Windows Analysis Report
https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f

Overview

General Information

Sample URL: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f
Analysis ID: 1559388
Infos:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Drops files with a non-matching file extension (content does not match file extension)
HTML page contains hidden javascript code
HTML page contains obfuscated script src

Classification

Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Base64 decoded: (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=!0;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.pare...
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Script src: data:text/javascript;base64,dmFyIHRlbXBsYXRlVXJsPSdodHRwczovL2tyZXNrYW1ha2kucGwvd3AtY29udGVudC90aGVtZXMva3Jlc2thbWFraSc=
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Script src: data:text/javascript;base64,dmFyIHRlbXBsYXRlVXJsPSdodHRwczovL2tyZXNrYW1ha2kucGwvd3AtY29udGVudC90aGVtZXMva3Jlc2thbWFraSc=
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Script src: data:text/javascript;base64,dmFyIHRlbXBsYXRlVXJsPSdodHRwczovL2tyZXNrYW1ha2kucGwvd3AtY29udGVudC90aGVtZXMva3Jlc2thbWFraSc=
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f HTTP Parser: No favicon
Source: https://kreskamaki.pl/wp-content/uploads/KRESKA-MAKI-ULOTKA.pdf HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdf HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdf HTTP Parser: No favicon
Source: chromecache_289.2.dr String found in binary or memory: <a href="https://www.facebook.com/kreskamaki/" title="facebook" target="_blank"> equals www.facebook.com (Facebook)
Source: chromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.dr String found in binary or memory: return b}GD.F="internal.enableAutoEventOnTimer";var Zb=wa(["data-gtm-yt-inspected-"]),ID=["www.youtube.com","www.youtube-nocookie.com"],JD,KD=!1; equals www.youtube.com (Youtube)
Source: chromecache_258.2.dr, downloaded.pdf.crdownload.0.dr, 1e21a5de-4f15-479b-b540-93d56676e759.tmp.0.dr String found in binary or memory: http://www.npes.org/pdfx/ns/id/
Source: 2D85F72862B55C4EADD9E66E06947F3D0.8.dr String found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_291.2.dr String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_289.2.dr String found in binary or memory: https://api.w.org/
Source: chromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.dr String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_289.2.dr String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbqmIE4Ygg.w
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbqnIE4Ygg.w
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbqoIE4.woff
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfG7qmIE4Ygg.w
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfG7qnIE4Ygg.w
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfG7qoIE4.woff
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf-62_B2sl.wof
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf-62_CGslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf-62_CWslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf06i_B2sl.wof
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf06i_CGslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf06i_CWslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf36y_B2sl.wof
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf36y_CGslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf36y_CWslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfi6m_B2sl.wof
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfi6m_CGslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfi6m_CWslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.wof
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_CGslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_CWslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRft6u_B2sl.wof
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRft6u_CGslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRft6u_CWslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_B2sl.wof
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_CGslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_CWslu50.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpjgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbLLEEIAhqSP
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpjgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbLLEEMAhqSP
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpjgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbLLEEwAhg.w
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIDAlsno5k.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIDAlsoo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIDAlspo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIPBlsno5k.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIPBlsoo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIPBlspo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbITBVsno5k.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbITBVsoo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbITBVspo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIrB1sno5k.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIrB1soo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIrB1spo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJ3BFsno5k.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJ3BFsoo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJ3BFspo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJbA1sno5k.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJbA1soo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJbA1spo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJnAVsno5k.
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJnAVsoo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJnAVspo5m2
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXd4qqOEo.woff
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXdoqqOEo.woff
Source: chromecache_268.2.dr String found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2)
Source: chromecache_265.2.dr, chromecache_282.2.dr, chromecache_279.2.dr String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_280.2.dr, chromecache_292.2.dr String found in binary or memory: https://github.com/georgekosmidis/jquery-hashchange
Source: chromecache_273.2.dr String found in binary or memory: https://github.com/jonsuh/hamburgers
Source: chromecache_276.2.dr, chromecache_254.2.dr String found in binary or memory: https://github.com/microsoft/clarity
Source: chromecache_265.2.dr, chromecache_282.2.dr, chromecache_279.2.dr String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_282.2.dr, chromecache_279.2.dr String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_291.2.dr String found in binary or memory: https://google.com
Source: chromecache_291.2.dr String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_273.2.dr String found in binary or memory: https://jonsuh.com/hamburgers
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/#lokale
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/#menu
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/#onas
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/promocje/
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/litespeed/css/337468f3ab634f283848c9874971e922.css?ver=1e922
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/litespeed/css/5249450f0b6dbec702c6eddfd93e86c2.css?ver=e86c2
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/litespeed/css/68cd2460d4d9f72fde436a1695d0cea3.css?ver=0cea3
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/themes/kreskamaki/fonts/Holtzman-Textured-PL.woff2
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/themes/kreskamaki/img/btn-arrow.svg
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/uploads/KRESKA-MAKI-ULOTKA.pdf
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/uploads/favicon.png
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/uploads/fb.svg
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/uploads/inst.svg
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/uploads/kreska-maki-polityka-prywatnosci.pdf
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-content/uploads/logo.svg
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/wp-json/
Source: chromecache_289.2.dr String found in binary or memory: https://kreskamaki.pl/xmlrpc.php?rsd
Source: chromecache_291.2.dr, chromecache_271.2.dr String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_289.2.dr String found in binary or memory: https://pomelomedia.pl/
Source: chromecache_272.2.dr, chromecache_281.2.dr, chromecache_259.2.dr, chromecache_251.2.dr, chromecache_275.2.dr, chromecache_277.2.dr String found in binary or memory: https://sketchapp.com
Source: chromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.dr String found in binary or memory: https://td.doubleclick.net
Source: chromecache_291.2.dr, chromecache_271.2.dr String found in binary or memory: https://www.google.com
Source: chromecache_291.2.dr, chromecache_271.2.dr String found in binary or memory: https://www.googleadservices.com
Source: chromecache_271.2.dr String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_252.2.dr, chromecache_291.2.dr String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_289.2.dr String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-5DJH2VX
Source: chromecache_289.2.dr String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-PQJK382V
Source: chromecache_252.2.dr, chromecache_291.2.dr String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_289.2.dr String found in binary or memory: https://www.instagram.com/kreska.maki/
Source: classification engine Classification label: clean1.win@39/124@0/8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\Downloads\1d451fe1-238f-4043-bb80-75a46b6ae060.tmp Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe File created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-11-20 07-26-55-558.log Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2000,i,3380293206825283762,15677942766615917640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f"
Source: unknown Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\downloaded.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1560,i,3530712955350696723,17840097560420890255,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2000,i,3380293206825283762,15677942766615917640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1560,i,3530712955350696723,17840097560420890255,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe File opened: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\crash_reporter.cfg Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 258
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 258 Jump to dropped file
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs