Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
Page Title: Microsoft | Login |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
Page Title: Microsoft | Login |
Source: Yara match |
File source: 92753.0.pages.csv, type: HTML |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: Number of links: 0 |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: Number of links: 0 |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: Invalid link: Privacy statement |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: Invalid link: Privacy statement |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: HTML title missing |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: HTML title missing |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: No <meta name="author".. found |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: No <meta name="author".. found |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: No <meta name="copyright".. found |
Source: https://30-11-vjwerg9-80eu5rht-0ghjwr-0gfhwe-0r98gf.obs.ap-southeast-1.myhuaweicloud.com/hg084e5trh-ghewr8uinfv-we0r8hgb-0rhgf-rg.htm?AWSAccessKeyId=BRMRSNWPZ46HN5N4CQ0R&Expires=1669808553&Signature=BuuhlTMKcaFhD8DBKX3w/0IwY4s%3D#franco.bin@cuzziol.it |
HTTP Parser: No <meta name="copyright".. found |
Source: chrome.exe |
Memory has grown: Private usage: 0MB later: 28MB |
Source: unknown |
DNS traffic detected: queries for: clients2.google.com |
Source: unknown |
Network traffic detected: HTTP traffic on port 49708 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49733 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49733 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49709 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49710 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49710 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49731 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49730 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49731 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49730 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49726 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49729 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49709 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49708 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49729 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49715 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49715 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49726 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE |
File created: C:\Users\alfredo\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_13929_20386-20221129T1749280939-2572.etl |
Source: classification engine |
Classification label: mal56.phis.winMSG@24/2@11/218 |
Source: unknown |
Process created: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE C:\Program Files\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\alfredo\Desktop\Fwd_ Payment_Confirmation.msg |
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\alfredo\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\IRQ7T0GH\Payment_Confirmation.hTm |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1792,i,11491005883064114037,15152354911059901904,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1792,i,11491005883064114037,15152354911059901904,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: unknown |
Process created: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files\Microsoft Office\Root\Office16\OUTLOOK.EXE" -Embedding |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Source: Window Recorder |
Window detected: More than 3 window changes detected |
Source: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE |
Key opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common |
Source: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE |
Process information set: NOOPENFILEERRORBOX |
Source: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE |
Process information set: NOOPENFILEERRORBOX |