Automated Malware Analysis IOC Report for

Files

File Path

Type

Category

Malicious

Chrome Cache Entry: 104

PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 105

ASCII text

downloaded

Chrome Cache Entry: 106

ASCII text, with very long lines (32058)

downloaded

Chrome Cache Entry: 107

ASCII text, with very long lines (18860)

dropped

Chrome Cache Entry: 108

ASCII text

downloaded

Chrome Cache Entry: 109

PNG image data, 464 x 354, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 110

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1199, components 3

dropped

Chrome Cache Entry: 111

ASCII text, with very long lines (65324)

downloaded

Chrome Cache Entry: 112

ASCII text, with very long lines (26500)

dropped

Chrome Cache Entry: 113

PNG image data, 1068 x 240, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 114

JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 1078x1348, components 3

dropped

Chrome Cache Entry: 115

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1067x1058, components 3

dropped

Chrome Cache Entry: 116

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1181, components 3

downloaded

Chrome Cache Entry: 117

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1166, components 3

downloaded

Chrome Cache Entry: 118

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1199, components 3

downloaded

Chrome Cache Entry: 119

PNG image data, 250 x 59, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 120

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1179, components 3

dropped

Chrome Cache Entry: 121

PNG image data, 4010 x 700, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 122

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1198, components 3

downloaded

Chrome Cache Entry: 123

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1199, components 3

dropped

Chrome Cache Entry: 124

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1166, components 3

dropped

Chrome Cache Entry: 125

PNG image data, 250 x 59, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 126

JSON data

downloaded

Chrome Cache Entry: 127

ASCII text, with very long lines (32013), with CRLF line terminators

dropped

Chrome Cache Entry: 128

ASCII text, with very long lines (10075)

dropped

Chrome Cache Entry: 129

PNG image data, 25 x 31, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 130

ASCII text

downloaded

Chrome Cache Entry: 131

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1191, components 3

dropped

Chrome Cache Entry: 132

ASCII text, with very long lines (10075)

downloaded

Chrome Cache Entry: 133

PNG image data, 138 x 164, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 134

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1170, components 3

downloaded

Chrome Cache Entry: 135

PNG image data, 35 x 18, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 136

HTML document, Unicode text, UTF-8 text

downloaded

Chrome Cache Entry: 137

PNG image data, 25 x 31, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 138

ASCII text

downloaded

Chrome Cache Entry: 139

PNG image data, 464 x 354, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 140

ASCII text, with very long lines (19975)

downloaded

Chrome Cache Entry: 141

PNG image data, 138 x 164, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 142

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1170, components 3

downloaded

Chrome Cache Entry: 143

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1192, components 3

downloaded

Chrome Cache Entry: 144

ASCII text, with very long lines (60130)

dropped

Chrome Cache Entry: 145

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1181, components 3

downloaded

Chrome Cache Entry: 146

PNG image data, 1068 x 240, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 147

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1211, components 3

downloaded

Chrome Cache Entry: 148

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1239, components 3

downloaded

Chrome Cache Entry: 149

ASCII text, with very long lines (32013), with CRLF line terminators

downloaded

Chrome Cache Entry: 150

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1191, components 3

downloaded

Chrome Cache Entry: 151

ASCII text

downloaded

Chrome Cache Entry: 152

ASCII text, with very long lines (12736)

dropped

Chrome Cache Entry: 153

ASCII text, with very long lines (2774)

downloaded

Chrome Cache Entry: 154

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1239, components 3

dropped

Chrome Cache Entry: 155

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1198, components 3

dropped

Chrome Cache Entry: 156

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1170, components 3

dropped

Chrome Cache Entry: 157

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1181, components 3

dropped

Chrome Cache Entry: 158

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1167, components 3

downloaded

Chrome Cache Entry: 159

ASCII text, with very long lines (10608)

downloaded

Chrome Cache Entry: 160

Web Open Font Format (Version 2), TrueType, length 77160, version 4.459

downloaded

Chrome Cache Entry: 161

ASCII text, with very long lines (10608)

dropped

Chrome Cache Entry: 162

ASCII text, with very long lines (2774)

dropped

Chrome Cache Entry: 163

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1265x1280, components 3

downloaded

Chrome Cache Entry: 164

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1251, components 3

dropped

Chrome Cache Entry: 165

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1181, components 3

dropped

Chrome Cache Entry: 166

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1179, components 3

downloaded

Chrome Cache Entry: 167

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1067x1058, components 3

downloaded

Chrome Cache Entry: 168

PNG image data, 368 x 193, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 169

JSON data

dropped

Chrome Cache Entry: 170

ASCII text, with very long lines (60130)

downloaded

Chrome Cache Entry: 171

PNG image data, 35 x 31, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 172

ASCII text

dropped

Chrome Cache Entry: 173

ASCII text, with very long lines (32058)

dropped

Chrome Cache Entry: 174

ASCII text, with very long lines (12736)

downloaded

Chrome Cache Entry: 175

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1199, components 3

downloaded

Chrome Cache Entry: 176

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1211, components 3

dropped

Chrome Cache Entry: 177

Web Open Font Format (Version 2), TrueType, length 78168, version 331.-31196

downloaded

Chrome Cache Entry: 178

ASCII text, with very long lines (18860)

downloaded

Chrome Cache Entry: 179

PNG image data, 35 x 18, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 180

ASCII text, with very long lines (554)

downloaded

Chrome Cache Entry: 181

ASCII text, with very long lines (19975)

dropped

Chrome Cache Entry: 182

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1192, components 3

dropped

Chrome Cache Entry: 183

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1251, components 3

downloaded

Chrome Cache Entry: 184

Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31196

downloaded

Chrome Cache Entry: 185

PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 186

PNG image data, 35 x 31, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 187

ASCII text

dropped

Chrome Cache Entry: 188

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1265x1280, components 3

dropped

Chrome Cache Entry: 189

ASCII text, with very long lines (30837)

downloaded

Chrome Cache Entry: 190

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1170, components 3

dropped

Chrome Cache Entry: 191

ASCII text, with very long lines (26500)

downloaded

Chrome Cache Entry: 192

ASCII text, with very long lines (554)

dropped

Chrome Cache Entry: 193

Web Open Font Format (Version 2), TrueType, length 33092, version 1.0

downloaded

Chrome Cache Entry: 194

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1167, components 3

dropped

Chrome Cache Entry: 195

ASCII text

downloaded

Chrome Cache Entry: 196

PNG image data, 368 x 193, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 197

JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 1078x1348, components 3

downloaded

Chrome Cache Entry: 198

PNG image data, 4010 x 700, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 199

ASCII text, with very long lines (57791)

downloaded

Chrome Cache Entry: 200

ASCII text

dropped

Chrome Cache Entry: 201

ASCII text, with very long lines (57791)

dropped

There are 89 hidden files, click here to show them.

Processes

Path

Cmdline

Malicious

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"

Details

Is windows:	true
Is dropped:	false
PID:	3744
Target ID:	0
Parent PID:	1816
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Size:	3242272
MD5:	45DE480806D1B5D462A7DDE4DCEFC4E4
Time:	09:22:49
Date:	28/10/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff76e190000
Modulesize:	3325952
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2004,i,8597340114565396189,5022696242973401466,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	4928
Target ID:	2
Parent PID:	3744
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2004,i,8597340114565396189,5022696242973401466,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Size:	3242272
MD5:	45DE480806D1B5D462A7DDE4DCEFC4E4
Time:	09:22:53
Date:	28/10/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff76e190000
Modulesize:	3325952
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.lexxuz.com"

Details

Is windows:	true
Is dropped:	false
PID:	6344
Target ID:	3
Parent PID:	1816
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.lexxuz.com"
Size:	3242272
MD5:	45DE480806D1B5D462A7DDE4DCEFC4E4
Time:	09:22:55
Date:	28/10/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff76e190000
Modulesize:	3325952
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

URLs

Name

Malicious

http://www.lexxuz.com

http://fontawesome.io

unknown

http://www.lexxuz.com/assets/img/sections/CC.jpg

66.231.71.41

http://www.broofa.com

unknown

http://g.co/dev/maps-no-account

unknown

https://walink.co/7b78ee

unknown

http://www.lexxuz.com/assets/img/sections/BC.jpg

66.231.71.41

http://www.lexxuz.com/assets/img/sections/C.jpg

66.231.71.41

http://www.lexxuz.com/assets/js/core/popper.min.js

66.231.71.41

http://www.lexxuz.com/assets/js/plugins/bootstrap-switch.js

66.231.71.41

https://fontawesome.com

unknown

https://www.google.com

unknown

http://www.lexxuz.com/assets/img/sections/PC.jpg

66.231.71.41

https://github.com/twbs/bootstrap/graphs/contributors)

unknown

http://www.jque.re/plugins/version3/bootstrap.switch/

unknown

https://walink.co/52e5e6

unknown

http://www.lexxuz.com/assets/img/iphone.png

66.231.71.41

http://www.lexxuz.com/assets/js/paper-kit.js?v=2.2.0

66.231.71.41

https://bttstrp.github.io/bootstrap-switch

unknown

https://goo.gle/js-api-loading

unknown

https://github.com/creativetimofficial/paper-kit-2/blob/master/LICENSE.md)

unknown

https://www.creative-tim.com)

unknown

http://www.lexxuz.com/assets/img/sections/TX.jpg

66.231.71.41

http://static.tumblr.com/i21wc39/coTmrkw40/shadow.png

unknown

http://jquery.com/)

unknown

http://opensource.org/licenses/MIT).

unknown

https://walink.co/8dbc46

unknown

https://walink.co/25aeaf

unknown

https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling

unknown

https://support.google.com/fusiontables/answer/9185417).

unknown

http://www.lexxuz.com/assets/js/plugins/bootstrap-datepicker.js

66.231.71.41

https://developers.google.com/maps/deprecations

unknown

http://www.lexxuz.com/assets/demo/demo.css

66.231.71.41

http://www.creative-tim.com)

unknown

http://www.lexxuz.com/assets/js/plugins/nouislider.min.js

66.231.71.41

https://walink.co/041974

unknown

http://www.lexxuz.com/assets/img/sections/T.jpg

66.231.71.41

http://www.lexxuz.com/

http://www.lexxuz.com/assets/css/bootstrap.min.css

66.231.71.41

https://kit.fontawesome.com/8b5cca295a.js

unknown

http://www.bootstrap-switch.org

unknown

http://www.lexxuz.com/assets/img/sections/B.jpg

66.231.71.41

http://www.lexxuz.com/assets/img/fog-low.png

66.231.71.41

https://github.com/twbs/bootstrap/blob/master/LICENSE)

unknown

http://www.lexxuz.com/assets/img/favicon-lexxuz.png

66.231.71.41

https://developers.google.com/maps/documentation/javascript/advanced-markers/migration

unknown

http://www.lexxuz.com/assets/js/core/jquery.min.js

66.231.71.41

http://www.lexxuz.com/assets/js/core/bootstrap.min.js

66.231.71.41

http://www.lexxuz.com/assets/img/sections/R.jpg

66.231.71.41

https://www.creative-tim.com/product/paper-kit

unknown

https://ka-f.fontawesome.com

unknown

https://walink.co/29274d

unknown

https://walink.co/604616

unknown

http://www.lexxuz.com/assets/img/1.jpg

66.231.71.41

http://www.lexxuz.com/assets/img/sections/D.jpg

66.231.71.41

https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers

unknown

http://www.lexxuz.com/assets/img/sections/TE.jpg

66.231.71.41

https://walink.co/c6d480

unknown

https://fontawesome.com/license/free

unknown

https://www.creative-tim.com/product/paper-kit-2

unknown

https://developers.google.com/maps/documentation/javascript/libraries

unknown

https://walink.co/5695ac

unknown

http://refreshless.com/nouislider/

unknown

https://walink.co/f174b1

unknown

http://www.lexxuz.com/assets/img/sections/F.jpg

66.231.71.41

https://walink.co/fba1b8

unknown

http://www.lexxuz.com/assets/css/paper-kit.css?v=2.2.0

66.231.71.41

https://walink.co/fdd9a7

unknown

https://developer.mozilla.org/docs/Web/API/EventTarget/addEventListener

unknown

http://www.lexxuz.com/assets/img/sections/M.jpg

66.231.71.41

http://www.lexxuz.com/assets/img/down-arrow.png

66.231.71.41

https://github.com/Eonasdan/bootstrap-datetimepicker/

unknown

https://walink.co/d95271

unknown

https://walink.co/7b4cef

unknown

https://maxcdn.bootstrapcdn.com/font-awesome/latest/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.10.207

http://www.lexxuz.com/assets/img/sections/GL.jpg

66.231.71.41

http://www.apache.org/licenses/LICENSE-2.0

unknown

http://www.lexxuz.com/assets/img/logo1.png

66.231.71.41

https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css

104.18.10.207

https://developers.google.com/maps/documentation/javascript/error-messages#

unknown

http://www.lexxuz.com/assets/img/sections/GB.jpg

66.231.71.41

https://walink.co/ed75ec

unknown

https://getbootstrap.com/)

unknown

http://www.lexxuz.com/assets/img/clouds.png

66.231.71.41

https://walink.co/6f2901

unknown

http://www.lexxuz.com/assets/img/gps.png

66.231.71.41

http://fontawesome.io/license

unknown

http://www.lexxuz.com/assets/img/reloj.png

66.231.71.41

https://kit.fontawesome.com

unknown

http://www.lexxuz.com/assets/js/plugins/moment.min.js

66.231.71.41

http://larentis.eu)

unknown

http://www.lexxuz.com/assets/img/sections/GW.jpg

66.231.71.41

http://jquery.com/).

unknown

https://walink.co/435738

unknown

https://github.com/uxsolutions/bootstrap-datepicker

unknown

http://www.lexxuz.com/assets/img/rest.png

66.231.71.41

https://walink.co/af66ea

unknown

http://www.lexxuz.com/assets/img/LOGO.png

66.231.71.41

https://github.com/Eonasdan/bootstrap-datetimepicker

unknown

http://www.lexxuz.com/assets/img/sections/A.jpg

66.231.71.41

http://www.lexxuz.com/assets/img/sections/CM.jpg

66.231.71.41

There are 90 hidden URLs, click here to show them.

Domains

Name

Malicious

maxcdn.bootstrapcdn.com

104.18.10.207

Details

Name:	maxcdn.bootstrapcdn.com
IP:	104.18.10.207
TargetID:	2
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Active:	true

Signature Hits	Behavior Group	Mitre Attack
Downloads files from webservers via HTTP	Networking	Application Layer Protocol Non-Application Layer Protocol Ingress Tool Transfer
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol
URLs found in memory or binary data	Networking

www.google.com

142.250.186.132

Details

Name:	www.google.com
IP:	142.250.186.132
TargetID:	2
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Active:	true

Signature Hits	Behavior Group	Mitre Attack
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol
URLs found in memory or binary data	Networking

www.lexxuz.com

66.231.71.41

Details

Name:	www.lexxuz.com
IP:	66.231.71.41
TargetID:	2
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Active:	true

Signature Hits	Behavior Group	Mitre Attack
Downloads files from webservers via HTTP	Networking	Application Layer Protocol Non-Application Layer Protocol Ingress Tool Transfer
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol
Spawns processes	System Summary	Process Injection

fp2e7a.wpc.phicdn.net

192.229.221.95

s-part-0032.t-0009.t-msedge.net

13.107.246.60

ka-f.fontawesome.com

unknown

Details

Name:	ka-f.fontawesome.com
TargetID:	2
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe

Signature Hits	Behavior Group	Mitre Attack
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol
URLs found in memory or binary data	Networking

kit.fontawesome.com

unknown

Details

Name:	kit.fontawesome.com
TargetID:	2
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe

Signature Hits	Behavior Group	Mitre Attack
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol
URLs found in memory or binary data	Networking

IPs

Domain

Country

Malicious

104.18.10.207

maxcdn.bootstrapcdn.com

United States

192.168.2.4

unknown

192.168.2.6

unknown

239.255.255.250

unknown

Reserved

66.231.71.41

www.lexxuz.com

Colombia

142.250.186.132

www.google.com

United States

DOM / HTML

URL

Malicious

http://www.lexxuz.com/

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
http://www.lexxuz.com

Files

Processes

URLs

Domains

IPs

DOM / HTML

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reporthttp://www.lexxuz.com

Files

Processes

URLs

Domains

IPs

DOM / HTML

IOC Report
http://www.lexxuz.com