Windows Analysis Report
https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9

Overview

General Information

Sample URL:	https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9
Analysis ID:	1524541
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\GoogleUpdater	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_BITS_1456_2038269960	Jump to behavior

Source: global traffic	HTTP traffic detected: GET /:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9 HTTP/1.1Host: srfed-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /personal/paul_scace_srfed_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fpaul%5Fscace%5Fsrfed%5Fcom%2FDocuments%2FAccounts%20Payable%20%28AP%29%2FEra&ga=1 HTTP/1.1Host: srfed-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzQ0NWNmZTk4MzMxYTM2NDg1YWVmODczMWExNTcwN2Y0ZTZmYjJkMWJiMjdkYWY1ZTIxYWU4OGNjZDRhNmY0MmEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNDQ1Y2ZlOTgzMzFhMzY0ODVhZWY4NzMxYTE1NzA3ZjRlNmZiMmQxYmIyN2RhZjVlMjFhZTg4Y2NkNGE2ZjQyYSwxMzM3MjM3OTk5MzAwMDAwMDAsMCwxMzM3MjQ2NjA5MzIxMjE5NDksMC4wLjAuMCwyNTgsMzJjYjRkMWEtMDQxOS00ZjQxLTk4ODQtMzUxNmFiMTQyNzRlLCwsNzYxNjU2YTEtMDBmZi02MDAwLTdhM2UtNDIyMDc2NjgzYWMwLDc2MTY1NmExLTAwZmYtNjAwMC03YTNlLTQyMjA3NjY4M2FjMCw1NnkvUDU4emwwR1NoeGY0RkNNTEpnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM4MDksMnFReWNaSEk2dW8zUGxjX3B3OEY5UThaTHQ0LEhrZXMzajlPekV3bHZUVnJPaW11akZGWFNkMUdZK1FkS091SlhlN01oTnIxSURSdVdiRkF1VzdsSWZXd0NmakROVEhhZFFFelJWNjN6TGwxeksrcHV2eVRBV0JLamNHTlQ2aXJadXRRYWlpOVJNTDNjRnhDU29DcDZmRklMWmNyM0cvdWJRaHZVQ09SMFlrNHkvMkF0cSsvdzErZGcvUlNJUktzMDZ3N0NBT2IzREh5S0E5cTJsekRVYnJFSk15VVMvVUF0aG9COXU1SmJUYnRUVDJidEtvTmx0ZmFaWjBPTURnS2pJbG4xL2xCM1VERTArZ2pad2cycW5HSTdJYy92TktWOE9MaXhGMlpFWUYwNGcxRmcxVitvaExRTW9Pd0xWNDJRWVBHT0dxNVJxZExDbFZFMGtaRWhoeHZMYlFtWUZrZGMraElNTEM4R3FrK0RUWEtwdz09PC9TUD4=
Source: global traffic	HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: srfed-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzQ0NWNmZTk4MzMxYTM2NDg1YWVmODczMWExNTcwN2Y0ZTZmYjJkMWJiMjdkYWY1ZTIxYWU4OGNjZDRhNmY0MmEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNDQ1Y2ZlOTgzMzFhMzY0ODVhZWY4NzMxYTE1NzA3ZjRlNmZiMmQxYmIyN2RhZjVlMjFhZTg4Y2NkNGE2ZjQyYSwxMzM3MjM3OTk5MzAwMDAwMDAsMCwxMzM3MjQ2NjA5MzIxMjE5NDksMC4wLjAuMCwyNTgsMzJjYjRkMWEtMDQxOS00ZjQxLTk4ODQtMzUxNmFiMTQyNzRlLCwsNzYxNjU2YTEtMDBmZi02MDAwLTdhM2UtNDIyMDc2NjgzYWMwLDc2MTY1NmExLTAwZmYtNjAwMC03YTNlLTQyMjA3NjY4M2FjMCw1NnkvUDU4emwwR1NoeGY0RkNNTEpnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM4MDksMnFReWNaSEk2dW8zUGxjX3B3OEY5UThaTHQ0LEhrZXMzajlPekV3bHZUVnJPaW11akZGWFNkMUdZK1FkS091SlhlN01oTnIxSURSdVdiRkF1VzdsSWZXd0NmakROVEhhZFFFelJWNjN6TGwxeksrcHV2eVRBV0JLamNHTlQ2aXJadXRRYWlpOVJNTDNjRnhDU29DcDZmRklMWmNyM0cvdWJRaHZVQ09SMFlrNHkvMkF0cSsvdzErZGcvUlNJUktzMDZ3N0NBT2IzREh5S0E5cTJsekRVYnJFSk15VVMvVUF0aG9COXU1SmJUYnRUVDJidEtvTmx0ZmFaWjBPTURnS2pJbG4xL2xCM1VERTArZ2pad2cycW5HSTdJYy92TktWOE9MaXhGMlpFWUYwNGcxRmcxVitvaExRTW9Pd0xWNDJRWVBHT0dxNVJxZExDbFZFMGtaRWhoeHZMYlFtWUZrZGMraElNTEM4R3FrK0RUWEtwdz09PC9TUD4=
Source: global traffic	HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: srfed-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzQ0NWNmZTk4MzMxYTM2NDg1YWVmODczMWExNTcwN2Y0ZTZmYjJkMWJiMjdkYWY1ZTIxYWU4OGNjZDRhNmY0MmEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNDQ1Y2ZlOTgzMzFhMzY0ODVhZWY4NzMxYTE1NzA3ZjRlNmZiMmQxYmIyN2RhZjVlMjFhZTg4Y2NkNGE2ZjQyYSwxMzM3MjM3OTk5MzAwMDAwMDAsMCwxMzM3MjQ2NjA5MzIxMjE5NDksMC4wLjAuMCwyNTgsMzJjYjRkMWEtMDQxOS00ZjQxLTk4ODQtMzUxNmFiMTQyNzRlLCwsNzYxNjU2YTEtMDBmZi02MDAwLTdhM2UtNDIyMDc2NjgzYWMwLDc2MTY1NmExLTAwZmYtNjAwMC03YTNlLTQyMjA3NjY4M2FjMCw1NnkvUDU4emwwR1NoeGY0RkNNTEpnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM4MDksMnFReWNaSEk2dW8zUGxjX3B3OEY5UThaTHQ0LEhrZXMzajlPekV3bHZUVnJPaW11akZGWFNkMUdZK1FkS091SlhlN01oTnIxSURSdVdiRkF1VzdsSWZXd0NmakROVEhhZFFFelJWNjN6TGwxeksrcHV2eVRBV0JLamNHTlQ2aXJadXRRYWlpOVJNTDNjRnhDU29DcDZmRklMWmNyM0cvdWJRaHZVQ09SMFlrNHkvMkF0cSsvdzErZGcvUlNJUktzMDZ3N0NBT2IzREh5S0E5cTJsekRVYnJFSk15VVMvVUF0aG9COXU1SmJUYnRUVDJidEtvTmx0ZmFaWjBPTURnS2pJbG4xL2xCM1VERTArZ2pad2cycW5HSTdJYy92TktWOE9MaXhGMlpFWUYwNGcxRmcxVitvaExRTW9Pd0xWNDJRWVBHT0dxNVJxZExDbFZFMGtaRWhoeHZMYlFtWUZrZGMraElNTEM4R3FrK0RUWEtwdz09PC9TUD4=

Source: global traffic	DNS traffic detected: DNS query: srfed-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: spo.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_84.1.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_86.1.dr, chromecache_88.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.006/
Source: chromecache_86.1.dr, chromecache_88.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.006/spwebworker.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49179
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49189
Source: unknown	Network traffic detected: HTTP traffic on port 49164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49177
Source: unknown	Network traffic detected: HTTP traffic on port 49165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49165
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49164
Source: unknown	Network traffic detected: HTTP traffic on port 49189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49171
Source: unknown	Network traffic detected: HTTP traffic on port 49171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49177 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49179 -> 443

Source: classification engine

Classification label: mal48.win@18/15@10/4

Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google

Jump to behavior

Source: unknown	Process created: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1444 --field-trial-handle=1072,i,8817321110583036791,13478569038220876855,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9"
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1444 --field-trial-handle=1072,i,8817321110583036791,13478569038220876855,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\GoogleUpdater	Jump to behavior
Source: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_BITS_1456_2038269960	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.138.10	dual-spo-0005.spo-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.136.10	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.186.164	www.google.com	United States	15169	GOOGLEUS	false

Contacted Domains

Name	IP	Active
dual-spo-0005.spo-msedge.net	13.107.138.10	true
www.google.com	142.250.186.164	true
srfed-my.sharepoint.com	unknown	unknown
spo.nel.measure.office.net	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://srfed-my.sharepoint.com/personal/paul_scace_srfed_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fpaul%5Fscace%5Fsrfed%5Fcom%2FDocuments%2FAccounts%20Payable%20%28AP%29%2FEra&ga=1	false	unknown
https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9	true	unknown
https://srfed-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx	false	unknown

ID:	1524541
Product:	CloudBasic
Start time:	23:53:59
Start date:	02.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 80	ASCII text, with very long lines (59376)	2AC9ADF0B8ED584D25575F9FE777ABEF	49C9A2A9C51860D91F895DE8B71E67903D3680D2	15975C387FD4817FDAB9E9C396F0F708FE2559350AA663B9E4469E27ED6CDA44
Chrome Cache Entry: 81	Unicode text, UTF-8 text, with very long lines (41512)	7CF1AEC902630162F89426350428DCAE	6E9D02319AF01FC4C590118C571C1CB3440F8E07	A227FC4681776C73982750137A235033BB6649B13B07A2DA0B124AFB4D960C6C
Chrome Cache Entry: 82	JSON data	265B0D37911105398C2B14E2440BAF30	8EDBE4E14173C7D008E07533671BB97967D578F4	0F22A97159530F76BA75214EE6F9B3A77FFD97665A511917E54775737A3ADD1D
Chrome Cache Entry: 83	JSON data	8D75B8E85D749610931E168F2EFCF555	11410945A27700DBE941C030189C637792AAC2CE	485A60AD5AF1CEFF60C50A9BFB08A03F0C42B984034A2255820356938B82B2A0
Chrome Cache Entry: 84	Unicode text, UTF-8 text, with very long lines (41512)	7CF1AEC902630162F89426350428DCAE	6E9D02319AF01FC4C590118C571C1CB3440F8E07	A227FC4681776C73982750137A235033BB6649B13B07A2DA0B124AFB4D960C6C
Chrome Cache Entry: 85	ASCII text, with very long lines (59376)	2AC9ADF0B8ED584D25575F9FE777ABEF	49C9A2A9C51860D91F895DE8B71E67903D3680D2	15975C387FD4817FDAB9E9C396F0F708FE2559350AA663B9E4469E27ED6CDA44
Chrome Cache Entry: 86	Java source, ASCII text	9D878396119C486ABAC5B12D57CF911B	D94BAC3E2D3DA227E9C30E93888741233DC8040F	44B9CE868B6D3916C2C95E400F60A0D03F0E684CC3344AEFE080C7651279404C
Chrome Cache Entry: 87	JSON data	265B0D37911105398C2B14E2440BAF30	8EDBE4E14173C7D008E07533671BB97967D578F4	0F22A97159530F76BA75214EE6F9B3A77FFD97665A511917E54775737A3ADD1D
Chrome Cache Entry: 88	Java source, ASCII text	9D878396119C486ABAC5B12D57CF911B	D94BAC3E2D3DA227E9C30E93888741233DC8040F	44B9CE868B6D3916C2C95E400F60A0D03F0E684CC3344AEFE080C7651279404C
Chrome Cache Entry: 89	JSON data	8D75B8E85D749610931E168F2EFCF555	11410945A27700DBE941C030189C637792AAC2CE	485A60AD5AF1CEFF60C50A9BFB08A03F0C42B984034A2255820356938B82B2A0

Windows Analysis Report
https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs

Windows Analysis Report https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs

Windows Analysis Report
https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9