Windows Analysis Report
https://aka.ms/LearnAboutSenderIdentification

Overview

General Information

Sample URL: https://aka.ms/LearnAboutSenderIdentification
Analysis ID: 1638197
Infos:

Detection

Score: 3
Range: 0 - 100
Confidence: 100%

Signatures

Creates files inside the system directory
Deletes files inside the Windows folder
Form action URLs do not match main URL
HTML body contains low number of good links
HTML page contains hidden javascript code
HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: Form action: https://login.microsoftonline.com/savedusers?appid=ee272b19-4411-433f-8f28-5c13cb6fd407&wreply=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&uaid=7c0cf029-c8ce-4af6-6aca-7a7f9137eb83&partnerId=smcconvergence&idpflag=proxy&sso_reload=true microsoft microsoftonline
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: Number of links: 0
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: Base64 decoded: 8f67dc46-9d2c-4e45-9424-b392316949c5d9ddae86-4200-4715-8386-04ba9123c749
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: Title: Redirecting does not match URL
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: Iframe src: https://login.live.com/Me.htm?v=3
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: No favicon
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: No favicon
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: No favicon
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: No <meta name="author".. found
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: No <meta name="author".. found
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: No <meta name="copyright".. found
Source: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44 HTTP Parser: No <meta name="copyright".. found
Source: unknown HTTPS traffic detected: 216.58.206.68:443 -> 192.168.2.8:49688 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.36.225.166:443 -> 192.168.2.8:49690 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.36.225.166:443 -> 192.168.2.8:49689 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.22.242.215:443 -> 192.168.2.8:49699 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.19.106.98:443 -> 192.168.2.8:49707 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.196.240.134:443 -> 192.168.2.8:49718 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.196.240.134:443 -> 192.168.2.8:49727 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.190.160.65:443 -> 192.168.2.8:49736 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.22.242.73:443 -> 192.168.2.8:49751 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.190.160.65:443 -> 192.168.2.8:49774 version: TLS 1.2
Source: unknown HTTPS traffic detected: 92.123.12.139:443 -> 192.168.2.8:49783 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.73.237.198:443 -> 192.168.2.8:49802 version: TLS 1.2
Source: unknown TCP traffic detected without corresponding DNS query: 2.19.104.63
Source: unknown TCP traffic detected without corresponding DNS query: 23.60.201.147
Source: unknown TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 20.42.65.90
Source: unknown TCP traffic detected without corresponding DNS query: 20.42.65.90
Source: unknown TCP traffic detected without corresponding DNS query: 20.42.65.90
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 20.42.65.90
Source: unknown TCP traffic detected without corresponding DNS query: 20.42.65.90
Source: unknown TCP traffic detected without corresponding DNS query: 20.42.65.90
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 20.42.65.90
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknown TCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET /LearnAboutSenderIdentification HTTP/1.1Host: aka.msConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /LearnAboutSenderIdentification HTTP/1.1Host: aka.msConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /meversion?partner=SMCConvergence&market=en-us&uhf=1 HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /static/public/surface-and-devices/neutral/4873755a-8b1e-497e-bc54-101d1e75d3e7/d07c07fd6aabfe12ed716e87301dc3a1a3a7b5b0.png HTTP/1.1Host: cxcs.microsoft.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /static/public/surface-and-devices/neutral/4873755a-8b1e-497e-bc54-101d1e75d3e7/d07c07fd6aabfe12ed716e87301dc3a1a3a7b5b0.png HTTP/1.1Host: cxcs.microsoft.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /scripts/c/ms.shared.analytics.mectrl-3.gbl.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-aliveOrigin: https://support.microsoft.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /scripts/me/MeControl/10.24228.4/en-US/meBoot.min.js HTTP/1.1Host: mem.gfx.msConnection: keep-aliveOrigin: https://support.microsoft.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638775389724976118.OGY2N2RjNDYtOWQyYy00ZTQ1LTk0MjQtYjM5MjMxNjk0OWM1ZDlkZGFlODYtNDIwMC00NzE1LTgzODYtMDRiYTkxMjNjNzQ5&prompt=none&nopa=2&state=CfDJ8EtdG32FO4NGh0T1bTLSXPQ1YpXoXDNugpO9PJgx57laBPB4JmC1amX5SIDKyvLnekTvKQrBmq66NpeFMFBbd-TQYxDp_mOEuxWoQUfg4jvSYMtutwem21QrutbMQ4-hENEoQujEftry7uwyV_dHtQ_1-_dJIMqqhVMyiKlqotkfgILiUzcQ3tvODl3zJ3fF-4u2iBQa43Fs3iP6yGkpIRBaR27rRdboDD-_su9CWZ0wTzBPSRWIuIB1jj5BoTE2_deF_cKPVa0SC8X5yEhzrvbPxqsrA8q9W9d7oeT_vje0XLjGNcOfIfEkHRuirQ-S_j3o0xAl8N9aZAkdytr8-K3MOObo16ZrEFaXQT0mWzdw&x-client-SKU=ID_NET6_0&x-client-ver=8.3.0.0 HTTP/1.1Host: login.microsoftonline.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveOrigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /scripts/me/MeControl/10.24228.4/en-US/meCore.min.js HTTP/1.1Host: mem.gfx.msConnection: keep-aliveOrigin: https://support.microsoft.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /public-a601c2d1-845c-4bbf-89f0-24e3e56bb31d/thumbnail_w800.jpeg HTTP/1.1Host: videoencodingpublic-hgeaeyeba8gycee3.b01.azurefd.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /savedusers?appid=ee272b19-4411-433f-8f28-5c13cb6fd407&wreply=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&uaid=7c0cf029-c8ce-4af6-6aca-7a7f9137eb83&partnerId=smcconvergence&idpflag=proxy HTTP/1.1Host: login.microsoftonline.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: esctx-4rwp2KHr124=AQABCQEAAABVrSpeuWamRam2jAF1XRQEpeJAjqq3nYZ81yvI70EEmeLSqiC_J0XKmnVNA1COaF-PaGohjnvpOY5aRZA2XXm3KnkpVqOJ-LFdj8fmnDqOQhyE6oGf9oLhxn8vS6XlTbeYFJ2hAgCn-71D9f7N0x2O5aQfBOuoHbw7YF3WGrbNySAA; fpc=ApYohLBimrxKqBXRhse3sxg; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE4u1A8_Krx12sY_5o_oii54QtIxq9LfXuRBrEpVpTfCdqJvU4uBNb6uFvh5P3w--VqLsJlSMI6YfQri4iVhU8FvODEZTUwFVNITMTrSyuPIvoImNJtGubAey7ifm98AH-f9QN16EW_mwiD7SdLiFzbILkN-Uy3ZgTJ5eh5PtWtpwgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Source: global traffic HTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638775389724976118.OGY2N2RjNDYtOWQyYy00ZTQ1LTk0MjQtYjM5MjMxNjk0OWM1ZDlkZGFlODYtNDIwMC00NzE1LTgzODYtMDRiYTkxMjNjNzQ5&prompt=none&nopa=2&state=CfDJ8EtdG32FO4NGh0T1bTLSXPQ1YpXoXDNugpO9PJgx57laBPB4JmC1amX5SIDKyvLnekTvKQrBmq66NpeFMFBbd-TQYxDp_mOEuxWoQUfg4jvSYMtutwem21QrutbMQ4-hENEoQujEftry7uwyV_dHtQ_1-_dJIMqqhVMyiKlqotkfgILiUzcQ3tvODl3zJ3fF-4u2iBQa43Fs3iP6yGkpIRBaR27rRdboDD-_su9CWZ0wTzBPSRWIuIB1jj5BoTE2_deF_cKPVa0SC8X5yEhzrvbPxqsrA8q9W9d7oeT_vje0XLjGNcOfIfEkHRuirQ-S_j3o0xAl8N9aZAkdytr8-K3MOObo16ZrEFaXQT0mWzdw&x-client-SKU=ID_NET6_0&x-client-ver=8.3.0.0&sso_reload=true HTTP/1.1Host: login.microsoftonline.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638775389724976118.OGY2N2RjNDYtOWQyYy00ZTQ1LTk0MjQtYjM5MjMxNjk0OWM1ZDlkZGFlODYtNDIwMC00NzE1LTgzODYtMDRiYTkxMjNjNzQ5&prompt=none&nopa=2&state=CfDJ8EtdG32FO4NGh0T1bTLSXPQ1YpXoXDNugpO9PJgx57laBPB4JmC1amX5SIDKyvLnekTvKQrBmq66NpeFMFBbd-TQYxDp_mOEuxWoQUfg4jvSYMtutwem21QrutbMQ4-hENEoQujEftry7uwyV_dHtQ_1-_dJIMqqhVMyiKlqotkfgILiUzcQ3tvODl3zJ3fF-4u2iBQa43Fs3iP6yGkpIRBaR27rRdboDD-_su9CWZ0wTzBPSRWIuIB1jj5BoTE2_deF_cKPVa0SC8X5yEhzrvbPxqsrA8q9W9d7oeT_vje0XLjGNcOfIfEkHRuirQ-S_j3o0xAl8N9aZAkdytr8-K3MOObo16ZrEFaXQT0mWzdw&x-client-SKU=ID_NET6_0&x-client-ver=8.3.0.0Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: esctx-4rwp2KHr124=AQABCQEAAABVrSpeuWamRam2jAF1XRQEpeJAjqq3nYZ81yvI70EEmeLSqiC_J0XKmnVNA1COaF-PaGohjnvpOY5aRZA2XXm3KnkpVqOJ-LFdj8fmnDqOQhyE6oGf9oLhxn8vS6XlTbeYFJ2hAgCn-71D9f7N0x2O5aQfBOuoHbw7YF3WGrbNySAA; fpc=ApYohLBimrxKqBXRhse3sxg; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE4u1A8_Krx12sY_5o_oii54QtIxq9LfXuRBrEpVpTfCdqJvU4uBNb6uFvh5P3w--VqLsJlSMI6YfQri4iVhU8FvODEZTUwFVNITMTrSyuPIvoImNJtGubAey7ifm98AH-f9QN16EW_mwiD7SdLiFzbILkN-Uy3ZgTJ5eh5PtWtpwgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic HTTP traffic detected: GET /shared/1.0/content/js/FetchSessions_Core_R0PmDES6QHGvk93sC6IvjQ2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveOrigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /public-a601c2d1-845c-4bbf-89f0-24e3e56bb31d/thumbnail_w800.jpeg HTTP/1.1Host: videoencodingpublic-hgeaeyeba8gycee3.b01.azurefd.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /savedusers?appid=ee272b19-4411-433f-8f28-5c13cb6fd407&wreply=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&uaid=7c0cf029-c8ce-4af6-6aca-7a7f9137eb83&partnerId=smcconvergence&idpflag=proxy&sso_reload=true HTTP/1.1Host: login.microsoftonline.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://login.microsoftonline.com/savedusers?appid=ee272b19-4411-433f-8f28-5c13cb6fd407&wreply=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&uaid=7c0cf029-c8ce-4af6-6aca-7a7f9137eb83&partnerId=smcconvergence&idpflag=proxyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: esctx-4rwp2KHr124=AQABCQEAAABVrSpeuWamRam2jAF1XRQEpeJAjqq3nYZ81yvI70EEmeLSqiC_J0XKmnVNA1COaF-PaGohjnvpOY5aRZA2XXm3KnkpVqOJ-LFdj8fmnDqOQhyE6oGf9oLhxn8vS6XlTbeYFJ2hAgCn-71D9f7N0x2O5aQfBOuoHbw7YF3WGrbNySAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; esctx-63uPvBeda8Y=AQABCQEAAABVrSpeuWamRam2jAF1XRQEknnip7MVJ41UFoFThr_gt4Ab-aml011CbuW1xI-hUyPv9d9eRoN36Y25Tjyl-nNrlG7gwMLksKTr2ZUlMRowdsiPDPefz8EbzCHsbCiYLfHTcwsI-8ev6XD4YAXR9-WfeBbllObKEJZdZjj7ujyc2SAA; buid=1.AV0AMe_N-B6jSkuT5F9XHpElWhkrJ-4RRD9DjyhcE8tv1AcBAABdAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEmQfbR2n9jbklT8QtzOsUDmVxQqeA4KN8uj1kvZj2A1paARBvRfTKREPNj0Bbv43SCBa3R__piuDVhMAL5tZDF_hCkv4sLUth3Vul5AeRtaYgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZkzZjL_rqaWr32YtxdmQ1RVqA17UKXT1WLuw4wo_XHmX3tPxvgSFDKYaTGcvPG4MJGDSEyUOgyKXyfXay26THWUqzYrsZDhuEeCyOpfP2QAtN03lK-wvtSEguAbHsuAXi9rYpXUEEktIClq5Ov6Q3bT26iZaDFHnNXuDu9YlA6YgAA; esctx-wqFScfAveHI=AQABCQEAAABVrSpeuWamRam2jAF1XRQEwGYJS1f0QXVcg3H5ay9uZs13ycu3n1dkCxwYcDA5eQ-bXxdDC5s5um3E3saAyQSnMfma5sQExLrCR5ISrqCC1PbvAh-8PWeSGyosoNGZKvVZTZiH2BkVQo5SqMueX2IWuF1oHay99Fs4NUApqI7J2SAA; fpc=ApYohLBimrxKqBXRhse3sxhqwEtIAQAAAJ_kZd8OAAAA
Source: global traffic HTTP traffic detected: GET /en-us/media/0b1fe818-4ce3-46e9-8851-111cec3c540c.png HTTP/1.1Host: support.content.office.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /static/public/central/neutral/8d293d4c-c611-44dd-963a-26137d3b12e0/a60d0e024baa9422cd26c83be43dfc763fa59490.png HTTP/1.1Host: cxcs.microsoft.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /static/public/central/neutral/8d293d4c-c611-44dd-963a-26137d3b12e0/a60d0e024baa9422cd26c83be43dfc763fa59490.png HTTP/1.1Host: cxcs.microsoft.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global traffic HTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: aka.ms
Source: global traffic DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic DNS traffic detected: DNS query: mem.gfx.ms
Source: global traffic DNS traffic detected: DNS query: js.monitor.azure.com
Source: global traffic DNS traffic detected: DNS query: c.s-microsoft.com
Source: global traffic DNS traffic detected: DNS query: cxcs.microsoft.net
Source: global traffic DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic DNS traffic detected: DNS query: videoencodingpublic-hgeaeyeba8gycee3.b01.azurefd.net
Source: global traffic DNS traffic detected: DNS query: acctcdn.msftauth.net
Source: global traffic DNS traffic detected: DNS query: logincdn.msftauth.net
Source: global traffic DNS traffic detected: DNS query: support.content.office.net
Source: chromecache_148.1.dr String found in binary or memory: http://github.com/requirejs/almond/LICENSE
Source: chromecache_121.1.dr, chromecache_108.1.dr String found in binary or memory: http://knockoutjs.com/
Source: chromecache_121.1.dr, chromecache_108.1.dr String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_100.1.dr, chromecache_128.1.dr String found in binary or memory: http://www.videolan.org/x264.html
Source: chromecache_121.1.dr, chromecache_108.1.dr String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_100.1.dr, chromecache_107.1.dr, chromecache_136.1.dr, chromecache_99.1.dr, chromecache_128.1.dr, chromecache_119.1.dr String found in binary or memory: https://github.com/google/shaka-packager
Source: chromecache_100.1.dr, chromecache_99.1.dr, chromecache_128.1.dr, chromecache_119.1.dr String found in binary or memory: https://github.com/google/shaka-packagerv2.6.1-634af65-release
Source: chromecache_101.1.dr String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_101.1.dr String found in binary or memory: https://login.windows-ppe.net
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49689
Source: unknown Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49688
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49689 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown HTTPS traffic detected: 216.58.206.68:443 -> 192.168.2.8:49688 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.36.225.166:443 -> 192.168.2.8:49690 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.36.225.166:443 -> 192.168.2.8:49689 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.22.242.215:443 -> 192.168.2.8:49699 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.19.106.98:443 -> 192.168.2.8:49707 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.196.240.134:443 -> 192.168.2.8:49718 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.196.240.134:443 -> 192.168.2.8:49727 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.190.160.65:443 -> 192.168.2.8:49736 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.22.242.73:443 -> 192.168.2.8:49751 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.190.160.65:443 -> 192.168.2.8:49774 version: TLS 1.2
Source: unknown HTTPS traffic detected: 92.123.12.139:443 -> 192.168.2.8:49783 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.73.237.198:443 -> 192.168.2.8:49802 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Windows\SystemTemp\scoped_dir5200_1715945005 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File deleted: C:\Windows\SystemTemp\scoped_dir5200_1715945005 Jump to behavior
Source: classification engine Classification label: clean3.win@26/123@32/11
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2084,i,14542350356144878619,5201175776123541410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2096 /prefetch:3
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://aka.ms/LearnAboutSenderIdentification"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2084,i,14542350356144878619,5201175776123541410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=4192 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2084,i,14542350356144878619,5201175776123541410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2096 /prefetch:3 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2084,i,14542350356144878619,5201175776123541410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=4192 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs