Analysis Report https://secure.ssa.gov/RIL

Overview

General Information

Sample URL: https://secure.ssa.gov/RIL
Analysis ID: 327167

Most interesting Screenshot:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

HTML body contains low number of good links
HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Phishing:

barindex
HTML body contains low number of good links
Source: https://secure.ssa.gov/RIL/UnfView.action HTTP Parser: Number of links: 1
Source: https://secure.ssa.gov/RIL/UnfView.action HTTP Parser: Number of links: 1
HTML title does not match URL
Source: https://secure.ssa.gov/RIL/SiView.action#Sign-in HTTP Parser: Title: Sign In or Create an Account, Social Security does not match URL
Source: https://secure.ssa.gov/RIL/SiView.action#Sign-in HTTP Parser: Title: Sign In or Create an Account, Social Security does not match URL
Source: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-content HTTP Parser: Title: Sign In or Create an Account, Social Security does not match URL
Source: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-content HTTP Parser: Title: Sign In or Create an Account, Social Security does not match URL
Source: https://secure.ssa.gov/RIL/UnfView.action HTTP Parser: Title: Social Security does not match URL
Source: https://secure.ssa.gov/RIL/UnfView.action HTTP Parser: Title: Social Security does not match URL
Source: https://secure.ssa.gov/RIL/SiView.action HTTP Parser: Title: Sign In or Create an Account, Social Security does not match URL
Source: https://secure.ssa.gov/RIL/SiView.action HTTP Parser: Title: Sign In or Create an Account, Social Security does not match URL
Source: https://secure.ssa.gov/RIL/SiView.action#Sign-in HTTP Parser: No <meta name="author".. found
Source: https://secure.ssa.gov/RIL/SiView.action#Sign-in HTTP Parser: No <meta name="author".. found
Source: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-content HTTP Parser: No <meta name="author".. found
Source: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-content HTTP Parser: No <meta name="author".. found
Source: https://secure.ssa.gov/RIL/UnfView.action HTTP Parser: No <meta name="author".. found
Source: https://secure.ssa.gov/RIL/UnfView.action HTTP Parser: No <meta name="author".. found
Source: https://secure.ssa.gov/RIL/SiView.action HTTP Parser: No <meta name="author".. found
Source: https://secure.ssa.gov/RIL/SiView.action HTTP Parser: No <meta name="author".. found
Source: https://secure.ssa.gov/RIL/SiView.action#Sign-in HTTP Parser: No <meta name="copyright".. found
Source: https://secure.ssa.gov/RIL/SiView.action#Sign-in HTTP Parser: No <meta name="copyright".. found
Source: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-content HTTP Parser: No <meta name="copyright".. found
Source: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-content HTTP Parser: No <meta name="copyright".. found
Source: https://secure.ssa.gov/RIL/UnfView.action HTTP Parser: No <meta name="copyright".. found
Source: https://secure.ssa.gov/RIL/UnfView.action HTTP Parser: No <meta name="copyright".. found
Source: https://secure.ssa.gov/RIL/SiView.action HTTP Parser: No <meta name="copyright".. found
Source: https://secure.ssa.gov/RIL/SiView.action HTTP Parser: No <meta name="copyright".. found
Source: global traffic HTTP traffic detected: GET /pr-act/pra-myssa.htm HTTP/1.1Host: www.socialsecurity.govConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: 73a87e168599e167_0.0.dr String found in binary or memory: 2"https://www.youtube.com/iframe_api equals www.youtube.com (Youtube)
Source: 73a87e168599e167_0.0.dr String found in binary or memory: https://www.youtube.com/iframe_api equals www.youtube.com (Youtube)
Source: unknown DNS traffic detected: queries for: secure.ssa.gov
Source: 5887976EDAA817EEF5159B09F6FCD000_8F473A25CD8451AA8450F7B021335F75.1.dr String found in binary or memory: http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRJ9L2KGL92BpjF3kAtaDtxauTmhgQUPdNQpdagre7zSmA
Source: EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619.1.dr String found in binary or memory: http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1Jg
Source: Current Session.0.dr String found in binary or memory: http://www.socialsecurity.gov/accessibility/
Source: History-journal.0.dr String found in binary or memory: http://www.socialsecurity.gov/accessibility/Accessibility
Source: Current Session.0.dr String found in binary or memory: http://www.socialsecurity.gov/agency/privacy.html
Source: History-journal.0.dr String found in binary or memory: http://www.socialsecurity.gov/agency/privacy.html/
Source: History-journal.0.dr String found in binary or memory: http://www.socialsecurity.gov/agency/privacy.htmlInternet
Source: Current Session.0.dr String found in binary or memory: http://www.socialsecurity.gov/pr-act/pra-myssa.htm
Source: History-journal.0.dr String found in binary or memory: http://www.socialsecurity.gov/pr-act/pra-myssa.htmPaperwork
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, manifest.json0.0.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://accounts.google.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://ajax.aspnetcdn.com
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://ajax.aspnetcdn.com/
Source: 2cf7f976868ceecb_0.0.dr String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js
Source: 2cf7f976868ceecb_0.0.dr String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.jsaD
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://ajax.googleapis.com
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://ajax.googleapis.com/
Source: 137b6c94cf2cecbe_0.0.dr, 7acb70ab4eba2230_0.0.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Source: 7acb70ab4eba2230_0.0.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.jsaD
Source: 739acaa13dbab81c_0.0.dr, e0ab3f9f232184ef_0.0.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Source: 739acaa13dbab81c_0.0.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.jsaD
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://analytics.foresee.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, manifest.json0.0.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://apis.google.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://clients2.googleusercontent.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://content-autofill.googleapis.com
Source: manifest.json0.0.dr String found in binary or memory: https://content.googleapis.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://dap.digitalgov.gov
Source: 73a87e168599e167_0.0.dr String found in binary or memory: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js
Source: 73a87e168599e167_0.0.dr String found in binary or memory: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.jsaD
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 4aa47256-0555-4c21-9427-a52cb4827bff.tmp.1.dr, 43e2d412-4388-4cdc-8b1d-a5ae4ef73681.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://dns.google
Source: manifest.json0.0.dr String found in binary or memory: https://feedback.googleusercontent.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.googleapis.com;
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.gstatic.com;
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://gateway.foresee.com
Source: cefdc327030e4efa_0.0.dr String found in binary or memory: https://gateway.foresee.com/code/19.11.1/fs.compress.js
Source: 59fd9e0a407c02fe_0.0.dr String found in binary or memory: https://gateway.foresee.com/code/19.11.1/fs.trigger.js
Source: 282eb05d6671cb6d_0.0.dr String found in binary or memory: https://gateway.foresee.com/code/19.11.1/fs.utils.js
Source: 6ae6eb7bd940b692_0.0.dr String found in binary or memory: https://gateway.foresee.com/sites/ssa-gov/production/gateway.min.js
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://govws.audioeye.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://govwscdn.audioeye.com
Source: 715f94636cee3c7e_0.0.dr String found in binary or memory: https://govwscdn.audioeye.com/build/lib/modals.js?cb=20181227
Source: fdfcf47eb1f73b9d_0.0.dr String found in binary or memory: https://govwscdn.audioeye.com/scripts/loader.js?r=ssa.gov&d=www.ssa.gov&lang=en&cb=20181227
Source: manifest.json0.0.dr String found in binary or memory: https://hangouts.google.com/
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://ogs.google.com
Source: manifest.json.0.dr String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://play.google.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://r3---sn-4g5ednsy.gvt1.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.0.dr String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov
Source: 000003.log0.0.dr String found in binary or memory: https://secure.ssa.gov/
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL
Source: Current Session.0.dr, Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/
Source: History Provider Cache.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/2-Sign
Source: Current Session.0.dr, History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/ErrsysView.action
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/ErrsysView.action-
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/ErrsysView.actionSocial
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=ACTIVATIONCODE
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=ACTIVATIONCODE0
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=ACTIVATIONCODESocial
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=ACTIVATIONCODEf
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=CREATEACCOUNT
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=CREATEACCOUNTA
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=CREATEACCOUNTSocial
Source: Current Session.0.dr, Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=FORGOTPASSWORD
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=FORGOTPASSWORD0
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=FORGOTPASSWORDSocial
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=FORGOTPASSWORDvx
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=FORGOTUSERNAME
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=FORGOTUSERNAME4
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=FORGOTUSERNAMESocial
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiLink.action?LINK=FORGOTUSERNAMEr
Source: Current Session.0.dr, Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action#Sign-in
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action#Sign-in-
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action#Sign-in-Sign
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action#Sign-in=
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action#Sign-inSign
Source: Current Session.0.dr, Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-content
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-content-Sign
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-contentD
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action#uef-tmpl-contentSign
Source: History Provider Cache.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.action2-Sign
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/SiView.actionSign
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/Sign
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/Unf.action
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/UnfView.action
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/UnfView.actionA
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/UnfView.actionSocial
Source: Current Session.0.dr, Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/ZipchkView.action
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIL/ZipchkView.actionSocial
Source: History Provider Cache.0.dr String found in binary or memory: https://secure.ssa.gov/RIL2-Sign
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RILSign
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RILe
Source: Current Session.0.dr, Favicons.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/HpasView.action
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/HpasView.actionSocial
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/HpasView.actionr
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/HpsView.action
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/HpsView.action6
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/HpsView.actionSocial
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/HpsView.actionk
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/finish
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/finishA
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIR/finishSocial
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIRMN/Fats.action
Source: Current Session.0.dr String found in binary or memory: https://secure.ssa.gov/RIRMN/FatsView.action
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIRMN/FatsView.action%
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIRMN/FatsView.actionSocial
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIRMN/finish
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIRMN/finish0
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/RIRMN/finishSocial
Source: Current Session.0.dr, Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/#/call-us
Source: History-journal.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/#/call-ushttps://secure.ssa.gov/cet/contact-us-ui/#/call-us
Source: 617482c077d257a8_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/10.845c87c47155cd8c6502.js
Source: 9892cf8e433d3215_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/13.6731920e5ea20192cfce.js
Source: 24f7b9be9d9fe563_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/20.19d590b1efb5b3067ceb.js
Source: 8969a07ecfb9a015_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/24.04638f071108e0bcb577.js
Source: 2bd80f8a84b78b66_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/30.d5a6d700b61cb68418e0.js
Source: 3035f32d31f33297_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/33.e8a799446bb5c7820166.js
Source: c60469aee57832f1_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/35.a4729d5d24ac16c20ff3.js
Source: 1f28dd70ee43fe5b_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/38.e2cd4776e8016fa880ac.js
Source: cf6f808a417ba761_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/39.aff1d9928a8478981cd2.js
Source: f4326bbf312fa317_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/41.b453d4dc1f13fd372eee.js
Source: 298bb3d469c232af_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/72.09f155910447ccd2c381.js
Source: 6141da2979a9e4e3_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/73.8a64d8b886831e42a54a.js
Source: ddfe697f270d5d56_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/83.8ed669fcdb5ed686f9e0.js
Source: d9a28fb5a80de14e_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/common.3d675cdd114192607756.js
Source: 0bd68a4febcb1f78_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/main.33d07b2fafa811844739.js
Source: 62eef11a8e957a6e_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/polyfills.1ddd63235d389ceef367.js
Source: ed71359b161e5f2e_0.0.dr String found in binary or memory: https://secure.ssa.gov/cet/contact-us-ui/runtime.fef942d4aae5ff91ea01.js
Source: Favicons-journal.0.dr String found in binary or memory: https://secure.ssa.gov/favicon.ico
Source: 73a87e168599e167_0.0.dr, 2cf7f976868ceecb_0.0.dr, fdfcf47eb1f73b9d_0.0.dr, 6141da2979a9e4e3_0.0.dr, 0cd988cb477eb9d1_0.0.dr, 9ea938579af73f2b_0.0.dr String found in binary or memory: https://ssa.gov/
Source: 0cd988cb477eb9d1_0.0.dr String found in binary or memory: https://ssa.gov/&
Source: 298bb3d469c232af_0.0.dr String found in binary or memory: https://ssa.gov/-
Source: ebfeeef7d2a12c3b_0.0.dr String found in binary or memory: https://ssa.gov//r
Source: f166fd72aa762512_0.0.dr String found in binary or memory: https://ssa.gov/0
Source: 5aad5126c7be1663_0.0.dr String found in binary or memory: https://ssa.gov/1
Source: 617482c077d257a8_0.0.dr String found in binary or memory: https://ssa.gov/3
Source: d862aec544507495_0.0.dr String found in binary or memory: https://ssa.gov/67
Source: 2b11b6adf6d57086_0.0.dr String found in binary or memory: https://ssa.gov/7J
Source: 0cd988cb477eb9d1_0.0.dr String found in binary or memory: https://ssa.gov/:
Source: 36d5feae58d456da_0.0.dr String found in binary or memory: https://ssa.gov/:.
Source: 2bd80f8a84b78b66_0.0.dr String found in binary or memory: https://ssa.gov/=
Source: ddfe697f270d5d56_0.0.dr String found in binary or memory: https://ssa.gov/C1
Source: cd93fd489304d309_0.0.dr String found in binary or memory: https://ssa.gov/N
Source: 0cd988cb477eb9d1_0.0.dr String found in binary or memory: https://ssa.gov/P-I
Source: 9ea938579af73f2b_0.0.dr String found in binary or memory: https://ssa.gov/T
Source: 9892cf8e433d3215_0.0.dr String found in binary or memory: https://ssa.gov/_
Source: 0cd988cb477eb9d1_0.0.dr String found in binary or memory: https://ssa.gov/e
Source: 298bb3d469c232af_0.0.dr String found in binary or memory: https://ssa.gov/m
Source: d9a28fb5a80de14e_0.0.dr String found in binary or memory: https://ssa.gov/o
Source: 3035f32d31f33297_0.0.dr String found in binary or memory: https://ssa.gov/p
Source: f79dda7f7d3d1e37_0.0.dr String found in binary or memory: https://ssa.gov/q%
Source: 8969a07ecfb9a015_0.0.dr String found in binary or memory: https://ssa.gov/sz
Source: 0cd988cb477eb9d1_0.0.dr String found in binary or memory: https://ssa.gov/u
Source: c60469aee57832f1_0.0.dr String found in binary or memory: https://ssa.gov/wB
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://ssl.gstatic.com
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://stats.g.doubleclick.net
Source: 112147635e7f353f_0.0.dr String found in binary or memory: https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://www.google-analytics.com
Source: 112147635e7f353f_0.0.dr String found in binary or memory: https://www.google-analytics.com/analytics
Source: 0c8f03901ba315dd_0.0.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: f76b1558720484f9_0.0.dr String found in binary or memory: https://www.google-analytics.com/analytics.jsaD
Source: f76b1558720484f9_0.0.dr, 112147635e7f353f_0.0.dr String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: 9ea938579af73f2b_0.0.dr String found in binary or memory: https://www.google-analytics.com/gtm/js?id=GTM-TNC7DL7&t=ssa_gtm&cid=1640846727.1607152651&aip=true
Source: 0cd988cb477eb9d1_0.0.dr String found in binary or memory: https://www.google-analytics.com/plugins/ua/linkid.js
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, manifest.json0.0.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr String found in binary or memory: https://www.google.com/
Source: 112147635e7f353f_0.0.dr String found in binary or memory: https://www.google.com/analytics/web/inpage/pub/inpage.js?
Source: manifest.json0.0.dr String found in binary or memory: https://www.google.com;
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr String found in binary or memory: https://www.googletagmanager.com
Source: f76b1558720484f9_0.0.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: f166fd72aa762512_0.0.dr String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-5D256R&l=aedataLayer
Source: cd93fd489304d309_0.0.dr String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-KPTWM8C
Source: 0eae073c-d950-4bc2-9d04-34955a016fcb.tmp.1.dr, 92b4ad10-183c-4d12-abf1-6fc4a502d7e9.tmp.1.dr String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.dr String found in binary or memory: https://www.gstatic.com;
Source: Network Action Predictor-journal.0.dr String found in binary or memory: https://www.socialsecurity.gov/
Source: Favicons.0.dr String found in binary or memory: https://www.socialsecurity.gov/accessibility/
Source: History-journal.0.dr String found in binary or memory: https://www.socialsecurity.gov/accessibility/Accessibility
Source: History-journal.0.dr String found in binary or memory: https://www.socialsecurity.gov/agency/privacy.html
Source: History-journal.0.dr String found in binary or memory: https://www.socialsecurity.gov/agency/privacy.html/
Source: History-journal.0.dr String found in binary or memory: https://www.socialsecurity.gov/agency/privacy.htmlInternet
Source: History-journal.0.dr String found in binary or memory: https://www.socialsecurity.gov/pr-act/pra-myssa.htm
Source: History-journal.0.dr String found in binary or memory: https://www.socialsecurity.gov/pr-act/pra-myssa.htmPaperwork
Source: 000003.log6.0.dr String found in binary or memory: https://www.ssa.gov
Source: Network Action Predictor-journal.0.dr, 000003.log0.0.dr String found in binary or memory: https://www.ssa.gov/
Source: Current Session.0.dr String found in binary or memory: https://www.ssa.gov/accessibility/
Source: History-journal.0.dr String found in binary or memory: https://www.ssa.gov/accessibility/Accessibility
Source: 86580ca59574eb8e_0.0.dr String found in binary or memory: https://www.ssa.gov/accessibility/js/asbAccordion.js
Source: Current Session.0.dr String found in binary or memory: https://www.ssa.gov/agency/privacy.html
Source: History-journal.0.dr String found in binary or memory: https://www.ssa.gov/agency/privacy.html/
Source: History-journal.0.dr String found in binary or memory: https://www.ssa.gov/agency/privacy.htmlInternet
Source: Favicons.0.dr String found in binary or memory: https://www.ssa.gov/favicon.ico
Source: Favicons.0.dr String found in binary or memory: https://www.ssa.gov/favicon.ico&
Source: 112147635e7f353f_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/analytics/analytics.js
Source: 112147635e7f353f_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/analytics/analytics.jsaD
Source: 5b891f4e9c0b15a8_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/analytics/ssa.analytics.js
Source: 5b891f4e9c0b15a8_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/analytics/ssa.analytics.jsaD
Source: 9e3c3200dbd0e441_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.flexweb.loader.js
Source: 9e3c3200dbd0e441_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.flexweb.loader.jsa
Source: 9e3c3200dbd0e441_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.flexweb.loader.jsaD
Source: 36d5feae58d456da_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.fn.accesskeys.js
Source: 36d5feae58d456da_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.fn.accesskeys.jsaD
Source: f8cb020208dd6e4c_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.fn.setup.js
Source: f8cb020208dd6e4c_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.fn.setup.jsaD
Source: 2b11b6adf6d57086_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.localize.js
Source: 2b11b6adf6d57086_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.localize.jsaD
Source: e81910b6211fd15a_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.page.js
Source: e81910b6211fd15a_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.page.jsaD
Source: 5aad5126c7be1663_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.page.timeout.js
Source: 5aad5126c7be1663_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.page.timeout.jsaD
Source: d862aec544507495_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.uef.forms.js
Source: d862aec544507495_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/js/ssa.uef.forms.jsaD
Source: 9fb8520829193894_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/libs/headjs/head.min.js
Source: 9fb8520829193894_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/libs/headjs/head.min.jsaD
Source: b02f925a13deaccf_0.0.dr, ebfeeef7d2a12c3b_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/libs/jquery/jquery.min.js
Source: b02f925a13deaccf_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/libs/jquery/jquery.min.jsaD
Source: cce2355c7f2026ef_0.0.dr, 2d388a7b6dea3e35_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/libs/jquery/ui/jquery-ui.min.js
Source: 2d388a7b6dea3e35_0.0.dr String found in binary or memory: https://www.ssa.gov/flexweb/rel_5_0/libs/jquery/ui/jquery-ui.min.jsaD
Source: 1baa6784e116763a_0.0.dr String found in binary or memory: https://www.ssa.gov/framework/js/ssa.firefly.body.js
Source: f82e8738540d9ade_0.0.dr String found in binary or memory: https://www.ssa.gov/framework/js/ssa.internet.body.js
Source: f79dda7f7d3d1e37_0.0.dr String found in binary or memory: https://www.ssa.gov/framework/js/ssa.internet.head.js
Source: Current Session.0.dr String found in binary or memory: https://www.ssa.gov/pr-act/pra-myssa.htm
Source: History-journal.0.dr String found in binary or memory: https://www.ssa.gov/pr-act/pra-myssa.htmPaperwork
Source: 73a87e168599e167_0.0.dr String found in binary or memory: https://www.youtube.com/iframe_api
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49868
Source: classification engine Classification label: clean1.win@55/238@14/12
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-5FCB33E5-15D8.pma Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Temp\ad99b3d6-3acc-4bfd-9585-ba5ec90bcc24.tmp Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://secure.ssa.gov/RIL'
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,10549706174383831692,4710023878974813130,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1820 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,10549706174383831692,4710023878974813130,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1820 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
windows-stand
Behavior
Click here to start
Slideshow Behavior Animation
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 327167 URL: https://secure.ssa.gov/RIL Startdate: 04/12/2020 Architecture: WINDOWS Score: 1 12 www.ssa.gov 2->12 6 chrome.exe 15 459 2->6         started        process3 dnsIp4 14 192.168.2.1 unknown unknown 6->14 16 239.255.255.250 unknown Reserved 6->16 9 chrome.exe 49 6->9         started        process5 dnsIp6 18 googlehosted.l.googleusercontent.com 172.217.16.193, 443, 49767 GOOGLEUS United States 9->18 20 stats.l.doubleclick.net 64.233.167.154, 443, 49761, 54834 GOOGLEUS United States 9->20 22 16 other IPs or domains 9->22
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
64.233.167.154
unknown United States
15169 GOOGLEUS false
137.200.4.16
unknown United States
11985 ASN-SSAUS false
15.200.160.69
unknown United States
8987 AMAZONEXPANSIONGB false
13.224.93.85
unknown United States
16509 AMAZON-02US false
52.1.244.191
unknown United States
14618 AMAZON-AESUS false
13.224.93.8
unknown United States
16509 AMAZON-02US false
239.255.255.250
unknown Reserved
unknown unknown false
13.224.93.56
unknown United States
16509 AMAZON-02US false
172.217.16.193
unknown United States
15169 GOOGLEUS false
137.200.40.10
unknown United States
11985 ASN-SSAUS false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name IP Active
gov-ws-465261729.us-gov-west-1.elb.amazonaws.com 15.200.160.69 true
bd-nplb03.foresee.com 52.1.244.191 true
stats.l.doubleclick.net 64.233.167.154 true
www.ssa.gov 137.200.4.16 true
secure.ssa.gov 137.200.40.10 true
d27f3qgc9anoq2.cloudfront.net 13.224.93.56 true
govwscdn.audioeye.com 13.224.93.8 true
googlehosted.l.googleusercontent.com 172.217.16.193 true
d279u996ipxqqp.cloudfront.net 13.224.93.85 true
clients2.googleusercontent.com unknown unknown
dap.digitalgov.gov unknown unknown
analytics.foresee.com unknown unknown
www.socialsecurity.gov unknown unknown
ajax.aspnetcdn.com unknown unknown
gateway.foresee.com unknown unknown
govws.audioeye.com unknown unknown
stats.g.doubleclick.net unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://secure.ssa.gov/RIL/SiView.action false
    high
    https://secure.ssa.gov/RIL/ErrsysView.action false
      high
      https://www.ssa.gov/pr-act/pra-myssa.htm false
        high
        https://secure.ssa.gov/RIL/UnfView.action false
          high
          http://www.socialsecurity.gov/pr-act/pra-myssa.htm false
          • Avira URL Cloud: safe
          unknown
          https://secure.ssa.gov/RIRMN/FatsView.action false
            high
            https://secure.ssa.gov/RIL/SiView.action#Sign-in false
              high