Edit tour

Windows Analysis Report
https://seguro.shop-eee.shop/cart

Overview

General Information

Sample URL:https://seguro.shop-eee.shop/cart
Analysis ID:1445375
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Detected non-DNS traffic on DNS port

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64
  • chrome.exe (PID: 4884 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5516 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=2036,i,10880962701074461422,12938664713605778049,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6424 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://seguro.shop-eee.shop/cart" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Snort rule has matched

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: https://seguro.shop-eee.shop/cartAvira URL Cloud: detection malicious, Label: phishing
Source: https://seguro.shop-eee.shop/cartHTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: global trafficTCP traffic: 192.168.2.4:58785 -> 1.1.1.1:53
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /cart HTTP/1.1Host: seguro.shop-eee.shopConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: seguro.shop-eee.shopConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://seguro.shop-eee.shop/cartAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficDNS traffic detected: DNS query: seguro.shop-eee.shop
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 21 May 2024 22:26:16 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeServer: gocache
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 21 May 2024 22:26:17 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeServer: gocache
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58795
Source: unknownNetwork traffic detected: HTTP traffic on port 58795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: classification engineClassification label: mal48.win@21/4@4/6
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=2036,i,10880962701074461422,12938664713605778049,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://seguro.shop-eee.shop/cart"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=2036,i,10880962701074461422,12938664713605778049,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Process Injection
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1445375 URL: https://seguro.shop-eee.shop/cart Startdate: 22/05/2024 Architecture: WINDOWS Score: 48 26 Antivirus / Scanner detection for submitted sample 2->26 6 chrome.exe 1 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.4, 138, 443, 49723 unknown unknown 6->14 16 192.168.2.5 unknown unknown 6->16 18 2 other IPs or domains 6->18 11 chrome.exe 6->11         started        process5 dnsIp6 20 www.google.com 142.250.186.100, 443, 49739, 58795 GOOGLEUS United States 11->20 22 seguro.shop-eee.shop.cdn.gocache.net 170.82.174.30, 443, 49737, 49738 3LCLOUDINTERNETSERVICESLTDA-EPPBR Brazil 11->22 24 seguro.shop-eee.shop 11->24

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://seguro.shop-eee.shop/cart100%Avira URL Cloudphishing
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://seguro.shop-eee.shop/favicon.ico0%Avira URL Cloudsafe
NameIPActiveMaliciousAntivirus DetectionReputation
www.google.com
142.250.186.100
truefalse
    unknown
    seguro.shop-eee.shop.cdn.gocache.net
    170.82.174.30
    truefalse
      unknown
      fp2e7a.wpc.phicdn.net
      192.229.221.95
      truefalse
        unknown
        seguro.shop-eee.shop
        unknown
        unknownfalse
          unknown
          NameMaliciousAntivirus DetectionReputation
          https://seguro.shop-eee.shop/favicon.icofalse
          • Avira URL Cloud: safe
          unknown
          https://seguro.shop-eee.shop/carttrue
            unknown
            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs
            IPDomainCountryFlagASNASN NameMalicious
            239.255.255.250
            unknownReserved
            unknownunknownfalse
            142.250.186.100
            www.google.comUnited States
            15169GOOGLEUSfalse
            170.82.174.30
            seguro.shop-eee.shop.cdn.gocache.netBrazil
            2664443LCLOUDINTERNETSERVICESLTDA-EPPBRfalse
            IP
            192.168.2.7
            192.168.2.4
            192.168.2.5
            Joe Sandbox version:40.0.0 Tourmaline
            Analysis ID:1445375
            Start date and time:2024-05-22 00:25:23 +02:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 3m 4s
            Hypervisor based Inspection enabled:false
            Report type:light
            Cookbook file name:browseurl.jbs
            Sample URL:https://seguro.shop-eee.shop/cart
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:7
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal48.win@21/4@4/6
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
            • TCP Packets have been reduced to 100
            • Excluded IPs from analysis (whitelisted): 142.250.184.195, 142.250.110.84, 142.250.184.206, 34.104.35.123, 52.165.165.26, 93.184.221.240, 192.229.221.95, 20.3.187.198, 216.58.206.67
            • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
            • Not all processes where analyzed, report is missing behavior information
            • Report size getting too big, too many NtSetInformationFile calls found.
            • VT rate limit hit for: https://seguro.shop-eee.shop/cart
            No simulations
            InputOutput
            URL: https://seguro.shop-eee.shop/cart Model: Perplexity: mixtral-8x7b-instruct
            {
            "loginform": false,
            "reasons": [
            "The text does not contain any form fields for a username or password.",
            "The text does not contain any labels or prompts for a login form.",
            "The text contains an error message, but it does not indicate that it is related to a login form."
            ]
            }
            Erro 601 seguro.shop-eee.shop 10 da requisiqo: 159773c4014fc738b3ce4738aa37f8a1 - Seu ender-ego 'P: Horrio. 2024-05-21 19:26 16 - 1s4 
            No context
            No context
            No context
            No context
            No context
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:HTML document, ASCII text
            Category:downloaded
            Size (bytes):1240
            Entropy (8bit):5.175495857414608
            Encrypted:false
            SSDEEP:24:fnoBbrWdFBGX0ByETJeWMc46NSWPzRfL1BoNpcyLPF:fnoBk3fyIhXNnzRjIjVLPF
            MD5:53B543145D1BE8DD5C159B3F111FC923
            SHA1:0B9D600BAD042CA7D89FA2CADD6019BF3FE2EBD6
            SHA-256:C086613C1A9992DA7A11531F6D77A3744ABB663396233F22C3B29EE29FE4A59A
            SHA-512:1509A27A05BD65EB4585BD5DDF70F84B024E097057FF310B934795DED1EC0E4356B2F9946E6FF0BE50085D7CA248A23AFF723F1F3EBDEDE8751AF6E203F2157C
            Malicious:false
            Reputation:low
            URL:https://seguro.shop-eee.shop/favicon.ico
            Preview:<html>.<head>.<title>GoCache - Erro 601</title>.<meta name="robots" content="noindex, nofollow">.<style type="text/css">..#gocache-error-page {. color: #404040 !important;. font-family: "Open Sans",Helvetica,Arial,sans-serif !important;. font-size: 15px !important;. letter-spacing: normal;. line-height: 1.5 !important;. text-decoration: none !important;.. display: block;. margin: 0;. padding: 0;. position: relative;. text-align: center;. width: 100%;.}..#gocache-error-page p {.font-size: 12px;.}..#gocache-body-default {..}..#logo-gocache {.width:127;.height:30;.}...body.gocache-body-default {.margin-top: 10%;. background-color: #F9F9F9;.}..h1 {. font-size: 3.8em;. margin: 2px;.}..h2 {. font-size: 1.4em;. margin: 2px;. color: #999999;. font-weight: 100;.}..h4 {. margin: 2px;. font-size: 1.3em;.}..</style>.</head>.<body class="gocache-body-default">.<div id="gocache-error-page">.<h1>Erro 601</h1>.<h2></h2>.<br>.<h4><i>seguro.
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:HTML document, ASCII text
            Category:downloaded
            Size (bytes):1240
            Entropy (8bit):5.176399208867954
            Encrypted:false
            SSDEEP:24:fnoBbrWdFBGX0ByETJeWMc46NSWPzRfL1BoNpcVuGPDWj:fnoBk3fyIhXNnzRjIjVGPD6
            MD5:6252513C1A590EC85C2E1A04EB75CD0B
            SHA1:89E7A6FC81767F53E6C5ADF052BC10CC580C67D4
            SHA-256:06EFA2B520127C2E28044668DC47D6F2F635198C5E0C34AC801A6983C044CC32
            SHA-512:40615FE0C38EF009B729863B4DEB58E916D72B0E9B20B3DF3B7FE37361F771EE7BC251545CA3526A81281691C9546624F8843B9AF635FCA02063FF65D084CF98
            Malicious:false
            Reputation:low
            URL:https://seguro.shop-eee.shop/cart
            Preview:<html>.<head>.<title>GoCache - Erro 601</title>.<meta name="robots" content="noindex, nofollow">.<style type="text/css">..#gocache-error-page {. color: #404040 !important;. font-family: "Open Sans",Helvetica,Arial,sans-serif !important;. font-size: 15px !important;. letter-spacing: normal;. line-height: 1.5 !important;. text-decoration: none !important;.. display: block;. margin: 0;. padding: 0;. position: relative;. text-align: center;. width: 100%;.}..#gocache-error-page p {.font-size: 12px;.}..#gocache-body-default {..}..#logo-gocache {.width:127;.height:30;.}...body.gocache-body-default {.margin-top: 10%;. background-color: #F9F9F9;.}..h1 {. font-size: 3.8em;. margin: 2px;.}..h2 {. font-size: 1.4em;. margin: 2px;. color: #999999;. font-weight: 100;.}..h4 {. margin: 2px;. font-size: 1.3em;.}..</style>.</head>.<body class="gocache-body-default">.<div id="gocache-error-page">.<h1>Erro 601</h1>.<h2></h2>.<br>.<h4><i>seguro.
            No static file info
            • Total Packets: 57
            • 443 (HTTPS)
            • 53 (DNS)
            TimestampSource PortDest PortSource IPDest IP
            May 22, 2024 00:26:04.611790895 CEST49675443192.168.2.4173.222.162.32
            May 22, 2024 00:26:05.721132994 CEST49678443192.168.2.4104.46.162.224
            May 22, 2024 00:26:14.223824024 CEST49675443192.168.2.4173.222.162.32
            May 22, 2024 00:26:15.423695087 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:15.423732042 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:15.423882961 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:15.426388025 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:15.426435947 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:15.426489115 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:15.426755905 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:15.426769018 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:15.426933050 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:15.426948071 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.210097075 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.212676048 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.212694883 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.213669062 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.213732004 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.219137907 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.219199896 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.219913006 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.219926119 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.240004063 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.241832972 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.241857052 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.242837906 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.242894888 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.243930101 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.243985891 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.266242981 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.285964966 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.285990953 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.330018997 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.565571070 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.565676928 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:16.565731049 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.566909075 CEST49737443192.168.2.4170.82.174.30
            May 22, 2024 00:26:16.566939116 CEST44349737170.82.174.30192.168.2.4
            May 22, 2024 00:26:17.235583067 CEST49739443192.168.2.4142.250.186.100
            May 22, 2024 00:26:17.235621929 CEST44349739142.250.186.100192.168.2.4
            May 22, 2024 00:26:17.235712051 CEST49739443192.168.2.4142.250.186.100
            May 22, 2024 00:26:17.237983942 CEST49739443192.168.2.4142.250.186.100
            May 22, 2024 00:26:17.237997055 CEST44349739142.250.186.100192.168.2.4
            May 22, 2024 00:26:17.293703079 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:17.340131044 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:17.520842075 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:17.520948887 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:17.520997047 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:17.529052019 CEST49738443192.168.2.4170.82.174.30
            May 22, 2024 00:26:17.529083967 CEST44349738170.82.174.30192.168.2.4
            May 22, 2024 00:26:17.624988079 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:17.625082016 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:17.625186920 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:17.628082037 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:17.628118992 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:17.915611982 CEST44349739142.250.186.100192.168.2.4
            May 22, 2024 00:26:17.935594082 CEST49739443192.168.2.4142.250.186.100
            May 22, 2024 00:26:17.935625076 CEST44349739142.250.186.100192.168.2.4
            May 22, 2024 00:26:17.937333107 CEST44349739142.250.186.100192.168.2.4
            May 22, 2024 00:26:17.937413931 CEST49739443192.168.2.4142.250.186.100
            May 22, 2024 00:26:17.975542068 CEST49739443192.168.2.4142.250.186.100
            May 22, 2024 00:26:17.975658894 CEST44349739142.250.186.100192.168.2.4
            May 22, 2024 00:26:18.017044067 CEST49739443192.168.2.4142.250.186.100
            May 22, 2024 00:26:18.017066956 CEST44349739142.250.186.100192.168.2.4
            May 22, 2024 00:26:18.063909054 CEST49739443192.168.2.4142.250.186.100
            May 22, 2024 00:26:18.294477940 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.294569016 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.327363014 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.327398062 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.327779055 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.376420021 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.489882946 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.536118984 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.682223082 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.682286024 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.682342052 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.682509899 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.682533979 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.682550907 CEST49740443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.682559967 CEST44349740184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.735891104 CEST49741443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.735932112 CEST44349741184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.736093998 CEST49741443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.736920118 CEST49741443192.168.2.4184.28.90.27
            May 22, 2024 00:26:18.736937046 CEST44349741184.28.90.27192.168.2.4
            May 22, 2024 00:26:18.962833881 CEST5878553192.168.2.41.1.1.1
            May 22, 2024 00:26:18.969655037 CEST53587851.1.1.1192.168.2.4
            May 22, 2024 00:26:18.969722033 CEST5878553192.168.2.41.1.1.1
            May 22, 2024 00:26:18.969770908 CEST5878553192.168.2.41.1.1.1
            May 22, 2024 00:26:19.004156113 CEST53587851.1.1.1192.168.2.4
            May 22, 2024 00:26:19.449522018 CEST44349741184.28.90.27192.168.2.4
            May 22, 2024 00:26:19.449620962 CEST49741443192.168.2.4184.28.90.27
            May 22, 2024 00:26:19.452153921 CEST49741443192.168.2.4184.28.90.27
            May 22, 2024 00:26:19.452171087 CEST44349741184.28.90.27192.168.2.4
            May 22, 2024 00:26:19.452807903 CEST53587851.1.1.1192.168.2.4
            May 22, 2024 00:26:19.452965021 CEST44349741184.28.90.27192.168.2.4
            May 22, 2024 00:26:19.454520941 CEST49741443192.168.2.4184.28.90.27
            May 22, 2024 00:26:19.458983898 CEST5878553192.168.2.41.1.1.1
            May 22, 2024 00:26:19.472493887 CEST53587851.1.1.1192.168.2.4
            May 22, 2024 00:26:19.472553015 CEST5878553192.168.2.41.1.1.1
            TimestampSource PortDest PortSource IPDest IP
            May 22, 2024 00:26:12.602195024 CEST53542151.1.1.1192.168.2.4
            May 22, 2024 00:26:12.726699114 CEST53632421.1.1.1192.168.2.4
            May 22, 2024 00:26:13.901998997 CEST53548211.1.1.1192.168.2.4
            May 22, 2024 00:26:14.755675077 CEST6274353192.168.2.41.1.1.1
            May 22, 2024 00:26:14.755906105 CEST5366953192.168.2.41.1.1.1
            May 22, 2024 00:26:14.996010065 CEST53536691.1.1.1192.168.2.4
            May 22, 2024 00:26:15.422291040 CEST53627431.1.1.1192.168.2.4
            May 22, 2024 00:26:17.186693907 CEST6360753192.168.2.41.1.1.1
            May 22, 2024 00:26:17.187104940 CEST5936153192.168.2.41.1.1.1
            May 22, 2024 00:26:17.196038961 CEST53636071.1.1.1192.168.2.4
            May 22, 2024 00:26:17.204624891 CEST53593611.1.1.1192.168.2.4
            May 22, 2024 00:26:18.961949110 CEST53499171.1.1.1192.168.2.4
            May 22, 2024 00:26:36.254767895 CEST138138192.168.2.4192.168.2.255
            May 22, 2024 00:27:12.398499966 CEST53507031.1.1.1192.168.2.4
            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            May 22, 2024 00:26:14.755675077 CEST192.168.2.41.1.1.10xc1fdStandard query (0)seguro.shop-eee.shopA (IP address)IN (0x0001)false
            May 22, 2024 00:26:14.755906105 CEST192.168.2.41.1.1.10xed67Standard query (0)seguro.shop-eee.shop65IN (0x0001)false
            May 22, 2024 00:26:17.186693907 CEST192.168.2.41.1.1.10x836bStandard query (0)www.google.comA (IP address)IN (0x0001)false
            May 22, 2024 00:26:17.187104940 CEST192.168.2.41.1.1.10xf86Standard query (0)www.google.com65IN (0x0001)false
            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            May 22, 2024 00:26:14.996010065 CEST1.1.1.1192.168.2.40xed67No error (0)seguro.shop-eee.shopseguro.shop-eee.shop.cdn.gocache.netCNAME (Canonical name)IN (0x0001)false
            May 22, 2024 00:26:15.422291040 CEST1.1.1.1192.168.2.40xc1fdNo error (0)seguro.shop-eee.shopseguro.shop-eee.shop.cdn.gocache.netCNAME (Canonical name)IN (0x0001)false
            May 22, 2024 00:26:15.422291040 CEST1.1.1.1192.168.2.40xc1fdNo error (0)seguro.shop-eee.shop.cdn.gocache.net170.82.174.30A (IP address)IN (0x0001)false
            May 22, 2024 00:26:15.422291040 CEST1.1.1.1192.168.2.40xc1fdNo error (0)seguro.shop-eee.shop.cdn.gocache.net170.82.173.30A (IP address)IN (0x0001)false
            May 22, 2024 00:26:17.196038961 CEST1.1.1.1192.168.2.40x836bNo error (0)www.google.com142.250.186.100A (IP address)IN (0x0001)false
            May 22, 2024 00:26:17.204624891 CEST1.1.1.1192.168.2.40xf86No error (0)www.google.com65IN (0x0001)false
            May 22, 2024 00:26:29.142200947 CEST1.1.1.1192.168.2.40xf55fNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
            May 22, 2024 00:26:29.142200947 CEST1.1.1.1192.168.2.40xf55fNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
            May 22, 2024 00:26:42.480026007 CEST1.1.1.1192.168.2.40x8752No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
            May 22, 2024 00:26:42.480026007 CEST1.1.1.1192.168.2.40x8752No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
            May 22, 2024 00:27:25.716204882 CEST1.1.1.1192.168.2.40x68f7No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
            May 22, 2024 00:27:25.716204882 CEST1.1.1.1192.168.2.40x68f7No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
            • seguro.shop-eee.shop
            • https:
            • fs.microsoft.com

            Click to jump to process

            All data are 0.

            No disassembly