Windows
Analysis Report
https://login.office365-formsubmit.click
Overview
Detection
Score: | 56 |
Range: | 0 - 100 |
Confidence: | 100% |
Signatures
Classification
- System is w10x64_ra
chrome.exe (PID: 392 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --s tart-maxim ized "abou t:blank" MD5: E81F54E6C1129887AEA47E7D092680BF) chrome.exe (PID: 3064 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --no-pre-r ead-main-d ll --field -trial-han dle=1880,i ,114568890 0328059650 3,10662315 0946891253 87,262144 --disable- features=O ptimizatio nGuideMode lDownloadi ng,Optimiz ationHints ,Optimizat ionHintsFe tching,Opt imizationT argetPredi ction --va riations-s eed-versio n --mojo-p latform-ch annel-hand le=2252 /p refetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
chrome.exe (PID: 6248 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://login .office365 -formsubmi t.click" MD5: E81F54E6C1129887AEA47E7D092680BF)
- cleanup
- • AV Detection
- • Phishing
- • Compliance
- • Software Vulnerabilities
- • Networking
- • System Summary
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: |
Phishing |
---|
Source: | Joe Sandbox AI: | ||
Source: | Joe Sandbox AI: | ||
Source: | Joe Sandbox AI: | ||
Source: | Joe Sandbox AI: |
Source: | Joe Sandbox AI: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | Memory has grown: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: |
Source: | File created: |
Source: | File deleted: |
Source: | Classification label: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 2 Browser Extensions | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Extra Window Memory Injection | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Extra Window Memory Injection | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | malware |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
a.nel.cloudflare.com | 35.190.80.1 | true | false | high | |
youtube-ui.l.google.com | 216.58.212.174 | true | false | high | |
googleads.g.doubleclick.net | 216.58.212.130 | true | false | high | |
i.ytimg.com | 142.250.185.214 | true | false | high | |
challenges.cloudflare.com | 104.18.94.41 | true | false | high | |
photos-ugc.l.googleusercontent.com | 216.58.206.65 | true | false | high | |
rr2.sn-8xgp1vo-p5ie.googlevideo.com | 208.194.63.13 | true | false | unknown | |
www.google.com | 142.250.185.100 | true | false | high | |
login.office365-formsubmit.click | 104.21.32.1 | true | false | high | |
youtube.com | 172.217.16.206 | true | false | high | |
yt3.ggpht.com | unknown | unknown | false | high | |
rr2---sn-8xgp1vo-p5ie.googlevideo.com | unknown | unknown | true | unknown | |
www.youtube.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true | unknown | ||
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false | high | ||
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false |
| unknown | |
false | high | ||
false |
| unknown | |
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.185.99 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.206 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.186.182 | unknown | United States | 15169 | GOOGLEUS | false | |
104.21.32.1 | login.office365-formsubmit.click | United States | 13335 | CLOUDFLARENETUS | false | |
142.250.74.206 | unknown | United States | 15169 | GOOGLEUS | false | |
104.18.94.41 | challenges.cloudflare.com | United States | 13335 | CLOUDFLARENETUS | false | |
74.125.71.84 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.100 | www.google.com | United States | 15169 | GOOGLEUS | false | |
104.18.95.41 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
142.250.185.214 | i.ytimg.com | United States | 15169 | GOOGLEUS | false | |
142.250.186.106 | unknown | United States | 15169 | GOOGLEUS | false | |
208.194.63.13 | rr2.sn-8xgp1vo-p5ie.googlevideo.com | United States | 701 | UUNETUS | false | |
142.250.185.163 | unknown | United States | 15169 | GOOGLEUS | false | |
172.217.23.99 | unknown | United States | 15169 | GOOGLEUS | false | |
104.21.96.1 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
142.250.184.238 | unknown | United States | 15169 | GOOGLEUS | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
216.58.212.174 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.186.99 | unknown | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.17 |
192.168.2.18 |
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1636567 |
Start date and time: | 2025-03-12 22:10:53 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | https://login.office365-formsubmit.click |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 14 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal56.win@29/21@36/144 |
- Exclude process from analysis
(whitelisted): svchost.exe - Excluded IPs from analysis (wh
itelisted): 142.250.185.206, 1 42.250.185.163, 74.125.71.84, 142.250.184.238, 216.58.206.78 - Excluded domains from analysis
(whitelisted): clients2.googl e.com, accounts.google.com, re director.gvt1.com, clientservi ces.googleapis.com, clients.l. google.com - Not all processes where analyz
ed, report is missing behavior information - Report size getting too big, t
oo many NtOpenFile calls found . - Some HTTPS proxied raw data pa
ckets have been limited to 10 per session. Please view the P CAPs for the complete data. - VT rate limit hit for: https:
//login.office365-formsubmit.c lick
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 15162 |
Entropy (8bit): | 7.986937683610401 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0F81C5B31A53AEC3B43B1439F297F2D2 |
SHA1: | A28BB0432D157B7D12F7D5890E3CFB570C186662 |
SHA-256: | 4B8CC53DE8961221AC10A6F16082AEA81283F154A51ED0563DF0680873509104 |
SHA-512: | CA454CC3D037B181C9630C80E6E506677610C3F991FCE9392A800545CF69F3D97A910505A5B43078E33A1CBD2860DB8D398274F46ACA2A197E0BF7876BABA31E |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13096 |
Entropy (8bit): | 7.984685620829595 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3A3BB8CAC234ADBE7149F2BE6C6D46ED |
SHA1: | 6672915E01FE1138637BFB3BC64C33C50D5343CC |
SHA-256: | 23CC63758DC89B4E6EF04C5CE4A36A71E7965415A8C74A485B629014033B5D0A |
SHA-512: | 3116632EDD0B83BC793817C1802A1C880B08D229B9AB98069339B188661281540A249BC5DA41D0A3107599EA5772EA67242916A9DF65D2BE611542582A1A3A67 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/jsbin/spf.vflset/spf.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 61 |
Entropy (8bit): | 4.022997040570905 |
Encrypted: | false |
SSDEEP: | |
MD5: | AD2F4CC52697664370BA398FD870F615 |
SHA1: | 10747B2982A40CA5CFC7580205C7E4D17099DF48 |
SHA-256: | B211CA1C9ACA31F68CDD1B16949CFBD8E8DEF77D41C9EF63875329D979BC0842 |
SHA-512: | 9A3E9AB4F8E1944762FA96AB706AB9AF102039155200038A785BD0141FEB1DB8E1BC0EBD156E70E8F8EBC3D5C5676BD47B48D95AB6ED59A73429924F3F11393D |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2551073 |
Entropy (8bit): | 5.648424140982604 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6FAD886E6F2DBE5CCD796C7FDEC8B9B6 |
SHA1: | B9946C4CF7F0E4F8D9FE3CA3E04C512D08178DD1 |
SHA-256: | 007F13CBDECA464C9BCD11717261C09F4603BF39DAC3108E36D41F13174402B4 |
SHA-512: | 33192CE4C2294E5B77E4505362FDB9DA847336C31C1EE7B9C5F5C6748F0CF7EB4B587D26FDF79AAC3BDD55109A1965B1181F745C97641027234C0550BA028156 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/player/b21600d5/player_ias.vflset/en_US/base.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1628 |
Entropy (8bit): | 7.8872209937207876 |
Encrypted: | false |
SSDEEP: | |
MD5: | C8055D7F0FA09480229B2C92F5928900 |
SHA1: | 41D5089FDB244F1BC8BC78F356B1BBB8C02CB916 |
SHA-256: | 833E540FB832A74A565C6555A18132A441065E47E7A05A6DF06893A1B1E59E38 |
SHA-512: | 56A684AF0486B7768D8C528FA3EF2751BF604199DDA60CE8DA3249FF2127722C6EEC256DC8EADAE682B51A8FE8086B76DB3B8AF253637CDF04D81B9747926DCF |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 240 |
Entropy (8bit): | 7.085649970428245 |
Encrypted: | false |
SSDEEP: | |
MD5: | 009D56A036462CD77FBB802695185A98 |
SHA1: | F4420879DFB1A5A0E87687261057A6E6DD6F4700 |
SHA-256: | B49F29737D36BEFCBF27957CAA9CF57AAFB4CFC448C6B75862430D0F009C4B13 |
SHA-512: | E1BF045AC7C851B07FAED0BC89AAB84BDFCEF7E559CB5F5ADD09D6D2DDD08A928203BB24F8CA7ED958F1193F58E4DA0AB93086DB716A84382DD9BEF5C71186FD |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/cssbin/www-onepick.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22928 |
Entropy (8bit): | 7.990826530446525 |
Encrypted: | true |
SSDEEP: | |
MD5: | 778CA3ED38E51E5D4967CD21EFBDD007 |
SHA1: | 06E62821512A5B73931E237E35501F7722F0DBF4 |
SHA-256: | B7E1BFADB8D9C061F17A7234DF012DF7842AB1AA8FB6F9579FA3F0A3B4A75BC0 |
SHA-512: | 5F6F02099CA8079305FB7E7F43AE4344D522271FE30379C0854D6A81B7D8ADF408A50A4B799B5F52E6ED162BA6CE7FE97E24A2B9719DF780E75683D3AA103D09 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/jsbin/webcomponents-sd.vflset/webcomponents-sd.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3387 |
Entropy (8bit): | 7.942426473360069 |
Encrypted: | false |
SSDEEP: | |
MD5: | AFC2FAC606CF58DFA08CD20197CFF1F3 |
SHA1: | 7996FEAF0E05EDD446A726FFE058E5D442E506F4 |
SHA-256: | 90FB0F63E2CED7E8D73EADB71FBFB680DC7C57D93B070C005E47E44BA6151B54 |
SHA-512: | 170D5E9965C7E41973526A4FF1B33E864DEA55ECA1628D6E999D1B66403F3EBCE000651698057A3E2A186EF43D0EAFC3D4BFE0322E9D8309A822004CA535382A |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/jsbin/scheduler.vflset/scheduler.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17560 |
Entropy (8bit): | 7.954865714632017 |
Encrypted: | false |
SSDEEP: | |
MD5: | 074E969BB4B56ACD26091B19784DF7E2 |
SHA1: | 0B8F66FD70F29859EA25EE481FF33F93BB84D512 |
SHA-256: | 405893B0BF0B3E87141E7048E1CB6665CA5593FEA1B159CA0CE90E77D049C51A |
SHA-512: | 0E7286126446B64EFB16D8891AE2A649E4CCCE337510EBA812294E78B78D3D2680F4504BFCAC7A8347E809C2E3FD905215ED711F60894B25A5BEEFF252372C8F |
Malicious: | false |
Reputation: | unknown |
URL: | https://i.ytimg.com/vi/dQw4w9WgXcQ/hqdefault.jpg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2083 |
Entropy (8bit): | 7.895813374547828 |
Encrypted: | false |
SSDEEP: | |
MD5: | FD78116EE42E8ABA099A3E1900881946 |
SHA1: | DC38E0D9099B428042D852305C56E5535349A8FD |
SHA-256: | 87016B87CC9C74E0B53B804D92420F29CC968D2C0D6E44B4B483FB1178CF7428 |
SHA-512: | 34E047A9CA139D0071C0FBA7050BC4A884D44AFE589C8F4EDF0C97E391C31DB866C07C13CF0327C23E92B16F3D15C36A96F04BCDCBC019CD5C05AC7C561131B2 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/jsbin/intersection-observer.min.vflset/intersection-observer.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 789 |
Entropy (8bit): | 7.720399231333122 |
Encrypted: | false |
SSDEEP: | |
MD5: | 738CB14C87B5E26C1A6CC58B927D21AF |
SHA1: | 307BD6B870D03D0935156E6E3A65FA7A3C25A8C5 |
SHA-256: | 991C0285730143A31740AE751888A3F38C33DF3C55670623117CAC3F51BB6283 |
SHA-512: | 83F703DCA2F9175C8E857FC662F075F6715CED6E7B966F3F91AAF5905E497E04D52FBA79B381435A2D80B272DDDDBFAC7985AAF9381401DF82FB8626968C629C |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 14567 |
Entropy (8bit): | 7.981345426654464 |
Encrypted: | false |
SSDEEP: | |
MD5: | B7560FB8056580799E44A9FF8624DBAF |
SHA1: | 66CCDF55E0099A2E984F8134F224A92EFF50B6AB |
SHA-256: | A32BE7E9EA96DB18E1AAE952C69AEF13EF526A976F1CCF1DBB5B20564D5880D4 |
SHA-512: | D5AD849CB706BEA72D5A5EE65BC8A451B77C8CE297314EA3042596A960CE5AC50D2CEEB5E6FAC985DAD4D12E2385D6D47573DA2772D0881AC3DABBA86B623340 |
Malicious: | false |
Reputation: | unknown |
URL: | https://fonts.googleapis.com/css2?family=Roboto_old:wght@300;400;500;700&family=YouTube+Sans:wght@300..900&display=swap |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 633 |
Entropy (8bit): | 7.639452716912523 |
Encrypted: | false |
SSDEEP: | |
MD5: | FB377ACF12BA34BFED87FF5F8978995B |
SHA1: | 74E890106C4AF019F59A21D167C546BD92FC890E |
SHA-256: | 0D8B22C9EB36E715CDF83B871E0F66EF0D3EEA5CC63E8D913505535DAA1CAEBE |
SHA-512: | 5E11D546652D49547331E686D79FB914F689FD041D1D8569CBB3190971C72CAD1A917BA1B4C0C07FB7F214E6CAAB23DC6953B72F6F3944C88A4010A1881F66C0 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/cssbin/www-main-desktop-player-skeleton.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1509 |
Entropy (8bit): | 7.8779146888952045 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1F98D3349C4E7FD81F835A1B1FD2E705 |
SHA1: | 385F3930CDCCF1E15A2535E54F79FDAA16341CEC |
SHA-256: | 9766F43A3499977D1E5D6D05576A45C1CC68AC029DE490BEFC3FDE294D1D1982 |
SHA-512: | CFD29D8A17B3014AF4852E673E7CE74400811F221AFCDA3D3866699123EDFB24C9A4A313D28587CE73CC7C5A3466DC8A331B9FA7D3D06DC6DAF59A3D13672BCD |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/cssbin/www-main-desktop-watch-page-skeleton.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52169 |
Entropy (8bit): | 7.996181202030181 |
Encrypted: | true |
SSDEEP: | |
MD5: | 270FF1226CD523B9C61970F3C850583F |
SHA1: | CDE9B014D6D245ED1F5B3B565769999EE95FBFE7 |
SHA-256: | 3E681C8A4A7B8BD01CB02DF2C8BBA8B6BC9CC2A532653B839280ED6579DBC4C3 |
SHA-512: | 4E915492D1F3F3955D4F955E5A9E67FBE094B6B03EAD3C220A97826CFEFAC006FCAEFA0A05B693A7E6A15368CA5F6CEA88E4863B0E52249325CE6971707A3017 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/player/b21600d5/www-player.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5422 |
Entropy (8bit): | 7.965006230481503 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7ACDE82EC648557B9FF9BE0D557C6B43 |
SHA1: | F9EA94D3B56CC1752D076221718CB1898A7EC67B |
SHA-256: | B3D116E80377EE1C0F3F5385E4964CAB7DD74BCBEE37206DD990E9CDE279D306 |
SHA-512: | 8629D52B7E0043E1E7EBC76BB48F9FD9C4EC77C1106D21DBA8988419C09BC5079F3D3FE087C419B0202F312E18EC6A417725496E0B281886BD1121DE6CA3C71D |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/desktop/c7dc2eb1/jsbin/network.vflset/network.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1999366 |
Entropy (8bit): | 7.999690488365396 |
Encrypted: | true |
SSDEEP: | |
MD5: | A365946857D94FEB7B75B3CACF330C5B |
SHA1: | 248DF879A579BD5CF36DCF9583627EEADE1A3EA0 |
SHA-256: | 178B9A6DA0DF369CC39D7912C9BB0FD67E8B57D804E9737D7C10C91F56DB8B2C |
SHA-512: | 378C7E6DD9D59DD64B85DC12BB9E752D3D99D84D8346E7648C9C7BCD7B54BC6338C2D751F3A80698A00CCE7B8E4E391F1B4A8A39DFB385DCCEAE4B30E7227A30 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/_/ytmainappweb/_/js/k=ytmainappweb.kevlar_base.en_US.xuLNDrzW5X0.es5.O/d=0/rs=AGKMywE1tJoUIkuT-sJfDQIZgLRVYpDJPg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 61 |
Entropy (8bit): | 3.990210155325004 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9246CCA8FC3C00F50035F28E9F6B7F7D |
SHA1: | 3AA538440F70873B574F40CD793060F53EC17A5D |
SHA-256: | C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84 |
SHA-512: | A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B |
Malicious: | false |
Reputation: | unknown |
URL: | https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 48239 |
Entropy (8bit): | 5.343270713163753 |
Encrypted: | false |
SSDEEP: | |
MD5: | 184E29DE57C67BC329C650F294847C16 |
SHA1: | 961208535893142386BA3EFE1444B4F8A90282C3 |
SHA-256: | DD03BA1DD6D73643A8ED55F4CEBC059D673046975D106D26D245326178C2EB9D |
SHA-512: | AF3D62053148D139837CA895457BEEF7620AA52614B9A08FD0D5BEF8163F4C3B9E8D7B2A74D29079DB3DACC51D98AE4A5DC19C788928E5A854D7803EBB9DED9C |
Malicious: | false |
Reputation: | unknown |
URL: | https://challenges.cloudflare.com/turnstile/v0/g/f3b948d8acb8/api.js?onload=EFpGI0&render=explicit |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 305911 |
Entropy (8bit): | 7.998631383547043 |
Encrypted: | true |
SSDEEP: | |
MD5: | 60CB776B80EB79ED7E616CDCF005BFEE |
SHA1: | 95A8C82B7CCEEB8405A5FD138CF9A981E30C0980 |
SHA-256: | B0E8EF8C91ACCADDBD4E845FDB359D776960EB3F7729A7C30474ECA44F084D12 |
SHA-512: | 0941FF260A586BA20C652D01C8E7E96281576DCD3A46637C99201F45233931F5FEDAF5A7455E51C252C49B229F473B04E6E72FA0A77717B52D2D90D5A2D60C0C |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.ySJCljePUk4.L.B1.O/am=AAAECQ/d=0/rs=AGKMywHy908boUKnG7d6H87wr_xchxCvaQ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 8605 |
Entropy (8bit): | 5.793664521727658 |
Encrypted: | false |
SSDEEP: | |
MD5: | BE7C5B4F3F5FCE3D5E284DFCE8FA80EF |
SHA1: | 6107FCC1CADC1446D9093F744F5BC5CE0A66A3A3 |
SHA-256: | 3600B1D141270E2AC6BA4D614E8A4CC722BE2F541F9A904FCED8B83B7DB74033 |
SHA-512: | 540471BD2BF86065066108F916B2A21D0696786F7F93ED62C131EF8EC0D4BC9DB4EA9D821899C7488803E73278ECACE7840F8922593C2AA48B00C5022E53700E |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE |
Preview: |