Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
http://help-copyright-issuenow-here.vercel.app/

Overview

General Information

Sample URL:http://help-copyright-issuenow-here.vercel.app/
Analysis ID:1637966
Infos:

Detection

Score:48
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Creates files inside the system directory
Deletes files inside the Windows folder

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5304 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 1832 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2356,i,16888145351997362526,6260123567948548937,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2336 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6924 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://help-copyright-issuenow-here.vercel.app/" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • AV Detection
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: http://help-copyright-issuenow-here.vercel.app/Avira URL Cloud: detection malicious, Label: phishing
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.60.203.209
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.99
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.99
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.22
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: help-copyright-issuenow-here.vercel.app
Source: global trafficDNS traffic detected: DNS query: beacons.gcp.gvt2.com
Source: global trafficDNS traffic detected: DNS query: beacons.gvt2.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir5304_1673060549Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir5304_1673060549Jump to behavior
Source: classification engineClassification label: mal48.win@25/0@22/7
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2356,i,16888145351997362526,6260123567948548937,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2336 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://help-copyright-issuenow-here.vercel.app/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2356,i,16888145351997362526,6260123567948548937,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2336 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
File Deletion		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1637966 URL: http://help-copyright-issue... Startdate: 14/03/2025 Architecture: WINDOWS Score: 48 15 beacons.gcp.gvt2.com 2->15 17 beacons-handoff.gcp.gvt2.com 2->17 29 Antivirus / Scanner detection for submitted sample 2->29 7 chrome.exe 2 2->7         started        10 chrome.exe 2->10         started        signatures3 process4 dnsIp5 19 192.168.2.4, 138, 443, 49169 unknown unknown 7->19 21 192.168.2.5 unknown unknown 7->21 12 chrome.exe 7->12         started        process6 dnsIp7 23 216.198.79.65, 443, 49739, 49740 NBS11696US United States 12->23 25 142.250.185.195, 443, 49718, 49722 GOOGLEUS United States 12->25 27 7 other IPs or domains 12->27

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://help-copyright-issuenow-here.vercel.app/100%Avira URL Cloudphishing

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
beacons-handoff.gcp.gvt2.com
142.250.180.99
truefalse
    		high
    www.google.com
    		142.250.186.164
    		truefalse
      		high
      help-copyright-issuenow-here.vercel.app
      		64.29.17.65
      		truefalse
        		unknown
        beacons.gvt2.com
        		216.58.206.67
        		truefalse
          		high
          beacons.gcp.gvt2.com
          		unknown
          		unknownfalse
            		high

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            142.250.186.68
            		unknownUnited States
            		15169GOOGLEUSfalse
            64.29.17.193
            		unknownCanada
            		13768COGECO-PEER1CAfalse
            216.198.79.65
            		unknownUnited States
            		11696NBS11696USfalse
            142.250.185.195
            		unknownUnited States
            		15169GOOGLEUSfalse
            142.250.186.164
            		www.google.comUnited States
            		15169GOOGLEUSfalse

            Private

            IP
            192.168.2.4
            192.168.2.5

            General Information

            Joe Sandbox version:42.0.0 Malachite
            Analysis ID:1637966
            Start date and time:2025-03-14 01:40:03 +01:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 3m 2s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:http://help-copyright-issuenow-here.vercel.app/
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:20
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal48.win@25/0@22/7
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 142.250.185.142, 142.250.185.206, 74.125.133.84, 2.23.77.188, 142.250.185.227, 142.250.185.163, 142.250.186.174, 66.102.1.84
            • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, accounts.google.com, slscr.update.microsoft.com, update.googleapis.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
            • Not all processes where analyzed, report is missing behavior information
            • Report size getting too big, too many NtOpenFile calls found.
            • VT rate limit hit for: http://help-copyright-issuenow-here.vercel.app/

            Simulations

            Behavior and APIs

            No simulations

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASNs

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            No created / dropped files found

            Static File Info

            No static file info

            Network Behavior

            Download Network PCAP: filteredfull

            Network Port Distribution

            • Total Packets: 210
            • 443 (HTTPS)
            • 80 (HTTP)
            • 53 (DNS)
            TimestampSource PortDest PortSource IPDest IP
            Mar 14, 2025 01:41:01.381264925 CET49671443192.168.2.4204.79.197.203
            Mar 14, 2025 01:41:01.692497015 CET49671443192.168.2.4204.79.197.203
            Mar 14, 2025 01:41:02.379933119 CET49671443192.168.2.4204.79.197.203
            Mar 14, 2025 01:41:03.485827923 CET49718443192.168.2.4142.250.185.195
            Mar 14, 2025 01:41:03.485877037 CET44349718142.250.185.195192.168.2.4
            Mar 14, 2025 01:41:03.485955000 CET49718443192.168.2.4142.250.185.195
            Mar 14, 2025 01:41:03.486721039 CET49718443192.168.2.4142.250.185.195
            Mar 14, 2025 01:41:03.486735106 CET44349718142.250.185.195192.168.2.4
            Mar 14, 2025 01:41:03.660444975 CET49671443192.168.2.4204.79.197.203
            Mar 14, 2025 01:41:03.685617924 CET44349718142.250.185.195192.168.2.4
            Mar 14, 2025 01:41:03.686868906 CET49722443192.168.2.4142.250.185.195
            Mar 14, 2025 01:41:03.686923027 CET44349722142.250.185.195192.168.2.4
            Mar 14, 2025 01:41:03.686990976 CET49722443192.168.2.4142.250.185.195
            Mar 14, 2025 01:41:03.687604904 CET49722443192.168.2.4142.250.185.195
            Mar 14, 2025 01:41:03.687644005 CET44349722142.250.185.195192.168.2.4
            Mar 14, 2025 01:41:03.885299921 CET44349722142.250.185.195192.168.2.4
            Mar 14, 2025 01:41:06.066871881 CET49671443192.168.2.4204.79.197.203
            Mar 14, 2025 01:41:07.529594898 CET49735443192.168.2.4142.250.186.164
            Mar 14, 2025 01:41:07.529692888 CET44349735142.250.186.164192.168.2.4
            Mar 14, 2025 01:41:07.529782057 CET49735443192.168.2.4142.250.186.164
            Mar 14, 2025 01:41:07.530189991 CET49735443192.168.2.4142.250.186.164
            Mar 14, 2025 01:41:07.530229092 CET44349735142.250.186.164192.168.2.4
            Mar 14, 2025 01:41:07.729731083 CET44349735142.250.186.164192.168.2.4
            Mar 14, 2025 01:41:07.730297089 CET49736443192.168.2.4142.250.186.164
            Mar 14, 2025 01:41:07.730333090 CET44349736142.250.186.164192.168.2.4
            Mar 14, 2025 01:41:07.730616093 CET49736443192.168.2.4142.250.186.164
            Mar 14, 2025 01:41:07.730786085 CET49736443192.168.2.4142.250.186.164
            Mar 14, 2025 01:41:07.730798960 CET44349736142.250.186.164192.168.2.4
            Mar 14, 2025 01:41:07.929677010 CET44349736142.250.186.164192.168.2.4
            Mar 14, 2025 01:41:08.554594040 CET49739443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.554637909 CET44349739216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.554824114 CET49739443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.554939032 CET49740443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.554981947 CET44349740216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.555270910 CET49740443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.555752993 CET49739443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.555769920 CET44349739216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.556642056 CET49741443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:08.556649923 CET49740443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.556675911 CET44349740216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.556693077 CET4434974164.29.17.193192.168.2.4
            Mar 14, 2025 01:41:08.556785107 CET49741443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:08.557079077 CET49741443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:08.557095051 CET4434974164.29.17.193192.168.2.4
            Mar 14, 2025 01:41:08.753593922 CET44349739216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.755831003 CET49742443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.755878925 CET44349742216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.756155014 CET49742443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.756336927 CET49742443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.756350994 CET44349742216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.757055044 CET4434974164.29.17.193192.168.2.4
            Mar 14, 2025 01:41:08.758174896 CET49743443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:08.758208036 CET4434974364.29.17.193192.168.2.4
            Mar 14, 2025 01:41:08.758455992 CET49743443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:08.758637905 CET44349740216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.758943081 CET49743443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:08.758954048 CET4434974364.29.17.193192.168.2.4
            Mar 14, 2025 01:41:08.760828018 CET49744443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.760837078 CET44349744216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.760927916 CET49744443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.761192083 CET49744443192.168.2.4216.198.79.65
            Mar 14, 2025 01:41:08.761207104 CET44349744216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.957132101 CET44349742216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:08.957652092 CET4434974364.29.17.193192.168.2.4
            Mar 14, 2025 01:41:08.961375952 CET44349744216.198.79.65192.168.2.4
            Mar 14, 2025 01:41:09.794033051 CET49746443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.794073105 CET4434974623.60.203.209192.168.2.4
            Mar 14, 2025 01:41:09.794193029 CET49746443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.796818018 CET49746443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.796834946 CET4434974623.60.203.209192.168.2.4
            Mar 14, 2025 01:41:09.797493935 CET4434974623.60.203.209192.168.2.4
            Mar 14, 2025 01:41:09.798497915 CET49747443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.798543930 CET4434974723.60.203.209192.168.2.4
            Mar 14, 2025 01:41:09.798612118 CET49747443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.799031019 CET49747443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.799046993 CET4434974723.60.203.209192.168.2.4
            Mar 14, 2025 01:41:09.799428940 CET4434974723.60.203.209192.168.2.4
            Mar 14, 2025 01:41:09.799967051 CET49748443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.800017118 CET4434974823.60.203.209192.168.2.4
            Mar 14, 2025 01:41:09.800085068 CET49748443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.800924063 CET49748443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.800960064 CET4434974823.60.203.209192.168.2.4
            Mar 14, 2025 01:41:09.801028967 CET49748443192.168.2.423.60.203.209
            Mar 14, 2025 01:41:09.928941965 CET49678443192.168.2.420.189.173.27
            Mar 14, 2025 01:41:10.002423048 CET49749443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.002465963 CET4434974964.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.002553940 CET49749443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.002932072 CET49750443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.002969980 CET4434975064.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.003021955 CET49750443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.005841970 CET49750443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.005858898 CET4434975064.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.006144047 CET49749443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.006159067 CET4434974964.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.205421925 CET4434975064.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.205430031 CET4434974964.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.206302881 CET49752443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.206337929 CET4434975264.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.206402063 CET49752443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.206724882 CET49753443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.206782103 CET4434975364.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.206892967 CET49753443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.207163095 CET49752443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.207180023 CET4434975264.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.207401037 CET49753443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:10.207422972 CET4434975364.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.232578993 CET49678443192.168.2.420.189.173.27
            Mar 14, 2025 01:41:10.405678034 CET4434975364.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.405884027 CET4434975264.29.17.193192.168.2.4
            Mar 14, 2025 01:41:10.848483086 CET49678443192.168.2.420.189.173.27
            Mar 14, 2025 01:41:10.879719973 CET49671443192.168.2.4204.79.197.203
            Mar 14, 2025 01:41:12.052021027 CET49678443192.168.2.420.189.173.27
            Mar 14, 2025 01:41:14.457750082 CET49678443192.168.2.420.189.173.27
            Mar 14, 2025 01:41:14.507895947 CET4968180192.168.2.42.17.190.73
            Mar 14, 2025 01:41:14.817116022 CET4968180192.168.2.42.17.190.73
            Mar 14, 2025 01:41:15.139812946 CET49708443192.168.2.452.113.196.254
            Mar 14, 2025 01:41:15.140189886 CET49708443192.168.2.452.113.196.254
            Mar 14, 2025 01:41:15.140228033 CET49708443192.168.2.452.113.196.254
            Mar 14, 2025 01:41:15.144480944 CET4434970852.113.196.254192.168.2.4
            Mar 14, 2025 01:41:15.144840956 CET4434970852.113.196.254192.168.2.4
            Mar 14, 2025 01:41:15.144850969 CET4434970852.113.196.254192.168.2.4
            Mar 14, 2025 01:41:15.235064983 CET4434970852.113.196.254192.168.2.4
            Mar 14, 2025 01:41:15.235162020 CET49708443192.168.2.452.113.196.254
            Mar 14, 2025 01:41:15.362587929 CET4434970852.113.196.254192.168.2.4
            Mar 14, 2025 01:41:15.362668991 CET49708443192.168.2.452.113.196.254
            Mar 14, 2025 01:41:15.426496983 CET4968180192.168.2.42.17.190.73
            Mar 14, 2025 01:41:15.444679022 CET49756443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.444727898 CET4434975664.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.444812059 CET49756443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.444942951 CET49757443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.444976091 CET4434975764.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.445028067 CET49757443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.446100950 CET49757443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.446115971 CET4434975764.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.446475029 CET49756443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.446491957 CET4434975664.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.644860983 CET4434975664.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.645441055 CET4434975764.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.645512104 CET49758443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.645549059 CET4434975864.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.645627022 CET49758443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.646532059 CET49759443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.646567106 CET4434975964.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.646876097 CET49759443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.647420883 CET49758443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.647437096 CET4434975864.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.648056030 CET49759443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:15.648070097 CET4434975964.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.845088005 CET4434975864.29.17.193192.168.2.4
            Mar 14, 2025 01:41:15.845412970 CET4434975964.29.17.193192.168.2.4
            Mar 14, 2025 01:41:16.499242067 CET49760443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.499280930 CET4434976020.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.499358892 CET49760443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.500452042 CET49760443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.500466108 CET4434976020.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.504861116 CET4434976020.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.520109892 CET49761443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.520148039 CET4434976120.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.520248890 CET49761443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.521192074 CET49761443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.521205902 CET4434976120.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.521708012 CET4434976120.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.542045116 CET49762443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.542138100 CET4434976220.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.542289019 CET49762443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.542629957 CET49762443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.542665958 CET4434976220.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.543001890 CET4434976220.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.557960987 CET49763443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.558012009 CET4434976320.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.558134079 CET49763443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.558417082 CET49763443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.558434010 CET4434976320.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.558758974 CET4434976320.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.584577084 CET49764443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.584613085 CET4434976420.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.584676027 CET49764443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.585011959 CET49764443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.585028887 CET4434976420.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.585411072 CET4434976420.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.601463079 CET49765443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.601480961 CET4434976520.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.601721048 CET49765443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.602689981 CET49765443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.602706909 CET4434976520.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.603183031 CET4434976520.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.627283096 CET49766443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.627338886 CET4434976620.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.627490044 CET49766443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.627768993 CET49766443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.627803087 CET4434976620.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.628173113 CET4434976620.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.629981041 CET4968180192.168.2.42.17.190.73
            Mar 14, 2025 01:41:16.641344070 CET49767443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.641381025 CET4434976720.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.641459942 CET49767443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.641694069 CET49767443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:16.641706944 CET4434976720.109.210.53192.168.2.4
            Mar 14, 2025 01:41:16.642080069 CET4434976720.109.210.53192.168.2.4
            Mar 14, 2025 01:41:19.036122084 CET4968180192.168.2.42.17.190.73
            Mar 14, 2025 01:41:19.270478010 CET49678443192.168.2.420.189.173.27
            Mar 14, 2025 01:41:20.480478048 CET49671443192.168.2.4204.79.197.203
            Mar 14, 2025 01:41:23.840878963 CET4968180192.168.2.42.17.190.73
            Mar 14, 2025 01:41:28.874950886 CET49678443192.168.2.420.189.173.27
            Mar 14, 2025 01:41:33.442280054 CET4968180192.168.2.42.17.190.73
            Mar 14, 2025 01:41:45.863436937 CET49776443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:45.863497019 CET4434977664.29.17.193192.168.2.4
            Mar 14, 2025 01:41:45.863590956 CET49776443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:45.863636971 CET49777443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:45.863684893 CET4434977764.29.17.193192.168.2.4
            Mar 14, 2025 01:41:45.863738060 CET49777443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:45.864778996 CET49777443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:45.864794970 CET4434977764.29.17.193192.168.2.4
            Mar 14, 2025 01:41:45.865462065 CET49776443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:45.865478039 CET4434977664.29.17.193192.168.2.4
            Mar 14, 2025 01:41:46.065571070 CET4434977664.29.17.193192.168.2.4
            Mar 14, 2025 01:41:46.065608978 CET4434977764.29.17.193192.168.2.4
            Mar 14, 2025 01:41:46.066087008 CET49778443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:46.066154003 CET4434977864.29.17.193192.168.2.4
            Mar 14, 2025 01:41:46.066231012 CET49778443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:46.066442013 CET49779443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:46.066473007 CET4434977964.29.17.193192.168.2.4
            Mar 14, 2025 01:41:46.066535950 CET49779443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:46.066790104 CET49778443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:46.066804886 CET4434977864.29.17.193192.168.2.4
            Mar 14, 2025 01:41:46.067013979 CET49779443192.168.2.464.29.17.193
            Mar 14, 2025 01:41:46.067028999 CET4434977964.29.17.193192.168.2.4
            Mar 14, 2025 01:41:46.265482903 CET4434977964.29.17.193192.168.2.4
            Mar 14, 2025 01:41:46.265533924 CET4434977864.29.17.193192.168.2.4
            Mar 14, 2025 01:41:52.821078062 CET49780443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.821114063 CET4434978020.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.821186066 CET49780443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.821717978 CET49780443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.821728945 CET4434978020.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.822539091 CET4434978020.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.826539040 CET49781443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.826586962 CET4434978120.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.826652050 CET49781443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.827053070 CET49781443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.827064991 CET4434978120.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.827564001 CET4434978120.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.844978094 CET49782443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.845017910 CET4434978220.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.845087051 CET49782443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.845582962 CET49782443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.845596075 CET4434978220.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.846087933 CET4434978220.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.860204935 CET49783443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.860250950 CET4434978320.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.860712051 CET49783443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.860712051 CET49783443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.860749006 CET4434978320.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.861279964 CET4434978320.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.881894112 CET49784443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.881931067 CET4434978420.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.882002115 CET49784443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.882381916 CET49784443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.882395029 CET4434978420.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.882877111 CET4434978420.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.895345926 CET49785443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.895370960 CET4434978520.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.895425081 CET49785443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.896126032 CET49785443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.896140099 CET4434978520.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.896612883 CET4434978520.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.912791967 CET49786443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.912820101 CET4434978620.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.912894964 CET49786443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.913440943 CET49786443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.913460016 CET4434978620.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.913918018 CET4434978620.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.927576065 CET49787443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.927613974 CET4434978720.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.927680969 CET49787443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.928128004 CET49787443192.168.2.420.109.210.53
            Mar 14, 2025 01:41:52.928142071 CET4434978720.109.210.53192.168.2.4
            Mar 14, 2025 01:41:52.928570032 CET4434978720.109.210.53192.168.2.4
            Mar 14, 2025 01:41:53.176855087 CET4971280192.168.2.4172.217.18.99
            Mar 14, 2025 01:41:53.176914930 CET4971480192.168.2.4199.232.210.172
            Mar 14, 2025 01:41:53.176964045 CET4971680192.168.2.4199.232.214.172
            Mar 14, 2025 01:41:53.181689978 CET8049712172.217.18.99192.168.2.4
            Mar 14, 2025 01:41:53.181746960 CET4971280192.168.2.4172.217.18.99
            Mar 14, 2025 01:41:53.182049036 CET8049714199.232.210.172192.168.2.4
            Mar 14, 2025 01:41:53.182061911 CET8049716199.232.214.172192.168.2.4
            Mar 14, 2025 01:41:53.182096958 CET4971480192.168.2.4199.232.210.172
            Mar 14, 2025 01:41:53.182136059 CET4971680192.168.2.4199.232.214.172
            Mar 14, 2025 01:41:53.852195978 CET49713443192.168.2.4184.86.251.22
            Mar 14, 2025 01:41:53.852592945 CET4971580192.168.2.4199.232.210.172
            Mar 14, 2025 01:42:02.396382093 CET49788443192.168.2.4142.250.185.195
            Mar 14, 2025 01:42:02.396428108 CET44349788142.250.185.195192.168.2.4
            Mar 14, 2025 01:42:02.396503925 CET49788443192.168.2.4142.250.185.195
            Mar 14, 2025 01:42:02.396863937 CET49788443192.168.2.4142.250.185.195
            Mar 14, 2025 01:42:02.396877050 CET44349788142.250.185.195192.168.2.4
            Mar 14, 2025 01:42:02.597470999 CET44349788142.250.185.195192.168.2.4
            Mar 14, 2025 01:42:02.598222971 CET49789443192.168.2.4142.250.185.195
            Mar 14, 2025 01:42:02.598270893 CET44349789142.250.185.195192.168.2.4
            Mar 14, 2025 01:42:02.598344088 CET49789443192.168.2.4142.250.185.195
            Mar 14, 2025 01:42:02.598674059 CET49789443192.168.2.4142.250.185.195
            Mar 14, 2025 01:42:02.598690987 CET44349789142.250.185.195192.168.2.4
            Mar 14, 2025 01:42:02.796951056 CET44349789142.250.185.195192.168.2.4
            Mar 14, 2025 01:42:05.123090029 CET49797443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.123141050 CET4434979764.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.123235941 CET49797443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.123394966 CET49798443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.123436928 CET4434979864.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.123493910 CET49798443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.125294924 CET49797443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.125310898 CET4434979764.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.126655102 CET49798443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.126669884 CET4434979864.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.325321913 CET4434979864.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.325390100 CET4434979764.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.442953110 CET49799443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.443006039 CET4434979964.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.443078041 CET49799443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.443610907 CET49800443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.443656921 CET4434980064.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.443718910 CET49800443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.443856001 CET49801443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.443892956 CET4434980164.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.444030046 CET49801443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.444188118 CET49799443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.444205999 CET4434979964.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.444470882 CET49800443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.444488049 CET4434980064.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.444797039 CET49801443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.444811106 CET4434980164.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.640949965 CET4434979964.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.645185947 CET4434980064.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.645677090 CET4434980164.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.655678988 CET49802443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.655721903 CET4434980264.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.655824900 CET49802443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.656757116 CET49802443192.168.2.464.29.17.193
            Mar 14, 2025 01:42:05.656771898 CET4434980264.29.17.193192.168.2.4
            Mar 14, 2025 01:42:05.857588053 CET4434980264.29.17.193192.168.2.4
            Mar 14, 2025 01:42:07.591576099 CET49803443192.168.2.4142.250.186.68
            Mar 14, 2025 01:42:07.591623068 CET44349803142.250.186.68192.168.2.4
            Mar 14, 2025 01:42:07.591692924 CET49803443192.168.2.4142.250.186.68
            Mar 14, 2025 01:42:07.592159033 CET49803443192.168.2.4142.250.186.68
            Mar 14, 2025 01:42:07.592178106 CET44349803142.250.186.68192.168.2.4
            Mar 14, 2025 01:42:07.790153027 CET44349803142.250.186.68192.168.2.4
            Mar 14, 2025 01:42:07.822084904 CET49804443192.168.2.4142.250.186.68
            Mar 14, 2025 01:42:07.822132111 CET44349804142.250.186.68192.168.2.4
            Mar 14, 2025 01:42:07.822321892 CET49804443192.168.2.4142.250.186.68
            Mar 14, 2025 01:42:07.822719097 CET49804443192.168.2.4142.250.186.68
            Mar 14, 2025 01:42:07.822738886 CET44349804142.250.186.68192.168.2.4
            Mar 14, 2025 01:42:08.021763086 CET44349804142.250.186.68192.168.2.4
            TimestampSource PortDest PortSource IPDest IP
            Mar 14, 2025 01:41:03.484252930 CET53528801.1.1.1192.168.2.4
            Mar 14, 2025 01:41:03.499815941 CET53608891.1.1.1192.168.2.4
            Mar 14, 2025 01:41:07.521380901 CET6301353192.168.2.41.1.1.1
            Mar 14, 2025 01:41:07.521567106 CET5459953192.168.2.41.1.1.1
            Mar 14, 2025 01:41:07.528136969 CET53630131.1.1.1192.168.2.4
            Mar 14, 2025 01:41:07.528597116 CET53545991.1.1.1192.168.2.4
            Mar 14, 2025 01:41:08.516510963 CET5557853192.168.2.41.1.1.1
            Mar 14, 2025 01:41:08.516510963 CET6091453192.168.2.41.1.1.1
            Mar 14, 2025 01:41:08.527044058 CET53609141.1.1.1192.168.2.4
            Mar 14, 2025 01:41:08.532610893 CET53555781.1.1.1192.168.2.4
            Mar 14, 2025 01:41:08.533082008 CET4998153192.168.2.41.1.1.1
            Mar 14, 2025 01:41:08.533370972 CET5577653192.168.2.41.1.1.1
            Mar 14, 2025 01:41:08.534009933 CET5277953192.168.2.41.1.1.1
            Mar 14, 2025 01:41:08.534193993 CET5055153192.168.2.41.1.1.1
            Mar 14, 2025 01:41:08.542294025 CET53527791.1.1.1192.168.2.4
            Mar 14, 2025 01:41:08.542932987 CET53557761.1.1.1192.168.2.4
            Mar 14, 2025 01:41:08.548986912 CET53505511.1.1.1192.168.2.4
            Mar 14, 2025 01:41:08.551425934 CET53499811.1.1.1192.168.2.4
            Mar 14, 2025 01:42:02.875883102 CET53646721.1.1.1192.168.2.4
            Mar 14, 2025 01:42:03.286777973 CET53580711.1.1.1192.168.2.4
            Mar 14, 2025 01:42:04.373883009 CET53491691.1.1.1192.168.2.4
            Mar 14, 2025 01:42:05.642674923 CET5211953192.168.2.41.1.1.1
            Mar 14, 2025 01:42:05.642746925 CET5499453192.168.2.41.1.1.1
            Mar 14, 2025 01:42:05.649400949 CET53549941.1.1.1192.168.2.4
            Mar 14, 2025 01:42:05.649419069 CET53521191.1.1.1192.168.2.4
            Mar 14, 2025 01:42:06.661648989 CET6550753192.168.2.41.1.1.1
            Mar 14, 2025 01:42:06.661820889 CET5213353192.168.2.41.1.1.1
            Mar 14, 2025 01:42:06.667983055 CET53655071.1.1.1192.168.2.4
            Mar 14, 2025 01:42:06.669123888 CET53521331.1.1.1192.168.2.4
            Mar 14, 2025 01:42:07.584086895 CET5487053192.168.2.41.1.1.1
            Mar 14, 2025 01:42:07.584242105 CET5255153192.168.2.41.1.1.1
            Mar 14, 2025 01:42:07.590701103 CET53548701.1.1.1192.168.2.4
            Mar 14, 2025 01:42:07.590715885 CET53525511.1.1.1192.168.2.4
            Mar 14, 2025 01:42:08.693036079 CET6291453192.168.2.41.1.1.1
            Mar 14, 2025 01:42:08.699784040 CET53629141.1.1.1192.168.2.4
            Mar 14, 2025 01:42:09.433507919 CET138138192.168.2.4192.168.2.255
            Mar 14, 2025 01:42:09.706617117 CET6291453192.168.2.41.1.1.1
            Mar 14, 2025 01:42:09.713278055 CET53629141.1.1.1192.168.2.4
            Mar 14, 2025 01:42:10.708293915 CET6291453192.168.2.41.1.1.1
            Mar 14, 2025 01:42:10.717900991 CET53629141.1.1.1192.168.2.4
            Mar 14, 2025 01:42:12.724033117 CET6291453192.168.2.41.1.1.1
            Mar 14, 2025 01:42:12.730823994 CET53629141.1.1.1192.168.2.4
            Mar 14, 2025 01:42:16.739538908 CET6291453192.168.2.41.1.1.1
            Mar 14, 2025 01:42:16.746309042 CET53629141.1.1.1192.168.2.4
            Mar 14, 2025 01:42:21.712455988 CET6292353192.168.2.41.1.1.1
            Mar 14, 2025 01:42:21.712730885 CET5081753192.168.2.41.1.1.1
            Mar 14, 2025 01:42:21.719166994 CET53629231.1.1.1192.168.2.4
            Mar 14, 2025 01:42:21.720098019 CET53508171.1.1.1192.168.2.4
            Mar 14, 2025 01:42:22.723889112 CET5350653192.168.2.41.1.1.1
            Mar 14, 2025 01:42:22.730607033 CET53535061.1.1.1192.168.2.4

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            Mar 14, 2025 01:41:07.521380901 CET192.168.2.41.1.1.10x6a90Standard query (0)www.google.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:07.521567106 CET192.168.2.41.1.1.10xe4d8Standard query (0)www.google.com65IN (0x0001)false
            Mar 14, 2025 01:41:08.516510963 CET192.168.2.41.1.1.10xe86dStandard query (0)help-copyright-issuenow-here.vercel.appA (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:08.516510963 CET192.168.2.41.1.1.10x6d63Standard query (0)help-copyright-issuenow-here.vercel.app65IN (0x0001)false
            Mar 14, 2025 01:41:08.533082008 CET192.168.2.41.1.1.10xcc15Standard query (0)help-copyright-issuenow-here.vercel.appA (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:08.533370972 CET192.168.2.41.1.1.10x934cStandard query (0)help-copyright-issuenow-here.vercel.app65IN (0x0001)false
            Mar 14, 2025 01:41:08.534009933 CET192.168.2.41.1.1.10x7fcfStandard query (0)help-copyright-issuenow-here.vercel.appA (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:08.534193993 CET192.168.2.41.1.1.10x1e6fStandard query (0)help-copyright-issuenow-here.vercel.app65IN (0x0001)false
            Mar 14, 2025 01:42:05.642674923 CET192.168.2.41.1.1.10xe072Standard query (0)beacons.gcp.gvt2.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:05.642746925 CET192.168.2.41.1.1.10x251aStandard query (0)beacons.gcp.gvt2.com65IN (0x0001)false
            Mar 14, 2025 01:42:06.661648989 CET192.168.2.41.1.1.10xa347Standard query (0)beacons.gcp.gvt2.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:06.661820889 CET192.168.2.41.1.1.10xc794Standard query (0)beacons.gcp.gvt2.com65IN (0x0001)false
            Mar 14, 2025 01:42:07.584086895 CET192.168.2.41.1.1.10x9c47Standard query (0)www.google.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:07.584242105 CET192.168.2.41.1.1.10x25c2Standard query (0)www.google.com65IN (0x0001)false
            Mar 14, 2025 01:42:08.693036079 CET192.168.2.41.1.1.10xefc5Standard query (0)beacons.gcp.gvt2.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:09.706617117 CET192.168.2.41.1.1.10xefc5Standard query (0)beacons.gcp.gvt2.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:10.708293915 CET192.168.2.41.1.1.10xefc5Standard query (0)beacons.gcp.gvt2.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:12.724033117 CET192.168.2.41.1.1.10xefc5Standard query (0)beacons.gcp.gvt2.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:16.739538908 CET192.168.2.41.1.1.10xefc5Standard query (0)beacons.gcp.gvt2.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:21.712455988 CET192.168.2.41.1.1.10x9f3eStandard query (0)beacons.gvt2.comA (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:21.712730885 CET192.168.2.41.1.1.10x65b9Standard query (0)beacons.gvt2.com65IN (0x0001)false
            Mar 14, 2025 01:42:22.723889112 CET192.168.2.41.1.1.10x7e56Standard query (0)beacons.gvt2.comA (IP address)IN (0x0001)false

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            Mar 14, 2025 01:41:07.528136969 CET1.1.1.1192.168.2.40x6a90No error (0)www.google.com142.250.186.164A (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:07.528597116 CET1.1.1.1192.168.2.40xe4d8No error (0)www.google.com65IN (0x0001)false
            Mar 14, 2025 01:41:08.532610893 CET1.1.1.1192.168.2.40xe86dNo error (0)help-copyright-issuenow-here.vercel.app64.29.17.65A (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:08.532610893 CET1.1.1.1192.168.2.40xe86dNo error (0)help-copyright-issuenow-here.vercel.app216.198.79.65A (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:08.542294025 CET1.1.1.1192.168.2.40x7fcfNo error (0)help-copyright-issuenow-here.vercel.app216.198.79.65A (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:08.542294025 CET1.1.1.1192.168.2.40x7fcfNo error (0)help-copyright-issuenow-here.vercel.app64.29.17.65A (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:08.551425934 CET1.1.1.1192.168.2.40xcc15No error (0)help-copyright-issuenow-here.vercel.app64.29.17.193A (IP address)IN (0x0001)false
            Mar 14, 2025 01:41:08.551425934 CET1.1.1.1192.168.2.40xcc15No error (0)help-copyright-issuenow-here.vercel.app216.198.79.193A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:05.649400949 CET1.1.1.1192.168.2.40x251aNo error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
            Mar 14, 2025 01:42:05.649419069 CET1.1.1.1192.168.2.40xe072No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
            Mar 14, 2025 01:42:05.649419069 CET1.1.1.1192.168.2.40xe072No error (0)beacons-handoff.gcp.gvt2.com142.250.180.99A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:06.667983055 CET1.1.1.1192.168.2.40xa347No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
            Mar 14, 2025 01:42:06.667983055 CET1.1.1.1192.168.2.40xa347No error (0)beacons-handoff.gcp.gvt2.com142.250.180.67A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:06.669123888 CET1.1.1.1192.168.2.40xc794No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
            Mar 14, 2025 01:42:07.590701103 CET1.1.1.1192.168.2.40x9c47No error (0)www.google.com142.250.186.68A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:07.590715885 CET1.1.1.1192.168.2.40x25c2No error (0)www.google.com65IN (0x0001)false
            Mar 14, 2025 01:42:08.699784040 CET1.1.1.1192.168.2.40xefc5No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
            Mar 14, 2025 01:42:08.699784040 CET1.1.1.1192.168.2.40xefc5No error (0)beacons-handoff.gcp.gvt2.com142.250.185.195A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:09.713278055 CET1.1.1.1192.168.2.40xefc5No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
            Mar 14, 2025 01:42:09.713278055 CET1.1.1.1192.168.2.40xefc5No error (0)beacons-handoff.gcp.gvt2.com142.250.185.195A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:10.717900991 CET1.1.1.1192.168.2.40xefc5No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
            Mar 14, 2025 01:42:10.717900991 CET1.1.1.1192.168.2.40xefc5No error (0)beacons-handoff.gcp.gvt2.com142.250.185.195A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:12.730823994 CET1.1.1.1192.168.2.40xefc5No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
            Mar 14, 2025 01:42:12.730823994 CET1.1.1.1192.168.2.40xefc5No error (0)beacons-handoff.gcp.gvt2.com142.250.185.195A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:16.746309042 CET1.1.1.1192.168.2.40xefc5No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
            Mar 14, 2025 01:42:16.746309042 CET1.1.1.1192.168.2.40xefc5No error (0)beacons-handoff.gcp.gvt2.com142.250.185.195A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:21.719166994 CET1.1.1.1192.168.2.40x9f3eNo error (0)beacons.gvt2.com216.58.206.67A (IP address)IN (0x0001)false
            Mar 14, 2025 01:42:22.730607033 CET1.1.1.1192.168.2.40x7e56No error (0)beacons.gvt2.com142.251.143.35A (IP address)IN (0x0001)false

            Statistics

            CPU Usage

            020406080s020406080100

            Click to jump to process

            Memory Usage

            020406080s0.0050100MB

            Click to jump to process

            Behavior

            Click to jump to process

            System Behavior

            General

            Target ID:1
            Start time:20:40:58
            Start date:13/03/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Imagebase:0x7ff786830000
            File size:3'388'000 bytes
            MD5 hash:E81F54E6C1129887AEA47E7D092680BF
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false
            Show Windows behavior

            File Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            Show Windows behavior

            COM Activities

            Show Windows behavior

            Process Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            Show Windows behavior

            Memory Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            Show Windows behavior

            Process Token Activities


            General

            Target ID:2
            Start time:20:41:01
            Start date:13/03/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2356,i,16888145351997362526,6260123567948548937,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2336 /prefetch:3
            Imagebase:0x7ff786830000
            File size:3'388'000 bytes
            MD5 hash:E81F54E6C1129887AEA47E7D092680BF
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false
            Show Windows behavior

            File Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            Show Windows behavior

            Memory Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

            General

            Target ID:4
            Start time:20:41:07
            Start date:13/03/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://help-copyright-issuenow-here.vercel.app/"
            Imagebase:0x7ff786830000
            File size:3'388'000 bytes
            MD5 hash:E81F54E6C1129887AEA47E7D092680BF
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:true
            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

            Disassembly

            No disassembly