Windows Analysis Report
https://ferrumzks.powerappsportals.com/

ID:	1543755
Product:	CloudBasic
Start time:	11:29:33
Start date:	28.10.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 09:30:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	CEA62CA018239CC6CA0D4FF718A3A9B2	6EC91D607A15CA144D58285E2EE66168A7DA607E	C819D2A48317288E05645D916B07B7FD4A1B84242A1073543FB94A731E173FD4
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 09:30:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	6CE46902C31D1B90A4EC662577085EA9	FA690CB2823696EFC664E8136084EBF4DD127139	35024726D8E572D7394723D55798301A185A8EC93F1B57588F0F0DE4900EB28E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 09:30:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	9559B916647721B568178E06AA7B6267	C0517FB0ADF5DCC438F56F4C640C4658D3CFA8D3	F54D1FEC54DE552738EDCE795F9F5D69D7A52E857BF435AAA391519601954669
Chrome Cache Entry: 173	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	F79ADAF00F83DC9757086CDBE8645FF0	82F37B8BE7668EAB8E1A06DE828CB336799C8134	944120FB6962C7484D769D645E6D830850EEAD9394F6A84090AED489CFC0C41F
Chrome Cache Entry: 175	ASCII text, with very long lines (11766), with no line terminators	2659C6F064BBDF38AFF3A3F7D33BA256	73EA787E226F755D9F57DC637AEB5A9D506338CF	E3A5A5E3432453A9CDCE2A02DD4D7F08037119C6A9AC545D010D3CF73768825A
Chrome Cache Entry: 176	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	633E70F51B5C0319AF3ACF16EC1AE7B6	D28238721914C98998ACC0485CCEBF230F01A520	FB076F7948CA70EB1F51334FE4C473C40BBE3BCEB105981C482BB8634FF98081
Chrome Cache Entry: 177	ASCII text, with very long lines (7625)	FBAA8BF626C7A370536A67E0E49FBF2A	2E271B643612210C73D4DB20A3E7771830A922C0	C83EE49A30249601960E9B2E2502A41128423F46517BF01E36052EA082317830
Chrome Cache Entry: 178	HTML document, Unicode text, UTF-8 text	8BDCE7D28367D85F7A9F78BE4B51A8DB	BF64A815DF81D7E0C9A5D208D073F352A1A18AB0	8838698151C15AD84225A07D12579CCE5B4E8622F90B8A2071EF05B8921D968D
Chrome Cache Entry: 180	ASCII text, with very long lines (967)	7A2EF769677E18EAD3D12FAE8D4115D0	AA4CEE6B17E340F9115A15FA5D4C955A570A9D9A	5F2DC19AAE1F3EB6725226ED863F8259B6EB12A0916D75D44C29313DE631E4D8
Chrome Cache Entry: 181	PNG image data, 31 x 2, 8-bit/color RGB, non-interlaced	8676E25182F6C3FD7259D2E562C93576	475428FE60712214D868BC67B9F42E7A5B47199E	79E20BACE9B909D9EE9538E275A00193160A9209C59F663846D2D3750E1894DE
Chrome Cache Entry: 182	JSON data	E9E06BD908E7D11B2DBB948AE94240F9	B7D9E792499009E11AC5F9CDB8F4F48213C50393	6DE1B066A9275A163E098423585D83D89146536C718BECD1F4CE7BB70BC9B133
Chrome Cache Entry: 183	ASCII text, with very long lines (48395)	6027D51DC3F9461C3B5AB3A1F8C5BEED	9787028F6B186F85580729694A1ED66DAE58B5F5	C108037861ED8A7BD3CD188CC6DA3F7DC4103207B2C77B7E439F33DFA9334309
Chrome Cache Entry: 185	ASCII text, with very long lines (28287)	9183DA3D63ADCBCA9C451BB60E6E1F10	9207557A291A137EF495DCEF25900E1E5D6F33AA	66AA8F2E328C6461928C45E81A225A7C857185A6A27119BEBFD3F3C321AD555C
Chrome Cache Entry: 186	ASCII text, with very long lines (8056)	86D02538FCA59B05B1C0479F013993FC	484718F407A44A2852A22A242C2736CC85E3E59C	5C01B319D8FCFD764F5154FE0A39F8D21B4D664A3E503569A43896FB07DCD86C
Chrome Cache Entry: 187	ASCII text, with very long lines (1835)	DFD19253D3DBC5521540512B5B2B05FB	63C7C12B96231EA61F6DF2DAFAF53FEBB20D627D	810C0D1DE636403CE04DD194F9230C998613BA37D1496463648055B44E2B95F6
Chrome Cache Entry: 188	SVG Scalable Vector Graphics image	C47B4B5200566A2A496A11BA472EC5DA	3BD0DA9A6FFD62217D3E781FA1356F40D9F91D4C	179A9AA9FFF4C52850D9CE34A4C435404DDFD4FEFA8AAB9A6EB4F47B83F922D9
Chrome Cache Entry: 189	Unicode text, UTF-8 text, with very long lines (61934), with no line terminators	88CB6BE085E688626F0DB33FD21E94C6	DDFED3438A109DB2ED257690E48C4BD8A9C4DB73	ED0B89FFB4522C3F00D070FB161F7272C0857DC7E1F40BDD6974261CF96210C1
Chrome Cache Entry: 190	Unicode text, UTF-8 text, with very long lines (65445)	4FDD3F639BAD493C4D7C82A7EF1EB48C	A1249AF801F46B7FF03FE77A39954F62F2790939	34DE7832A2DFD7022F789C46FBBED4536CF69D7AD0F5FAFFAD7B7AF72C0DBBF5
Chrome Cache Entry: 191	PNG image data, 410 x 400, 8-bit/color RGBA, non-interlaced	CDBE46A0178886162BDEDFF35336154E	F5ACC131F7D3FDFBEBFC4A55BE73CF51C7638937	862885B79BEF22AD5716B2DBFA714D52F628A439F2921BB9520A4630BBEA5D4E
Chrome Cache Entry: 192	JSON data	7CB4A6366251589A2F7BFA12D1CC1CB4	A94C94B1AF63338F70312C114C40182C95EF88DB	C2D957ED044439C57F5589353C379AD5184403E9DCB5C31D23FF1E2ED947332C
Chrome Cache Entry: 194	ASCII text, with very long lines (871)	810463C3E7DB6F6CD79470456FA4E09E	47F48B0E06C323A21794DC9838A41310B2E0B7BB	E40D6A96069A22C6D0DAB01A689A082599DC32B3BCBB1A6AE35896817EA32694
Chrome Cache Entry: 198	Unicode text, UTF-8 text, with CRLF line terminators	59380F382417BF76CCD73D0E7FC38B7E	9A1227F495EDF0331145EE9FEE187F2F0D1E00B5	2FD89992331C73B2D2383CB19D799425B42AF4EE09290B65B380C29F2412F3C8
Chrome Cache Entry: 202	Unicode text, UTF-8 (with BOM) text, with very long lines (13123), with CRLF line terminators	3D8A58A48F40F6564C3F3668EEEE91A0	0A99CC0043999807F879C16B1BECD13F36F71A56	31AD9CA96F5261E21E4EE2074153533E62A39AF0F1EBFA5B65F3B24F7F3CCC4A
Chrome Cache Entry: 203	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	EC081653BD4C836483E6D612588D18EC	91C7E4CFA061808881575A875741773A949A9E0A	B19DA51B5E9C9B29CD8523D85D92E99E4812C891C394929C9BF67557F560672C
Chrome Cache Entry: 204	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	F6590A396DA81A8E4CCE7CA046874FFD	7E68DB322C32CA079B2C836812D3A25204AB93CC	3A22057583D3E17BC94990D92A3425D5510DC5BDB60FE40FAFEB405A38F8ED28
Chrome Cache Entry: 207	ASCII text, with very long lines (47671)	EC4B20037C896C5F60640105C6EA36B1	A9A74169679305B6EF1B76470F5CB746D9420213	FBACCE424D00878284DB8C04089F007944324D9CD2432DB2472E4CF62A39DBBF
Chrome Cache Entry: 208	ASCII text, with very long lines (39553), with CRLF line terminators	105A4995B8777AEAF68BFF64BF7D2AE0	E21390F730EB97D3D26B908AAACECD0A00A433E0	A915D483B99AF421F4813E6B60599B4E39FAFF120E54B5E9838386D4AE1A4C60
Chrome Cache Entry: 209	ASCII text, with no line terminators	F4A0E619B855697F4DB1A1B22FE37E8C	3D1CA30185839E05C6D876C7E8477604BFAC6CDA	CEC86F53B19C31BC124614007553A6EBC5434F9B1D2F03B1DB0393B22AB16EA2
Chrome Cache Entry: 211	ASCII text, with very long lines (352), with CRLF line terminators	0BFBE4560787D9B36478E78E85DCC335	0196FEFA9D6CFA29AE7C6DB281EAA8E5D18DF73C	93CC26A0C8538C378CD1E4D2D45075B29CC1DF7632D2D36A5D0AA22D14D84AA2
Chrome Cache Entry: 212	ASCII text, with very long lines (61300)	184C77DA50998ED29B32136A393D3A3D	B7977B0078AB08A7C3B1E58DFA8942CBF609F471	E031F7BA25B1896ABE9459E418284BB862325453675EF7C27E6070BD6A538631
Chrome Cache Entry: 213	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 214	ASCII text, with very long lines (25293)	805A1661B77834F61B0C8E1175DC9F90	38E8EEB48DF5906F796E4C9A4549DFBF0327D656	B37275F7C7F76430F05A20E7D0DDDAC3649467DBC0E7AF58CC3F04B1EE6DEA81
Chrome Cache Entry: 215	ASCII text, with very long lines (64632), with CRLF line terminators	6CE06743027A0673FF6B349A64E3BF93	DE7EAFB379126F99A2F96D7509D7BBF6B0F75535	985BB615126DBF4408C05A9BF2AEBB739692AED7770EC864CA0ED015D5AEA45B
Chrome Cache Entry: 216	ASCII text, with very long lines (65536), with no line terminators	0D23A48B215436032A8BA571C63186CC	96A0BF8C2F80BFBD5D14050BB29A3696D333570A	9281928CA50C9A9C2D5321013533A4559FCD94DE5BF448399C1493046542EF35
Chrome Cache Entry: 217	JSON data	76167CAA7E3FD19E1D5684ED58434C7E	24EEA8841EE197B894382B75420D7B9893D0D0B7	FFFF5534CABFD94B388E8C9311FECCFDFD4A767D007C5C56D19ADC78DE5F10C4
Chrome Cache Entry: 219	ASCII text, with very long lines (39862)	E303D5355313048BECBD7E9429825F82	4ECFDB3DCA8F4AD156D0A0F12FB2ABBB1DBF6D67	CED5EA5C04E6DD8807FA46B2052888EB4798E557C507FC2EC75463FEE17A9AEA
Chrome Cache Entry: 221	ASCII text, with very long lines (540), with no line terminators	2739C60227F87D19F5C784BFFB5991F8	42DBAC51553D7778A176E710D3CE1009884DE167	974FECBEBCF2F295348C3631FE069966EAB4B4B57CD4FCBE15FB70D0ACAB47C6
Chrome Cache Entry: 223	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 227	JSON data	320C8BE42A19CB9DF6A5011CC4E1BC6D	2EEC673BEFEAE800B601D970B4A0E4CA46FABA93	16201845D54E6F4B48E3CBBC60B835FD7B3D31284F4D1F63BD959EE4A09986F5
Chrome Cache Entry: 228	PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced	74710B068526106916E5A9AE5B70FA64	2E7344458A5EB6EFB65976EE144BBEDBA680B5AC	55B9B171BB9BC15ACDD21C7A186E1268BC774B6A7C5A6FBC2F2BFEE564890325
Chrome Cache Entry: 229	ASCII text, with very long lines (64184)	76D43A9405CE1A4618FF0A86BECBA682	556ACEAE8396531440488D48302636CB02288CBC	D636393DA268FA543FC3F05A5405E53E26BF4101EA929ECCD401707B5A6C75B4
Chrome Cache Entry: 232	ASCII text, with very long lines (6203)	F1ACFD2815BECD7DF8E02C415B9973F7	3CF9577A5B4CBA69C9646967B8855F7A2F137F80	99A2179570F5B6A4388F0175165C32018D8078E6F97F1591CF3426538361B4D7
Chrome Cache Entry: 236	assembler source, ASCII text, with CRLF line terminators	C0E37B8D0E3ECE79376084F722FEE111	2AA0095EE925CABFAD3C2FC758D28E322E27F1A7	89A2A5C7C4361D67AEB78FFB156337FB046F70B60A92336F809CF9CB29A9DC9E
Chrome Cache Entry: 237	JSON data	A0D01046CF6C59450C9379B2FC386E9F	D11CA23D0432A0E9625F2CD6C18574660FE4D5C6	31C68BC283A3829BCA75EB76E24E5EB38DD1DA242E3B5E31D5DF22384B988EC6
Chrome Cache Entry: 239	C++ source, ASCII text, with very long lines (8606)	3F80DA0A75A54EF2AE643C7E06B7616B	F7BD077BB4D30DA0A5B96662ADD1CFD251B6101F	DFDBEF9F7A31A51D202D7CE4D7AEDFFD1A58CD246D7770B98243343A7CE46285
Chrome Cache Entry: 240	ASCII text, with very long lines (361), with no line terminators	EDA4E638FDD1B8DE8F97EC781E8242D6	A8C0716A4BCCF2805899403AF14E7B9216B19573	5423F185195F046D0F3893F674E072BE43E47C6124DD6CCBE214E896B1944D43
Chrome Cache Entry: 242	JSON data	342EB5262D32E1B9DF9450C66AC54F43	2B26C610C6581B8F9940E25BDACA29BD8C5A01BF	C5A191475EB82B4A9BED085D3EEDB34CDC14B74F7E280E926D8E350AB571BD7A
Chrome Cache Entry: 246	ASCII text, with very long lines (54049)	110C02AABA6D184B61982072646CAF33	5FB13C49228FD1A7597A4DE2AB57AE6F68233856	A2EB7527F1135BFE4F7B429303B3350C680FEAA326EB307737EB2A90B7AA84B3
Chrome Cache Entry: 247	ASCII text, with very long lines (65393), with CRLF line terminators	ECBF4AB0D0CA4064D3D18A524CF98318	5D09A46D8CB4B306868E12D9D031D879C55A3708	11F2BCC472B9619DD37DA32533FB968338193AFA59A822C69FD9929E3CDEE834
Chrome Cache Entry: 251	ASCII text, with very long lines (383)	25DFE0A5F08DAE66177D60C599904208	6888D55C9D52DF74703862C1274459D1BFCDFC69	A3765EC0AC346488AE0E3BED0E98F5744AC56C19BBD371073195ADF8AE2F77A9
Chrome Cache Entry: 254	Unicode text, UTF-8 text, with very long lines (387), with CRLF line terminators	CC9AC2928CA92A074A4D030AA0A7CF47	7FA7E41EDF7BAAD566425038BDA364A32BF7A18A	2070FCFFEFB64A1E7B163E157187B3F0B69D9C03AD8BB84EDD13D7CB639FF20B
Chrome Cache Entry: 256	ASCII text, with very long lines (8422)	1DC7540813F00864F80D146889952EA2	93FF4BD80E9E3645F5D277D5C9D045971D055564	32C09B085C80835DF9F2B2024D20C76DFB4663A49C455F58CDED0FBCDEC19494
Chrome Cache Entry: 257	ASCII text, with very long lines (42815)	197395E90DC9729F818EA9939E9C0F02	44AB2D06F60067EDD19EDFC7150C4D8FF144BEB2	E82600ABB85B8F5E55BC120B8FBA82ACD57C533C97FD6B843AD31FC75A255F56
Chrome Cache Entry: 259	HTML document, ASCII text, with very long lines (1238)	9E8F56E8E1806253BA01A95CFC3D392C	A8AF90D7482E1E99D03DE6BF88FED2315C5DD728	2595496FE48DF6FCF9B1BC57C29A744C121EB4DD11566466BC13D2E52E6BBCC8
Chrome Cache Entry: 263	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	1CCFEA34F655127024E56A9182D069B2	F01C37FC36D6F283021BFE2021F884756ACC0830	DDEB1C61FE3FC1C4195D6AF3CA1514F8EB78DE09E6DE3DBFCC960DDFDA93EE54

Phishing

Source: https://ferrumzks.byrnemooredocumentattached.sbs/

HTTP Parser: Base64 decoded: <svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" fill="none"><path fill="#B20F03" d="M16 3a13 13 0 1 0 13 13A13.015 13.015 0 0 0 16 3m0 24a11 11 0 1 1 11-11 11.01 11.01 0 0 1-11 11"/><path fill="#B20F03" d="M17.038 18.615H14.87L14.563 9.5h2....

Source: https://ferrumzks.powerappsportals.com/	HTTP Parser: No favicon
Source: https://ferrumzks.powerappsportals.com/	HTTP Parser: No favicon
Source: https://ferrumzks.byrnemooredocumentattached.sbs/	HTTP Parser: No favicon
Source: https://ferrumzks.byrnemooredocumentattached.sbs/	HTTP Parser: No favicon
Source: https://ferrumzks.byrnemooredocumentattached.sbs/	HTTP Parser: No favicon
Source: https://ferrumzks.byrnemooredocumentattached.sbs/cgi-sys/defaultwebpage.cgi	HTTP Parser: No favicon

Compliance

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:57936 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:58050 version: TLS 1.2

Networking

Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:57927 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: ferrumzks.powerappsportals.com
Source: global traffic	DNS traffic detected: DNS query: content.powerapps.com
Source: global traffic	DNS traffic detected: DNS query: png.pngtree.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ferrumzks.byrnemooredocumentattached.sbs
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com

Source: unknown	Network traffic detected: HTTP traffic on port 58054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 58031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57928
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 58060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 57931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57937
Source: unknown	Network traffic detected: HTTP traffic on port 57977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57936
Source: unknown	Network traffic detected: HTTP traffic on port 58013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57930
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57931
Source: unknown	Network traffic detected: HTTP traffic on port 58065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 58002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 57932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57948
Source: unknown	Network traffic detected: HTTP traffic on port 57984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57946
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57940
Source: unknown	Network traffic detected: HTTP traffic on port 58014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58004
Source: unknown	Network traffic detected: HTTP traffic on port 58020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 58047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 57954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 57948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57955
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58009
Source: unknown	Network traffic detected: HTTP traffic on port 58053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58014
Source: unknown	Network traffic detected: HTTP traffic on port 58042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58010
Source: unknown	Network traffic detected: HTTP traffic on port 57965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58011
Source: unknown	Network traffic detected: HTTP traffic on port 58008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 58029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 57933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 57983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 58046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 57928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58068
Source: unknown	Network traffic detected: HTTP traffic on port 58068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58067
Source: unknown	Network traffic detected: HTTP traffic on port 57992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58063
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 57952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57965
Source: unknown	Network traffic detected: HTTP traffic on port 58050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58019
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58020
Source: unknown	Network traffic detected: HTTP traffic on port 57947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58022
Source: unknown	Network traffic detected: HTTP traffic on port 57985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58028
Source: unknown	Network traffic detected: HTTP traffic on port 58038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57975
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58038
Source: unknown	Network traffic detected: HTTP traffic on port 57942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58032
Source: unknown	Network traffic detected: HTTP traffic on port 57970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58034
Source: unknown	Network traffic detected: HTTP traffic on port 57991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58033
Source: unknown	Network traffic detected: HTTP traffic on port 57936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58030
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57989
Source: unknown	Network traffic detected: HTTP traffic on port 57997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57988
Source: unknown	Network traffic detected: HTTP traffic on port 58010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57987
Source: unknown	Network traffic detected: HTTP traffic on port 58037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58047
Source: unknown	Network traffic detected: HTTP traffic on port 58066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58046
Source: unknown	Network traffic detected: HTTP traffic on port 57941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58049
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57993
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58048
Source: unknown	Network traffic detected: HTTP traffic on port 57964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58040
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57995
Source: unknown	Network traffic detected: HTTP traffic on port 58015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58059
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58054
Source: unknown	Network traffic detected: HTTP traffic on port 57969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58050
Source: unknown	Network traffic detected: HTTP traffic on port 57986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58051
Source: unknown	Network traffic detected: HTTP traffic on port 58021 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:57936 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:58050 version: TLS 1.2

System Summary

Source: classification engine

Classification label: clean1.win@27/55@28/239

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2000,i,2434418462478297649,10155466664715211141,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ferrumzks.powerappsportals.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2000,i,2434418462478297649,10155466664715211141,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Boot Survival

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk