Windows
Analysis Report
https://mandrillapp.com/track/click/30646353/sainikschoolnagrota.com?p=eyJzIjoiU3ZCR2VOZVAyU3hHVTNyT0ZHZTludHl6WHhnIiwidiI6MiwicCI6IntcInVcIjozMDY0NjM1MyxcInZcIjoyLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL3NhaW5pa3NjaG9vbG5hZ3JvdGEuY29tXFxcL2ltYWdlc1xcXC9uZXdzXFxcL3ZuMTk5XFxcL3RyXFxcL1wiLFwiaWRcIjpcIjk4MDVkM
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Confidence: | 100% |
Signatures
Antivirus detection for URL or domain
Creates files inside the system directory
Deletes files inside the Windows folder
Detected suspicious crossdomain redirect
Classification
- System is w10x64
chrome.exe (PID: 4728 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --s tart-maxim ized "abou t:blank" MD5: E81F54E6C1129887AEA47E7D092680BF) chrome.exe (PID: 1468 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --no-pre-r ead-main-d ll --field -trial-han dle=2020,i ,607806694 5568898841 ,142489586 9829984824 4,262144 - -disable-f eatures=Op timization GuideModel Downloadin g,Optimiza tionHints, Optimizati onHintsFet ching,Opti mizationTa rgetPredic tion --var iations-se ed-version =20250306- 183004.429 000 --mojo -platform- channel-ha ndle=2052 /prefetch: 3 MD5: E81F54E6C1129887AEA47E7D092680BF)
chrome.exe (PID: 6372 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://mandr illapp.com /track/cli ck/3064635 3/sainiksc hoolnagrot a.com?p=ey JzIjoiU3ZC R2VOZVAyU3 hHVTNyT0ZH ZTludHl6WH hnIiwidiI6 MiwicCI6In tcInVcIjoz MDY0NjM1My xcInZcIjoy LFwidXJsXC I6XCJodHRw czpcXFwvXF xcL3NhaW5p a3NjaG9vbG 5hZ3JvdGEu Y29tXFxcL2 ltYWdlc1xc XC9uZXdzXF xcL3ZuMTk5 XFxcL3RyXF xcL1wiLFwi aWRcIjpcIj k4MDVkMzg3 ZDA3MTQ4Yz RiY2ZiY2Rh OTFmNDFkOT llXCIsXCJ1 cmxfaWRzXC I6W1wiM2Fi MTE4MjgwYT czNWY1M2Fl MTVmYjE4Y2 UyYjQ1YTgy YWFiMGQwNl wiXSxcIm1z Z190c1wiOj E3NDMwOTc3 MzJ9In0" MD5: E81F54E6C1129887AEA47E7D092680BF)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
- • AV Detection
- • Phishing
- • Compliance
- • Networking
- • System Summary
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira URL Cloud: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Binary string: | ||
Source: | Binary string: |
Source: | HTTP traffic: | ||
Source: | HTTP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |