Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
http://kra--31.cc/

Overview

General Information

Sample URL:http://kra--31.cc/
Analysis ID:1664017
Infos:

Detection

Score:1
Range:0 - 100
Confidence:100%

Signatures

HTML body contains low number of good links
HTML page contains hidden javascript code
HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 1004 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 6036 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2220,i,17733761303110079366,8861435248081199037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2248 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6780 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://kra--31.cc/" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://kra--31.cc/HTTP Parser: Number of links: 0
Source: https://kra--31.cc/HTTP Parser: Base64 decoded: 4Y...
Source: https://kra--31.cc/HTTP Parser: Title: kra30.at does not match URL
Source: https://kra--31.cc/HTTP Parser: No <meta name="author".. found
Source: https://kra--31.cc/HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 142.250.9.103:443 -> 192.168.2.4:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.79.89:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: kra--31.ccConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: kra--31.cc
Source: chromecache_51.2.drString found in binary or memory: https://fonts.googleapis.com
Source: chromecache_51.2.drString found in binary or memory: https://fonts.googleapis.com/css2?family=Inter:wght
Source: chromecache_51.2.drString found in binary or memory: https://fonts.gstatic.com
Source: chromecache_52.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2)
Source: chromecache_52.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2)
Source: chromecache_52.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7SUc.woff2)
Source: chromecache_52.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2)
Source: chromecache_52.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2JL7SUc.woff2)
Source: chromecache_52.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2ZL7SUc.woff2)
Source: chromecache_52.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2pL7SUc.woff2)
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownHTTPS traffic detected: 142.250.9.103:443 -> 192.168.2.4:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.79.89:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: classification engineClassification label: clean1.win@22/10@6/3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2220,i,17733761303110079366,8861435248081199037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2248 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://kra--31.cc/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2220,i,17733761303110079366,8861435248081199037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2248 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1664017 URL: http://kra--31.cc/ Startdate: 13/04/2025 Architecture: WINDOWS Score: 1 5 chrome.exe 2 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.4, 138, 443, 49709 unknown unknown 5->13 10 chrome.exe 5->10         started        process4 dnsIp5 15 www.google.com 142.250.9.103, 443, 49723, 49743 GOOGLEUS United States 10->15 17 kra--31.cc 104.21.79.89, 443, 49725 CLOUDFLARENETUS United States 10->17

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://kra--31.cc/0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
kra--31.cc
104.21.79.89
truefalse
    		unknown
    www.google.com
    		142.250.9.103
    		truefalse
      		high

      Contacted URLs

      NameMaliciousAntivirus DetectionReputation
      https://kra--31.cc/false
        		unknown

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        104.21.79.89
        		kra--31.ccUnited States
        		13335CLOUDFLARENETUSfalse
        142.250.9.103
        		www.google.comUnited States
        		15169GOOGLEUSfalse

        Private

        IP
        192.168.2.4

        General Information

        Joe Sandbox version:42.0.0 Malachite
        Analysis ID:1664017
        Start date and time:2025-04-13 09:00:17 +02:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 3m 4s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:browseurl.jbs
        Sample URL:http://kra--31.cc/
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:21
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Detection:CLEAN
        Classification:clean1.win@22/10@6/3
        • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, sppsvc.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
        • Excluded IPs from analysis (whitelisted): 74.125.136.102, 74.125.136.101, 74.125.136.138, 74.125.136.113, 74.125.136.139, 74.125.136.100, 64.233.185.94, 142.250.9.113, 142.250.9.139, 142.250.9.138, 142.250.9.100, 142.250.9.102, 142.250.9.101, 64.233.185.84, 108.177.122.139, 108.177.122.102, 108.177.122.100, 108.177.122.138, 108.177.122.101, 108.177.122.113, 74.125.138.113, 74.125.138.139, 74.125.138.138, 74.125.138.101, 74.125.138.102, 74.125.138.100, 64.233.177.95, 108.177.122.94, 142.251.15.95, 74.125.136.95, 173.194.219.95, 142.250.105.95, 64.233.176.95, 74.125.21.95, 142.250.9.95, 172.217.215.95, 108.177.122.95, 74.125.138.95, 64.233.185.95, 172.253.124.95, 199.232.214.172, 23.4.43.62, 64.233.185.138, 64.233.185.100, 64.233.185.139, 64.233.185.101, 64.233.185.102, 64.233.185.113, 64.233.176.100, 64.233.176.113, 64.233.176.139, 64.233.176.102, 64.233.176.101, 64.233.176.138, 142.251.15.94, 184.28.213.193, 20.12.23.50
        • Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, c.pki.goog
        • Not all processes where analyzed, report is missing behavior information
        • Report size getting too big, too many NtOpenFile calls found.
        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
        • VT rate limit hit for: http://kra--31.cc/

        Simulations

        Behavior and APIs

        No simulations

        Joe Sandbox View / Context

        IPs

        No context

        Domains

        No context

        ASNs

        No context

        JA3 Fingerprints

        No context

        Dropped Files

        No context

        Created / dropped Files

        Chrome Cache Entry: 51

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:HTML document, Unicode text, UTF-8 text, with very long lines (20607)
        Category:downloaded
        Size (bytes):41845
        Entropy (8bit):4.471834843648324
        Encrypted:false
        SSDEEP:384:I35RS71FYMknZII6TPHqZeeCD07bslnFerDY8qF6z6ngLNMjxCoXp4nXaSW:I3P6PZH5dD0AFerwFc6nONMHXp0m
        MD5:DB5B32B816DDDCCDF7EF8EB0C7B2663D
        SHA1:9018DBCF63CF8ABEB4497F0C8F6EE0CD3525B3E8
        SHA-256:1AC26E25A6FC725186F832F58E6F5951F2256EF4C0B8F5BB1FB8FB951135C493
        SHA-512:3579CB5849BB90E5E1972D2106373C1197C7100A33488D1F1903491628DC63B594DF7B83AB40AC67A327806AB083684DD3CD40227A34E168192FE015C3B231B1
        Malicious:false
        Reputation:low
        URL:https://kra--31.cc/
        Preview:<!DOCTYPE html>.<html lang="ru">..<head>...<meta charset="UTF-8" />...<title>kra30.at</title>...<meta name="keywords" content="kra31.cc, kra31, ......, ...31.., ...... ......., ...... ...., KRA31 AT, KRA31.AT, kra30.cc, kra30, kra30 cc,kra31 cc, kra32.cc, ...32, .., ......, ..........., ...., ......, ......., entry, captcha, login, .........., ..........., .........">...<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no" />...<link rel="preconnect" href="https://fonts.googleapis.com" />...<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />...<link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap" rel="stylesheet" />...<link rel="shortcut icon" href="data:image/x-icon;base64,AAABAAMAEBAAAAEAIABoBAAANgAAACAgAAABACAAKBEAAJ4EAAAwMAAAAQAgAGgmAADGFQAAKAAAABAAAAAgAAAAAQAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

        Chrome Cache Entry: 52

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:ASCII text
        Category:downloaded
        Size (bytes):9884
        Entropy (8bit):5.476245200586647
        Encrypted:false
        SSDEEP:192:wAAGj73lOkiDAN/C734nkD8AO4x73/Ak8GAEif73RKkG5:BFrERPGRm
        MD5:AEE824607990314C855A2D601BC0B09D
        SHA1:1F7907DBB5081FD3897AAAE58F6E2264DAEC9D91
        SHA-256:13F2C0F493DE32018ABD6C456775DB4B79C1D2EE56118F42A07A19D882D6DC6F
        SHA-512:4B1C178C51FFA51D303EC1153BF4B7C827D7B93A5C3674E0E3C9105D58AC9A80A1A3662CEFD46B941FBCB249986692874907BA6B51EF9756CACA21F8656AA7F3
        Malicious:false
        Reputation:low
        URL:https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
        Preview:/* cyrillic-ext */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2JL7SUc.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2ZL7SUc.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. font-display: swa

        Chrome Cache Entry: 53

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:Web Open Font Format (Version 2), TrueType, length 18740, version 1.0
        Category:downloaded
        Size (bytes):18740
        Entropy (8bit):7.9892288345233755
        Encrypted:false
        SSDEEP:384:AtbXebWepTmCSQiXLGg63eWz5WkPvRhc4Xci8yxpMNG:Adfeg9LGgHa3vRhj58yQNG
        MD5:06AB411342ACDBFE3E746EE904E12CC5
        SHA1:D83A47942575EEB80D30EBC7BF9A5B6F83C930FB
        SHA-256:62CC01DAEF72C3EA76A258445368D2F4AB8D05A91F91C53FD12F7C42E3325942
        SHA-512:6DC7AE210DC6578115AC9A4B78431BE0F3F767684D3088FF5CD8094D1CE37756CE606571F325E6C97757DFFE012D491792EFAC56EFCE2FB7A4FCE9A7137CFC19
        Malicious:false
        Reputation:low
        URL:https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
        Preview:wOF2......I4..........H..............................h...?HVAR.A?MVAR^.`?STAT.N'&..D/l.........4.0...6.$..d. .....C.....%..C....z.T..D.... F"...@D......d..v`jV..d#QIwH..Jb.i..Z.bD..26D[.b...`.H.^Pi..a......X..x.x...V.....B`S.m..i.-Hd...T.;X..8...WN<.o...+..M..wrD.Nx.....a..h.a.....H..h.....b..P.(Q..|#F.. .$.M.."5.~.:.. .r.*P....o.{b@.&...c.AH....g...?.,.,.."-Fq...Q.b_U........W.."89...Sl.D.~Y{..\L.F...A.b..+..%..M....i.b....o......*.HT1O$...$....s.LS.#.$..@.SI.#..FG...?...>....8[Q?7.......,@......D.`.2qR._~.z..g..tm<....."];....w.rV..p...._L|a./iW.+..?faX......rT..;....;...8p[.......N.\....6.o..W...f'H.......,*z.3#..j.&.*.].C....$o....pm.....eN*.+.....J.a.._...u.....L..Vwk..a...rh.5`.I..M.h,.H`X..a.3..TH.2p.q.q.....~.....Hu&.#..Sti....j......,..m.ey...J...C...`.....<...z.!8.........yDu\.u...C..............'H.D.6.....t.1..TB..y~.g.A.....o.HQ8.>|.A...".1qBR.....#../.P..P..P..P..........0.P..#..HP..b..(..A......Plc.b'3...xs.C..9. ..G...@..............

        Chrome Cache Entry: 54

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
        Category:downloaded
        Size (bytes):48444
        Entropy (8bit):7.995593685409469
        Encrypted:true
        SSDEEP:768:dn0V9qZpy/4pR+9MzTCGXckDohHxCc/TfZQEh9UONYyPYcABoN/8rZujvB:dn0+rAmWUMooVrbZQE7NYyzABK8rQ1
        MD5:8E433C0592F77BEB6DC527D7B90BE120
        SHA1:D7402416753AE1BB4CBD4B10D33A0C10517838BD
        SHA-256:F052EE44C3728DFD23ABA8A4567150BC314D23903026FBB6AD089422C2DF56AF
        SHA-512:5E90F48B923BB95AEB49691D03DADE8825C119B2FA28977EA170C41548900F4E0165E2869F97C7A9380D7FF8FF331A1DA855500E5F7B0DFD2B9ABD77A386BBF3
        Malicious:false
        Reputation:low
        URL:https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
        Preview:wOF2.......<.......l..............................`...\..p?HVAR.m?MVAR^.`?STAT.N'&..>/l........>....0....6.$.... ........[..A.2v.6......$..e...w"../.L.p:......Tpc..8@.[5......d#d.xw..o.O3-.....%..>...%..)~p.K.J.H..S...s..z..Wa.. 0\..J.....BL;V..-.L...j....^.9..HO l..,.*.6.v....?....x.....m..;....a![zif...Ur...Q..P.&.I1..:n.p...j~..h...9.!....@.<.bl|.Y?h..B.j/..rH.S%/~.^D...6..D.4G...y....Y.....=/o..W..5ryo.d?.gA]..?...1V..S......7ZJ...f....mBG[0eW....y..%B}..]? ...,sR<.y~.~.}.%.!..,X.....`...R..^....S.....u*.?k.v.k..U.u..M..`!...b!..X)P...y{.........n..T+6...R......L...x}...g...].g"WT.b..h ....X...=;{w...QO.s..w..@.(,..........{.........1..@...(...\.......9*..2.h9P.G........K.Dp...F..4W..ui.u...G...s..x7.?..tg..D..O.sA..t.t.4..~..e\...X.....T..kf.qfX..=^_....g"....De...x[J..A..).G.YUhR.....0.l..#&3.'.K..*...........$I.Pp.../.s.<@...r=..S......d..P.S.B.w.~X..ZK....h J.`A.bv,=.....>1.Ev.^..U.A. ....EU..].........dw..!$.A`..B.._.....Z~..!..J..l]r.m}m..

        Chrome Cache Entry: 55

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:ASCII text, with no line terminators
        Category:downloaded
        Size (bytes):16
        Entropy (8bit):3.875
        Encrypted:false
        SSDEEP:3:HsqS1Y:Mp1Y
        MD5:5C5817DDFA72596CA976CA36E874EA95
        SHA1:4491479472A5B053DE8967911670F25206244D71
        SHA-256:2F317DE6216E423E81CC08AC342EA0ECD028D794E783D41CC46536ECCA8DC897
        SHA-512:23E7764083C72130E745DC2A490DEAC90E99A02B00D318FE1B325C6BC16798C7FF3823FCC23346C811A66DE62656774D49C2E39F6E084B828033EA2C05773E3A
        Malicious:false
        Reputation:low
        URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCYRe5iLpGzJJEgUN0rme3CFNd0dOyEx5sw==?alt=proto
        Preview:CgkKBw3SuZ7cGgA=

        Static File Info

        No static file info

        Network Behavior

        Download Network PCAP: filteredfull

        Network Port Distribution

        • Total Packets: 77
        • 443 (HTTPS)
        • 80 (HTTP)
        • 53 (DNS)
        TimestampSource PortDest PortSource IPDest IP
        Apr 13, 2025 09:01:16.249401093 CEST49671443192.168.2.4204.79.197.203
        Apr 13, 2025 09:01:16.574907064 CEST49671443192.168.2.4204.79.197.203
        Apr 13, 2025 09:01:17.248811007 CEST49671443192.168.2.4204.79.197.203
        Apr 13, 2025 09:01:18.454730034 CEST49671443192.168.2.4204.79.197.203
        Apr 13, 2025 09:01:20.196976900 CEST49723443192.168.2.4142.250.9.103
        Apr 13, 2025 09:01:20.197065115 CEST44349723142.250.9.103192.168.2.4
        Apr 13, 2025 09:01:20.197181940 CEST49723443192.168.2.4142.250.9.103
        Apr 13, 2025 09:01:20.197477102 CEST49723443192.168.2.4142.250.9.103
        Apr 13, 2025 09:01:20.197534084 CEST44349723142.250.9.103192.168.2.4
        Apr 13, 2025 09:01:20.428278923 CEST44349723142.250.9.103192.168.2.4
        Apr 13, 2025 09:01:20.428564072 CEST49723443192.168.2.4142.250.9.103
        Apr 13, 2025 09:01:20.429565907 CEST49723443192.168.2.4142.250.9.103
        Apr 13, 2025 09:01:20.429616928 CEST44349723142.250.9.103192.168.2.4
        Apr 13, 2025 09:01:20.429953098 CEST44349723142.250.9.103192.168.2.4
        Apr 13, 2025 09:01:20.471585035 CEST49723443192.168.2.4142.250.9.103
        Apr 13, 2025 09:01:20.862204075 CEST49671443192.168.2.4204.79.197.203
        Apr 13, 2025 09:01:22.723836899 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:22.723927021 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:22.724195004 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:22.724195004 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:22.724349976 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.073074102 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.073292971 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.075387001 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.075413942 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.075859070 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.076186895 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.120277882 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.600321054 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.600415945 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.600455999 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.600495100 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.600536108 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.600565910 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.600584984 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.600584984 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.600615025 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.600630999 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.600639105 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.600670099 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.600697994 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601197004 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601231098 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601258039 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601257086 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.601324081 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601363897 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.601732969 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601780891 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601782084 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.601793051 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601835012 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.601845980 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601907015 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601938009 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.601953983 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.601970911 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.602039099 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.602052927 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.654215097 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.716135025 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716211081 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716236115 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716272116 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.716304064 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716350079 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.716360092 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716428041 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716454983 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716463089 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.716470957 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716502905 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.716813087 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716859102 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716885090 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716891050 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.716905117 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.716937065 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.716944933 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.717025995 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:23.717065096 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.719737053 CEST49725443192.168.2.4104.21.79.89
        Apr 13, 2025 09:01:23.719760895 CEST44349725104.21.79.89192.168.2.4
        Apr 13, 2025 09:01:24.518986940 CEST49678443192.168.2.420.189.173.27
        Apr 13, 2025 09:01:24.833080053 CEST49678443192.168.2.420.189.173.27
        Apr 13, 2025 09:01:25.442931890 CEST49678443192.168.2.420.189.173.27
        Apr 13, 2025 09:01:25.677191973 CEST49671443192.168.2.4204.79.197.203
        Apr 13, 2025 09:01:26.642860889 CEST49678443192.168.2.420.189.173.27
        Apr 13, 2025 09:01:27.962116003 CEST4968180192.168.2.42.17.190.73
        Apr 13, 2025 09:01:28.267546892 CEST4968180192.168.2.42.17.190.73
        Apr 13, 2025 09:01:28.288701057 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.288997889 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.289020061 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.409624100 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.409750938 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.409852028 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.410828114 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.410862923 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.410893917 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.410938025 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.411365032 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.413340092 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.413383961 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.413403988 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.413430929 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.416114092 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.532104969 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.536860943 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.539237022 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.539275885 CEST44349709131.253.33.254192.168.2.4
        Apr 13, 2025 09:01:28.539303064 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.539366007 CEST49709443192.168.2.4131.253.33.254
        Apr 13, 2025 09:01:28.876604080 CEST4968180192.168.2.42.17.190.73
        Apr 13, 2025 09:01:29.047231913 CEST49678443192.168.2.420.189.173.27
        Apr 13, 2025 09:01:30.079504967 CEST4968180192.168.2.42.17.190.73
        Apr 13, 2025 09:01:30.412013054 CEST44349723142.250.9.103192.168.2.4
        Apr 13, 2025 09:01:30.412090063 CEST44349723142.250.9.103192.168.2.4
        Apr 13, 2025 09:01:30.412231922 CEST49723443192.168.2.4142.250.9.103
        Apr 13, 2025 09:01:31.127861977 CEST49723443192.168.2.4142.250.9.103
        Apr 13, 2025 09:01:31.127938032 CEST44349723142.250.9.103192.168.2.4
        Apr 13, 2025 09:01:32.488114119 CEST4968180192.168.2.42.17.190.73
        Apr 13, 2025 09:01:33.846630096 CEST49678443192.168.2.420.189.173.27
        Apr 13, 2025 09:01:35.291412115 CEST49671443192.168.2.4204.79.197.203
        Apr 13, 2025 09:01:37.299050093 CEST4968180192.168.2.42.17.190.73
        Apr 13, 2025 09:01:43.461416006 CEST49678443192.168.2.420.189.173.27
        Apr 13, 2025 09:01:46.908551931 CEST4968180192.168.2.42.17.190.73
        Apr 13, 2025 09:02:20.137017012 CEST49743443192.168.2.4142.250.9.103
        Apr 13, 2025 09:02:20.137110949 CEST44349743142.250.9.103192.168.2.4
        Apr 13, 2025 09:02:20.137200117 CEST49743443192.168.2.4142.250.9.103
        Apr 13, 2025 09:02:20.137375116 CEST49743443192.168.2.4142.250.9.103
        Apr 13, 2025 09:02:20.137397051 CEST44349743142.250.9.103192.168.2.4
        Apr 13, 2025 09:02:20.357079983 CEST44349743142.250.9.103192.168.2.4
        Apr 13, 2025 09:02:20.357492924 CEST49743443192.168.2.4142.250.9.103
        Apr 13, 2025 09:02:20.357549906 CEST44349743142.250.9.103192.168.2.4
        Apr 13, 2025 09:02:30.358839035 CEST44349743142.250.9.103192.168.2.4
        Apr 13, 2025 09:02:30.358916998 CEST44349743142.250.9.103192.168.2.4
        Apr 13, 2025 09:02:30.359005928 CEST49743443192.168.2.4142.250.9.103
        Apr 13, 2025 09:02:31.134594917 CEST49743443192.168.2.4142.250.9.103
        Apr 13, 2025 09:02:31.134656906 CEST44349743142.250.9.103192.168.2.4
        TimestampSource PortDest PortSource IPDest IP
        Apr 13, 2025 09:01:17.248730898 CEST53619611.1.1.1192.168.2.4
        Apr 13, 2025 09:01:17.286031961 CEST53504991.1.1.1192.168.2.4
        Apr 13, 2025 09:01:18.054100037 CEST53633571.1.1.1192.168.2.4
        Apr 13, 2025 09:01:18.247726917 CEST53619811.1.1.1192.168.2.4
        Apr 13, 2025 09:01:20.082108974 CEST5533653192.168.2.41.1.1.1
        Apr 13, 2025 09:01:20.082281113 CEST6239353192.168.2.41.1.1.1
        Apr 13, 2025 09:01:20.189059019 CEST53553361.1.1.1192.168.2.4
        Apr 13, 2025 09:01:20.189433098 CEST53623931.1.1.1192.168.2.4
        Apr 13, 2025 09:01:22.519064903 CEST5579053192.168.2.41.1.1.1
        Apr 13, 2025 09:01:22.521344900 CEST5938253192.168.2.41.1.1.1
        Apr 13, 2025 09:01:22.540363073 CEST5996253192.168.2.41.1.1.1
        Apr 13, 2025 09:01:22.540719032 CEST6161753192.168.2.41.1.1.1
        Apr 13, 2025 09:01:22.630214930 CEST53557901.1.1.1192.168.2.4
        Apr 13, 2025 09:01:22.631272078 CEST53593821.1.1.1192.168.2.4
        Apr 13, 2025 09:01:22.679928064 CEST53599621.1.1.1192.168.2.4
        Apr 13, 2025 09:01:22.741554022 CEST53616171.1.1.1192.168.2.4
        Apr 13, 2025 09:01:23.754749060 CEST53506131.1.1.1192.168.2.4
        Apr 13, 2025 09:01:23.865832090 CEST53576741.1.1.1192.168.2.4
        Apr 13, 2025 09:01:35.275190115 CEST53565171.1.1.1192.168.2.4
        Apr 13, 2025 09:01:54.399981022 CEST53577981.1.1.1192.168.2.4
        Apr 13, 2025 09:02:16.711863995 CEST53612921.1.1.1192.168.2.4
        Apr 13, 2025 09:02:17.286020994 CEST53633661.1.1.1192.168.2.4
        Apr 13, 2025 09:02:18.542278051 CEST53547871.1.1.1192.168.2.4
        Apr 13, 2025 09:02:24.001190901 CEST138138192.168.2.4192.168.2.255
        TimestampSource IPDest IPChecksumCodeType
        Apr 13, 2025 09:01:22.741660118 CEST192.168.2.41.1.1.1c229(Port unreachable)Destination Unreachable

        DNS Queries

        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
        Apr 13, 2025 09:01:20.082108974 CEST192.168.2.41.1.1.10xc087Standard query (0)www.google.comA (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:20.082281113 CEST192.168.2.41.1.1.10x9e84Standard query (0)www.google.com65IN (0x0001)false
        Apr 13, 2025 09:01:22.519064903 CEST192.168.2.41.1.1.10x8defStandard query (0)kra--31.ccA (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:22.521344900 CEST192.168.2.41.1.1.10x8196Standard query (0)kra--31.cc65IN (0x0001)false
        Apr 13, 2025 09:01:22.540363073 CEST192.168.2.41.1.1.10xb3c0Standard query (0)kra--31.ccA (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:22.540719032 CEST192.168.2.41.1.1.10xdb32Standard query (0)kra--31.cc65IN (0x0001)false

        DNS Answers

        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
        Apr 13, 2025 09:01:20.189059019 CEST1.1.1.1192.168.2.40xc087No error (0)www.google.com142.250.9.103A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:20.189059019 CEST1.1.1.1192.168.2.40xc087No error (0)www.google.com142.250.9.105A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:20.189059019 CEST1.1.1.1192.168.2.40xc087No error (0)www.google.com142.250.9.99A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:20.189059019 CEST1.1.1.1192.168.2.40xc087No error (0)www.google.com142.250.9.147A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:20.189059019 CEST1.1.1.1192.168.2.40xc087No error (0)www.google.com142.250.9.106A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:20.189059019 CEST1.1.1.1192.168.2.40xc087No error (0)www.google.com142.250.9.104A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:20.189433098 CEST1.1.1.1192.168.2.40x9e84No error (0)www.google.com65IN (0x0001)false
        Apr 13, 2025 09:01:22.630214930 CEST1.1.1.1192.168.2.40x8defNo error (0)kra--31.cc104.21.79.89A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:22.630214930 CEST1.1.1.1192.168.2.40x8defNo error (0)kra--31.cc172.67.169.109A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:22.631272078 CEST1.1.1.1192.168.2.40x8196No error (0)kra--31.cc65IN (0x0001)false
        Apr 13, 2025 09:01:22.679928064 CEST1.1.1.1192.168.2.40xb3c0No error (0)kra--31.cc104.21.79.89A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:22.679928064 CEST1.1.1.1192.168.2.40xb3c0No error (0)kra--31.cc172.67.169.109A (IP address)IN (0x0001)false
        Apr 13, 2025 09:01:22.741554022 CEST1.1.1.1192.168.2.40xdb32No error (0)kra--31.cc65IN (0x0001)false

        HTTP Request Dependency Graph

        • kra--31.cc

        HTTPS Proxied Packets

        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        0192.168.2.449725104.21.79.894436036C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2025-04-13 07:01:23 UTC660OUTGET / HTTP/1.1
        Host: kra--31.cc
        Connection: keep-alive
        Upgrade-Insecure-Requests: 1
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
        sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
        sec-ch-ua-mobile: ?0
        sec-ch-ua-platform: "Windows"
        Sec-Fetch-Site: none
        Sec-Fetch-Mode: navigate
        Sec-Fetch-User: ?1
        Sec-Fetch-Dest: document
        Accept-Encoding: gzip, deflate, br, zstd
        Accept-Language: en-US,en;q=0.9
        2025-04-13 07:01:23 UTC807INHTTP/1.1 200 OK
        Date: Sun, 13 Apr 2025 07:01:23 GMT
        Content-Type: text/html; charset=utf-8
        Transfer-Encoding: chunked
        Connection: close
        cf-cache-status: DYNAMIC
        vary: accept-encoding
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F81uVHknrcFNerhosuERsAGsdk1qsqz3skxZ5C%2F1XUmdJP%2BqWc2hY4fhAxq1y5wLcLLfASdHL4Jzu3O8uEjDEjoJoYEAxD7x8yKZEr222Tks3wa8R9%2F1g%2B4gHm3E"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Server: cloudflare
        CF-RAY: 92f91783880e53d4-ATL
        alt-svc: h3=":443"; ma=86400
        server-timing: cfL4;desc="?proto=TCP&rtt=108797&min_rtt=106354&rtt_var=21680&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2796&recv_bytes=1236&delivery_rate=37927&cwnd=253&unsent_bytes=0&cid=124ae5c40125362d&ts=661&x=0"
        2025-04-13 07:01:23 UTC562INData Raw: 33 33 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 72 75 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 09 3c 74 69 74 6c 65 3e 6b 72 61 33 30 2e 61 74 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6b 72 61 33 31 2e 63 63 2c 20 6b 72 61 33 31 2c 20 d0 ba d1 80 d0 b0 d0 ba d0 b5 d0 bd 2c 20 d0 ba d1 80 d0 b0 33 31 d1 81 d1 81 2c 20 d0 ba d1 80 d0 b0 d0 ba d0 b5 d0 bd 20 d0 b7 d0 b5 d1 80 d0 ba d0 b0 d0 bb d0 be 2c 20 d0 ba d1 80 d0 b0 d0 ba d0 b5 d0 bd 20 d0 b2 d1 85 d0 be d0 b4 2c 20 4b 52 41 33 31 20 41 54 2c 20 4b 52 41 33 31 2e 41 54 2c 20 6b 72 61 33 30 2e
        Data Ascii: 333<!DOCTYPE html><html lang="ru"><head><meta charset="UTF-8" /><title>kra30.at</title><meta name="keywords" content="kra31.cc, kra31, , 31, , , KRA31 AT, KRA31.AT, kra30.
        2025-04-13 07:01:23 UTC264INData Raw: 6c 65 3d 6e 6f 22 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 22 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 49 6e 74 65 72 3a 77 67 68 74 40 33 30 30 3b 34 30 30 3b 35 30 30 3b 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68
        Data Ascii: le=no" /><link rel="preconnect" href="https://fonts.googleapis.com" /><link rel="preconnect" href="https://fonts.gstatic.com" crossorigin /><link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap" rel="stylesh
        2025-04-13 07:01:23 UTC1369INData Raw: 36 31 36 35 0d 0a 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 62 61 73 65 36 34 2c 41 41 41 42 41 41 4d 41 45 42 41 41 41 41 45 41 49 41 42 6f 42 41 41 41 4e 67 41 41 41 43 41 67 41 41 41 42 41 43 41 41 4b 42 45 41 41 4a 34 45 41 41 41 77 4d 41 41 41 41 51 41 67 41 47 67 6d 41 41 44 47 46 51 41 41 4b 41 41 41 41 42 41 41 41 41 41 67 41 41 41 41 41 51 41 67 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
        Data Ascii: 6165<link rel="shortcut icon" href="data:image/x-icon;base64,AAABAAMAEBAAAAEAIABoBAAANgAAACAgAAABACAAKBEAAJ4EAAAwMAAAAQAgAGgmAADGFQAAKAAAABAAAAAgAAAAAQAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
        2025-04-13 07:01:23 UTC1369INData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
        Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
        2025-04-13 07:01:23 UTC1369INData Raw: 41 50 77 41 41 41 44 39 41 41 41 41 2f 51 41 41 41 50 30 41 41 41 44 39 41 41 41 41 2f 51 41 41 41 50 30 41 41 41 44 39 41 41 41 41 2f 51 41 41 41 50 30 41 41 41 44 7a 41 41 41 41 6e 67 41 41 41 42 6b 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 67 41 41 41 41 61 41 41 41 41 48 67 41 41 41 42 38 41 41 41 41 66 41 41 41 41 48 77 41 41 41 42 34 41 41 41 41 57 41 41 41 41 42 51 41 41 41 44 51 41 41 41 43 75 41 41 41 41 38 67 41 41 41 50 34 41 41 41 44 2f 41 41 41 41 2f 77 41 41 41 50 38 41 41 41 44 2f 41 41 41 41 2f 77 41 41 41 50 38 41 41 41 44 2f 41 41 41 41 2f 77 41 41 41 50 6b 41 41 41 43 2f 41 41 41 41 4c 51 41 41 41 41 49 41 41 41 41 41 41 41 41 41 41 41 41
        Data Ascii: APwAAAD9AAAA/QAAAP0AAAD9AAAA/QAAAP0AAAD9AAAA/QAAAP0AAADzAAAAngAAABkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAaAAAAHgAAAB8AAAAfAAAAHwAAAB4AAAAWAAAABQAAADQAAACuAAAA8gAAAP4AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAPkAAAC/AAAALQAAAAIAAAAAAAAAAAA
        2025-04-13 07:01:23 UTC1369INData Raw: 41 41 41 41 41 41 41 41 41 45 41 41 41 41 62 41 41 41 41 68 51 41 41 41 4f 55 41 41 41 44 39 41 41 41 41 2f 77 41 41 41 50 38 41 41 41 44 2f 41 41 41 41 2f 77 41 41 41 50 34 41 41 41 44 76 41 41 41 41 67 51 41 41 41 42 45 41 41 41 41 44 41 41 41 41 4e 41 41 41 41 4d 55 41 41 41 44 35 41 41 41 41 39 41 41 41 41 4a 38 41 41 41 41 58 41 41 41 41 43 51 41 41 41 44 38 41 41 41 43 30 41 41 41 41 33 67 41 41 41 4a 49 41 41 41 41 67 41 41 41 41 41 51 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 4d 41 41 41 41 73 41 41 41 41 6f 77 41 41 41 50 41 41 41 41 44 2b 41 41 41 41 2f 77 41 41 41 50 38 41 41 41 44 2f 41 41 41 41 2f 77 41 41 41 50 55 41 41 41 43 6d 41 41 41 41 48 51 41 41 41 41 41 41 41 41 41 58
        Data Ascii: AAAAAAAAAEAAAAbAAAAhQAAAOUAAAD9AAAA/wAAAP8AAAD/AAAA/wAAAP4AAADvAAAAgQAAABEAAAADAAAANAAAAMUAAAD5AAAA9AAAAJ8AAAAXAAAACQAAAD8AAAC0AAAA3gAAAJIAAAAgAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAAAsAAAAowAAAPAAAAD+AAAA/wAAAP8AAAD/AAAA/wAAAPUAAACmAAAAHQAAAAAAAAAX
        2025-04-13 07:01:23 UTC1369INData Raw: 41 41 41 41 41 47 41 41 41 41 4d 67 41 41 41 49 6b 41 41 41 44 56 41 41 41 41 39 51 41 41 41 50 77 41 41 41 44 75 41 41 41 41 68 51 41 41 41 42 6f 41 41 41 41 42 41 41 41 41 41 41 41 41 41 41 55 41 41 41 42 42 41 41 41 41 74 41 41 41 41 47 30 41 41 41 41 5a 41 41 41 41 41 67 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 45 41 41 41 41 47 67 41 41 41 46 30 41 41 41 43 32 41 41 41 41 36 67 41 41 41 4f 34 41 41 41 43 51 41 41 41 41 47 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 42 59 41 41 41 42 73 41 41 41 41 4f 77 41 41 41
        Data Ascii: AAAAAGAAAAMgAAAIkAAADVAAAA9QAAAPwAAADuAAAAhQAAABoAAAABAAAAAAAAAAUAAABBAAAAtAAAAG0AAAAZAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAGgAAAF0AAAC2AAAA6gAAAO4AAACQAAAAGAAAAAAAAAAAAAAAAAAAABYAAABsAAAAOwAAA
        2025-04-13 07:01:23 UTC1369INData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
        Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
        2025-04-13 07:01:23 UTC1369INData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
        Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
        2025-04-13 07:01:23 UTC1369INData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 47 51 41 41 41 43 59 41 41 41 41 31 51 41 41 41 4f 77 41 41 41 44 79 41 41 41 41 38 67 41 41 41 50 49 41 41 41 44 79 41 41 41 41 38 67 41 41 41 50 49 41 41 41 44 79 41 41 41 41 38 67 41 41 41 50 49 41 41 41 44 79 41 41 41 41 38 67 41 41 41 50 49 41 41 41 44 79 41 41 41 41 38 67 41 41 41 50 49 41 41 41 44 7a 41 41 41 41 33 51 41 41 41 4a 51 41 41 41 42 41 41 41 41 41 42 67 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
        Data Ascii: AAAAAAAAAAAAAAAAAAAAGQAAACYAAAA1QAAAOwAAADyAAAA8gAAAPIAAADyAAAA8gAAAPIAAADyAAAA8gAAAPIAAADyAAAA8gAAAPIAAADyAAAA8gAAAPIAAADzAAAA3QAAAJQAAABAAAAABgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA


        Statistics

        CPU Usage

        020406080s020406080100

        Click to jump to process

        Memory Usage

        020406080s0.0050100MB

        Click to jump to process

        Behavior

        Click to jump to process

        System Behavior

        General

        Target ID:1
        Start time:03:01:11
        Start date:13/04/2025
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Imagebase:0x7ff786830000
        File size:3'388'000 bytes
        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false
        Show Windows behavior

        File Activities

        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
        Show Windows behavior

        COM Activities

        Show Windows behavior

        Process Activities

        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
        Show Windows behavior

        Memory Activities

        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
        Show Windows behavior

        Process Token Activities


        General

        Target ID:2
        Start time:03:01:15
        Start date:13/04/2025
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2220,i,17733761303110079366,8861435248081199037,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2248 /prefetch:3
        Imagebase:0x7ff786830000
        File size:3'388'000 bytes
        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false
        Show Windows behavior

        File Activities

        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
        Show Windows behavior

        Memory Activities

        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

        General

        Target ID:4
        Start time:03:01:21
        Start date:13/04/2025
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://kra--31.cc/"
        Imagebase:0x7ff786830000
        File size:3'388'000 bytes
        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:true
        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
        Show Windows behavior

        Memory Activities


        Disassembly

        No disassembly