Edit tour

Windows Analysis Report
https://kamaypet.cl/cencosud

Overview

General Information

Sample URL:https://kamaypet.cl/cencosud
Analysis ID:1669003
Infos:

Detection

Score:0
Range:0 - 100
Confidence:80%

Signatures

No high impact signatures.

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64
  • chrome.exe (PID: 2724 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 5740 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2056,i,7772434897176932309,13178567711866140929,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2084 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6800 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kamaypet.cl/cencosud" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://kamaypet.cl/cencosudHTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 173.194.219.99:443 -> 192.168.2.4:49720 version: TLS 1.2
Source: unknownHTTPS traffic detected: 192.140.57.80:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 192.140.57.80:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 217.20.48.39
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /cencosud HTTP/1.1Host: kamaypet.clConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: kamaypet.clConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://kamaypet.cl/cencosudAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: kamaypet.cl
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Sat, 19 Apr 2025 02:04:37 GMTContent-Type: text/htmlContent-Length: 1251Connection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachealt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"x-turbo-charged-by: LiteSpeed
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Sat, 19 Apr 2025 02:04:37 GMTContent-Type: text/htmlContent-Length: 1251Connection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachealt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"x-turbo-charged-by: LiteSpeed
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownHTTPS traffic detected: 173.194.219.99:443 -> 192.168.2.4:49720 version: TLS 1.2
Source: unknownHTTPS traffic detected: 192.140.57.80:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 192.140.57.80:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: classification engineClassification label: clean0.win@21/0@4/4
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2056,i,7772434897176932309,13178567711866140929,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2084 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kamaypet.cl/cencosud"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2056,i,7772434897176932309,13178567711866140929,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2084 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Process Injection
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1669003 URL: https://kamaypet.cl/cencosud Startdate: 19/04/2025 Architecture: WINDOWS Score: 0 5 chrome.exe 2 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.13 unknown unknown 5->13 15 192.168.2.4, 138, 443, 49709 unknown unknown 5->15 10 chrome.exe 5->10         started        process4 dnsIp5 17 kamaypet.cl 192.140.57.80, 443, 49724, 49725 ServiciosInformaticosHostnameLtdaCL Chile 10->17 19 www.google.com 173.194.219.99, 443, 49720, 49738 GOOGLEUS United States 10->19

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://kamaypet.cl/cencosud0%Avira URL Cloudsafe
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://kamaypet.cl/favicon.ico0%Avira URL Cloudsafe

Download Network PCAP: filteredfull

NameIPActiveMaliciousAntivirus DetectionReputation
kamaypet.cl
192.140.57.80
truefalse
    unknown
    www.google.com
    173.194.219.99
    truefalse
      high
      NameMaliciousAntivirus DetectionReputation
      https://kamaypet.cl/cencosudfalse
        unknown
        https://kamaypet.cl/favicon.icofalse
        • Avira URL Cloud: safe
        unknown
        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs
        IPDomainCountryFlagASNASN NameMalicious
        173.194.219.99
        www.google.comUnited States
        15169GOOGLEUSfalse
        192.140.57.80
        kamaypet.clChile
        262256ServiciosInformaticosHostnameLtdaCLfalse
        IP
        192.168.2.13
        192.168.2.4
        Joe Sandbox version:42.0.0 Malachite
        Analysis ID:1669003
        Start date and time:2025-04-19 04:03:34 +02:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 3m 1s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:browseurl.jbs
        Sample URL:https://kamaypet.cl/cencosud
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:20
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • HCA enabled
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Detection:CLEAN
        Classification:clean0.win@21/0@4/4
        EGA Information:Failed
        HCA Information:
        • Successful, ratio: 100%
        • Number of executed functions: 0
        • Number of non-executed functions: 0
        • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
        • Excluded IPs from analysis (whitelisted): 108.177.122.138, 108.177.122.113, 108.177.122.139, 108.177.122.102, 108.177.122.100, 108.177.122.101, 142.251.15.94, 64.233.185.84, 74.125.136.102, 74.125.136.139, 74.125.136.100, 74.125.136.113, 74.125.136.101, 74.125.136.138, 23.4.43.62, 199.232.210.172, 172.253.124.113, 172.253.124.138, 172.253.124.101, 172.253.124.102, 172.253.124.139, 172.253.124.100, 74.125.138.102, 74.125.138.139, 74.125.138.138, 74.125.138.101, 74.125.138.100, 74.125.138.113, 173.194.219.100, 173.194.219.138, 173.194.219.113, 173.194.219.101, 173.194.219.139, 173.194.219.102, 142.250.9.113, 142.250.9.138, 142.250.9.139, 142.250.9.100, 142.250.9.101, 142.250.9.102, 74.125.138.94, 108.177.122.94, 23.79.17.61, 52.149.20.212
        • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, c.pki.goog
        • Not all processes where analyzed, report is missing behavior information
        • Report size getting too big, too many NtOpenFile calls found.
        • VT rate limit hit for: https://kamaypet.cl/cencosud
        No simulations
        No context
        No context
        No context
        No context
        No context
        No created / dropped files found
        No static file info

        Download Network PCAP: filteredfull

        • Total Packets: 50
        • 443 (HTTPS)
        • 80 (HTTP)
        • 53 (DNS)
        TimestampSource PortDest PortSource IPDest IP
        Apr 19, 2025 04:04:32.796932936 CEST49671443192.168.2.4204.79.197.203
        Apr 19, 2025 04:04:33.109483004 CEST49671443192.168.2.4204.79.197.203
        Apr 19, 2025 04:04:33.708753109 CEST49671443192.168.2.4204.79.197.203
        Apr 19, 2025 04:04:34.824623108 CEST49720443192.168.2.4173.194.219.99
        Apr 19, 2025 04:04:34.824685097 CEST44349720173.194.219.99192.168.2.4
        Apr 19, 2025 04:04:34.824748993 CEST49720443192.168.2.4173.194.219.99
        Apr 19, 2025 04:04:34.824976921 CEST49720443192.168.2.4173.194.219.99
        Apr 19, 2025 04:04:34.824992895 CEST44349720173.194.219.99192.168.2.4
        Apr 19, 2025 04:04:34.921411037 CEST49671443192.168.2.4204.79.197.203
        Apr 19, 2025 04:04:35.046020031 CEST44349720173.194.219.99192.168.2.4
        Apr 19, 2025 04:04:35.046107054 CEST49720443192.168.2.4173.194.219.99
        Apr 19, 2025 04:04:35.047549009 CEST49720443192.168.2.4173.194.219.99
        Apr 19, 2025 04:04:35.047559023 CEST44349720173.194.219.99192.168.2.4
        Apr 19, 2025 04:04:35.047760963 CEST44349720173.194.219.99192.168.2.4
        Apr 19, 2025 04:04:35.093169928 CEST49720443192.168.2.4173.194.219.99
        Apr 19, 2025 04:04:36.444005013 CEST49724443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.444045067 CEST44349724192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.444113016 CEST49724443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.444642067 CEST49725443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.444694996 CEST44349725192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.444761038 CEST49725443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.445244074 CEST49725443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.445261002 CEST44349725192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.446959019 CEST49724443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.446976900 CEST44349724192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.890094042 CEST44349725192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.890202999 CEST49725443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.890346050 CEST44349724192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.890441895 CEST49724443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.891563892 CEST49725443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.891577959 CEST44349725192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.891784906 CEST44349725192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.892466068 CEST49724443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.892478943 CEST44349724192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.892636061 CEST49725443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.892714977 CEST44349724192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:36.936830044 CEST49724443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:36.940263987 CEST44349725192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:37.327698946 CEST44349725192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:37.327790976 CEST44349725192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:37.327840090 CEST49725443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:37.328944921 CEST49725443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:37.328968048 CEST44349725192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:37.332319975 CEST49671443192.168.2.4204.79.197.203
        Apr 19, 2025 04:04:37.436774015 CEST49724443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:37.480287075 CEST44349724192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:37.665381908 CEST44349724192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:37.665474892 CEST44349724192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:37.665649891 CEST49724443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:37.666733980 CEST49724443192.168.2.4192.140.57.80
        Apr 19, 2025 04:04:37.666758060 CEST44349724192.140.57.80192.168.2.4
        Apr 19, 2025 04:04:41.562764883 CEST49678443192.168.2.420.189.173.27
        Apr 19, 2025 04:04:41.874885082 CEST49678443192.168.2.420.189.173.27
        Apr 19, 2025 04:04:42.145792961 CEST49671443192.168.2.4204.79.197.203
        Apr 19, 2025 04:04:42.484139919 CEST49678443192.168.2.420.189.173.27
        Apr 19, 2025 04:04:43.687412977 CEST49678443192.168.2.420.189.173.27
        Apr 19, 2025 04:04:44.822596073 CEST4968180192.168.2.42.17.190.73
        Apr 19, 2025 04:04:45.067090034 CEST44349720173.194.219.99192.168.2.4
        Apr 19, 2025 04:04:45.067154884 CEST44349720173.194.219.99192.168.2.4
        Apr 19, 2025 04:04:45.067223072 CEST49720443192.168.2.4173.194.219.99
        Apr 19, 2025 04:04:45.124650002 CEST4968180192.168.2.42.17.190.73
        Apr 19, 2025 04:04:45.126730919 CEST49720443192.168.2.4173.194.219.99
        Apr 19, 2025 04:04:45.126758099 CEST44349720173.194.219.99192.168.2.4
        Apr 19, 2025 04:04:45.142734051 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.143311024 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.143349886 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.259735107 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.260165930 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.260179043 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.261003017 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.261071920 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.261102915 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.261142969 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.262082100 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.263748884 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.263761997 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.263812065 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.270859957 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.378953934 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.388144016 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.391160011 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.391171932 CEST44349709131.253.33.254192.168.2.4
        Apr 19, 2025 04:04:45.391249895 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.391309977 CEST49709443192.168.2.4131.253.33.254
        Apr 19, 2025 04:04:45.734015942 CEST4968180192.168.2.42.17.190.73
        Apr 19, 2025 04:04:46.092767000 CEST49678443192.168.2.420.189.173.27
        Apr 19, 2025 04:04:46.936723948 CEST4968180192.168.2.42.17.190.73
        Apr 19, 2025 04:04:49.343612909 CEST4968180192.168.2.42.17.190.73
        Apr 19, 2025 04:04:50.906224012 CEST49678443192.168.2.420.189.173.27
        Apr 19, 2025 04:04:51.749948978 CEST49671443192.168.2.4204.79.197.203
        Apr 19, 2025 04:04:54.155793905 CEST4968180192.168.2.42.17.190.73
        Apr 19, 2025 04:05:00.515288115 CEST49678443192.168.2.420.189.173.27
        Apr 19, 2025 04:05:03.768039942 CEST4968180192.168.2.42.17.190.73
        Apr 19, 2025 04:05:16.889050007 CEST8049710217.20.48.39192.168.2.4
        Apr 19, 2025 04:05:16.889183998 CEST4971080192.168.2.4217.20.48.39
        Apr 19, 2025 04:05:34.782789946 CEST49738443192.168.2.4173.194.219.99
        Apr 19, 2025 04:05:34.782907009 CEST44349738173.194.219.99192.168.2.4
        Apr 19, 2025 04:05:34.783021927 CEST49738443192.168.2.4173.194.219.99
        Apr 19, 2025 04:05:34.783202887 CEST49738443192.168.2.4173.194.219.99
        Apr 19, 2025 04:05:34.783236027 CEST44349738173.194.219.99192.168.2.4
        Apr 19, 2025 04:05:35.003807068 CEST44349738173.194.219.99192.168.2.4
        Apr 19, 2025 04:05:35.004441977 CEST49738443192.168.2.4173.194.219.99
        Apr 19, 2025 04:05:35.004523993 CEST44349738173.194.219.99192.168.2.4
        Apr 19, 2025 04:05:44.996001959 CEST44349738173.194.219.99192.168.2.4
        Apr 19, 2025 04:05:44.996068954 CEST44349738173.194.219.99192.168.2.4
        Apr 19, 2025 04:05:44.996206045 CEST49738443192.168.2.4173.194.219.99
        Apr 19, 2025 04:05:45.126842976 CEST49738443192.168.2.4173.194.219.99
        Apr 19, 2025 04:05:45.126913071 CEST44349738173.194.219.99192.168.2.4
        TimestampSource PortDest PortSource IPDest IP
        Apr 19, 2025 04:04:31.241915941 CEST53544881.1.1.1192.168.2.4
        Apr 19, 2025 04:04:31.257323980 CEST53528301.1.1.1192.168.2.4
        Apr 19, 2025 04:04:32.027234077 CEST53536301.1.1.1192.168.2.4
        Apr 19, 2025 04:04:32.194971085 CEST53568621.1.1.1192.168.2.4
        Apr 19, 2025 04:04:34.719707966 CEST6350153192.168.2.41.1.1.1
        Apr 19, 2025 04:04:34.719933033 CEST5608153192.168.2.41.1.1.1
        Apr 19, 2025 04:04:34.822449923 CEST53635011.1.1.1192.168.2.4
        Apr 19, 2025 04:04:34.823335886 CEST53560811.1.1.1192.168.2.4
        Apr 19, 2025 04:04:36.148979902 CEST5158553192.168.2.41.1.1.1
        Apr 19, 2025 04:04:36.149249077 CEST5788553192.168.2.41.1.1.1
        Apr 19, 2025 04:04:36.376909018 CEST53515851.1.1.1192.168.2.4
        Apr 19, 2025 04:04:36.451327085 CEST53578851.1.1.1192.168.2.4
        Apr 19, 2025 04:04:49.168725967 CEST53576411.1.1.1192.168.2.4
        Apr 19, 2025 04:05:08.214652061 CEST53654081.1.1.1192.168.2.4
        Apr 19, 2025 04:05:30.031157970 CEST53525641.1.1.1192.168.2.4
        Apr 19, 2025 04:05:30.745242119 CEST53501581.1.1.1192.168.2.4
        Apr 19, 2025 04:05:33.090199947 CEST53648011.1.1.1192.168.2.4
        Apr 19, 2025 04:05:41.005933046 CEST138138192.168.2.4192.168.2.255
        TimestampSource IPDest IPChecksumCodeType
        Apr 19, 2025 04:04:36.451457977 CEST192.168.2.41.1.1.1c222(Port unreachable)Destination Unreachable
        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
        Apr 19, 2025 04:04:34.719707966 CEST192.168.2.41.1.1.10x86e0Standard query (0)www.google.comA (IP address)IN (0x0001)false
        Apr 19, 2025 04:04:34.719933033 CEST192.168.2.41.1.1.10xfd40Standard query (0)www.google.com65IN (0x0001)false
        Apr 19, 2025 04:04:36.148979902 CEST192.168.2.41.1.1.10x705eStandard query (0)kamaypet.clA (IP address)IN (0x0001)false
        Apr 19, 2025 04:04:36.149249077 CEST192.168.2.41.1.1.10x46edStandard query (0)kamaypet.cl65IN (0x0001)false
        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
        Apr 19, 2025 04:04:34.822449923 CEST1.1.1.1192.168.2.40x86e0No error (0)www.google.com173.194.219.99A (IP address)IN (0x0001)false
        Apr 19, 2025 04:04:34.822449923 CEST1.1.1.1192.168.2.40x86e0No error (0)www.google.com173.194.219.147A (IP address)IN (0x0001)false
        Apr 19, 2025 04:04:34.822449923 CEST1.1.1.1192.168.2.40x86e0No error (0)www.google.com173.194.219.106A (IP address)IN (0x0001)false
        Apr 19, 2025 04:04:34.822449923 CEST1.1.1.1192.168.2.40x86e0No error (0)www.google.com173.194.219.103A (IP address)IN (0x0001)false
        Apr 19, 2025 04:04:34.822449923 CEST1.1.1.1192.168.2.40x86e0No error (0)www.google.com173.194.219.105A (IP address)IN (0x0001)false
        Apr 19, 2025 04:04:34.822449923 CEST1.1.1.1192.168.2.40x86e0No error (0)www.google.com173.194.219.104A (IP address)IN (0x0001)false
        Apr 19, 2025 04:04:34.823335886 CEST1.1.1.1192.168.2.40xfd40No error (0)www.google.com65IN (0x0001)false
        Apr 19, 2025 04:04:36.376909018 CEST1.1.1.1192.168.2.40x705eNo error (0)kamaypet.cl192.140.57.80A (IP address)IN (0x0001)false
        • kamaypet.cl
        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        0192.168.2.449725192.140.57.804435740C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2025-04-19 02:04:36 UTC669OUTGET /cencosud HTTP/1.1
        Host: kamaypet.cl
        Connection: keep-alive
        sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
        sec-ch-ua-mobile: ?0
        sec-ch-ua-platform: "Windows"
        Upgrade-Insecure-Requests: 1
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
        Sec-Fetch-Site: none
        Sec-Fetch-Mode: navigate
        Sec-Fetch-User: ?1
        Sec-Fetch-Dest: document
        Accept-Encoding: gzip, deflate, br, zstd
        Accept-Language: en-US,en;q=0.9
        2025-04-19 02:04:37 UTC443INHTTP/1.1 404 Not Found
        Server: nginx
        Date: Sat, 19 Apr 2025 02:04:37 GMT
        Content-Type: text/html
        Content-Length: 1251
        Connection: close
        cache-control: private, no-cache, no-store, must-revalidate, max-age=0
        pragma: no-cache
        alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
        x-turbo-charged-by: LiteSpeed
        2025-04-19 02:04:37 UTC1251INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79
        Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</sty


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        1192.168.2.449724192.140.57.804435740C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2025-04-19 02:04:37 UTC593OUTGET /favicon.ico HTTP/1.1
        Host: kamaypet.cl
        Connection: keep-alive
        sec-ch-ua-platform: "Windows"
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
        sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
        sec-ch-ua-mobile: ?0
        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
        Sec-Fetch-Site: same-origin
        Sec-Fetch-Mode: no-cors
        Sec-Fetch-Dest: image
        Referer: https://kamaypet.cl/cencosud
        Accept-Encoding: gzip, deflate, br, zstd
        Accept-Language: en-US,en;q=0.9
        2025-04-19 02:04:37 UTC443INHTTP/1.1 404 Not Found
        Server: nginx
        Date: Sat, 19 Apr 2025 02:04:37 GMT
        Content-Type: text/html
        Content-Length: 1251
        Connection: close
        cache-control: private, no-cache, no-store, must-revalidate, max-age=0
        pragma: no-cache
        alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
        x-turbo-charged-by: LiteSpeed
        2025-04-19 02:04:37 UTC1251INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79
        Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</sty


        020406080s020406080100

        Click to jump to process

        020406080s0.0050100MB

        Click to jump to process

        Target ID:1
        Start time:22:04:27
        Start date:18/04/2025
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Imagebase:0x7ff786830000
        File size:3'388'000 bytes
        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        Target ID:2
        Start time:22:04:28
        Start date:18/04/2025
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2056,i,7772434897176932309,13178567711866140929,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2084 /prefetch:3
        Imagebase:0x7ff786830000
        File size:3'388'000 bytes
        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        Target ID:4
        Start time:22:04:34
        Start date:18/04/2025
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kamaypet.cl/cencosud"
        Imagebase:0x7ff786830000
        File size:3'388'000 bytes
        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:true
        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

        No disassembly