Windows
Analysis Report
https://691tx8z8.r.us-east-1.awstrack.me/L0/https:%2F%2Fwww.google.fr%2Famp%2Fs%2Fwww.google.com%252Furl%253Fq%253Dhttps%253A%252F%252Fwww.google.com%252Furl%253Fq%25253Dhttps%2525253A%2525252F%2525252Flinkprotect.cudasvc.com%2525252Furl%2525253Fa%2525253Dhttps%2525253A%2525252F%2525252Flncc.onelink
Overview
General Information
Detection
Score: | 21 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Very long command line found
HTTP GET or POST without a user agent
Stores files to the Windows start menu directory
Classification
- System is w10x64_ra
chrome.exe (PID: 7088 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// 691tx8z8.r .us-east-1 .awstrack. me/L0/http s:%2F%2Fww w.google.f r%2Famp%2F s%2Fwww.go ogle.com%2 52Furl%253 Fq%253Dhtt ps%253A%25 2F%252Fwww .google.co m%252Furl% 253Fq%2525 3Dhttps%25 25253A%252 5252F%2525 252Flinkpr otect.cuda svc.com%25 25252Furl% 2525253Fa% 2525253Dht tps%252525 3A%2525252 F%2525252F lncc.oneli nk.me%2525 252FoRT7%2 525253F%25 25252526c% 252525253D Partnerize %252525252 6af_siteid %252525253 D1100l998% 2525252526 is_retarge ting%25252 5253Dtrue% 2525252526 af_reengag ement_wind ow%2525252 53D30d%252 5252526af_ click_look back%25252 5253D7d%25 25252526af _media_typ e%25252525 3Dweb%2525 252526clic kid%252525 253D%25252 52526af_r% 252525253D https%2525 2525253A%2 5252525252 F%25252525 252Fwww.ln -cc.com%25 252525252F en%2525252 5252Fspeci al-25%2525 2525252Fvi ntage-chec k-belt-bag -in-yellow -bur013702 2bei.html% 2525252525 3Fcgid%252 52525253Ds pecial-25% 2525252525 26app_clic kref%25252 525253D%25 2525252526 utm_source %252525252 53DPZ%2525 25252526ut m_medium%2 5252525253 Daffiliate %252525252 526utm_cam paign%2525 2525253Dec entime-nl% 2525252526 af_web_dp% 252525253D https%2525 253A%25252 52F%252525 2Fu4505380 9.ct.sendg rid.net%25 252525252F ls%2525252 5252Fclick %252525252 53Fupn%252 52525253Du 001.H95mKv hWqpGdhokI 6nNItidg1t xkeoFEgxGK XlI44onsab ikbCnyliJz b0vBxy0Dfi VxxsKvbhSW esGw07IKKB Hi7hAxjb-2 BcdKAUwQVI abDkIyNUwR jJEDputJkd WEI-2BxZVI VZYTJA9ase y4acxfz2i- 2ByrqSAxgA 82UN0-2BTC ac20AJxFy1 lyKC6TQIGj GrX-2BbdGX ZUfzbJvrAr -2FOgTKQuA wazCfU8qFp i-2BuPngVf 53o-3DWgIo _OgB8xwcw4 MS8-2FaRsy v2i3s7PXuQ KTt36zz-2F UlIfqOL1lO v-2Bm67D-2 FZb97F8Pzj BM-2BA3LRK R0I6ycPTMI k86EsfI4jd VMqvYuh0ir neEo5umFvm Z5m3Urmq4r XahJS9PjP7 iLSxkmtWGQ jX8kaXnD7- 2F17-2FQfz GjVXpuF-2F Rf0CCdsVbO eOKM-2FC5w CJ57IT4Pd0 L4UjNimWc- 2BJJPoREjx ZCPmr8nwbv KwWzrXKNz0 gRgcmnJCuN 0NpnFtHSD- 2B-2FNly7L DxcWYLmDS3 yjcAMLGwjy ClzlpNgTSd 20lURDh-2F CHUNNFvOxT pX93a7Qw5b 4R-2Fjn19S Jz-2FRm12h NEx37BaqmW T-2FvU6ASh GShz7vBYl6 JkTlBcE3S1 JayqJauv-2 FVZsbHDJQm -2FnTokvXg rqZXmT-2F7 OExZc0Yw-2 B9Bk-2FVlZ gGUV5unvYZ NzPbXCdXWJ vRSnKFJ73g 7%25252526 c%2525253D E%2525252C 1%2525252C 5bEVim247z 1fGhtUhmYw bNu1H8iIZr 4NrgaCfUxK ZdTyuUxW48 gwPUfsoILD y-FCjYA5-2 MC MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 6224 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2156 --fi eld-trial- handle=168 8,i,106507 9027979142 91,1626307 7713809333 994,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTP traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |