Windows Analysis Report
https://indd.adobe.com/view/bd164b5e-24f7-48f7-b234-80162e05b75d

Overview

General Information

Sample URL:	https://indd.adobe.com/view/bd164b5e-24f7-48f7-b234-80162e05b75d
Analysis ID:	735516
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://indd.adobe.com/view/bd164b5e-24f7-48f7-b234-80162e05b75d

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-104.0.5112.81Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /utilnav/9.1/utilitynav.css HTTP/1.1Host: prod.adobeccstatic.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /en_US/sdk.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://indd.adobe.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /en_US/sdk.js?hash=535e4596a23625f8d03828f4c5d8e2ec HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://indd.adobe.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /b/ss/adbadobeinddprod/1/JS-1.4.2-D56H/s3354129836600?AQB=1&ndh=1&pf=1&t=1%2F10%2F2022%2023%3A40%3A18%202%20-60&D=D%3D&fid=7FF918E75BE95766-01B030B2C55BA057&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&g=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=913&AQE=1 HTTP/1.1Host: sstats.adobe.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: sat_domain=A; s_fid=7FF918E75BE95766-01B030B2C55BA057; s_cc=true
Source: global traffic	HTTP traffic detected: GET /tr/?id=643078795828978&ev=fb_page_view&dl=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&rl=&if=false&ts=1667342418699&sw=1280&sh=1024&at= HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /b/ss/adbadobeinddprod/1/JS-1.4.2-D56H/s3354129836600?AQB=1&pccr=true&vidn=31B0D02921981A4C-40000C9AA4F3E551&ndh=1&pf=1&t=1%2F10%2F2022%2023%3A40%3A18%202%20-60&D=D%3D&fid=7FF918E75BE95766-01B030B2C55BA057&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&g=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=913&AQE=1 HTTP/1.1Host: sstats.adobe.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: sat_domain=A; s_fid=7FF918E75BE95766-01B030B2C55BA057; s_cc=true; s_vi=[CS]v1\|31B0D02921981A4C-40000C9AA4F3E551[CE]
Source: global traffic	HTTP traffic detected: GET /b/ss/adbadobeinddprod/1/JS-1.4.2-D56H/s3603130703062?AQB=1&ndh=1&pf=1&t=1%2F10%2F2022%2023%3A40%3A26%202%20-60&D=D%3D&fid=7FF918E75BE95766-01B030B2C55BA057&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=indd.adobe.com%3ADocViewer%3AFirstPageLoaded&g=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&ch=indd.adobe.com&c1=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&v1=D%3Dc1&c2=1&v2=D%3Dc2&c3=1&v3=D%3Dc3&v4=D%3Dc4&c5=1080px&v5=D%3Dc5&c6=1920px&v6=D%3Dc6&v7=D%3Dc7&v8=D%3Dc8&c9=Message&v9=D%3Dc9&c10=false&v10=D%3Dc10&c11=false&v11=D%3Dc11&v12=D%3Dc12&v13=D%3Dc13&c14=&v14=D%3Dc14&v15=D%3Dc15&c16=true&v16=D%3Dc16&c17=true&v17=D%3Dc17&v41=D%3Dc41&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=913&AQE=1 HTTP/1.1Host: sstats.adobe.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: s_fid=7FF918E75BE95766-01B030B2C55BA057; s_cc=true; s_vi=[CS]v1\|31B0D02921981A4C-40000C9AA4F3E551[CE]
Source: global traffic	HTTP traffic detected: GET /b/ss/adbadobeinddprod/1/JS-1.4.2-D56H/s36370035653524?AQB=1&ndh=1&pf=1&t=1%2F10%2F2022%2023%3A40%3A26%202%20-60&D=D%3D&fid=7FF918E75BE95766-01B030B2C55BA057&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=indd.adobe.com%3ADocViewer%3APageLoaded&g=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&ch=indd.adobe.com&c1=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&v1=D%3Dc1&c2=1&v2=D%3Dc2&c3=1&v3=D%3Dc3&v4=D%3Dc4&c5=1080px&v5=D%3Dc5&c6=1920px&v6=D%3Dc6&v7=D%3Dc7&v8=D%3Dc8&c9=Message&v9=D%3Dc9&c10=false&v10=D%3Dc10&c11=false&v11=D%3Dc11&v12=D%3Dc12&v13=D%3Dc13&c14=&v14=D%3Dc14&v15=D%3Dc15&c16=true&v16=D%3Dc16&c17=true&v17=D%3Dc17&v41=D%3Dc41&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=913&AQE=1 HTTP/1.1Host: sstats.adobe.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: s_fid=7FF918E75BE95766-01B030B2C55BA057; s_cc=true; s_vi=[CS]v1\|31B0D02921981A4C-40000C9AA4F3E551[CE]
Source: global traffic	HTTP traffic detected: GET /b/ss/adbadobeinddprod/1/JS-1.4.2-D56H/s31971413450435?AQB=1&ndh=1&pf=1&t=1%2F10%2F2022%2023%3A40%3A26%202%20-60&D=D%3D&fid=7FF918E75BE95766-01B030B2C55BA057&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=indd.adobe.com%3ADocViewer%3AIFrameSrcURLs&g=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&ch=indd.adobe.com&c1=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&v1=D%3Dc1&c2=1&v2=D%3Dc2&c3=1&v3=D%3Dc3&v4=D%3Dc4&c5=1080px&v5=D%3Dc5&c6=1920px&v6=D%3Dc6&v7=D%3Dc7&v8=D%3Dc8&c9=Message&v9=D%3Dc9&c10=false&v10=D%3Dc10&c11=false&v11=D%3Dc11&v12=D%3Dc12&v13=D%3Dc13&c14=&v14=D%3Dc14&v15=D%3Dc15&c16=true&v16=D%3Dc16&c17=true&v17=D%3Dc17&v41=D%3Dc41&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=913&AQE=1 HTTP/1.1Host: sstats.adobe.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: s_fid=7FF918E75BE95766-01B030B2C55BA057; s_cc=true; s_vi=[CS]v1\|31B0D02921981A4C-40000C9AA4F3E551[CE]
Source: global traffic	HTTP traffic detected: GET /b/ss/adbadobeinddprod/1/JS-1.4.2-D56H/s32034603991131?AQB=1&ndh=1&pf=1&t=1%2F10%2F2022%2023%3A40%3A26%202%20-60&D=D%3D&fid=7FF918E75BE95766-01B030B2C55BA057&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=indd.adobe.com%3ADocViewer%3AInsertHTMLSnippetsWithoutIFrame&g=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&ch=indd.adobe.com&c1=https%3A%2F%2Findd.adobe.com%2Fview%2Fbd164b5e-24f7-48f7-b234-80162e05b75d&v1=D%3Dc1&c2=1&v2=D%3Dc2&c3=1&v3=D%3Dc3&v4=D%3Dc4&c5=1080px&v5=D%3Dc5&c6=1920px&v6=D%3Dc6&v7=D%3Dc7&v8=D%3Dc8&c9=Message&v9=D%3Dc9&c10=false&v10=D%3Dc10&c11=false&v11=D%3Dc11&v12=D%3Dc12&v13=D%3Dc13&c14=&v14=D%3Dc14&v15=D%3Dc15&c16=true&v16=D%3Dc16&c17=true&v17=D%3Dc17&v41=D%3Dc41&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=913&AQE=1 HTTP/1.1Host: sstats.adobe.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://indd.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: s_fid=7FF918E75BE95766-01B030B2C55BA057; s_cc=true; s_vi=[CS]v1\|31B0D02921981A4C-40000C9AA4F3E551[CE]

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8

Source: classification engine

Classification label: mal48.win@24/0@16/11

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=1784,i,4540645993916163908,8043399838200522290,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "https://indd.adobe.com/view/bd164b5e-24f7-48f7-b234-80162e05b75d
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=1784,i,4540645993916163908,8043399838200522290,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
31.13.92.36	star-mini.c10r.facebook.com	Ireland	32934	FACEBOOKUS	false
13.33.232.98	prod.adobeccstatic.com	United States	16509	AMAZON-02US	false
157.240.17.15	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
15.188.95.229	adobe.com.ssl.d1.sc.omtrdc.net	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.147.103	unknown	United States	15169	GOOGLEUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
142.250.147.138	clients.l.google.com	United States	15169	GOOGLEUS	false
142.250.147.84	accounts.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name	IP	Active
star-mini.c10r.facebook.com	31.13.92.36	true
scontent.xx.fbcdn.net	157.240.17.15	true
accounts.google.com	142.250.147.84	true
cdnjs.cloudflare.com	104.17.25.14	true
adobe.com.ssl.d1.sc.omtrdc.net	15.188.95.229	true
www.google.com	142.250.147.147	true
clients.l.google.com	142.250.147.138	true
prod.adobeccstatic.com	13.33.232.98	true
use.typekit.net	unknown	unknown
www.facebook.com	unknown	unknown
clients2.google.com	unknown	unknown
p.typekit.net	unknown	unknown
assets.adobedtm.com	unknown	unknown
js-agent.newrelic.com	unknown	unknown
connect.facebook.net	unknown	unknown
bam-cell.nr-data.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1	false		high
https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js	false		high
https://connect.facebook.net/en_US/sdk.js	false		high
https://prod.adobeccstatic.com/utilnav/9.1/utilitynav.css	false	URL Reputation: safe	unknown
https://connect.facebook.net/en_US/sdk.js?hash=535e4596a23625f8d03828f4c5d8e2ec	false		high
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false		high

ID:	735516
Product:	CloudBasic
Start time:	23:39:19
Start date:	01.11.2022
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Windows Analysis Report
https://indd.adobe.com/view/bd164b5e-24f7-48f7-b234-80162e05b75d

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://indd.adobe.com/view/bd164b5e-24f7-48f7-b234-80162e05b75d

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://indd.adobe.com/view/bd164b5e-24f7-48f7-b234-80162e05b75d