Edit tour
Windows
Analysis Report
http://Voyages.CNTraveler.com
Overview
General Information
| Sample URL: | http://Voyages.CNTraveler.com |
| Analysis ID: | 795375 |
| Infos: | |
 | |
Detection
| Score: | 48 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Snort IDS alert for network traffic
No HTML title found
Classification
- System is w10x64
chrome.exe (PID: 6008 cmdline: C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" --st art-maximi zed "about :blank MD5: 0FEC2748F363150DC54C1CAFFB1A9408) - chrome.exe (PID: 6056 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =1792 --fi eld-trial- handle=185 2,i,463705 9309454981 769,365367 8534791506 140,131072 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionTarget Prediction /prefetch :8 MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
- chrome.exe (PID: 1768 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" "http ://Voyages .CNTravele r.com MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
| Timestamp: | 35.205.61.67192.168.2.380497312037771 01/31/23-18:13:07.062213 |
| SID: | 2037771 |
| Source Port: | 80 |
| Destination Port: | 49731 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
Click to jump to signature section
Show All Signature Results
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | Directory created: | Jump to behavior | ||
Networking |   |
|---|
| Source: | Snort IDS: | ||
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||