Click to jump to signature section
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0Nfd1KU | LLM: Score: 9 brands: ILEDEFRANCE Reasons: The URL is highly suspicious as it uses an IPFS (InterPlanetary File System) link, which is uncommon for legitimate websites. The domain does not match the legitimate domain name associated with the brand 'ILEDEFRANCE'. The page contains a login form, which is a common feature in phishing sites to steal credentials. The use of social engineering techniques is evident as the page advises users to verify their email account for security reasons, which can prompt users to enter their credentials without suspicion. DOM: 2.1.pages.csv |
Source: Yara match | File source: 2.1.pages.csv, type: HTML |
Source: Yara match | File source: dropped/chromecache_77, type: DROPPED |
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0N | LLM: Score: 8 Reasons: The code contains a base64-encoded URL that, when decoded, points to a potentially suspicious site (nocodeform.io). The presence of a login error message and a default site title related to webmail login suggests that this script could be part of a phishing attempt to steal user credentials. Additionally, the use of a base64-encoded URL is a common tactic to obfuscate malicious links. DOM: 2.1.pages.csv |
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0Nfd1KUur7oUeGmQg30odhhzIJk95v7I8xTFNCLFUV7p4rUnFMrndGnNZsXO4ZBACm4nwXN6StffF3RFuH3Y2uNRVeXDomF3rLkAu6nwmeafhHsuEy7wFCaUMoMwifyYbmW5s3f1Kk8GhkPGgIxEQQMHYpy8tHUwVIaAo1ar8NTFgTSPyMhjY&dispatch=683&id=793243#YXN0cmlkLnd1cnN0ZXJAaWxlZGVmcmFuY2UuZnI= | HTTP Parser: Iframe src: https://www.iledefrance.fr |
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0Nfd1KUur7oUeGmQg30odhhzIJk95v7I8xTFNCLFUV7p4rUnFMrndGnNZsXO4ZBACm4nwXN6StffF3RFuH3Y2uNRVeXDomF3rLkAu6nwmeafhHsuEy7wFCaUMoMwifyYbmW5s3f1Kk8GhkPGgIxEQQMHYpy8tHUwVIaAo1ar8NTFgTSPyMhjY&dispatch=683&id=793243#YXN0cmlkLnd1cnN0ZXJAaWxlZGVmcmFuY2UuZnI= | HTTP Parser: Number of links: 0 |
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0Nfd1KUur7oUeGmQg30odhhzIJk95v7I8xTFNCLFUV7p4rUnFMrndGnNZsXO4ZBACm4nwXN6StffF3RFuH3Y2uNRVeXDomF3rLkAu6nwmeafhHsuEy7wFCaUMoMwifyYbmW5s3f1Kk8GhkPGgIxEQQMHYpy8tHUwVIaAo1ar8NTFgTSPyMhjY&dispatch=683&id=793243#YXN0cmlkLnd1cnN0ZXJAaWxlZGVmcmFuY2UuZnI= | HTTP Parser: <input type="password" .../> found but no <form action="... |
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0Nfd1KUur7oUeGmQg30odhhzIJk95v7I8xTFNCLFUV7p4rUnFMrndGnNZsXO4ZBACm4nwXN6StffF3RFuH3Y2uNRVeXDomF3rLkAu6nwmeafhHsuEy7wFCaUMoMwifyYbmW5s3f1Kk8GhkPGgIxEQQMHYpy8tHUwVIaAo1ar8NTFgTSPyMhjY&dispatch=683&id=793243#YXN0cmlkLnd1cnN0ZXJAaWxlZGVmcmFuY2UuZnI= | HTTP Parser: Base64 decoded: https://nocodeform.io/f/65fb2a8c6ec87b8eaeaf62c0 |
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0Nfd1KUur7oUeGmQg30odhhzIJk95v7I8xTFNCLFUV7p4rUnFMrndGnNZsXO4ZBACm4nwXN6StffF3RFuH3Y2uNRVeXDomF3rLkAu6nwmeafhHsuEy7wFCaUMoMwifyYbmW5s3f1Kk8GhkPGgIxEQQMHYpy8tHUwVIaAo1ar8NTFgTSPyMhjY&dispatch=683&id=793243#YXN0cmlkLnd1cnN0ZXJAaWxlZGVmcmFuY2UuZnI= | HTTP Parser: Title: Sign in iledefrance account does not match URL |
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0Nfd1KUur7oUeGmQg30odhhzIJk95v7I8xTFNCLFUV7p4rUnFMrndGnNZsXO4ZBACm4nwXN6StffF3RFuH3Y2uNRVeXDomF3rLkAu6nwmeafhHsuEy7wFCaUMoMwifyYbmW5s3f1Kk8GhkPGgIxEQQMHYpy8tHUwVIaAo1ar8NTFgTSPyMhjY&dispatch=683&id=793243#YXN0cmlkLnd1cnN0ZXJAaWxlZGVmcmFuY2UuZnI= | HTTP Parser: <input type="password" .../> found |
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0Nfd1KUur7oUeGmQg30odhhzIJk95v7I8xTFNCLFUV7p4rUnFMrndGnNZsXO4ZBACm4nwXN6StffF3RFuH3Y2uNRVeXDomF3rLkAu6nwmeafhHsuEy7wFCaUMoMwifyYbmW5s3f1Kk8GhkPGgIxEQQMHYpy8tHUwVIaAo1ar8NTFgTSPyMhjY&dispatch=683&id=793243#YXN0cmlkLnd1cnN0ZXJAaWxlZGVmcmFuY2UuZnI= | HTTP Parser: No <meta name="author".. found |
Source: https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html&websrc=VdxUl9l9zz9XJUazwJikOsjZCy5xrbQZ7OVNeXhc52YIF3n6teWakuErye5Lp0boBSXwWXPPcrt2v1N1oDwJ7DqvaRZXhzb3Fpn9e0VGkVPZvn90ZkklbK4Xq0Nfd1KUur7oUeGmQg30odhhzIJk95v7I8xTFNCLFUV7p4rUnFMrndGnNZsXO4ZBACm4nwXN6StffF3RFuH3Y2uNRVeXDomF3rLkAu6nwmeafhHsuEy7wFCaUMoMwifyYbmW5s3f1Kk8GhkPGgIxEQQMHYpy8tHUwVIaAo1ar8NTFgTSPyMhjY&dispatch=683&id=793243#YXN0cmlkLnd1cnN0ZXJAaWxlZGVmcmFuY2UuZnI= | HTTP Parser: No <meta name="copyright".. found |
Source: unknown | HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49730 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49731 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49732 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49737 version: TLS 1.2 |
Source: chrome.exe | Memory has grown: Private usage: 27MB later: 35MB |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: global traffic | DNS traffic detected: DNS query: litnet.com |
Source: global traffic | DNS traffic detected: DNS query: cloudflare-ipfs.com |
Source: global traffic | DNS traffic detected: DNS query: ik.imagekit.io |
Source: global traffic | DNS traffic detected: DNS query: cdn.jsdelivr.net |
Source: global traffic | DNS traffic detected: DNS query: cdnjs.cloudflare.com |
Source: global traffic | DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com |
Source: global traffic | DNS traffic detected: DNS query: logo.clearbit.com |
Source: global traffic | DNS traffic detected: DNS query: www.iledefrance.fr |
Source: global traffic | DNS traffic detected: DNS query: www.google.com |
Source: unknown | Network traffic detected: HTTP traffic on port 49708 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49699 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49710 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49704 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49691 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49720 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49713 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49739 |
Source: unknown | Network traffic detected: HTTP traffic on port 49717 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49737 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49699 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49732 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49731 |
Source: unknown | Network traffic detected: HTTP traffic on port 49707 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49730 |
Source: unknown | Network traffic detected: HTTP traffic on port 49732 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49711 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49724 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49721 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49714 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49718 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49725 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49724 |
Source: unknown | Network traffic detected: HTTP traffic on port 49739 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49722 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49721 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49720 |
Source: unknown | Network traffic detected: HTTP traffic on port 49706 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49731 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49712 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49678 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49702 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49725 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49719 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49722 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49719 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49718 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49717 |
Source: unknown | Network traffic detected: HTTP traffic on port 49715 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49716 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49715 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49714 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49713 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49712 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49711 |
Source: unknown | Network traffic detected: HTTP traffic on port 49709 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49710 |
Source: unknown | Network traffic detected: HTTP traffic on port 49673 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49705 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49730 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49709 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49708 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49707 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49706 |
Source: unknown | Network traffic detected: HTTP traffic on port 49716 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49705 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49704 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49702 |
Source: unknown | Network traffic detected: HTTP traffic on port 49737 -> 443 |
Source: unknown | HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49730 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49731 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49732 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49737 version: TLS 1.2 |
Source: classification engine | Classification label: mal60.phis.win@16/18@22/201 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps |
Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://litnet.com/out?signature=2c1f4fb3a510da55&verify=f0d85a74515d878f9714518b56f64f83c3d478981c8004fd8a36ff05f77ed04b&litnet=domain&url=https://cloudflare-ipfs.com/ipfs/QmbbUyKXzZMtLWL65JBbfeA8HRigpuDZ9sk5XT4xvfvyVx?filename=reqistrer-serversNonniiii.html#YXN0cmlkLnd1cnN0ZXJAaWxlZGVmcmFuY2UuZnI= |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1968,i,10356222934595195562,2819351198065839367,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1968,i,10356222934595195562,2819351198065839367,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: Window Recorder | Window detected: More than 3 window changes detected |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk |