Windows Analysis Report
http://kilopaja.com/

Overview

General Information

Sample URL:	http://kilopaja.com/
Analysis ID:	1446517
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	60%

Signatures

Stores files to the Windows start menu directory

Classification

Signatures

Source: http://kilopaja.com/

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49717 version: TLS 1.2

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.209.187
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic

HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 23 May 2024 13:42:47 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Wed, 22 May 2024 19:15:59 GMTETag: "2aa6-6190fc3b9febe-gzip"Accept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 3138Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 5a eb 73 db 36 12 ff ee bf 02 55 a7 d3 24 27 91 96 93 ba b2 22 7b 26 f1 63 d2 99 a4 f1 24 ca dd f5 93 0f 22 21 09 63 88 e0 01 a0 64 35 ed ff 7e bb 00 48 f1 25 ca c9 35 d5 c4 91 48 02 fb c2 ee 6f 1f d2 d1 e4 bb ab f7 97 d3 df 6e af c9 d2 ac 04 b9 fd f4 fa ed 2f 97 a4 37 08 c3 7f 3d bf 0c c3 ab e9 15 f9 f7 9b e9 bb b7 64 18 1c 93 a9 a2 89 e6 86 cb 84 8a 30 bc fe b5 47 7a 4b 63 d2 71 18 6e 36 9b 60 f3 3c 90 6a 11 4e 3f 84 0f 48 6b 88 9b fd c7 81 29 ed 0c 62 13 f7 2e 8e 26 96 e1 c3 4a 24 fa bc 85 cc f0 ec ec cc ed 86 b5 84 4c be 1b 0c e0 8d 90 77 32 e6 73 ce 62 32 57 72 45 cc 92 91 2b 36 e3 34 21 52 f1 05 07 f2 64 2e 15 f9 34 cb 12 93 d9 0d 6f a9 36 24 4b 63 6a 58 3c 26 27 c7 c3 d3 c1 70 38 18 9e da 87 1f 19 1b 13 64 ae 81 bb a0 59 12 2d 53 1a 07 09 33 e1 2c 5b e8 70 78 32 1a 9d 9e 1d c3 da c1 c0 8a b1 64 34 be b0 5b 27 2b 66 a8 dd 3b 60 ff cd f8 fa bc 77 29 13 c3 12 33 98 6e 53 d6 23 91 bb 3a ef 19 f6 60 42 54 e4 25 89 96 54 69 66 ce 3f 4d 6f 06 a3 1e 09 3d 25 c3 8d 60 17 af 52 1a 2d d9 89 97 1d d4 9a d3 4c 18 72 4b 17 20 e3 2f 86 6c a4 ba d7 93 d0 2d 76 1b b5 d9 0a 46 0c f0 f3 6c 22 ad 7b 64 c5 62 4e cf 7b 3a 52 8c 25 d6 7a cf c8 67 bb 61 45 15 d8 68 4c 8e d3 87 f2 df 4b fb 10 14 8f 79 b2 68 7d fa e7 11 fc 37 93 f1 b6 ef fc e4 73 75 c7 73 58 59 fa 7b 79 64 1f cf 68 74 bf 50 32 4b e2 41 24 85 54 63 f2 fd d5 e8 ea f5 f5 89 7f 3e 07 0b 0d e6 74 c5 c5 76 4c fe c9 54 4c 13 da 27 1a 3c 65 a0 99 e2 f3 97 bb 55 9a ff 0e 46 18 0e 53 e3 6e a2 b2 03 2a f8 02 94 89 c0 ca 4c 15 52 c6 7c 1d ac 28 4f ee 52 30 5c 2e a8 74 ce 37 26 8a 09 6a f8 9a 39 32 31 d7 a9 a0 c0 dd d0 99 60 5e ac 0d 8f cd 72 4c 46 c7 c7 85 26 ce 6e 83 99 34 46 ae c6 4e c5 d2 7d c1 e6 66 4c 68 66 64 e5 36 38 e4 b2 72 7f bf 85 9d bd a4 8a 99 1a 78 fe 27 39 13 7f 3b 37 e1 c9 f0 e4 e7 e7 a3 ca 23 eb 06 63 a2 a5 e0 f1 7e db df d8 97 7f 7e c0 80 68 bb 3b f4 75 a6 bc 09 97 cc 69 73 76 96 cb e5 e5 1c 1e 1f ff d0 c1 f4 a7 9b d3 9b 9f f7 d2 d6 29 44 6e d5 37 87 3f 95 8c f3 d3 ce 3a 65 3f 18 21 cb e2 e6 c6 8b 36 93 22 de cb 89 af 16 35 46 cf 4b 7c 5e d4 4f 61 dc 1a 01 48 d4 ba ca 9d 9c df f9 00 d7 9e 6c 24 18 85 6d e8 0b b9 d7 80 0f e4 87 d9 70 a6 2f 08 9a bd 07 e7 78 75 c9 76 c7 0d 5b ed 15 b0 79 82 b9 6c 2f da 1d f4 80 6c f9 cd 63 fb 6a 46 ea 63 e5 a5 b5 93 3a 2d 49 73 5a 3b 0e bf f3 4e b3 08 23 bc e5 8c ff 62 1b d7 18 de e1 e2 3a 1e a2 f9 46 e8 56 ee bd c3 3c 65 af 3e 76 5e dd cd 29 55 ac a6 e3 c8 5b 66 d4 0a e6 23 ff 64 54 11 a5 0a 35 c3 1a d4 78 3c 89 01 ee 58 dc 0a 42 b9 0a 87 c2 be a4 a3 a3 c9 0d d8 35 7a 84 9a 15 25 0b e4 3d 70 fa 6e 6f 26 fa fb 1f 0a de 75 58 c3 3a 83 7c 6f 05 0b 2b 79 ef d4 bb d7 69 97 7b 8d ae cf 2e 5f 9

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: kilopaja.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icons/ubuntu-logo.png HTTP/1.1Host: kilopaja.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://kilopaja.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: kilopaja.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://kilopaja.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icons/ubuntu-logo.png HTTP/1.1Host: kilopaja.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: kilopaja.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 23 May 2024 13:42:48 GMTServer: Apache/2.4.41 (Ubuntu)Content-Length: 274Keep-Alive: timeout=5, max=98Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 6b 69 6c 6f 70 61 6a 61 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at kilopaja.com Port 80</address></body></html>

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49717 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@14/8@6/94

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://kilopaja.com/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1948,i,3811647198641314521,11681295217886142506,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1948,i,3811647198641314521,11681295217886142506,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.217.23.110	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.164	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.163	unknown	United States	15169	GOOGLEUS	false
64.233.184.84	unknown	United States	15169	GOOGLEUS	false
142.250.186.99	unknown	United States	15169	GOOGLEUS	false
167.172.112.119	kilopaja.com	United States	14061	DIGITALOCEAN-ASNUS	false
216.58.206.46	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
kilopaja.com	167.172.112.119	true
www.google.com	142.250.185.164	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://kilopaja.com/	false		unknown
http://kilopaja.com/favicon.ico	false	Avira URL Cloud: safe	unknown
http://kilopaja.com/icons/ubuntu-logo.png	false	Avira URL Cloud: safe	unknown

ID:	1446517
Product:	CloudBasic
Start time:	15:42:19
Start date:	23.05.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 23 12:42:48 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	08EFC2571C2CAF310DBFFECD9DE82FAC	1F9128133C6E898F7B46C6719E6DA21456D7CC64	95A2F14050F9FAD4838AB74635912648F9C2D3F7D45798035EED60E9887A7AFC
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 23 12:42:48 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	B1424D21F5538B8297D29AFD96925A6F	8CAB97E8983C30051478C0D3AB6D7340ECCC96C5	1E4A7276C580B974B4437525E6D298AA15083981F4D5AD2BDE22748CDB873D6B
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	380771492D30394029A1C31451242510	7346EB4A97C41A03CBD4696B638A3CE39A8BFE92	D50479A4DEB472A81A32E297D14CD2362D88779B8C5B1314467914615747C30B
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 23 12:42:48 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	EE49671BBAA4B1CC587E32694EA6A5BB	C7095949B1CBC83609864434149658ABB1865973	98CFFC9BCCDAA16C0998B3C41F8E0DC4BC2F66E017F70AF0DBA1BE985E3ED451
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 23 12:42:48 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	027F7B88E5AB15EAC182EC3D2ABB8E87	7866116B3D1EAEC4B9079FD45EC8737915F53617	66CCA521077163B8EAF2AD968E71C2399300A502CF9267A2C1F3E40FE9E8E582
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 23 12:42:48 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	AAD3998068D6FD4B6656890E6CA560F1	E6A2CC12CF6F534BC8A29FF7986C08D599109AAC	5B88D089D544CCC73ACCC08C22DF1824529D0D6FF5496A8B848570919801B659
Chrome Cache Entry: 57	gzip compressed data, from Unix, original size modulo 2^32 10918	03780B50B8B5D82FBFF14A38D53458FC	DBE345DC5117C85CDF9E09A2261FC2BE7FBA7FEF	254A4FFC692C76D04B4A2B7AD9717E3D000F1899D9039A29D8DDCCEF487EFA0E
Chrome Cache Entry: 59	HTML document, ASCII text	A89A92592C2C245663D27FBF6859737B	E83A00BC4DD0BEDF09492EFAA87CE6C5F4A981A2	821F6E64F042047512B38A8762A69CB0BE9509FC646979B2D74DD5A26B58963F

Windows Analysis Report
http://kilopaja.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://kilopaja.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://kilopaja.com/