Windows Analysis Report
https://na4.docusign.net/Signing/EmailStart.aspx?a=b4cf6218-13ec-46d9-aa5c-10723ebe7e7f&etti=24&acct=d9c705c1-5012-4d8b-98f5-b9c62798fde2&er=efa4815b-08b1-4fe7-b32f-ac28ff7e2554

Overview

General Information

Sample URL:	https://na4.docusign.net/Signing/EmailStart.aspx?a=b4cf6218-13ec-46d9-aa5c-10723ebe7e7f&etti=24&acct=d9c705c1-5012-4d8b-98f5-b9c62798fde2&er=efa4815b-08b1-4fe7-b32f-ac28ff7e2554
Analysis ID:	1530688

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Yara detected HtmlPhish70

Phishing site or detected (based on various text indicators)

HTML body contains low number of good links

HTML body with high number of embedded images detected

HTML page contains hidden javascript code

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

AI detected phishing page

Source: https://fendersaverse.com.de/qvuJD/

LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known global technology company., The legitimate domain for Microsoft is 'microsoft.com'., The provided URL 'fendersaverse.com.de' does not match the legitimate domain for Microsoft., The URL contains an unusual domain extension '.com.de', which is not associated with Microsoft., The URL does not contain any recognizable association with Microsoft, indicating a potential phishing attempt. DOM: 1.9.pages.csv

Yara detected HtmlPhish70

Source: Yara match

File source: 1.8.pages.csv, type: HTML

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 0.4

OCR Text: Done! Select Finish to send the completed document OTHER ACTIONS FINISH Docusign Envelope 150T.AB7-CBF2-453A-g02g-20EF'B3F6001g docusign Accounting Department shared a PDF via DocuSign secure Remittance Advice.pdf TAP HERE TO VIEW DOCUMENT t View with DocuSign: Remittance Advice.pdf Do Not Share This Email This email contains a secure link to DocuSign. Please do not share this email, link, or access code with others. docusign Cl-jcnge Language - English (LIS) Y' Terms Of & Privacy Y I Copyright Z Oocvsignlnc: V2R

HTML body contains low number of good links

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: Number of links: 0

HTML body with high number of embedded images detected

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: Total embedded image size: 45687

HTML page contains hidden javascript code

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: Base64 decoded: {"version":3,"sources":["/cfsetup_build/src/orchestrator/turnstile/templates/turnstile.scss","%3Cinput%20css%20SREF6k%3E"],"names":[],"mappings":"AAmCA,gBACI,GACI,uBClCN,CACF,CDqCA,kBACI,GACI,mBCnCN,CACF,CDsCA,iBACI,MAEI,cCrCN,CDwCE,IACI,mBCtCN,CACF,CDyCA...

HTML title does not match URL

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: Title: Account sign-in does not match URL

Source: https://na4.docusign.net/Signing/?ti=46e4bf1f88514ad087aee7dac85ca21a	HTTP Parser: No favicon
Source: https://fendersaverse.com.de/qvuJD/	HTTP Parser: No favicon
Source: https://fendersaverse.com.de/qvuJD/	HTTP Parser: No favicon
Source: https://fendersaverse.com.de/qvuJD/	HTTP Parser: No favicon

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: No <meta name="author".. found

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.100.63.156:443 -> 192.168.2.17:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.100.63.156:443 -> 192.168.2.17:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49880 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.22:443 -> 192.168.2.17:49903 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 6MB later: 25MB

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: na4.docusign.net
Source: global traffic	DNS traffic detected: DNS query: docucdn-a.akamaihd.net
Source: global traffic	DNS traffic detected: DNS query: a.docusign.com
Source: global traffic	DNS traffic detected: DNS query: api.mixpanel.com
Source: global traffic	DNS traffic detected: DNS query: cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: fendersaverse.com.de
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: benkinslowuo.ru
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.100.63.156:443 -> 192.168.2.17:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.100.63.156:443 -> 192.168.2.17:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49880 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.22:443 -> 192.168.2.17:49903 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@20/76@44/267

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1996,i,14975212472755687281,7191084638340800402,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1996,i,14975212472755687281,7191084638340800402,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://na4.docusign.net/Signing/EmailStart.aspx?a=b4cf6218-13ec-46d9-aa5c-10723ebe7e7f&etti=24&acct=d9c705c1-5012-4d8b-98f5-b9c62798fde2&er=efa4815b-08b1-4fe7-b32f-ac28ff7e2554"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.99	unknown	United States	15169	GOOGLEUS	false
142.250.185.78	unknown	United States	15169	GOOGLEUS	false
104.18.66.57	cdn.optimizely.com	United States	13335	CLOUDFLARENETUS	false
2.20.245.133	unknown	European Union	20940	AKAMAI-ASN1EU	false
104.21.17.45	fendersaverse.com.de	United States	13335	CLOUDFLARENETUS	true
54.201.17.39	arya-1323461286.us-west-2.elb.amazonaws.com	United States	16509	AMAZON-02US	false
104.21.72.134	benkinslowuo.ru	United States	13335	CLOUDFLARENETUS	false
216.58.206.78	unknown	United States	15169	GOOGLEUS	false
104.18.94.41	unknown	United States	13335	CLOUDFLARENETUS	false
107.178.240.159	api.mixpanel.com	United States	15169	GOOGLEUS	false
162.248.184.189	unknown	United States	62856	DOCUS-6-PRODUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
151.101.194.137	code.jquery.com	United States	54113	FASTLYUS	false
172.67.185.34	unknown	United States	13335	CLOUDFLARENETUS	false
35.161.37.142	unknown	United States	16509	AMAZON-02US	false
142.250.185.67	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
104.18.95.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
64.233.167.84	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
2.16.168.6	unknown	European Union	20940	AKAMAI-ASN1EU	false
172.217.16.196	www.google.com	United States	15169	GOOGLEUS	false
142.250.185.74	unknown	United States	15169	GOOGLEUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.17

Contacted Domains

Name	IP	Active
cdn.optimizely.com	104.18.66.57	true
a.nel.cloudflare.com	35.190.80.1	true
code.jquery.com	151.101.194.137	true
cdnjs.cloudflare.com	104.17.25.14	true
challenges.cloudflare.com	104.18.95.41	true
www.google.com	172.217.16.196	true
api.mixpanel.com	107.178.240.159	true
benkinslowuo.ru	104.21.72.134	true
fendersaverse.com.de	104.21.17.45	true
arya-1323461286.us-west-2.elb.amazonaws.com	54.201.17.39	true
na4.docusign.net	unknown	unknown
a.docusign.com	unknown	unknown
docucdn-a.akamaihd.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://fendersaverse.com.de/qvuJD/	true		unknown
https://na4.docusign.net/Signing/?ti=46e4bf1f88514ad087aee7dac85ca21a	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 08:40:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	01482AD758CFB1F43ED855BF4D401E25	69995B4DA4659246F5C707B15BDBD3FA8899EDF7	6359FCB11CF2868BC1FEA322D6E203A1AE58CFC90D90094E9487E06FCDDF5889
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 08:40:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	699FEC2C84D1F83D7C73F79662053B33	225C78D3858A1B1FA9273046EF75E5F4084C9329	C3CBBB5AC40A392F360E7732780D3431F85AE1296B3338490D1764DB09AD1733
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	E14C62816AD018C7EF008E596FAB9C1B	18917A75CDC0120D44F9BE959EF589465FB3FB43	C2FCD52D9FADA458EC4BE69DDDC66DBA0665EA5BFA6E70C5C0E1873900E82196
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 08:40:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	37850F9676DAE66F294E6B60A79C4C36	96FC503CA2682C327B8D88B06CEB32B75B5914B7	E68FD271B2DEE89AC5B2046F92FD95D34F64E82157DFD4EDE969645637EB2A6D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 08:40:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	41D8BE6EFFB9BC903DE97C0D3A3FD1D6	B6DB2154CBBFE7F6D3BE2030170C2CEE5058D2E6	28580041896879F4CF8D6650686B8A81B5A3A3FE1E06EC0E796E7DF26B5A384E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 08:40:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	04D319F78634CFBDE9A9FA71EF51744F	751F11200F345315BE2697BF2DF8F3215CAF3052	9B7DF1573CD94537ED49A8FD4C706E39BFED1DB6DF43AF5D129889B73323683E
Chrome Cache Entry: 167	HTML document, ASCII text, with very long lines (65448)	16716E2811BC506DF86F81DC2E6189E5	C65F4A89DA8AE32000E007E8969935AE7C3774CD	10818E561AB3FBE76741883A033DED68EAC63F78FA9669B7925B4095F866F57B
Chrome Cache Entry: 168	SVG Scalable Vector Graphics image	6E132855B6DDD5C7A1FA7DAD2C9FE964	0342D3665682749F7C312B8B1EE6A169FA4C68C5	06DADA60F95EF29D2483D66D0412FF1EE698503F7E29DAE26403F6C5E071507F
Chrome Cache Entry: 170	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 172	GIF image data, version 89a, 145 x 60	097D652B65DEC6E954C335739754FC61	83155314927200EC3B9951246D0C1C3B631B088A	00E709E22EA18FB242C2F41290179522537ABEC841EEF2655D17E02B36CFDC7A
Chrome Cache Entry: 173	ASCII text, with very long lines (65438)	C9A178E87EF9D67207B744DD8252556E	32A11476141AE8CC9E0881E56743DFA0DBC0843E	4298AB8A22EEDA2DEEEACBA50E9AB4E86696CEF95E639F4ACB8DA89C8187809E
Chrome Cache Entry: 175	ASCII text, with very long lines (10978)	DCDCFFC88E7329797D5E9496ADBF7071	D5AFBD1194A548BC4C992159A66822945EFFAFE7	5EAA39BC29B2471A8D4C07B6710846378B7CF90B590AA605D5AD64E1FBF3367C
Chrome Cache Entry: 177	Unicode text, UTF-8 text, with very long lines (13673)	F529E89C80657A21F4F052EF31389479	A6BA7AA6E586D062E67433AAF517A0A50B73154C	8BE50E593F1E4742B278E416DF2D97278F33813EBC6FBB3A5CB13191FFA6070F
Chrome Cache Entry: 179	ASCII text, with no line terminators	C9785540787087E135E2E3256D4128E6	41BD40CDDBF7127B59A6D093F72D6EF7AC2E45D4	ADB38815ED6BC0240FFD0E7299D9CFA5860D5C662C7C2B4DAE11EF97EC951B05
Chrome Cache Entry: 181	Unicode text, UTF-8 text, with very long lines (30984)	48BC933608F733A9283F2218C73A941F	E04E625C70A5E8505B77A51D82D9A73AFA9F3547	FCBC395A3D24699D9229846A30C9FE245D77A7AFDBC8386838A03A837C6672AA
Chrome Cache Entry: 182	ASCII text	ECE7A224F69AB2205D90900589AE1D05	3D861B816A5DA892C8A88D5755A5537C036239DE	FFA8C6A4CE199BFD9E32B05E0E4DECE330C6A577FB3A0E8518291619C658C486
Chrome Cache Entry: 183	ASCII text, with very long lines (65446)	E5AED14FD34298C8134A8CD857D876F2	B7119EF665F8624579125F2A1EC3A0666597898D	B48462A3A96F73CF811C57D3212AB448C5672EF8C7028BE527A3663194E85DFB
Chrome Cache Entry: 184	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 186	Web Open Font Format (Version 2), TrueType, length 31436, version 1.0	BA0E987E564CD3409E9D6F690D641F55	1C2684BD20C775B7497796C2FA66AD4943F6B824	346CFD3DF3DBB80D08655AE396A413F66CBCCFCF201EAE36A6403DCF7ED372BC
Chrome Cache Entry: 187	ASCII text, with very long lines (631), with no line terminators	3F2A17178B25223CE0D197894832E3BF	122289799677F7EA6ACAB85EB467C7BFF7CCD43A	3CCCEDA7248328DF9036A8009D69FEE3ABB604F29D5E2A4FA95D2E6CA4F041F0
Chrome Cache Entry: 190	ASCII text, with very long lines (47459)	5D332FD1AE9FEB79A10425DFC3F84FE4	C7D7F9D2BF5EE08E242765803CDD3A223FE1CBFC	2EA786910282DF7AE154A0011375CD1254ADBD8EF0E75EB62177ADA67DAF9611
Chrome Cache Entry: 194	ASCII text, with very long lines (65448)	C3F69DF10A9CA0D22FE32C25432EB8B2	16E89ED49525F9C9274AD408D92DB61EB01A3280	1177EA5979591FC95B15359120A77AB44ED26CA0619B9B96838D3C7730ECB078
Chrome Cache Entry: 196	ASCII text, with very long lines (65448)	909800F91B439C017EA6DB37097896F7	347F2D52C9E835C3B2274D02AEC5038F52A8D992	2B8A364ADC95BBB07A86A9DF54A25C92450DA38F390EAB7C4CF10CB6DF0DEE0D
Chrome Cache Entry: 198	ASCII text, with very long lines (47992), with no line terminators	CF3402D7483B127DED4069D651EA4A22	BDE186152457CACF9C35477B5BDDA5BCB56B1F45	EAB5D90A71736F267AF39FDF32CAA8C71673FD06703279B01E0F92B0D7BE0BFC
Chrome Cache Entry: 200	ASCII text, with very long lines (20560)	D56F8C4A6B3DB2677E962A7B0F45634A	5AFF66065038A218B20AAA779AE7F9023C88287A	1C0ECB84B8364F76298D5022BDD9A03CDE1E065964BDB5870FA6439572F550D9
Chrome Cache Entry: 201	ASCII text, with very long lines (57954)	147ED026911280F09266EA87A69A5FC1	394F5B74AE0AD9975057E732DFB2C9EE4739A760	1A7A6B6222ABC91E1E8F39A82F2D2D27A6DBCB81806463CA5511015C84F6414B
Chrome Cache Entry: 202	ASCII text, with very long lines (12839)	8121EBC1ED98F1C422DB06BD07314F28	3EED7BFA7B27DF00C245B328AC1ED42DC7F6581E	EE129C66EF904C9E672419CD355922936DED5DA313AAEC82F314777AF0E9809F
Chrome Cache Entry: 207	SVG Scalable Vector Graphics image	C97430373AB9005C3A90AF1A0BE778CA	C9AF625A22C3A2A367AEE01205899BAF147596B2	5E674F5B96257920F3E7609E564B1AA0B06A9770422C9AD06D9D5E0D651608A0
Chrome Cache Entry: 208	ASCII text, with very long lines (9667)	67EB698330BC24C39D51CE54687CBE19	864D423ED1CF0D6F3CF2DEF9D935DF7190094551	F5C08FB0F269E1D448373EFDB4F80474ED401EEADF6794416B20C55EFCC5AB01
Chrome Cache Entry: 209	ASCII text	D2942A4771AEB6AE4AE136CB1EA2A4B5	DD04F9C4A29C5144070CA75C0F74FD626E530568	95BE600849FD1D4DC66F7542054B07EA48AF259B8CABF1AD1E84C9D2065FBFE4
Chrome Cache Entry: 211	ASCII text, with very long lines (65443)	EB6A17CF377B81B94B0D5A0BA4A97A42	80E2E8B10D97D8D426EEF8F33FC1512EE5E02D6D	0AE019E7A9DB996C3E21E0DE08FA17EC215C509CAD09B6DC0C37191B44834BC6
Chrome Cache Entry: 212	ASCII text, with very long lines (37014)	22C262B6E67DB97DB3939E8E89842DC2	A329ECF6AD90155006F12F04DFC0DAA9E12B68A7	C801D71595A7D2897D9D5BFC9F9365299965A7440B22BFCEF54B7CE2871C8D16
Chrome Cache Entry: 214	Unicode text, UTF-8 text, with very long lines (65169)	138CB6A0F4778731E5A5D983E5A4F74D	A7341ED2585D73A0D2ABF48C0B42E4D8A4B26D40	4C9AA6FC7B3C5725910095C23EE201664981DBFEFD231E556325253A65027F8A
Chrome Cache Entry: 216	HTML document, ASCII text, with very long lines (499), with CRLF line terminators	F7A39755D761EB1E4283AF2C83F7B487	F617B8252560AFA2EE7BA32E9E1DEB03E25AF917	C892626F61BA7AE8F871E9ED9A3173CBECD13EC602D68A5F9F0AB3DB8F5D93F9
Chrome Cache Entry: 217	ASCII text, with very long lines (65448)	113837D09BD96E9F251276B99E5EC0A1	42913962D76A800D10811D932D98845C68027B5E	1FE082EBA6481FBAB28E59AF28FDEA69D40882F0B0260B3FB807A332AFB6FDBC
Chrome Cache Entry: 218	ASCII text, with very long lines (65448)	9F5EDE38B0D1D7FE0EE6E2A72BB52655	DD7C0784B957C8103AEEF4200A1B658EFFDE28C5	83F8ECFA94B75E542672E438B4CFA06B7A819F78CD130BDD700FD2269EE4C44E
Chrome Cache Entry: 223	ASCII text, with very long lines (65536), with no line terminators	2C73DD9B48CB342C5FEB81C8A378B291	FA52BCA3CF57FFE2FBA82D3C923B1A3DE1E38E76	DA90AEA8421C31DDAB9FADDF17FC9D1F7EE9B466786C8113F0C523DB8CB3F00C
Chrome Cache Entry: 224	Web Open Font Format (Version 2), TrueType, length 29516, version 1.0	5D66C3D97D4F69A2B3527E3997CBB66B	94EF4F31C1A1CD780A172EDFBF9E3DE61697EF5A	1BF53B33743C5C45D6C944815F74CBF58B228806858FB6E3A0B86C1204F4BE06
Chrome Cache Entry: 226	ASCII text, with very long lines (65453)	B97295549B6CCC07A875710755227041	B7D3DE8850B86C54AC89A5FAC61DD5B7145712B7	64FAB500F51819BE48C82D056B8C4C5E21C9E9B5F5EF342D147BEB060865521D
Chrome Cache Entry: 235	Web Open Font Format, TrueType, length 13780, version 1.0	D2793531447C140874B62B7448EF7191	1CE36AA9C6445DACDFA8B597BD79A34514CC9F60	2B1A1F78DF06385464750F48AED402C315164D51FD9475E8B5A47D897CF9C084
Chrome Cache Entry: 236	Web Open Font Format (Version 2), TrueType, length 31468, version 1.0	B70FB054C362CBA0FE0E6233920555E4	C1C2CDF248E7042B196EE18512C1DE9418ED61F2	C2DD95A4FD1D3569F219994B8BA845A5AE065733B80619B87157FA7BA97CCB74
Chrome Cache Entry: 237	Unicode text, UTF-8 text, with very long lines (65442)	F74CF54CCDE6B5407F8664D8DF85AFE6	A0B9F7F72A7A82C62FB46F8FF20C8AA49FBED246	1F4DA21A71FCAA527BE447F9E4F43D99113FF853E3B9150A8E4831694534DEB8
Chrome Cache Entry: 238	ASCII text, with very long lines (65447)	B996140AA55B4DCEFBE20B0EC96447B3	5C715DD38582604148904BADAF0342982195F698	54C6DB3FC48C1F54FAD197E91744DA04EB8FB584FBDB581A5C1E92CD6E72E12D
Chrome Cache Entry: 239	Unicode text, UTF-8 text, with very long lines (65442)	EFA35FF69FEDE1DDF50A1642C7E3A41D	67562C6324D944E82E5E3779074108A96930A82C	C8644722991E31AD65A2410D32E83A18D58AAE0B4840356E74B780AB4E0AF10E
Chrome Cache Entry: 242	JSON data	F704DBFF52454E03BBC3FBFBDF9FB9FF	74DC58AEFC214A97233093F45BEA3207B1F81B78	634A17427C54E934107C3DE36E357D6705E3915348B7AF3B6CB6CC66B5DE7773
Chrome Cache Entry: 245	ASCII text, with very long lines (46034)	B132A2B1FF6239DB7559C14823C8DDE4	91A97746EC7D0AD09878F31C44296F65B92B31AD	94ECEB951F7B7CF12F313B60ADC665714B26E54BE9A912DBEAA0CF30AF9FB3D7
Chrome Cache Entry: 247	ASCII text, with very long lines (65448)	811581C23FEE6BDDBA046C8F08214F11	A9B5566253314D172EF90CE4D58018EFF5AF67B0	49A1D8D973C45CBF80C4FB3E1FF386FEE0059706BD8C0E9CE91426FF87DB05F1
Chrome Cache Entry: 253	ASCII text, with no line terminators	84100B349395F367D41A8B44D0020355	676BB250F143F6C863C58C79B4CA1ABF7312DF00	5EAE3F71BE133111621E17FEE9DC04578D885A74EAF4D40AAC9634B7DB4B5459
Chrome Cache Entry: 254	Unicode text, UTF-8 text, with very long lines (63087)	8431C8559126D5327BEAEDE042D078E7	7BCF46919180A9718FE68EA351682A73F4170F2E	EB4BE71B5B17D5E5C573C02E91F3A5595D33C74A375A933CE5E730597DF83BAD
Chrome Cache Entry: 255	ASCII text, with very long lines (11684)	C80C3EE7F2985F623C8987DF045B1B9D	78BD993D005B1531A4A95137299BC9055555A5C5	E0C3549C802D72F10F33F6CE070AA088E36FCE73544510B64EDA2C37041CFEAA
Chrome Cache Entry: 257	ASCII text, with very long lines (27176)	6ADBF15138A29729F7C437E57CB29192	5A6D3F257A89E67B556A4B8B449769F6E8209ED6	625FAAC6CC2D0E6F4FB2D24763332E6B78782133CB7F9040E3BDE0A874D53AEF
Chrome Cache Entry: 258	ASCII text, with very long lines (65449)	4C42510553118994DAE00ECF04B267C7	66223CA571111E0F56B3BC58A6580EB2030D38FF	7F8B1B1E0333E669CC10FC8BF5956A7B71B87B57E4057485C99BE5F48AE2CCE0
Chrome Cache Entry: 261	SVG Scalable Vector Graphics image	EC396047518A7FEF11D53D1B4F6BE65B	E3BEC4CDAF5567641517A23019ADBFA2328B0A7F	8F77CFC832517C619BC1B8D82A6A478EE18D97442B4C78B006B0286CEC91E1A8
Chrome Cache Entry: 263	ASCII text, with very long lines (65440)	5D81758C68059F4BBDD35B9E236192D1	6BF894633C8F38A3DDC23A5488D938ED29D4F308	53EC1CEEEA54741A338272B3AEBE0D7DE6FD335D95D3B25B8F7C68E128A36A85
Chrome Cache Entry: 264	ASCII text, with very long lines (21368)	F77E27E09ED4F66AABFAF112AB33A992	45E5C8E5575AF96D253989BA620000EA899845EC	9427D60DA2DEF9E6887AFEC8DE23F44575A7ECD0164CB81756E20D03D5EDC42C
Chrome Cache Entry: 265	ASCII text, with very long lines (65457)	792E736A6A792B0BEA9EF231B091EAFD	5CE79EA8CB243237638BDDC1C879DE21F2496E22	7DCC0DD809351B61183EE6C40D7734E94C635119CD69230D4F2297E3CD28DC9F
Chrome Cache Entry: 267	ASCII text, with very long lines (24513)	DEE3ACB144002DC7CE943395961513C6	466134785A8419111FCFE49C03AA4BAA5A37AADF	08C559F348FB32A07FF05AD6DFB9B5C18E38AA54993CE132CAC17E0179CF4772
Chrome Cache Entry: 268	ASCII text	7363E1A92A77C2F6AB0332C9A64CC051	B424892E6298C96B00A63BF7B3244AFC93EFDEAB	4E640814854B6E878309D5B3ADD69C450D0995CF83617BBFAFBA63EA2043CF2F
Chrome Cache Entry: 269	ASCII text, with very long lines (16777)	D0C21017536DCF0C23F1ECAA5BBE0976	A05C5276719510DE9BDA7551D04774975884D015	5491AE8CC407D46F15E544CF6CAED0C79C640199DCFC7567FD6DA0F7C6539F45
Chrome Cache Entry: 272	PNG image data, 39 x 66, 8-bit/color RGB, non-interlaced	B7A8A290E180D94065AC3599E54846EF	93E0439E0BE3387EBA3A68C4D1779954D9B7B6CC	F3B97BABCA2AB165B3CAAD2CB64AC30B25089C9D1EC1DAE6A7773DAF3D5697AC
Chrome Cache Entry: 273	Unicode text, UTF-8 text, with very long lines (16888)	CE7C0BB19E58A93C8F056BC20DAB9A26	13E50DC5E64A6BCB229ED4FE3B7AD1233833914F	18283FDE9392D1E5083F28DFF6FBE0DFE9FA450F1829A885858C05DEA1BF2813
Chrome Cache Entry: 274	HTML document, ASCII text, with CRLF, LF line terminators	F58515DFE987F7E027C8A71BBC884621	BEC6AEBF5940EA88FBBFF5748D539453D49FA284	679E7E62B81267C93D0778083AE0FD0EFE24172FF0AC581835B54165B3D9ED43
Chrome Cache Entry: 275	ASCII text, with very long lines (7965)	CF0A3FB647010CD001AF1B0430E25098	2DEA95C29D245223540CCBFE2F246F718DB7B283	D7B8DDB44BFC73780B9AF7FBB6619AABEDC3C57062FF68E06A016DE042A7FF71
Chrome Cache Entry: 278	ASCII text, with very long lines (65448)	9DA993B3F5C7590CCCA0A4D411BC44A8	23D1C23805D2C364B5FCD8B26863584180B00714	CBF3E508493FAF9864881FA1DD1A157739501028FBE7006C78ED3299556BA349
Chrome Cache Entry: 279	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	AFE00DB89CE086B91A541C227EDBF136	961B2EE6FB39C4D515BDC49EC1BA688B0916F104	E11827C678AF8519E702F364E525AC34509CAD49F8D839677E089949EDDA060E
Chrome Cache Entry: 280	ASCII text, with very long lines (41855)	BA3804DC225E5976C4F65B77D2F0B8EB	39C5F70C12F6CD844A78CE30F93547C5F2691026	3C278D72B8DAE938C4DCF788BF382033BCF0971585D748EDEED7762425D4D986
Chrome Cache Entry: 282	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	F4B52A4EB3D0CDD585A73EADE7CC734A	00BD17DB2EA7F845910C713CBFF3A6719D59A1EC	94BACE793EA5F351B65F5B2948BEB949B01FB811274A3F8EB8D52B9719A149BB
Chrome Cache Entry: 284	ASCII text, with very long lines (12755)	E1AF2939639E4D63E5F64B8D423E26CD	2A430D33D35F2245AA01035EC1973093506C6911	CF1C66D42BB9385EA5EB4FEC3D379605E2E1BDE9BF728C91A711495EF9D4DCF2
Chrome Cache Entry: 285	ASCII text, with no line terminators	1000A6CAF7299F030F5C73974CCD617E	44C1943894BE0A43D5F1176C085F82A9CF75DAAA	BB107868145E022BC860243BF8E7144DB9F5350D02F73F9EF56F70C3B89A2BEB
Chrome Cache Entry: 286	ASCII text, with very long lines (65448)	01E9D5FC8D10F2B4B5BE134D6ABE68D0	FDFB634A8A556BBB83D47ABEFE3A2703C1F44C1C	88F02BBD2635F80B72EF9F538B0FBD7D565F95118BEABDB9D529097ECCD75281
Chrome Cache Entry: 287	HTML document, ASCII text, with very long lines (5545), with CRLF line terminators	AA38B936934E9333E3B2E704D6A83042	AC94245779D111D68703025EA69C09B3FC95F906	D24E613A898EAAFD2060AE8059D69AC65083CC0BF273CC1D15E150278E4D5C66
Chrome Cache Entry: 288	ASCII text, with very long lines (9377)	B37450C5A66EEE84E294D821A6A02A64	3BF70E88ADEE39121B6237EE5D3BE9021565BB71	30092DA12ACD136AE59B9DAA166475DAEB91A6C1085CB2A78EB70793E9F5C5C1
Chrome Cache Entry: 289	ASCII text, with very long lines (24020)	1F2FB3C9EF2D42AC3C4FDDD5329A2386	6E396740CB7AC842E94196EB522E862E668A7D78	F79E800927AAA1DD1428D7DAA9A3564436F71DA9D27F3DFEF4440D2B76D1C216
Chrome Cache Entry: 291	Web Open Font Format, CFF, length 33752, version 0.0	4DE7535F6F5DF8D5437C21C068DDB0EC	3553204B4624CA41CF1C4F3BD9B37D8C968CBA23	8F6A520A392FF62149E5FC5AA87BFAB9B3816CD6010D4D4FCA194E8683CA498B
Chrome Cache Entry: 292	PNG image data, 79 x 79, 8-bit/color RGB, non-interlaced	C87DA3413DAD0BC57D3F6C42C3848657	5F307E843AE7B61DBB541B55CC159386664A40F4	AE8E67BAA196F0D1A50103804DA7CC8EA1B30F97A3878F044D2EE03902D9925E
Chrome Cache Entry: 293	ASCII text, with very long lines (16718)	7E0A5ABCB31199770B38DD9A0F557491	D4719F356E6800A6F664BCE7B3DDF7715607E5A3	0EE7DF63AA74F1623D01D69A016D845FD9024854A2F034D229ADE68D801DE4AA

Phishing

AI detected phishing page

Source: https://fendersaverse.com.de/qvuJD/

Yara detected HtmlPhish70

Source: Yara match

File source: 1.8.pages.csv, type: HTML

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 0.4

HTML body contains low number of good links

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: Number of links: 0

HTML body with high number of embedded images detected

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: Total embedded image size: 45687

HTML page contains hidden javascript code

Source: https://fendersaverse.com.de/qvuJD/

HTML title does not match URL

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: Title: Account sign-in does not match URL

Source: https://na4.docusign.net/Signing/?ti=46e4bf1f88514ad087aee7dac85ca21a	HTTP Parser: No favicon
Source: https://fendersaverse.com.de/qvuJD/	HTTP Parser: No favicon
Source: https://fendersaverse.com.de/qvuJD/	HTTP Parser: No favicon
Source: https://fendersaverse.com.de/qvuJD/	HTTP Parser: No favicon

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: No <meta name="author".. found

Source: https://fendersaverse.com.de/qvuJD/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.100.63.156:443 -> 192.168.2.17:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.100.63.156:443 -> 192.168.2.17:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49880 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.22:443 -> 192.168.2.17:49903 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 6MB later: 25MB

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156
Source: unknown	TCP traffic detected without corresponding DNS query: 95.100.63.156

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: na4.docusign.net
Source: global traffic	DNS traffic detected: DNS query: docucdn-a.akamaihd.net
Source: global traffic	DNS traffic detected: DNS query: a.docusign.com
Source: global traffic	DNS traffic detected: DNS query: api.mixpanel.com
Source: global traffic	DNS traffic detected: DNS query: cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: fendersaverse.com.de
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: benkinslowuo.ru
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.100.63.156:443 -> 192.168.2.17:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.100.63.156:443 -> 192.168.2.17:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49880 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.22:443 -> 192.168.2.17:49903 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@20/76@44/267

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1996,i,14975212472755687281,7191084638340800402,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1996,i,14975212472755687281,7191084638340800402,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://na4.docusign.net/Signing/EmailStart.aspx?a=b4cf6218-13ec-46d9-aa5c-10723ebe7e7f&etti=24&acct=d9c705c1-5012-4d8b-98f5-b9c62798fde2&er=efa4815b-08b1-4fe7-b32f-ac28ff7e2554"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

ID:	1530688
Product:	CloudBasic
Start time:	11:39:53
Start date:	10.10.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://na4.docusign.net/Signing/EmailStart.aspx?a=b4cf6218-13ec-46d9-aa5c-10723ebe7e7f&etti=24&acct=d9c705c1-5012-4d8b-98f5-b9c62798fde2&er=efa4815b-08b1-4fe7-b32f-ac28ff7e2554

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://na4.docusign.net/Signing/EmailStart.aspx?a=b4cf6218-13ec-46d9-aa5c-10723ebe7e7f&etti=24&acct=d9c705c1-5012-4d8b-98f5-b9c62798fde2&er=efa4815b-08b1-4fe7-b32f-ac28ff7e2554

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://na4.docusign.net/Signing/EmailStart.aspx?a=b4cf6218-13ec-46d9-aa5c-10723ebe7e7f&etti=24&acct=d9c705c1-5012-4d8b-98f5-b9c62798fde2&er=efa4815b-08b1-4fe7-b32f-ac28ff7e2554