Play interactive tourEdit tour

Windows Analysis Report
https:/458rl1jp.r.us-east-1.awstrack.me/L0/https:%2F%2Fmembers.iiasd.org%2Fsurveys%2F%3Fid=Convention_2023/1/0100018b3e12279d-e727ffa9-e7f1-4823-b721-a57801c3275a-000000/skMU3gbPAfcMHPAB2YbPLnQK65o=344

Overview

General Information

Sample URL:	https:/458rl1jp.r.us-east-1.awstrack.me/L0/https:%2F%2Fmembers.iiasd.org%2Fsurveys%2F%3Fid=Convention_2023/1/0100018b3e12279d-e727ffa9-e7f1-4823-b721-a57801c3275a-000000/skMU3gbPAfcMHPAB2YbPLnQK65o=34
Analysis ID:	1327431
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

×

Joe Sandbox Signatures

• • Phishing
• • Networking
• • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Phishing

HTML page is missing a favicon

Source: https://members.iiasd.org/surveys/?id=Convention_2023

HTTP Parser: No favicon

Source: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAh4D1fahKeeEAZoGRIA%3D%3D&hash=2CF1354F5D33C04234B753357EE0F0&cid=e~BGEu68PrpKrnyrPVLvdV4EdjEHnpxGjp_XHECFg6S0HVsa1Kohaqvfra~oEcf7qGgg2RdauNK~RzIwFMvObMPz92LIBzyDCWf3CmK2IzOjqJA3DtKJm0RcaeDlWiyc&t=fe&referer=https%3A%2F%2Fmembers.iiasd.org%2Fsurveys%2F%3Fid%3DConvention_2023&s=18464&e=b821de14ea111615f4edf644f2cb6d11e84a187fbd64e97b625c2674325e7e2f

HTTP Parser: No favicon

Networking

Downloads files from webservers via HTTP

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=94.0.4606.61&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-94.0.4606.61Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /L0/https:%2F%2Fmembers.iiasd.org%2Fsurveys%2F%3Fid=Convention_2023/1/0100018b3e12279d-e727ffa9-e7f1-4823-b721-a57801c3275a-000000/skMU3gbPAfcMHPAB2YbPLnQK65o=344 HTTP/1.1Host: 458rl1jp.r.us-east-1.awstrack.meConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /surveys/?id=Convention_2023 HTTP/1.1Host: members.iiasd.orgConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c.js HTTP/1.1Host: ct.captcha-delivery.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://members.iiasd.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/?initialCid=AHrlqAAAAAMAh4D1fahKeeEAZoGRIA%3D%3D&hash=2CF1354F5D33C04234B753357EE0F0&cid=e~BGEu68PrpKrnyrPVLvdV4EdjEHnpxGjp_XHECFg6S0HVsa1Kohaqvfra~oEcf7qGgg2RdauNK~RzIwFMvObMPz92LIBzyDCWf3CmK2IzOjqJA3DtKJm0RcaeDlWiyc&t=fe&referer=https%3A%2F%2Fmembers.iiasd.org%2Fsurveys%2F%3Fid%3DConvention_2023&s=18464&e=b821de14ea111615f4edf644f2cb6d11e84a187fbd64e97b625c2674325e7e2f HTTP/1.1Host: geo.captcha-delivery.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://members.iiasd.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css HTTP/1.1Host: static.captcha-delivery.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://geo.captcha-delivery.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /common/fonts/roboto/font-face.css HTTP/1.1Host: static.captcha-delivery.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://geo.captcha-delivery.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/assets/set/6dd7cb5359f54edb9eb0becd33d19118d3e93e26/logo.png?update_cache=2408786060224526139 HTTP/1.1Host: static.captcha-delivery.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://geo.captcha-delivery.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tags.js HTTP/1.1Host: js.datadome.coConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://geo.captcha-delivery.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /common/fonts/roboto/roboto.woff2 HTTP/1.1Host: static.captcha-delivery.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"Origin: https://geo.captcha-delivery.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.captcha-delivery.com/common/fonts/roboto/font-face.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/assets/set/6dd7cb5359f54edb9eb0becd33d19118d3e93e26/logo.png?update_cache=2408786060224526139 HTTP/1.1Host: static.captcha-delivery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: members.iiasd.orgConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-model: sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://members.iiasd.org/surveys/?id=Convention_2023Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: datadome=e~BGEu68PrpKrnyrPVLvdV4EdjEHnpxGjp_XHECFg6S0HVsa1Kohaqvfra~oEcf7qGgg2RdauNK~RzIwFMvObMPz92LIBzyDCWf3CmK2IzOjqJA3DtKJm0RcaeDlWiyc
Source: global traffic	HTTP traffic detected: GET /js/ HTTP/1.1Host: api-js.datadome.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: members.iiasd.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: datadome=e~BGEu68PrpKrnyrPVLvdV4EdjEHnpxGjp_XHECFg6S0HVsa1Kohaqvfra~oEcf7qGgg2RdauNK~RzIwFMvObMPz92LIBzyDCWf3CmK2IzOjqJA3DtKJm0RcaeDlWiyc
Source: global traffic	HTTP traffic detected: GET /js/ HTTP/1.1Host: api-js.datadome.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Performs DNS lookups

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Sends SSDP (simple service discovery protocol) broadcast queries

Source: global traffic	TCP traffic: 192.168.11.20:60987 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:60987 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:60987 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:60987 -> 239.255.255.250:1900

Tries to download or post to a non-existing HTTP route (HTTP/1.1 404 Not Found / 503 Service Unavailable / 403 Forbidden)

Source: global traffic

HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Tue, 17 Oct 2023 16:17:57 GMTContent-Type: text/html;charset=utf-8Content-Length: 580Connection: closeX-DataDome: protectedAccept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-MemoryCharset: utf-8Cache-Control: max-age=0, private, no-cache, no-store, must-revalidatePragma: no-cacheX-DataDome-CID: AHrlqAAAAAMAh4D1fahKeeEAZoGRIA==Set-Cookie: datadome=e~BGEu68PrpKrnyrPVLvdV4EdjEHnpxGjp_XHECFg6S0HVsa1Kohaqvfra~oEcf7qGgg2RdauNK~RzIwFMvObMPz92LIBzyDCWf3CmK2IzOjqJA3DtKJm0RcaeDlWiyc; Max-Age=31536000; Domain=.iiasd.org; Path=/; Secure; SameSite=Lax

Uses HTTPS

Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49544
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51707
Source: unknown	Network traffic detected: HTTP traffic on port 49544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61194
Source: unknown	Network traffic detected: HTTP traffic on port 60546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56243
Source: unknown	Network traffic detected: HTTP traffic on port 56646 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58100
Source: unknown	Network traffic detected: HTTP traffic on port 51124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56646
Source: unknown	Network traffic detected: HTTP traffic on port 62585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52443
Source: unknown	Network traffic detected: HTTP traffic on port 59740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54357 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59287
Source: unknown	Network traffic detected: HTTP traffic on port 52443 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61232
Source: unknown	Network traffic detected: HTTP traffic on port 62187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60546
Source: unknown	Network traffic detected: HTTP traffic on port 58411 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63593
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54357
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51683
Source: unknown	Network traffic detected: HTTP traffic on port 63593 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54475
Source: unknown	Network traffic detected: HTTP traffic on port 61194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51124
Source: unknown	Network traffic detected: HTTP traffic on port 49315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49315
Source: unknown	Network traffic detected: HTTP traffic on port 59287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54328
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59740
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58411
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62585
Source: unknown	Network traffic detected: HTTP traffic on port 51683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54475 -> 443

Posts data to webserver

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=YES+srp.gws-20210811-0-RC2.en+FX+979; AEC=Ad49MVFf9Dv7B6egeOgj1KRs9zEJFl7xTeHKFuDQ4w-0aMcEh1ZbUV4GCw; NID=511=Fb9m6orBsCk8g8okbxd0bNA5e4gEdvsO4EJi3xyY6m7-87MqmFZCjWOfTMjEV-QOLAUoCOhPhFMtvtTgGBvdcCeiVLC5sWNyO_yH0057J1bn8o-spwJb2f-JESUqLUGpJTjHkEs42-DVHUt3379gqE-vONgrrWk5I_jFZltuOMiAhKI4gkjoN1x_

Connects to IPs without corresponding DNS lookups

Source: unknown	TCP traffic detected without corresponding DNS query: 52.143.87.28
Source: unknown	TCP traffic detected without corresponding DNS query: 52.143.87.28
Source: unknown	TCP traffic detected without corresponding DNS query: 52.143.87.28
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

System Summary

Classification label

Source: classification engine

Classification label: clean0.win@26/0@10/12

Spawns processes

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1676,9976906793806323828,1916143722008436818,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "https:/458rl1jp.r.us-east-1.awstrack.me/L0/https:%2F%2Fmembers.iiasd.org%2Fsurveys%2F%3Fid=Convention_2023/1/0100018b3e12279d-e727ffa9-e7f1-4823-b721-a57801c3275a-000000/skMU3gbPAfcMHPAB2YbPLnQK65o=344
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1676,9976906793806323828,1916143722008436818,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Found graphical window changes (likely an installer)

Source: Window Recorder

Window detected: More than 3 window changes detected

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Behavior

Click here to start
Slideshow Behavior Animation