Click to jump to signature section
| Source: iata-25May2023.shtml | ReversingLabs: Detection: 13% |
| Source: iata-25May2023.shtml | HTTP Parser: Low number of body elements: 1 |
| Source: iata-25May2023.shtml | HTTP Parser: No favicon |
| Source: file:///C:/Users/user/Desktop/iata-25May2023.shtml | HTTP Parser: No favicon |
| Source: file:///C:/Users/user/Desktop/iata-25May2023.shtml | HTTP Parser: No favicon |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\Google\GoogleUpdater | Jump to behavior |
| Source: chrome.exe | Memory has grown: Private usage: 1MB later: 33MB |
| Source: Joe Sandbox View | IP Address: 239.255.255.250 239.255.255.250 |
| Source: unknown | DNS traffic detected: queries for: clients2.google.com |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49700 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49706 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49695 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49696 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49695 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49696 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49700 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49706 |
| Source: global traffic | HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-104.0.5112.81Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
| Source: unknown | HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
| Source: iata-25May2023.shtml | ReversingLabs: Detection: 13% |
| Source: classification engine | Classification label: mal52.phis.winSHTML@24/0@6/7 |
| Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\iata-25May2023.shtml | |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1888 --field-trial-handle=1812,i,18360485486545431331,5420382872932820938,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 | |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1888 --field-trial-handle=1812,i,18360485486545431331,5420382872932820938,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown | Jump to behavior |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Program Files\Google\GoogleUpdater | Jump to behavior |
| Source: iata-25May2023.shtml | Static file information: File size 3081826 > 1048576 |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\Google\GoogleUpdater | Jump to behavior |
Edit tour
chrome.exe (PID: 5688 cmdline: 
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet