Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://sharethewebs.click/riii1-b.flv

Overview

General Information

Sample URL:https://sharethewebs.click/riii1-b.flv
Analysis ID:1590228
Infos:
Errors
  • URL not reachable

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2256 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3688 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2008,i,18242345594124154602,17400745830958421136,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6508 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sharethewebs.click/riii1-b.flv" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://sharethewebs.click/riii1-b.flvAvira URL Cloud: detection malicious, Label: malware
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: sharethewebs.click
Source: global trafficDNS traffic detected: DNS query: google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: classification engineClassification label: mal48.win@20/0@21/3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2008,i,18242345594124154602,17400745830958421136,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sharethewebs.click/riii1-b.flv"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2008,i,18242345594124154602,17400745830958421136,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://sharethewebs.click/riii1-b.flv100%Avira URL Cloudmalware

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
google.com
172.217.169.110
truefalse
    		high
    www.google.com
    		142.250.185.132
    		truefalse
      		high
      sharethewebs.click
      		unknown
      		unknownfalse
        		high

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        239.255.255.250
        		unknownReserved
        		unknownunknownfalse
        142.250.185.132
        		www.google.comUnited States
        		15169GOOGLEUSfalse

        Private

        IP
        192.168.2.4

        General Information

        Joe Sandbox version:42.0.0 Malachite
        Analysis ID:1590228
        Start date and time:2025-01-13 19:26:25 +01:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 1m 48s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:browseurl.jbs
        Sample URL:https://sharethewebs.click/riii1-b.flv
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:7
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Detection:MAL
        Classification:mal48.win@20/0@21/3
        Cookbook Comments:
        • URL browsing timeout or error

        Errors

        • URL not reachable

        Warnings

        • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
        • Excluded IPs from analysis (whitelisted): 216.58.212.131, 142.250.110.84, 142.250.185.142, 199.232.214.172, 192.229.221.95, 172.217.16.206, 142.250.185.238, 142.250.184.206, 2.23.242.162, 20.12.23.50
        • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, accounts.google.com, redirector.gvt1.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
        • Not all processes where analyzed, report is missing behavior information
        • VT rate limit hit for: https://sharethewebs.click/riii1-b.flv

        Simulations

        Behavior and APIs

        No simulations

        Joe Sandbox View / Context

        IPs

        No context

        Domains

        No context

        ASNs

        No context

        JA3 Fingerprints

        No context

        Dropped Files

        No context

        Created / dropped Files

        No created / dropped files found

        Static File Info

        No static file info

        Network Behavior

        Network Port Distribution

        TCP Packets

        TimestampSource PortDest PortSource IPDest IP
        Jan 13, 2025 19:27:21.686929941 CET49675443192.168.2.4173.222.162.32
        Jan 13, 2025 19:27:25.165673971 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:25.165766001 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:25.165870905 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:25.166203022 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:25.166229010 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:25.832909107 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:25.833326101 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:25.833405018 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:25.834872007 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:25.835082054 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:25.836405039 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:25.836504936 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:25.876148939 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:25.876180887 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:25.923063993 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:35.731982946 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:35.732050896 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:35.732242107 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:37.491950989 CET49737443192.168.2.4142.250.185.132
        Jan 13, 2025 19:27:37.491988897 CET44349737142.250.185.132192.168.2.4
        Jan 13, 2025 19:27:37.924217939 CET4972380192.168.2.4199.232.210.172
        Jan 13, 2025 19:27:37.929275990 CET8049723199.232.210.172192.168.2.4
        Jan 13, 2025 19:27:37.929335117 CET4972380192.168.2.4199.232.210.172

        UDP Packets

        TimestampSource PortDest PortSource IPDest IP
        Jan 13, 2025 19:27:21.126666069 CET53636381.1.1.1192.168.2.4
        Jan 13, 2025 19:27:21.213984966 CET53619411.1.1.1192.168.2.4
        Jan 13, 2025 19:27:25.157109022 CET6121753192.168.2.41.1.1.1
        Jan 13, 2025 19:27:25.157239914 CET6543953192.168.2.41.1.1.1
        Jan 13, 2025 19:27:25.164297104 CET53612171.1.1.1192.168.2.4
        Jan 13, 2025 19:27:25.164336920 CET53654391.1.1.1192.168.2.4
        Jan 13, 2025 19:27:27.275501966 CET5457053192.168.2.41.1.1.1
        Jan 13, 2025 19:27:27.276082039 CET5587453192.168.2.41.1.1.1
        Jan 13, 2025 19:27:27.283811092 CET53558741.1.1.1192.168.2.4
        Jan 13, 2025 19:27:27.285911083 CET53545701.1.1.1192.168.2.4
        Jan 13, 2025 19:27:27.291630030 CET6277053192.168.2.41.1.1.1
        Jan 13, 2025 19:27:27.299280882 CET53627701.1.1.1192.168.2.4
        Jan 13, 2025 19:27:27.326208115 CET6379153192.168.2.41.1.1.1
        Jan 13, 2025 19:27:27.326428890 CET5134953192.168.2.41.1.1.1
        Jan 13, 2025 19:27:27.333600044 CET53637911.1.1.1192.168.2.4
        Jan 13, 2025 19:27:27.333831072 CET53513491.1.1.1192.168.2.4
        Jan 13, 2025 19:27:27.433193922 CET5527653192.168.2.48.8.8.8
        Jan 13, 2025 19:27:27.433887005 CET5409953192.168.2.41.1.1.1
        Jan 13, 2025 19:27:27.440180063 CET53552768.8.8.8192.168.2.4
        Jan 13, 2025 19:27:27.440705061 CET53540991.1.1.1192.168.2.4
        Jan 13, 2025 19:27:28.441787958 CET6202353192.168.2.41.1.1.1
        Jan 13, 2025 19:27:28.441787958 CET5107153192.168.2.41.1.1.1
        Jan 13, 2025 19:27:29.453090906 CET5209953192.168.2.41.1.1.1
        Jan 13, 2025 19:27:29.453551054 CET5549053192.168.2.41.1.1.1
        Jan 13, 2025 19:27:29.521056890 CET53620231.1.1.1192.168.2.4
        Jan 13, 2025 19:27:29.521147013 CET53520991.1.1.1192.168.2.4
        Jan 13, 2025 19:27:29.521173954 CET53510711.1.1.1192.168.2.4
        Jan 13, 2025 19:27:29.521200895 CET53554901.1.1.1192.168.2.4
        Jan 13, 2025 19:27:33.446288109 CET5855953192.168.2.41.1.1.1
        Jan 13, 2025 19:27:33.447123051 CET5184353192.168.2.41.1.1.1
        Jan 13, 2025 19:27:33.453546047 CET53585591.1.1.1192.168.2.4
        Jan 13, 2025 19:27:33.454798937 CET53518431.1.1.1192.168.2.4
        Jan 13, 2025 19:27:33.456727982 CET5507953192.168.2.41.1.1.1
        Jan 13, 2025 19:27:33.464066029 CET53550791.1.1.1192.168.2.4
        Jan 13, 2025 19:27:33.475944042 CET5073453192.168.2.41.1.1.1
        Jan 13, 2025 19:27:33.476221085 CET5626953192.168.2.48.8.8.8
        Jan 13, 2025 19:27:33.484051943 CET53562698.8.8.8192.168.2.4
        Jan 13, 2025 19:27:33.484062910 CET53507341.1.1.1192.168.2.4
        Jan 13, 2025 19:27:37.806276083 CET53519521.1.1.1192.168.2.4
        Jan 13, 2025 19:27:38.442548990 CET138138192.168.2.4192.168.2.255
        Jan 13, 2025 19:27:38.496984959 CET5237053192.168.2.41.1.1.1
        Jan 13, 2025 19:27:38.497104883 CET6498453192.168.2.41.1.1.1
        Jan 13, 2025 19:27:38.504210949 CET53523701.1.1.1192.168.2.4
        Jan 13, 2025 19:27:38.523411989 CET53649841.1.1.1192.168.2.4
        Jan 13, 2025 19:27:38.530308962 CET6348353192.168.2.41.1.1.1
        Jan 13, 2025 19:27:38.542557001 CET53634831.1.1.1192.168.2.4

        DNS Queries

        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
        Jan 13, 2025 19:27:25.157109022 CET192.168.2.41.1.1.10x9217Standard query (0)www.google.comA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:25.157239914 CET192.168.2.41.1.1.10x78d3Standard query (0)www.google.com65IN (0x0001)false
        Jan 13, 2025 19:27:27.275501966 CET192.168.2.41.1.1.10xfdeaStandard query (0)sharethewebs.clickA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:27.276082039 CET192.168.2.41.1.1.10x5c37Standard query (0)sharethewebs.click65IN (0x0001)false
        Jan 13, 2025 19:27:27.291630030 CET192.168.2.41.1.1.10x7b08Standard query (0)sharethewebs.clickA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:27.326208115 CET192.168.2.41.1.1.10xb80fStandard query (0)sharethewebs.clickA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:27.326428890 CET192.168.2.41.1.1.10xc3Standard query (0)sharethewebs.click65IN (0x0001)false
        Jan 13, 2025 19:27:27.433193922 CET192.168.2.48.8.8.80x711cStandard query (0)google.comA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:27.433887005 CET192.168.2.41.1.1.10x6e01Standard query (0)google.comA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:28.441787958 CET192.168.2.41.1.1.10x4abdStandard query (0)sharethewebs.clickA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:28.441787958 CET192.168.2.41.1.1.10x5fccStandard query (0)sharethewebs.click65IN (0x0001)false
        Jan 13, 2025 19:27:29.453090906 CET192.168.2.41.1.1.10xbfdeStandard query (0)sharethewebs.clickA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:29.453551054 CET192.168.2.41.1.1.10x5a0bStandard query (0)sharethewebs.click65IN (0x0001)false
        Jan 13, 2025 19:27:33.446288109 CET192.168.2.41.1.1.10xa210Standard query (0)sharethewebs.clickA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:33.447123051 CET192.168.2.41.1.1.10x38e9Standard query (0)sharethewebs.click65IN (0x0001)false
        Jan 13, 2025 19:27:33.456727982 CET192.168.2.41.1.1.10x44f3Standard query (0)sharethewebs.clickA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:33.475944042 CET192.168.2.41.1.1.10xaf07Standard query (0)google.comA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:33.476221085 CET192.168.2.48.8.8.80x4519Standard query (0)google.comA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:38.496984959 CET192.168.2.41.1.1.10xdf55Standard query (0)sharethewebs.clickA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:38.497104883 CET192.168.2.41.1.1.10x479aStandard query (0)sharethewebs.click65IN (0x0001)false
        Jan 13, 2025 19:27:38.530308962 CET192.168.2.41.1.1.10x4379Standard query (0)sharethewebs.clickA (IP address)IN (0x0001)false

        DNS Answers

        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
        Jan 13, 2025 19:27:25.164297104 CET1.1.1.1192.168.2.40x9217No error (0)www.google.com142.250.185.132A (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:25.164336920 CET1.1.1.1192.168.2.40x78d3No error (0)www.google.com65IN (0x0001)false
        Jan 13, 2025 19:27:27.283811092 CET1.1.1.1192.168.2.40x5c37Name error (3)sharethewebs.clicknonenone65IN (0x0001)false
        Jan 13, 2025 19:27:27.285911083 CET1.1.1.1192.168.2.40xfdeaName error (3)sharethewebs.clicknonenoneA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:27.299280882 CET1.1.1.1192.168.2.40x7b08Name error (3)sharethewebs.clicknonenoneA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:27.333600044 CET1.1.1.1192.168.2.40xb80fName error (3)sharethewebs.clicknonenoneA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:27.333831072 CET1.1.1.1192.168.2.40xc3Name error (3)sharethewebs.clicknonenone65IN (0x0001)false
        Jan 13, 2025 19:27:27.440180063 CET8.8.8.8192.168.2.40x711cNo error (0)google.com172.217.169.110A (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:27.440705061 CET1.1.1.1192.168.2.40x6e01No error (0)google.com142.250.184.206A (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:29.521056890 CET1.1.1.1192.168.2.40x4abdName error (3)sharethewebs.clicknonenoneA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:29.521147013 CET1.1.1.1192.168.2.40xbfdeName error (3)sharethewebs.clicknonenoneA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:29.521173954 CET1.1.1.1192.168.2.40x5fccName error (3)sharethewebs.clicknonenone65IN (0x0001)false
        Jan 13, 2025 19:27:29.521200895 CET1.1.1.1192.168.2.40x5a0bName error (3)sharethewebs.clicknonenone65IN (0x0001)false
        Jan 13, 2025 19:27:33.453546047 CET1.1.1.1192.168.2.40xa210Name error (3)sharethewebs.clicknonenoneA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:33.454798937 CET1.1.1.1192.168.2.40x38e9Name error (3)sharethewebs.clicknonenone65IN (0x0001)false
        Jan 13, 2025 19:27:33.464066029 CET1.1.1.1192.168.2.40x44f3Name error (3)sharethewebs.clicknonenoneA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:33.484051943 CET8.8.8.8192.168.2.40x4519No error (0)google.com172.217.169.110A (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:33.484062910 CET1.1.1.1192.168.2.40xaf07No error (0)google.com142.250.186.142A (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:38.504210949 CET1.1.1.1192.168.2.40xdf55Name error (3)sharethewebs.clicknonenoneA (IP address)IN (0x0001)false
        Jan 13, 2025 19:27:38.523411989 CET1.1.1.1192.168.2.40x479aName error (3)sharethewebs.clicknonenone65IN (0x0001)false
        Jan 13, 2025 19:27:38.542557001 CET1.1.1.1192.168.2.40x4379Name error (3)sharethewebs.clicknonenoneA (IP address)IN (0x0001)false

        Statistics

        CPU Usage

        Click to jump to process

        Memory Usage

        Click to jump to process

        Behavior

        Click to jump to process

        System Behavior

        General

        Target ID:0
        Start time:13:27:17
        Start date:13/01/2025
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        General

        Target ID:2
        Start time:13:27:19
        Start date:13/01/2025
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2008,i,18242345594124154602,17400745830958421136,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        General

        Target ID:3
        Start time:13:27:26
        Start date:13/01/2025
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sharethewebs.click/riii1-b.flv"
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:true

        Disassembly

        No disassembly