Click to jump to signature section
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Directory created: C:\Program Files\chrome_BITS_4084_554039753 | Jump to behavior |
Source: unknown | DNS traffic detected: queries for: accounts.google.com |
Source: unknown | Network traffic detected: HTTP traffic on port 49710 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49706 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49695 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49712 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49697 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49815 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49702 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49704 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49701 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49815 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49712 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49710 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49697 |
Source: unknown | Network traffic detected: HTTP traffic on port 49707 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49705 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49695 |
Source: unknown | Network traffic detected: HTTP traffic on port 49703 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49823 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49707 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49706 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49705 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49704 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49703 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49702 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49823 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49701 |
Source: global traffic | HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=115.0.5790.171&lang=en-GB&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-115.0.5790.171Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /krs?id=P5Ie3-7G HTTP/1.1Host: aka.msConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /redirect?id=P5Ie3-7G HTTP/1.1Host: krs.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: MC1=GUID=762ed1c63ceb49b49cb46dba465abf5d&HASH=762e&LV=202308&V=4&LU=1691663513605 |
Source: global traffic | HTTP traffic detected: GET /css/styles.css HTTP/1.1Host: krs.microsoft.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://krs.microsoft.com/redirect?id=P5Ie3-7GAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: MC1=GUID=762ed1c63ceb49b49cb46dba465abf5d&HASH=762e&LV=202308&V=4&LU=1691663513605; TiPMix=36.57796004678722; x-ms-routing-name=self |
Source: global traffic | HTTP traffic detected: GET /images/GooglePlayStoreBadge.png HTTP/1.1Host: krs.microsoft.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://krs.microsoft.com/redirect?id=P5Ie3-7GAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: MC1=GUID=762ed1c63ceb49b49cb46dba465abf5d&HASH=762e&LV=202308&V=4&LU=1691663513605; TiPMix=36.57796004678722; x-ms-routing-name=self |
Source: global traffic | HTTP traffic detected: GET /images/AppleAppStoreBadge.png HTTP/1.1Host: krs.microsoft.comConnection: keep-alivesec-ch-ua: "Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://krs.microsoft.com/redirect?id=P5Ie3-7GAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: MC1=GUID=762ed1c63ceb49b49cb46dba465abf5d&HASH=762e&LV=202308&V=4&LU=1691663513605; TiPMix=36.57796004678722; x-ms-routing-name=self |
Source: global traffic | HTTP traffic detected: GET /images/GooglePlayStoreBadge.png HTTP/1.1Host: krs.microsoft.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: MC1=GUID=762ed1c63ceb49b49cb46dba465abf5d&HASH=762e&LV=202308&V=4&LU=1691663513605; TiPMix=36.57796004678722; x-ms-routing-name=self |
Source: global traffic | HTTP traffic detected: GET /images/AppleAppStoreBadge.png HTTP/1.1Host: krs.microsoft.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: MC1=GUID=762ed1c63ceb49b49cb46dba465abf5d&HASH=762e&LV=202308&V=4&LU=1691663513605; TiPMix=36.57796004678722; x-ms-routing-name=self |
Source: chromecache_238.1.dr | String found in binary or memory: "https://www.facebook.com/AppStore/" equals www.facebook.com (Facebook) |
Source: chromecache_238.1.dr | String found in binary or memory: <p dir="false" data-test-bidi>Outlook lets you bring all your email accounts and calendars in one convenient spot. Whether it's staying on top of your inbox or scheduling the next big thing, we make it easy to be your most productive, organized, and connected self.<br /><br />Here's what you'll love about Outlook for iOS:<br /><br />- Focus on the right things with our smart inbox - we help you sort between messages you need to act on straight away and everything else.<br /><br />- Swipe to quickly schedule, delete and archive messages.<br /><br />- Share your meeting availability with just a tap and easily find times to meet with others.<br /><br />- Find everything you're looking for with our new search experience, including files, contacts, and your upcoming trips.<br /><br />- View and attach any file from your email, OneDrive, Dropbox, and more, without having to download them to your phone.<br /><br />- Open Word, Excel, or other Office document attachments to edit them directly in the corresponding app and attach them back to an email.<br /><br />--<br /><br />Outlook for iOS works with Microsoft Exchange, Office 365, Outlook.com (including Hotmail and MSN), Gmail, Yahoo Mail, and iCloud.<br /><br />--<br /><br />To make an in-app purchase of a Microsoft 365 Family or Personal subscription, open the app, go to Settings, and tap on Upgrade next to your Outlook.com or Hotmail.com account. Subscriptions begin at $6.99 a month in the US, and can vary by region. With a Microsoft 365 subscription, you get 1TB of storage for each user, access to all features in Word, Excel, and PowerPoint on iPad, iPhone, and iPod touch, and you can install Word, Excel, PowerPoint, Outlook and OneNote on PCs or Macs.<br /><br />Microsoft 365 subscriptions purchased from the app will be charged to your iTunes account and will automatically renew within 24 hours prior to the end of the current subscription period, unless auto-renewal is disabled beforehand. To manage your subscriptions or to disable auto-renewal, after purchase, go to your iTunes account settings. A subscription cannot be cancelled during the active subscription period. Any unused portion of a free trial period, if offered will be forfeited when the user purchases a subscription to that publication, where applicable.<br /><br />Privacy and Cookies: https://go.microsoft.com/fwlink/?LinkId=521839<br />Terms of Use: http://go.microsoft.com/fwlink/?LinkID=530 |