Windows Analysis Report
https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

Overview

General Information

Sample URL:	https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F
Analysis ID:	1500937
Infos:

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

HTML body contains low number of good links

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: Title: Iniciar sesin does not match URL

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: <input type="password" .../> found

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: No <meta name="author".. found

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49753 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49740 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49753 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /Account/Login?ReturnUrl=%2F HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lib/jquery/jquery.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/fontAwesome/css/all.min.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/fontAwesome/css/fontawesome.min.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/bootstrap/css/bootstrap.min.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/login/css/login.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/semantic/semantic.min.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/bootstrap/js/bootstrap.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/login/js/login.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery-validation/jquery.validate.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/semantic/semantic.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/isJs/is.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /js/site.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /images/cart.png HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery/jquery.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/bootstrap/js/bootstrap.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/login/js/login.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery-validation/jquery.validate.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/semantic/semantic.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/isJs/is.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /js/site.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /images/cart.png HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /lib/fontAwesome/webfonts/fa-regular-400.woff2 HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://edi.huevosanjuan.com.mxsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edi.huevosanjuan.com.mx/lib/fontAwesome/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/fontAwesome/webfonts/fa-solid-900.woff2 HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://edi.huevosanjuan.com.mxsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edi.huevosanjuan.com.mx/lib/fontAwesome/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /site.webmanifest HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA

Source: global traffic	DNS traffic detected: DNS query: edi.huevosanjuan.com.mx
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_103.2.dr	String found in binary or memory: http://github.com/semantic-org/semantic-ui/
Source: chromecache_86.2.dr, chromecache_79.2.dr, chromecache_103.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: chromecache_86.2.dr, chromecache_79.2.dr, chromecache_103.2.dr	String found in binary or memory: http://www.semantic-ui.com/
Source: chromecache_83.2.dr, chromecache_91.2.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_83.2.dr, chromecache_91.2.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_103.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Lato:400
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAUi-qJCY.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_FQft1dw.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_102.2.dr, chromecache_107.2.dr, chromecache_106.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_86.2.dr, chromecache_79.2.dr, chromecache_103.2.dr	String found in binary or memory: https://github.com/Semantic-Org/Semantic-UI
Source: chromecache_102.2.dr, chromecache_107.2.dr, chromecache_106.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_102.2.dr, chromecache_107.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_109.2.dr, chromecache_88.2.dr	String found in binary or memory: https://jqueryvalidation.org/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49740 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@16/60@6/4

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2008 --field-trial-handle=1952,i,14133914975765218484,15731330687132469167,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2008 --field-trial-handle=1952,i,14133914975765218484,15731330687132469167,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.208.216.109	edi.huevosanjuan.com.mx	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
216.58.206.68	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.5

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.210.172	true
edi.huevosanjuan.com.mx	18.208.216.109	true
www.google.com	216.58.206.68	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
windowsupdatebg.s.llnwi.net	87.248.205.0	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F	false		unknown
https://edi.huevosanjuan.com.mx/site.webmanifest	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/fontAwesome/css/all.min.css	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/bootstrap/css/bootstrap.min.css	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/jquery-validation/jquery.validate.min.js	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/fontAwesome/webfonts/fa-regular-400.woff2	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/fontAwesome/css/fontawesome.min.css	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/favicon-32x32.png	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/fontAwesome/webfonts/fa-solid-900.woff2	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/bootstrap/js/bootstrap.min.js	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/isJs/is.min.js	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/login/css/login.css	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/semantic/semantic.min.js	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/js/site.min.js	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/login/js/login.js	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/images/cart.png	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/jquery/jquery.min.js	false	Avira URL Cloud: safe	unknown
https://edi.huevosanjuan.com.mx/lib/semantic/semantic.min.css	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 03:36:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	5889A3F7905DC7F4C6975FD1BA30C2F2	BC2E0A1AA6C6F341E9111961B7E5A68318DE890A	A9AFEB47D3A621049308E403E2ED5ECEC9C4AD8B4D0FF13C41B8B5A1F283CCFD
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 03:36:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	9A249C8D2543AC2C4E618D3BF40C707C	C57ED1EF5E60CBDB67BD952042D289DA51595DDC	0C9B80E734E895554EE9F24F1F5B3A7BB3E156EA4C76CEB1B7995610914B8E96
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	7E703E8600AC28C5884BAF4A9845C182	D05B38066854F1005CC636B23BA827C165185987	C46FB60465AAD8B3AA87502E8C83BF664B268FB94DDE549FCB17ED563675740B
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 03:36:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	026654BF18677EE74DB63A72DED6F29A	9BAB79A6E714AFEF50268B6FE6D2DF3A07266866	B0AEADF806453BD1E6F4E3E102FAB1CE5864112A5A7C4D36B423EF98C294D6AF
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 03:36:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	2D000AB3E5111BF5CF589EB8A630AAFD	A430096B769E1636B593E93B6E05ABFA00011155	FFBFF34184DFAC94AC9E2FA60A5129AF062E9441BE1FBC2E59A4F4A3FA37FFBD
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 03:36:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	01D7459D0BE7C75809D0D6909ACF3334	DEB51660E7D1F551F67A21746559CEDCC5E4448E	8AA72A2E93DB08AE26C99F704B66E08E9B9677222DCBF1ADBAA76B4AF75AA9DC
Chrome Cache Entry: 100	Web Open Font Format (Version 2), TrueType, length 23040, version 1.0	DE69CF9E514DF447D1B0BB16F49D2457	2AC78601179C3A63BA3F3F3081556B12DDCAF655	C447DD7677B419DB7B21DBDFC6277C7816A913FFDA76FD2E52702DF538DE0E49
Chrome Cache Entry: 101	JSON data	01A6E43E81EE2B629B96394EC68B0698	2ECA615B21EEFD1C149539C3DD0228FF0D84D2A0	7F2C3DD0F4F7ACED57298FBDC83E701C8B81740FDF2BF799403F9B6C414785A2
Chrome Cache Entry: 102	ASCII text, with very long lines (55494)	6895E8CD60B62646CE12426015888F58	DE908C9ED184D74EB525FA7A30449B67FC3A1C14	EB795DEDA8983FA5310627C9584CF3F3B95D272567113500059018B3941CB267
Chrome Cache Entry: 103	ASCII text, with very long lines (59860), with CRLF line terminators	E0C95F62B82D1EEC4CA33ECEF68C0669	C94CD5139956CA017F102B039B35ED537F20747B	7C7C72980B57EEEB3AC6593419B8AEACB2952E95499EEBF8E61412596E875F5E
Chrome Cache Entry: 104	Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196	D824DF7EB2E268626A2DD9A6A741AC4E	0CCB2C814A7E4CA12C4778821633809CB0361EAA	9834B82AD26E2A37583D22676A12DD2EB0FE7C80356A2114D0DB1AA8B3899537
Chrome Cache Entry: 105	PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced	C2C6B7B1A4161CAD893BECF1890B0D8F	14B333C1DDD2DCBABFE731A3B21F2ECF0B026A6A	FE3493511A112037A5F3F874A67C64B5A517DAA30BFBEFB2A753E98662EE9501
Chrome Cache Entry: 106	ASCII text, with very long lines (65324)	F411C136E2BB302ADA2120B3EB1D5BC3	3AE9BB0E7929489ABD23736AE892939C8FE98645	6B3BEF53DC4A96EC07149D02A60B5FD026332BBCE0B4ECE79F3C55E3DDB85F5C
Chrome Cache Entry: 107	ASCII text, with very long lines (55494)	6895E8CD60B62646CE12426015888F58	DE908C9ED184D74EB525FA7A30449B67FC3A1C14	EB795DEDA8983FA5310627C9584CF3F3B95D272567113500059018B3941CB267
Chrome Cache Entry: 108	PNG image data, 32 x 32, 8-bit colormap, non-interlaced	B45D5E5085A71782B0E1F509A90F2014	DE5D9799FE4EAA0CA82A640E1BC8F33908C4CF76	5688D2C8099312908BB4A657538441B29FE774048DD82517AD3D87AA8F227DE0
Chrome Cache Entry: 109	Unicode text, UTF-8 text, with very long lines (24228)	23D73C6BD6CBEA8F06D0CC227896A827	3815CF11E1020AC70CC86789BA2ADAF07D3DB434	6EEFC13F4D9832E74173DEA423BCA495CEB7F4CBB888A19434D71A9BC0F69CB7
Chrome Cache Entry: 110	ASCII text, with very long lines (5607), with CRLF line terminators	7C8539E8AB8E1CB63EA84146A0006455	7AE67B3420C98C73C5020CC92A60108BFD6E89BB	F46C9CA499E58948C90D50EA3F4504BBF6EC9BD53EDDD9D0507F3EDD6D74BE46
Chrome Cache Entry: 79	ASCII text, with very long lines (64965), with CRLF line terminators	95090495CDE3ACA483EC5359D8DA46B6	8FB3A85CC781D7AAC091AF3342C30FCB4204B5DA	89BE1CA0BA601AFB9B13CE7818A90A40D998843FA1E038D1F64BFCFA9D183E27
Chrome Cache Entry: 80	ASCII text, with very long lines (5607), with CRLF line terminators	7C8539E8AB8E1CB63EA84146A0006455	7AE67B3420C98C73C5020CC92A60108BFD6E89BB	F46C9CA499E58948C90D50EA3F4504BBF6EC9BD53EDDD9D0507F3EDD6D74BE46
Chrome Cache Entry: 81	Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196	B91D376B8D7646D671CD820950D5F7F1	13517529AFFA39E2585C591ACAE6DC336B6AA917	E42A88444448AC3D60549CC7C1FF2C8A9CAC721034C073D80A14A44E79730CCA
Chrome Cache Entry: 82	ASCII text, with no line terminators	58BCCC151C1C8995AA3E3264ACDC80BB	8FB68EE39844E379BA094FC64106E71194C3F127	61CDA262806B08086EEF1891D71341A08FEE8394BD5980959E8B995FA0AB8528
Chrome Cache Entry: 83	ASCII text, with very long lines (57687)	A227F005FA7AE066C1068AC4B963514C	0A5885758759F084FDC5FD16A550DEB8BE722EA8	0588D1661498D804543DC1537F9784877A962B9F0EF3C4CCEE765EB7F2543611
Chrome Cache Entry: 84	ASCII text, with CRLF line terminators	382C37E283ADB96F5910462D820E1BFA	3475A58DC6203C6F8609193EAA4091F88E3540A7	4F83F1C9C3070AEA3B2EC29F9F3D688C1BF5946F825B62201995FD1394A30E3E
Chrome Cache Entry: 85	ASCII text, with no line terminators	58BCCC151C1C8995AA3E3264ACDC80BB	8FB68EE39844E379BA094FC64106E71194C3F127	61CDA262806B08086EEF1891D71341A08FEE8394BD5980959E8B995FA0AB8528
Chrome Cache Entry: 86	ASCII text, with very long lines (64965), with CRLF line terminators	95090495CDE3ACA483EC5359D8DA46B6	8FB3A85CC781D7AAC091AF3342C30FCB4204B5DA	89BE1CA0BA601AFB9B13CE7818A90A40D998843FA1E038D1F64BFCFA9D183E27
Chrome Cache Entry: 87	ASCII text, with CRLF line terminators	CF7B480DEB0F7205E4DD079020D75A16	34E3A860845059A61D8BAB1036008E16340F0341	8D710929B8EA9A1B4904CF899687FA6EBBC42F16B83692310AAFEE3B444DDCE1
Chrome Cache Entry: 88	Unicode text, UTF-8 text, with very long lines (24228)	23D73C6BD6CBEA8F06D0CC227896A827	3815CF11E1020AC70CC86789BA2ADAF07D3DB434	6EEFC13F4D9832E74173DEA423BCA495CEB7F4CBB888A19434D71A9BC0F69CB7
Chrome Cache Entry: 89	ASCII text, with very long lines (13132)	5C9DCA2A19F05DC6D7B1AFA3244A8F6B	4A8519B04BE003F12A833E634BA5736A6634FA19	96725EBA539ADDEE483B61331EBF23289DC26D3F34301C244B96BE9F6A2822BE
Chrome Cache Entry: 90	ASCII text, with very long lines (65451)	A09E13EE94D51C524B7E2A728C7D4039	0DC32DB4AA9C5F03F3B38C47D883DBD4FED13AAE	160A426FF2894252CD7CEBBDD6D6B7DA8FCD319C65B70468F10B6690C45D02EF
Chrome Cache Entry: 91	ASCII text, with very long lines (59119)	ECD507B3125EDC4D2A03AA6AE5D07DA9	A57EE68D11601B0FD8E5037FC241FF65A754473C	99464CEB71BC9BBDCC72275FAEFE44F98EB5CBB6B5D8EE665B87B35376F1A96E
Chrome Cache Entry: 92	ASCII text, with very long lines (13132)	5C9DCA2A19F05DC6D7B1AFA3244A8F6B	4A8519B04BE003F12A833E634BA5736A6634FA19	96725EBA539ADDEE483B61331EBF23289DC26D3F34301C244B96BE9F6A2822BE
Chrome Cache Entry: 93	ASCII text	942EDBE8D01910ABD3A1477482221188	7337FC9B395EA344D715DED6FFA8CF9D6DA5DD15	5E245F87C91E4CC60C4F66311F2691F187B9F710259F5F75CD6BEFF7598D6DDD
Chrome Cache Entry: 94	PNG image data, 32 x 32, 8-bit colormap, non-interlaced	B45D5E5085A71782B0E1F509A90F2014	DE5D9799FE4EAA0CA82A640E1BC8F33908C4CF76	5688D2C8099312908BB4A657538441B29FE774048DD82517AD3D87AA8F227DE0
Chrome Cache Entry: 95	ASCII text, with no line terminators	6CF8A1266C3ABF2589831B71949CE89A	83EEBFDD3DD4AB30FBE4DC3A362149DE16F2E466	7C9BB5C140C40607316AF0C474ACFC606F306D7432D6A4294F74DE7AD3FB7E2F
Chrome Cache Entry: 96	PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced	C2C6B7B1A4161CAD893BECF1890B0D8F	14B333C1DDD2DCBABFE731A3B21F2ECF0B026A6A	FE3493511A112037A5F3F874A67C64B5A517DAA30BFBEFB2A753E98662EE9501
Chrome Cache Entry: 97	ASCII text, with very long lines (65451)	A09E13EE94D51C524B7E2A728C7D4039	0DC32DB4AA9C5F03F3B38C47D883DBD4FED13AAE	160A426FF2894252CD7CEBBDD6D6B7DA8FCD319C65B70468F10B6690C45D02EF
Chrome Cache Entry: 98	ASCII text, with CRLF line terminators	CF7B480DEB0F7205E4DD079020D75A16	34E3A860845059A61D8BAB1036008E16340F0341	8D710929B8EA9A1B4904CF899687FA6EBBC42F16B83692310AAFEE3B444DDCE1
Chrome Cache Entry: 99	Web Open Font Format (Version 2), TrueType, length 23580, version 1.0	E1B3B5908C9CF23DFB2B9C52B9A023AB	FCD4136085F2A03481D9958CC6793A5ED98E714C	918B7DC3E2E2D015C16CE08B57BCB64D2253BAFC1707658F361E72865498E537

HTML body contains low number of good links

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: Title: Iniciar sesin does not match URL

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: <input type="password" .../> found

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: No <meta name="author".. found

Source: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49753 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49740 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49753 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /Account/Login?ReturnUrl=%2F HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lib/jquery/jquery.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/fontAwesome/css/all.min.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/fontAwesome/css/fontawesome.min.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/bootstrap/css/bootstrap.min.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/login/css/login.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/semantic/semantic.min.css HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/bootstrap/js/bootstrap.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/login/js/login.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery-validation/jquery.validate.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/semantic/semantic.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/isJs/is.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /js/site.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /images/cart.png HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery/jquery.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/bootstrap/js/bootstrap.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/login/js/login.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/jquery-validation/jquery.validate.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/semantic/semantic.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/isJs/is.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /js/site.min.js HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /images/cart.png HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /lib/fontAwesome/webfonts/fa-regular-400.woff2 HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://edi.huevosanjuan.com.mxsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edi.huevosanjuan.com.mx/lib/fontAwesome/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /lib/fontAwesome/webfonts/fa-solid-900.woff2 HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://edi.huevosanjuan.com.mxsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edi.huevosanjuan.com.mx/lib/fontAwesome/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA
Source: global traffic	HTTP traffic detected: GET /site.webmanifest HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2FAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: edi.huevosanjuan.com.mxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Antiforgery.-2gYGagC7_0=CfDJ8HT2UtHJagtJmVJS9Bby37jwfawD1YHxXPncHwQro1sPJVCfgOHdIMBGqXVjt9fA_OdRft0VPxql7QOd647NISpgBSg0z5ym9l4tmAX752wWY9Q5ZRA8amUWicNi_u6LvP6_zOVAyp8IYt5yuHpBwwA

Source: global traffic	DNS traffic detected: DNS query: edi.huevosanjuan.com.mx
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_103.2.dr	String found in binary or memory: http://github.com/semantic-org/semantic-ui/
Source: chromecache_86.2.dr, chromecache_79.2.dr, chromecache_103.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: chromecache_86.2.dr, chromecache_79.2.dr, chromecache_103.2.dr	String found in binary or memory: http://www.semantic-ui.com/
Source: chromecache_83.2.dr, chromecache_91.2.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_83.2.dr, chromecache_91.2.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_103.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Lato:400
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAUi-qJCY.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_FQft1dw.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_93.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_102.2.dr, chromecache_107.2.dr, chromecache_106.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_86.2.dr, chromecache_79.2.dr, chromecache_103.2.dr	String found in binary or memory: https://github.com/Semantic-Org/Semantic-UI
Source: chromecache_102.2.dr, chromecache_107.2.dr, chromecache_106.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_102.2.dr, chromecache_107.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_109.2.dr, chromecache_88.2.dr	String found in binary or memory: https://jqueryvalidation.org/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49740 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@16/60@6/4

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2008 --field-trial-handle=1952,i,14133914975765218484,15731330687132469167,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2008 --field-trial-handle=1952,i,14133914975765218484,15731330687132469167,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1500937
Product:	CloudBasic
Start time:	06:35:25
Start date:	29.08.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://edi.huevosanjuan.com.mx/Account/Login?ReturnUrl=%2F