Edit tour

Windows Analysis Report
message (1).eml

Overview

General Information

Sample name:	message (1).eml
Analysis ID:	1592193
MD5:	4b4fe16d1cb9acc9494b874b71cdb39b
SHA1:	822c851d50dc9f0f957509a3309e0ec0f5cde1a0
SHA256:	c79a40c5d5db4bfcf5e076d62745fdcaba9df2603959203bc5320d6b147650eb
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected landing page (webpage, office document or email)

AI detected suspicious elements in Email content

Detected TCP or UDP traffic on non-standard ports

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden javascript code

HTML title does not match URL

Queries the volume information (name, serial number etc) of a device

Sigma detected: Office Autorun Keys Modification

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

OUTLOOK.EXE (PID: 3600 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\message (1).eml" MD5: 91A5292942864110ED734005B7E005C0)

ai.exe (PID: 6788 cmdline: "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "C558135D-DA6C-434B-AED7-D1F4B7203144" "4C464BF8-CBC1-4456-A3AD-9E02535D055A" "3600" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD)

chrome.exe (PID: 6724 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.dropbox.com/l/scl/AACjG9ZZUmN7sfLs2_eTFfe1IlUzOL0YzM4 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2212 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1996,i,7012891395290546672,2366794436550290668,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7560 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5556 --field-trial-handle=1996,i,7012891395290546672,2366794436550290668,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6708 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 --field-trial-handle=1996,i,7012891395290546672,2366794436550290668,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Sigma Signatures

Sigma detected: Office Autorun Keys Modification

Source: Registry Key set

Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 3600, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin\1

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

AI detected landing page (webpage, office document or email)

Source: Email	Joe Sandbox AI: Page contains button: 'Open file' Source: 'Email'
Source: Email	Joe Sandbox AI: Email contains prominent button: 'open file'

AI detected suspicious elements in Email content

Source: Email

Joe Sandbox AI: Detected potential phishing email: Suspicious sender email 'employee-yearendincentive@mail.com' doesn't match the display name and claimed Dropbox domain. Generic 'Human Resources' sender name combined with year-end incentive theme is a common phishing tactic. Multiple links attempting to appear as Dropbox but likely lead to malicious sites

Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0

HTTP Parser: Number of links: 0

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?dl=0&oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1

HTTP Parser: Base64 decoded: +)previews_image_enhancements_color_correct

HTTP Parser: Title: Sign In - Google Accounts does not match URL

Source: Email

Classification: Payroll Fraud

Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: Iframe src: https://accounts.google.com/gsi/button?text=continue_with&width=350&logo_alignment=left&click_listener=()%3D%3E%7Bvar%20e%2Ct%3Bthis.hasPendingAuthFlow%26%26(null%3D%3D%3D(e%3Dthis.logger)%7C%7Cvoid%200%3D%3D%3De%7C%7Ce.logLoginCancel(!1))%2Cthis.hasPendingAuthFlow%3D!0%2Cnull%3D%3D%3D(t%3Dthis.logger)%7C%7Cvoid%200%3D%3D%3Dt%7C%7Ct.logLoginStart(!1)%7D&client_id=801668726815.apps.googleusercontent.com&iframe_id=gsi_1957_493314&as=GZfxYE9radQpPD5uNnvw2tKtGjhTBDL6HIMCoHFDkkU&hl=en
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: Iframe src: https://dropboxcaptcha.com
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: Iframe src: https://accounts.google.com/gsi/button?text=continue_with&width=350&logo_alignment=left&click_listener=()%3D%3E%7Bvar%20e%2Ct%3Bthis.hasPendingAuthFlow%26%26(null%3D%3D%3D(e%3Dthis.logger)%7C%7Cvoid%200%3D%3D%3De%7C%7Ce.logLoginCancel(!1))%2Cthis.hasPendingAuthFlow%3D!0%2Cnull%3D%3D%3D(t%3Dthis.logger)%7C%7Cvoid%200%3D%3D%3Dt%7C%7Ct.logLoginStart(!1)%7D&client_id=801668726815.apps.googleusercontent.com&iframe_id=gsi_1957_493314&as=GZfxYE9radQpPD5uNnvw2tKtGjhTBDL6HIMCoHFDkkU&hl=en
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: Iframe src: https://dropboxcaptcha.com
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: Iframe src: https://accounts.google.com/gsi/button?text=continue_with&width=350&logo_alignment=left&click_listener=()%3D%3E%7Bvar%20e%2Ct%3Bthis.hasPendingAuthFlow%26%26(null%3D%3D%3D(e%3Dthis.logger)%7C%7Cvoid%200%3D%3D%3De%7C%7Ce.logLoginCancel(!1))%2Cthis.hasPendingAuthFlow%3D!0%2Cnull%3D%3D%3D(t%3Dthis.logger)%7C%7Cvoid%200%3D%3D%3Dt%7C%7Ct.logLoginStart(!1)%7D&client_id=801668726815.apps.googleusercontent.com&iframe_id=gsi_1957_493314&as=GZfxYE9radQpPD5uNnvw2tKtGjhTBDL6HIMCoHFDkkU&hl=en

HTTP Parser: <input type="password" .../> found

Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No favicon
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No favicon
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No favicon
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No favicon

Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No <meta name="author".. found
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No <meta name="author".. found
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No <meta name="author".. found
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No <meta name="author".. found

Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No <meta name="copyright".. found
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No <meta name="copyright".. found
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No <meta name="copyright".. found
Source: https://www.dropbox.com/scl/fi/0099jklirbvbgle537qu8/Untitled.paper?oref=e&r=ACWvelkhYi_KLhCoreFrYeC4Cku3TdBKZkbvwgJiiV3CVflNj5qQiQoX8ZchRkGRrRXcu7ZIOtWvfAy2i3eRi4bny47x4sioCqUyrQIvrcg7aJ_DZSIYEpqFiVVyObHdESDraT-hDEnzePzDkWzuS_iSSlT6dRZ5d9Yie7GAV9a_ga9z4-q_C4l7n3shQFFUlDuF8iDrQMC1f91d7GND8_jn&sm=1&dl=0	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:50059 version: TLS 1.2

Source: global traffic

TCP traffic: 192.168.2.16:49962 -> 35.157.212.223:3478

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.133
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.133
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.133
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.133
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.133
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.133
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.133
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	DNS traffic detected: DNS query: www.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: cfl.dropboxstatic.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: d.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: c.contentsquare.net
Source: global traffic	DNS traffic detected: DNS query: fp.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: use1-turn.fpjs.io
Source: global traffic	DNS traffic detected: DNS query: dropboxcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: dropbox-api.arkoselabs.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 50091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 50120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 50096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 50062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50138
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50131
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50133
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50132
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50134
Source: unknown	Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50136
Source: unknown	Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 50137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 50109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 50076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50133 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 50111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50135 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50123 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 50086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50101 -> 443

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:50059 version: TLS 1.2

Source: classification engine

Classification label: mal48.winEML@25/171@53/298

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries