Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"

Details

Is windows:	true
Is dropped:	false
PID:	5972
Target ID:	1
Parent PID:	3860
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Size:	3388000
MD5:	E81F54E6C1129887AEA47E7D092680BF
Time:	20:37:47
Date:	13/03/2025
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff63b000000
Modulesize:	3469312
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1992,i,1180673031274230005,6436712644403840046,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2068 /prefetch:3

Details

Is windows:	true
Is dropped:	false
PID:	5264
Target ID:	2
Parent PID:	5972
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1992,i,1180673031274230005,6436712644403840046,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2068 /prefetch:3
Size:	3388000
MD5:	E81F54E6C1129887AEA47E7D092680BF
Time:	20:37:48
Date:	13/03/2025
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff63b000000
Modulesize:	3469312
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://svt-aletaharropact6825.pages.dev/help/contact/200748660570057/"

Details

Is windows:	true
Is dropped:	false
PID:	6744
Target ID:	6
Parent PID:	3860
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://svt-aletaharropact6825.pages.dev/help/contact/200748660570057/"
Size:	3388000
MD5:	E81F54E6C1129887AEA47E7D092680BF
Time:	20:37:55
Date:	13/03/2025
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff63b000000
Modulesize:	3469312
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

Domains

Name

Malicious

svt-aletaharropact6825.pages.dev

188.114.96.3

Details

Name:	svt-aletaharropact6825.pages.dev
IP:	188.114.96.3
TargetID:	2
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Active:	true

Signature Hits	Behavior Group	Mitre Attack
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol
Spawns processes	System Summary	Process Injection

beacons-handoff.gcp.gvt2.com

142.251.143.35

www.google.com

142.250.186.100

Details

Name:	www.google.com
IP:	142.250.186.100
TargetID:	2
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Active:	true
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol

beacons.gvt2.com

142.250.180.99

Details

Name:	beacons.gvt2.com
IP:	142.250.180.99
TargetID:	-1
Active:	true
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol

beacons6.gvt2.com

142.250.185.227

beacons.gcp.gvt2.com

unknown

IPs

Domain

Country

Malicious

192.168.2.4

unknown

192.168.2.6

unknown

192.168.2.23

unknown

188.114.96.3

svt-aletaharropact6825.pages.dev

European Union

192.168.2.14

unknown

142.250.186.100

www.google.com

United States

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
http://svt-aletaharropact6825.pages.dev/help/contact/200748660570057/

Processes

Domains

IPs

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reporthttp://svt-aletaharropact6825.pages.dev/help/contact/200748660570057/

Processes

Domains

IPs

IOC Report
http://svt-aletaharropact6825.pages.dev/help/contact/200748660570057/