16.87.5

file:///C:/Users/user/Downloads/Work%20Place%20Rating%20For%20Top%20100%20Nominees.html

https://dracoon.team/7994.0154704b87507e1c.js

141.95.22.201

https://www.dracoon.com/_hcms/forms//embed/v3/form/4411134/b1725674-94c9-4ea1-9c78-3ecda2c4c517/json?hutk=

199.60.103.227

https://static.cognitoforms.com/form/modern/153.b3e43d96920ebce0f30d.js

13.107.246.60

https://dracoon.team/6011.311cd80eb4c9176c.js

141.95.22.201

https://www.dracoon.com/de/home?utm_source=dracoon.team&utm_medium=webapp-public-ingredient&utm_campaign=ingredient&content=download-share

https://dracoon.team/materialdesignicons-webfont.2474c2c14c0f85dd.woff2?v=7.0.96

141.95.22.201

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%228c63b838-ba29-4860-b44e-622252ffdb9b%22%2C%22f170512b-888f-4a93-9eac-c7a7e321df9a%22%5D&rfc=8&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4285505810&v=1.1&a=4411134&pi=45396106131&ct=standard-page&ccu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome&cpi=45396106131&lpi=45396106131&abi=59236623921&lvi=45396106131&lvc=de&pu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome%3Futm_source%3Ddracoon.team%26utm_medium%3Dwebapp-public-ingredient%26utm_campaign%3Dingredient%26content%3Ddownload-share&t=DRACOON+%E2%80%93+Enterprise+File+Service+Plattform&cts=1664838739816&vi=37546955804357582f90e505db2bd357&nc=true&u=46543416.37546955804357582f90e505db2bd357.1664838739744.1664838739744.1664838739744.1&b=46543416.1.1664838739744&cc=15

104.19.154.83

https://consentcdn.cookiebot.com/sdk/bc-v4.min.html

https://dracoon.team/7157.19049aa40725d135.js

141.95.22.201

https://www.cookiebot.com/en/wp-content/themes/cookiebot/components/templates/cb-pricing-selector/css/cb-pricing-selector.css?ver=1664771652

141.193.213.20

https://www.cookiebot.com/wp-content/uploads/sites/7/2022/05/techcrunch-logo.svg

141.193.213.20

https://no-cache.hubspot.com/cta/default/4411134/fa2ff578-3833-4c84-9c40-c68c0bf20d6f.png

104.19.154.83

https://www.cookiebot.com/wp-content/themes/cookiebot/js/cb-main-pricing.js?ver=1664771651

141.193.213.20

https://www.dracoon.com/hubfs/Dracoon_Files_Website/images/home/BSI-C5-tested-dracoon.png

199.60.103.227

https://www.dracoon.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4411134&pg=4f1c8f51-158f-40ea-8430-d60c26c6cbd4&lt=1664838733733&dt=1664838734045&at=1664838739006&an=1

199.60.103.227

https://www.cognitoforms.com/f/iframe.js

unknown

https://www.dracoon.com/hubfs/Dracoon_Files_Website/images/ressourcen/Success-Story_Denton.png

199.60.103.227

https://www.dracoon.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4411134&pg=088a6243-de76-4914-8eab-0d35a22cef58&lt=1664838735262&dt=1664838735263&at=1664838739003&an=1

199.60.103.227

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22b80ed34f-d053-4a75-ace2-329d20748e44%22%2C%226e140672-a19b-46c4-b441-202ef0a69f10%22%5D&rfc=8&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4285505810&v=1.1&a=4411134&pi=45396106131&ct=standard-page&ccu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome&cpi=45396106131&lpi=45396106131&abi=59236623921&lvi=45396106131&lvc=de&pu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome%3Futm_source%3Ddracoon.team%26utm_medium%3Dwebapp-public-ingredient%26utm_campaign%3Dingredient%26content%3Ddownload-share&t=DRACOON+%E2%80%93+Enterprise+File+Service+Plattform&cts=1664838739830&vi=37546955804357582f90e505db2bd357&nc=true&u=46543416.37546955804357582f90e505db2bd357.1664838739744.1664838739744.1664838739744.1&b=46543416.1.1664838739744&cc=15

104.19.154.83

https://dracoon.team/3437.993c10fce390fe99.js

141.95.22.201

https://273774.fs1.hubspotusercontent-na1.net/hubfs/273774/mp/act2/js/act21.min.js

172.64.154.216

https://no-cache.hubspot.com/cta/default/4411134/d11e1f17-a15c-4876-9db0-9ed9804bfa01.png

104.19.154.83

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-83355137-1&cid=1759904237.1664838737&jid=378263475&_u=YADAAEAAAAAAAC~&z=1189421728

172.217.168.35

https://dracoon.team/1713.c828172091a89e20.js

141.95.22.201

https://www.cookiebot.com/wp-content/uploads/sites/7/2022/05/financial-times.svg

141.193.213.20

https://dracoon.team/5039.b3b62be475b95dd2.js

141.95.22.201

https://track.hubspot.com/__ptq.gif?k=17&fi=b1725674-94c9-4ea1-9c78-3ecda2c4c517&fci=c53a35e1-f966-4703-bda0-8b5a02f6894d&ft=0&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4285505810&v=1.1&a=4411134&pi=45396106131&ct=standard-page&ccu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome&cpi=45396106131&lpi=45396106131&abi=59236623921&lvi=45396106131&lvc=de&pu=https%3A%2F%2Fwww.dracoon.com%2Fde%2Fhome%3Futm_source%3Ddracoon.team%26utm_medium%3Dwebapp-public-ingredient%26utm_campaign%3Dingredient%26content%3Ddownload-share&t=DRACOON+%E2%80%93+Enterprise+File+Service+Plattform&cts=1664838739774&vi=37546955804357582f90e505db2bd357&nc=true&u=46543416.37546955804357582f90e505db2bd357.1664838739744.1664838739744.1664838739744.1&b=46543416.1.1664838739744&cc=15

104.19.154.83

https://f.hubspotusercontent30.net/hubfs/4411134/Dracoon_Files_Website/images/home/Home%20neu%202021-10/DRACOON-Voraussetzungen-Cloudanbieter-Video.mp4

104.16.185.114

https://f.hubspotusercontent30.net/hubfs/4411134/Dracoon_Files_Website/images/home/Home%20neu%202021-10/DRACOON_Vorschau_Cloudanbieter-Video.jpg

104.16.185.114

https://dracoon.team/7756.85d954765b8eee66.js

141.95.22.201

https://dracoon.team/8271.5b19bfdde71aa6f0.js

141.95.22.201

https://dracoon.team/332.df1034bc37a59a18.js

141.95.22.201

https://no-cache.hubspot.com/cta/default/4411134/b80ed34f-d053-4a75-ace2-329d20748e44.png

104.19.154.83

https://www.cookiebot.com/en/wp-content/themes/cookiebot/components/templates/cb-header-old/css/cb-header-old.css?ver=1664771653

141.193.213.20

https://dracoon.team/8144.9c427fa4d6687c3b.js

141.95.22.201

https://www.dracoon.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=4411134&pg=f8ed3fa4-2418-4d93-a1c0-0047ea7a5e90&lt=1664838733528&dt=1664838733888&at=1664838738973&an=1

199.60.103.227

https://www.cookiebot.com/wp-content/plugins/uc-leadgen-bubble/assets/js/uc_lg.js?ver=1.0.13

141.193.213.20

There are 90 hidden URLs, click here to show them.

Domains

Name

Malicious

cdn2.hubspot.net

104.17.241.204

4411134.fs1.hubspotusercontent-na1.net

104.18.33.40

group34.sites.hscoscdn30.net

199.60.103.227

forms.hubspot.com

104.19.154.83

www.cookiebot.com

141.193.213.20

cta-service-cms2.hubspot.com

104.19.155.83

js.hs-analytics.net

104.17.71.176

prod-consentcdneu.b-cdn.net

89.187.165.194

stats.g.doubleclick.net

74.125.143.155

scontent.xx.fbcdn.net

157.240.236.1

track.hubspot.com

104.19.154.83

camservices.lt.acemlnc.com

3.91.141.18

0-4007773595.s3.nbg01.de.dracoon.io

62.128.13.176

no-cache.hubspot.com

104.19.154.83

perf.hsforms.com

104.16.87.5

cdnjs.cloudflare.com

104.17.24.14

prod-consenteu.b-cdn.net

89.187.165.194

www.google.com

142.250.203.100

273774.fs1.hubspotusercontent-na1.net

172.64.154.216

dracoon.team

141.95.22.201

f.hubspotusercontent30.net

104.16.185.114

star-mini.c10r.facebook.com

185.60.216.35

js.hs-banner.com

104.18.33.171

a.nel.cloudflare.com

35.190.80.1

static.hsappstatic.net

104.17.6.210

accounts.google.com

142.250.203.109

app.hubspot.com

104.19.155.83

group25.sites.hscoscdn20.net

199.60.103.254

part-0032.t-0009.t-msedge.net

13.107.246.60

js.hsadspixel.net

104.17.112.176

l-0005.l-dc-msedge.net

13.107.43.14

js.hsleadflows.net

104.17.230.204

f.hubspotusercontent20.net

104.16.187.114

googleads.g.doubleclick.net

142.250.203.98

api.hubapi.com

104.17.203.204

www.google.co.uk

172.217.168.35

clients.l.google.com

142.250.203.110

www.dracoon.com

unknown

design-assets.hubspot.com

unknown

static.cognitoforms.com

unknown

clients2.google.com

unknown

consentcdn.cookiebot.com

unknown

www.facebook.com

unknown

consent.cookiebot.com

unknown

www.linkedin.com

unknown

connect.facebook.net

unknown

px.ads.linkedin.com

unknown

www.cognitoforms.com

unknown

consentcdn.cookiebot.eu

unknown

consent.cookiebot.eu

unknown

snap.licdn.com

unknown

There are 41 hidden domains, click here to show them.

IPs

Domain

Country

Malicious

104.19.155.83

cta-service-cms2.hubspot.com

United States

104.16.187.114

f.hubspotusercontent20.net

United States

192.168.2.1

unknown

104.18.33.171

js.hs-banner.com

United States

192.168.2.7

unknown

104.17.230.204

js.hsleadflows.net

United States

192.168.2.6

unknown

192.168.2.5

unknown

141.95.22.201

dracoon.team

Germany

141.193.213.20

www.cookiebot.com

United States

172.64.154.216

273774.fs1.hubspotusercontent-na1.net

United States

35.190.80.1

a.nel.cloudflare.com

United States

104.17.6.210

static.hsappstatic.net

United States

104.19.154.83

forms.hubspot.com

United States

104.16.185.114

f.hubspotusercontent30.net

United States

199.60.103.227

group34.sites.hscoscdn30.net

Canada

185.60.216.35

star-mini.c10r.facebook.com

Ireland

104.17.241.204

cdn2.hubspot.net

United States

239.255.255.250

unknown

Reserved

104.17.112.176

js.hsadspixel.net

United States

89.187.165.194

prod-consentcdneu.b-cdn.net

Czech Republic

127.0.0.1

unknown

142.250.203.110

clients.l.google.com

United States

3.91.141.18

camservices.lt.acemlnc.com

United States

13.107.246.60

part-0032.t-0009.t-msedge.net

United States

199.60.103.254

group25.sites.hscoscdn20.net

Canada

13.107.43.14

l-0005.l-dc-msedge.net

United States

104.17.71.176

js.hs-analytics.net

United States

142.250.203.109

accounts.google.com

United States

104.17.24.14

cdnjs.cloudflare.com

United States

104.17.203.204

api.hubapi.com

United States

142.250.203.100

www.google.com

United States

74.125.143.155

stats.g.doubleclick.net

United States

104.18.33.40

4411134.fs1.hubspotusercontent-na1.net

United States

157.240.236.1

scontent.xx.fbcdn.net

United States

172.217.168.35

www.google.co.uk

United States

62.128.13.176

0-4007773595.s3.nbg01.de.dracoon.io

Germany

104.16.87.5

perf.hsforms.com

United States

There are 28 hidden IPs, click here to show them.

Registry

Path

Value

Malicious

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

ahfgeienlihckogmohjhadlkjgocpleb

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

gdaefkejpgkiemlaofpalmlakkmbjdnl

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

kmendfapggjehodndflmmgagdbamhnfd

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

mhjfbmdgcfjbbpaeojofohoefgiehjai

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

neajdppkdcdipfabeoofebfddakdcjhd

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nkeimhogjdpnpccoofpliimaahmaaome

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

prefs.preference_reset_time

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault

S-1-5-21-3853321935-2125563209-4053062332-1002

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

gdaefkejpgkiemlaofpalmlakkmbjdnl

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

kmendfapggjehodndflmmgagdbamhnfd

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

neajdppkdcdipfabeoofebfddakdcjhd

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nkeimhogjdpnpccoofpliimaahmaaome

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon

state

HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon

state

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics

user_experience_metrics.stability.exited_cleanly

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

media.cdm.origin_data

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

software_reporter.reporting

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

media.storage_id_salt

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

google.services.last_account_id

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

google.services.account_id

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.last_triggered_for_startup_urls

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.last_triggered_for_homepage

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

module_blocklist_cache_md5_digest

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

software_reporter.prompt_seed

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

default_search_provider_data.template_url_data

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

safebrowsing.incidents_sent

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

pinned_tabs

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

browser.show_home_button

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

search_provider_overrides

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.last_triggered_for_default_search

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

prefs.preference_reset_time

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

software_reporter.prompt_version

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

google.services.last_username

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

session.startup_urls

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

session.restore_on_startup

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.prompt_wave

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

homepage

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

homepage_is_newtabpage

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

lastrun

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

lastrun

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault

S-1-5-21-3853321935-2125563209-4053062332-1002

HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry

TraceTimeLast

HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon

state

HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon

state

There are 42 hidden registries, click here to show them.

Memdumps

Base Address

Regiontype

Protect

Malicious

F77DCFD000

stack

page read and write

168B7C50000

heap

page read and write

491CFFB000

stack

page read and write

2547D050000

heap

page read and write

2547D28A000

heap

page read and write

168B7E64000

heap

page read and write

1B3D17C0000

heap

page read and write

2547D1D0000

trusted library allocation

page read and write

18B6F230000

heap

page read and write

2547D240000

heap

page read and write

18B6E82C000

heap

page read and write

18B6F002000

heap

page read and write

18B6E890000

heap

page read and write

7283CFC000

stack

page read and write

18B6EE60000

trusted library allocation

page read and write

18BC9828000

heap

page read and write

1B3D1FC0000

remote allocation

page read and write

2547EBE0000

remote allocation

page read and write

2D44A513000

heap

page read and write

2D87D43A000

heap

page read and write

7283E7F000

stack

page read and write

168B7E00000

heap

page read and write

2D87D429000

heap

page read and write

18B6F230000

heap

page read and write

2D87D413000

heap

page read and write

18B6E829000

heap

page read and write

2D87D446000

heap

page read and write

18B6F108000

heap

page read and write

1B3D17D0000

heap

page read and write

2D87D469000

heap

page read and write

2D87D502000

heap

page read and write

728447D000

stack

page read and write

2D44AA70000

trusted library allocation

page read and write

3BABDF9000

stack

page read and write

2BE2979000

stack

page read and write

18B6F18E000

heap

page read and write

18B6F213000

heap

page read and write

18BC97E0000

trusted library allocation

page read and write

2547D318000

heap

page read and write

168B7E29000

heap

page read and write

18B6E98E000

heap

page read and write

728427C000

stack

page read and write

6BE417E000

stack

page read and write

2D44A488000

heap

page read and write

2D87D1C0000

heap

page read and write

2D44A4E4000

heap

page read and write

1D7BE5F0000

heap

page read and write

168B7E74000

heap

page read and write

18BCA002000

trusted library allocation

page read and write

18B6E86C000

heap

page read and write

2547D249000

heap

page read and write

3BAC0FE000

stack

page read and write

2D44AD13000

heap

page read and write

2D87D458000

heap

page read and write

2D44A502000

heap

page read and write

18B6E843000

heap

page read and write

1D7BE750000

trusted library allocation

page read and write

3BABAFF000

stack

page read and write

18BC983D000

heap

page read and write

18B6F102000

heap

page read and write

2D87D440000

heap

page read and write

F43A47E000

stack

page read and write

2BE267B000

stack

page read and write

18B6F16D000

heap

page read and write

1B3D1A29000

heap

page read and write

2D87D460000

heap

page read and write

2D44A400000

heap

page read and write

18B6F143000

heap

page read and write

2D87D45F000

heap

page read and write

1D7BE83C000

heap

page read and write

1D7BE84A000

heap

page read and write

2D87D484000

heap

page read and write

18B6F154000

heap

page read and write

1B3D1A13000

heap

page read and write

2D87D442000

heap

page read and write

168B8602000

trusted library allocation

page read and write

18B6F202000

heap

page read and write

3BABC7E000

stack

page read and write

F77DF7F000

stack

page read and write

168B7E3D000

heap

page read and write

2D87D431000

heap

page read and write

18B6E864000

heap

page read and write

2547D259000

heap

page read and write

2D87D47E000

heap

page read and write

2547EBE0000

remote allocation

page read and write

2547D25E000

heap

page read and write

2547D313000

heap

page read and write

18B6F1BA000

heap

page read and write

1D7BE800000

heap

page read and write

2547D0B0000

heap

page read and write

2D87D457000

heap

page read and write

2D44AC02000

heap

page read and write

168B7BF0000

heap

page read and write

2547EE00000

trusted library allocation

page read and write

18B6E913000

heap

page read and write

6BE3D7E000

stack

page read and write

2D87D455000

heap

page read and write

2D44A43E000

heap

page read and write

72838AB000

stack

page read and write

18BC9867000

heap

page read and write

F77DB7E000

stack

page read and write

F77D4DB000

stack

page read and write

2547D1B0000

trusted library allocation

page read and write

1D7BE854000

heap

page read and write

F77E17F000

stack

page read and write

18B6E813000

heap

page read and write

F43A0FE000

stack

page read and write

168B7BE0000

heap

page read and write

2D44AD3A000

heap

page read and write

1D7BE802000

heap

page read and write

18BC96E0000

heap

page read and write

18B6E83C000

heap

page read and write

18BC9800000

heap

page read and write

18B6F200000

heap

page read and write

18B6F122000

heap

page read and write

2547D202000

heap

page read and write

6BE3E7D000

stack

page read and write

1D7BE837000

heap

page read and write

18B6E800000

heap

page read and write

1B3D1830000

heap

page read and write

2A6397F000

stack

page read and write

2D44A310000

heap

page read and write

18B6E889000

heap

page read and write

168B7D50000

trusted library allocation

page read and write

1D7BE829000

heap

page read and write

1B3D1A02000

heap

page read and write

F77DBFC000

stack

page read and write

1B3D1FC0000

remote allocation

page read and write

2547EBE0000

remote allocation

page read and write

2D87D46B000

heap

page read and write

18B6E690000

heap

page read and write

F77DD7B000

stack

page read and write

1B3D1A3E000

heap

page read and write

2D87D3F0000

trusted library allocation

page read and write

1D7BE858000

heap

page read and write

2547D258000

heap

page read and write

2D44A2B0000

heap

page read and write

18B6F100000

heap

page read and write

1D7BE902000

heap

page read and write

F439D9B000

stack

page read and write

2A6337F000

stack

page read and write

168B7E02000

heap

page read and write

491CDFB000

stack

page read and write

3BAC1FA000

stack

page read and write

2BE2A7C000

stack

page read and write

2D87DA02000

trusted library allocation

page read and write

2D87D1B0000

heap

page read and write

728407F000

stack

page read and write

18B6F1AE000

heap

page read and write

2A62EFB000

stack

page read and write

2547D213000

heap

page read and write

2D87D462000

heap

page read and write

1B3D1F90000

trusted library allocation

page read and write

18B6E85A000

heap

page read and write

18B6E821000

heap

page read and write

2A6317C000

stack

page read and write

2547D265000

heap

page read and write

18B6E9E5000

heap

page read and write

6BE40FD000

stack

page read and write

1D7BE847000

heap

page read and write

2A6307F000

stack

page read and write

2A6357F000

stack

page read and write

18BC9859000

heap

page read and write

F43A07E000

stack

page read and write

F77E07D000

stack

page read and write

3BABA7F000

stack

page read and write

2A6377E000

stack

page read and write

18BC9913000

heap

page read and write

7283F7E000

stack

page read and write

2D87D477000

heap

page read and write

2D87D46D000

heap

page read and write

2BE2B7F000

stack

page read and write

2547D259000

heap

page read and write

18B6F223000

heap

page read and write

18B6E88F000

heap

page read and write

2D44A46E000

heap

page read and write

1D7BE650000

heap

page read and write

18B6F122000

heap

page read and write

18B6F227000

heap

page read and write

2D87D44D000

heap

page read and write

2D44AD00000

heap

page read and write

2547D300000

heap

page read and write

3BABD7B000

stack

page read and write

3BABEFA000

stack

page read and write

18B6E9B9000

heap

page read and write

2D87D45C000

heap

page read and write

F43A37E000

stack

page read and write

F77D8FB000

stack

page read and write

1B3D1A00000

heap

page read and write

6BE3EFF000

stack

page read and write

18BC986A000

heap

page read and write

2547EC02000

trusted library allocation

page read and write

2D87D220000

heap

page read and write

2A62AEB000

stack

page read and write

2547D249000

heap

page read and write

2A6367F000

stack

page read and write

18BC9680000

heap

page read and write

1D7BF002000

trusted library allocation

page read and write

2D44A4B9000

heap

page read and write

F77DE7C000

stack

page read and write

728437F000

stack

page read and write

1D7BE82E000

heap

page read and write

6BE3FFD000

stack

page read and write

2547D200000

heap

page read and write

2D87D43C000

heap

page read and write

1B3D1A24000

heap

page read and write

168B7E5C000

heap

page read and write

728417C000

stack

page read and write

2A6387F000

stack

page read and write

2547D22A000

heap

page read and write

3BABFFF000

stack

page read and write

18B6E882000

heap

page read and write

1D7BE600000

heap

page read and write

1B3D2002000

trusted library allocation

page read and write

6BE370B000

stack

page read and write

168B7E6E000

heap

page read and write

2D87D47B000

heap

page read and write

2BE287E000

stack

page read and write

2A6347D000

stack

page read and write

168B7F02000

heap

page read and write

2D87D45E000

heap

page read and write

2D44A2A0000

heap

page read and write

18B6F115000

heap

page read and write

18BC9802000

heap

page read and write

2D87D456000

heap

page read and write

2D87D464000

heap

page read and write

491CEFB000

stack

page read and write

18B6E6A0000

heap

page read and write

168B7E13000

heap

page read and write

2547D302000

heap

page read and write

18B6E843000

heap

page read and write

2D87D400000

heap

page read and write

18B6E700000

heap

page read and write

2547D32B000

heap

page read and write

1D7BE813000

heap

page read and write

18BC9813000

heap

page read and write

18BC9902000

heap

page read and write

2547D040000

heap

page read and write

2547D248000

heap

page read and write

3BAB6BB000

stack

page read and write

F77DA7F000

stack

page read and write

2547EBA0000

trusted library allocation

page read and write

2A6327F000

stack

page read and write

1B3D1B02000

heap

page read and write

18B6E856000

heap

page read and write

18BC9670000

heap

page read and write

2D87D466000

heap

page read and write

6BE3BFE000

stack

page read and write

1B3D1A5C000

heap

page read and write

18BC9900000

heap

page read and write

2D44A413000

heap

page read and write

2D44A4CA000

heap

page read and write

18B6EE80000

trusted library allocation

page read and write

2D87D45A000

heap

page read and write

F43A57E000

stack

page read and write

6BE3C7E000

stack

page read and write

18BC987D000

heap

page read and write

1B3D1FC0000

remote allocation

page read and write

491D0FE000

stack

page read and write

1B3D1A1F000

heap

page read and write

491C8FC000

stack

page read and write

168B7E41000

heap

page read and write

168B7F13000

heap

page read and write

F43A27E000

stack

page read and write

2547D272000

heap

page read and write

2D87D47A000

heap

page read and write

2D44A429000

heap

page read and write

2BE2C7E000

stack

page read and write

2D44A4C8000

heap

page read and write

168B7E6B000

heap

page read and write

There are 260 hidden memdumps, click here to show them.

DOM / HTML

URL

Malicious

https://dracoon.team/public/download-shares/bnQLV52xAPXtG14GsQkvO7EiWmJeu2Ws

file:///C:/Users/user/Downloads/Work%20Place%20Rating%20For%20Top%20100%20Nominees.html

https://www.cognitoforms.com/f/1hY1LR-SIkCC-lohyPfzGg/1

https://consentcdn.cookiebot.com/sdk/bc-v4.min.html

https://www.dracoon.com/de/home?utm_source=dracoon.team&utm_medium=webapp-public-ingredient&utm_campaign=ingredient&content=download-share

https://www.cookiebot.com/

https://consentcdn.cookiebot.eu/sdk/bc-v4.min.html

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

DOM / HTML