Edit tour
Windows
Analysis Report
https://wtm.entree-plat-dessert.com/r/eNqFT9tu2kAQ/Rr3LfHevfsQVQTbBWoTbqprv1R7GQMmGIINKf76blTlOTOjoxnN0Zkz76EiRGAZYogYoxyww1JLQpkizmJD6ohpLgFCLCkPWcRDQ6gVNUE0ks4JTjVGRBCsjGY+VB1Snzr8fn3a9f25C+goIKkv9whtfwF4OL/q/sFB18Glf7Sno9+1znoscoxJVVQBTc/dH4CAxl/ZCoj4pBrBkLWeJQzilBukNAIkrWPEgAVDNUEW10CFUcIw4GCxUx
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Detected non-DNS traffic on DNS port
Detected suspicious crossdomain redirect
Classification
- System is w10x64
- chrome.exe (PID: 2476 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4588 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2128 --fi eld-trial- handle=199 6,i,392249 2037436901 396,118339 4455144294 2326,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6368 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://wtm.e ntree-plat -dessert.c om/r/eNqFT 9tu2kAQ/Rr 3LfHevfsQV QTbBWoTbqp rv1R7GQMmG IINKf76blT lOTOjoxnN0 Zkz76EiRGA ZYogYoxyww 1JLQpkizmJ D6ohpLgFCL CkPWcRDQ6g VNUE0ks4JT jVGRBCsjGY +VB1Snzr8f n3a9f25C+g oIKkv9whtf wF4OL/q/sF B18Glf7Sno 9+1znoscox JVVQBTc/dH 4CAxl/ZCoj 4pBrBkLWeJ QzilBukNAI krWPEgAVDN UEW10CFUcI w4GCxUxpA1 NIqW/+XGs5 eigqJ/Dh8G Pjm7FNUV8v 9tG0LvO4Pm 7RqVpMJWjW 9KCIpr/fTb F1mVh3H+Tp 5I3/N73tGd zzpZs12fF+ l5XANyPMx6 pac8+10mPt Xo0XT9kNJf Bu/xeXOZNO fo/nt1366r EbLo2rbkpN mtrvHTcmHj G3mKksYjrd ik+cYXJHKx Y01P5L9i9d +X7hL/PwqL zpfNTTbfpy b9TJp8Glse F5MTqeDOej bIf4H3+KUF g==" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: |
Source: | HTTP traffic: | ||
Source: | HTTP traffic: | ||
Source: | HTTP traffic: | ||
Source: | HTTP traffic: | ||
Source: | HTTP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |