Windows Analysis Report
http://azurecr.io

Overview

General Information

Sample URL:	http://azurecr.io
Analysis ID:	1544126

Detection

Score:	21
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

AI detected landing page (webpage, office document or email)

Detected non-DNS traffic on DNS port

Stores files to the Windows start menu directory

Classification

Signatures

Source: https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:53896 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:53898 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:53899 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:53969 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic

HTTP traffic detected: GET / HTTP/1.1Host: azurecr.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: azurecr.io
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: dns-tunnel-check.googlezip.net
Source: global traffic	DNS traffic detected: DNS query: tunnel.googlezip.net
Source: global traffic	DNS traffic detected: DNS query: id.google.com
Source: global traffic	DNS traffic detected: DNS query: mdec.nelreports.net
Source: global traffic	DNS traffic detected: DNS query: s.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: c.go-mpulse.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53966
Source: unknown	Network traffic detected: HTTP traffic on port 53973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54019
Source: unknown	Network traffic detected: HTTP traffic on port 53921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54017
Source: unknown	Network traffic detected: HTTP traffic on port 54032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54020
Source: unknown	Network traffic detected: HTTP traffic on port 53976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53978
Source: unknown	Network traffic detected: HTTP traffic on port 54023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53977
Source: unknown	Network traffic detected: HTTP traffic on port 53993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53972
Source: unknown	Network traffic detected: HTTP traffic on port 54015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54025
Source: unknown	Network traffic detected: HTTP traffic on port 53962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54029
Source: unknown	Network traffic detected: HTTP traffic on port 53924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54028
Source: unknown	Network traffic detected: HTTP traffic on port 53899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54030
Source: unknown	Network traffic detected: HTTP traffic on port 53935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54034
Source: unknown	Network traffic detected: HTTP traffic on port 54012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54033
Source: unknown	Network traffic detected: HTTP traffic on port 53987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54031
Source: unknown	Network traffic detected: HTTP traffic on port 54026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53988
Source: unknown	Network traffic detected: HTTP traffic on port 53998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54038
Source: unknown	Network traffic detected: HTTP traffic on port 53927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53987
Source: unknown	Network traffic detected: HTTP traffic on port 54018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54041
Source: unknown	Network traffic detected: HTTP traffic on port 53984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54040
Source: unknown	Network traffic detected: HTTP traffic on port 53898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53913
Source: unknown	Network traffic detected: HTTP traffic on port 54021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53912
Source: unknown	Network traffic detected: HTTP traffic on port 53970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53999
Source: unknown	Network traffic detected: HTTP traffic on port 53989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53993
Source: unknown	Network traffic detected: HTTP traffic on port 53964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53996
Source: unknown	Network traffic detected: HTTP traffic on port 54038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54056
Source: unknown	Network traffic detected: HTTP traffic on port 54010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53924
Source: unknown	Network traffic detected: HTTP traffic on port 54022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53926
Source: unknown	Network traffic detected: HTTP traffic on port 53963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54060
Source: unknown	Network traffic detected: HTTP traffic on port 54013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53935
Source: unknown	Network traffic detected: HTTP traffic on port 54019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53937
Source: unknown	Network traffic detected: HTTP traffic on port 53997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53895
Source: unknown	Network traffic detected: HTTP traffic on port 53928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53898
Source: unknown	Network traffic detected: HTTP traffic on port 54036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53896
Source: unknown	Network traffic detected: HTTP traffic on port 53983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53946
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54000
Source: unknown	Network traffic detected: HTTP traffic on port 54011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53956
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53959
Source: unknown	Network traffic detected: HTTP traffic on port 54000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54003
Source: unknown	Network traffic detected: HTTP traffic on port 54017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54008
Source: unknown	Network traffic detected: HTTP traffic on port 53926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54007
Source: unknown	Network traffic detected: HTTP traffic on port 54056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54012
Source: unknown	Network traffic detected: HTTP traffic on port 54031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54010
Source: unknown	Network traffic detected: HTTP traffic on port 54003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53912 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:53896 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:53898 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:53899 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:53969 version: TLS 1.2

Source: classification engine

Classification label: sus21.win@29/91@29/278

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1944,i,10147407103075529040,6438901996377724678,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://azurecr.io"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1944,i,10147407103075529040,6438901996377724678,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8

LLM: Page contains button: 'Create Your Free Account Today - Microsoft Azure Sign Up' Source: '2.0.pages.csv'

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.99	unknown	United States	15169	GOOGLEUS	false
142.250.185.228	unknown	United States	15169	GOOGLEUS	false
184.27.96.174	unknown	United States	7016	CCCH-3US	false
13.107.246.45	s-part-0017.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
172.217.18.14	unknown	United States	15169	GOOGLEUS	false
216.58.206.78	plus.l.google.com	United States	15169	GOOGLEUS	false
142.250.185.106	unknown	United States	15169	GOOGLEUS	false
88.221.170.73	unknown	European Union	16625	AKAMAI-ASUS	false
142.250.181.238	unknown	United States	15169	GOOGLEUS	false
88.221.110.176	unknown	European Union	20940	AKAMAI-ASN1EU	false
142.250.186.131	unknown	United States	15169	GOOGLEUS	false
142.250.186.132	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.110	unknown	United States	15169	GOOGLEUS	false
142.250.184.206	unknown	United States	15169	GOOGLEUS	false
142.250.186.74	unknown	United States	15169	GOOGLEUS	false
88.221.110.179	unknown	European Union	20940	AKAMAI-ASN1EU	false
142.250.74.195	unknown	United States	15169	GOOGLEUS	false
142.250.185.66	unknown	United States	15169	GOOGLEUS	false
142.250.186.78	unknown	United States	15169	GOOGLEUS	false
142.250.185.67	unknown	United States	15169	GOOGLEUS	false
2.23.196.132	unknown	European Union	1273	CWVodafoneGroupPLCEU	false
20.76.201.171	azurecr.io	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
34.104.35.123	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
74.125.71.84	unknown	United States	15169	GOOGLEUS	false
172.217.18.3	id.google.com	United States	15169	GOOGLEUS	false
142.250.185.110	play.google.com	United States	15169	GOOGLEUS	false
2.19.126.137	unknown	European Union	16625	AKAMAI-ASUS	false
142.250.181.227	unknown	United States	15169	GOOGLEUS	false
88.221.169.152	unknown	European Union	16625	AKAMAI-ASUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.16.195	unknown	United States	15169	GOOGLEUS	false
142.250.185.74	unknown	United States	15169	GOOGLEUS	false
216.239.34.157	tunnel.googlezip.net	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
plus.l.google.com	216.58.206.78	true
play.google.com	142.250.185.110	true
dns-tunnel-check.googlezip.net	216.239.34.159	true
tunnel.googlezip.net	216.239.34.157	true
azurecr.io	20.76.201.171	true
id.google.com	172.217.18.3	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
www.google.com	142.250.186.132	true
s.go-mpulse.net	unknown	unknown
mdec.nelreports.net	unknown	unknown
c.go-mpulse.net	unknown	unknown
apis.google.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://azurecr.io/	false		unknown
https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8	true		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 19:39:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	63F11679D3F2A03963662197D04A4F95	CD5B352F413752448E4A004DA19F675CBABEA311	81BC975A717B37D4CC14417C9BF20E07A4F8EF32DC4634C9CDDA5BF9832C31FD
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 19:39:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	CCD644DBDE345CD0EDE79BDB483E8473	E6676143524300259FA88370901F34C4BBF3A4C2	F10814EA34A9A113B5F4BE742A5C7613DD81DEFB2DCE59CA64598706EB014ADC
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	0C270741AF78CC95B0CC6D25AAAFFD06	9B358A0288F7C3107BB034D441784B2FB6DC3DE7	325F59E3EC3722B95AD58205125998506EFF27425B400327CF62A61D51E9420E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 19:39:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	C651CA8B229BA5C48D582322C7B515CB	6E4B0DC240E37AA6F055B14E26820B800C278D12	FA77B5745D0662543B1CAEB22BA142973330AC718E7D7DC9CDAA2215615A8FC0
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 19:39:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	F720DDE78A408EA8A3E498D9BADB1156	1A2C512BD6A50F55D916058D85191AB85E1C2775	CF8C8DFC967C47824736069A29695D80D0C0CEE3C32EBAEB11DE2DB52C971FD1
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 19:39:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	BCE1CDEBC4EB8A805689D9BF8413A8CF	5112C542A4726B2752A84B4D49B8B42FF1379A4A	785AB1DA922416F884EC9CDD53D5318E42BF277D00D187FA5441832EF979B55A
Chrome Cache Entry: 173	PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced	9F14C20150A003D7CE4DE57C298F0FBA	DAA53CF17CC45878A1B153F3C3BF47DC9669D78F	112FEC798B78AA02E102A724B5CB1990C0F909BC1D8B7B1FA256EAB41BBC0960
Chrome Cache Entry: 174	ASCII text, with very long lines (5162), with no line terminators	7977D5A9F0D7D67DE08DECF635B4B519	4A66E5FC1143241897F407CEB5C08C36767726C1	FE8B69B644EDDE569DD7D7BC194434C57BCDF60280078E9F96EEAA5489C01F9D
Chrome Cache Entry: 175	ASCII text, with very long lines (18034)	3D23F1E531BF0842D44F201723D6A40C	42CFD496CD7AF2338BC53FF2A90A7B154B49006C	16D888EA7EFDC564773D53DA8ACD0AB82FA576519AA997CB157011344A019217
Chrome Cache Entry: 176	gzip compressed data, max compression, truncated	D317C25EBCF619DCAD17963A91904BC1	749A0A568BEF62730A278854033B5D83AC81519C	F5AF56B41CA2466246D1648A3BE8FE236C4F123E3FA8589C10A72F1C68ABBE8F
Chrome Cache Entry: 177	ASCII text	4AB0EEDAB0BA9025FAA176C16F80B8B4	1F099577B7BD33E3FA02B9D13E19F7A1126E36B8	3595DE3D23938FCC8107D8811EE9806BA642C235BF0EB9073B99AE3A0C5D62DE
Chrome Cache Entry: 179	ASCII text, with no line terminators	A8A3710424DC6E0DFF393C6964441BDB	E4978066791DD394BDDD174F2687A7CDD43442B2	46CD047CC0D3D10776E2F50D4C9D55DB58BD97D7A95B7D691F53D4937C71CF00
Chrome Cache Entry: 180	ASCII text, with very long lines (1295)	20040C88C19BB1C66F5B9D323ECAF86D	4EE32C3AA2EA1EFC81510B5AE1859D227F05776E	0F3D598C7A480193ECAFE1C94B4DDEC970A867BED7F64B1D33484B344DC443EA
Chrome Cache Entry: 181	ASCII text, with very long lines (534)	7677F65C1626AB1BDE509437776D4291	E51C5E64E5ED9D95FFA2BB31B821229F4502BDA9	76607654EAFACC56092479AD570B118BE287CB2341711030CE47A88AAEC760D2
Chrome Cache Entry: 182	ASCII text, with very long lines (652)	5B5DD8994D4FA739AC0CADB161E447D6	A03B4E92E608D4ACC8912455BAC44E1024450A21	0AA53595DA1B65B352FA623BC91393E80DCD2E2E9C2960E01FD534C7F38E52AC
Chrome Cache Entry: 183	ASCII text, with very long lines (889)	35986A813756F39AB6B922979FFEDB03	C8E2213BBAFAF535DA9C6676F3DBA43449E4D15A	E2D92BDAAD925C6D355331A338384EE3FF82492352975DD4EFDA791AEF4AB3F5
Chrome Cache Entry: 184	ASCII text, with very long lines (842)	3C29CA2FD4992F3A28044DF8B20C5168	35CA0E54E80304E2B335F70F1BDE5068CD8B947A	3110DEBE775717827A8D07AE452BBFA8D507247F9CDB913CCBF29B801D20BF85
Chrome Cache Entry: 185	ASCII text, with very long lines (2287)	B15D2D9ABA48198AE8AF3A587868846C	0CBBC1D0EA4F7E6671CD0EAF39A46F63A60990BC	8F41B6C43F8C4320A9B9198A8024D05D9877F8CC423C7E33AC15D17036486EEC
Chrome Cache Entry: 186	ASCII text, with very long lines (3331)	CEB0DDACE35AD6868EB3C80A3543215D	1786084AB2B2F8C9360CA31CD059D07EEB15B024	BECB9884D4BB2FFB6C85BD9165204AA1920FD3EB46915D085B7D0073130E8A9E
Chrome Cache Entry: 187	ASCII text, with very long lines (42133)	B9C3E4320DB870036919F1EE117BDA6E	29B5A9066B5B1F1FE5AFE7EE986E80A49E86606A	A1FE019388875B696EDB373B51A51C0A8E3BAD52CD489617D042C0722BDB1E48
Chrome Cache Entry: 190	ASCII text, with very long lines (2667)	698275A28656ED0331BEF4D1F65B35B7	C3ADEB646BEB2AE4936A4C045B2A8B563B092EC6	DEE18117AC7F8BC42D6F876C69E1833AFA150CA736F83F0408E0A6BA4DBB25C8
Chrome Cache Entry: 197	ASCII text, with no line terminators	C22EA5B46F3FCAD90DA0ABCC0A3F73D4	2DB789C63AFB63D98932D7B55907DC3508E318B4	8334DAA260516BB896407461E5F10E8E3041B06C56846BBB9D3435C6E77513AD
Chrome Cache Entry: 198	C++ source, ASCII text	231629D7145C1D55CACB37F6B1F98538	675B8EAD83D682F17DD98448E9674FF54E1B52CA	FF494E52527DB25DABBB857782A927E2057EFFC45347F1B201859164174A1BC5
Chrome Cache Entry: 199	ASCII text	6FED308183D5DFC421602548615204AF	0A3F484AAA41A60970BA92A9AC13523A1D79B4D5	4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
Chrome Cache Entry: 201	ASCII text, with very long lines (655)	A6BF0F17566F087CF753C5AA1EA115AC	D0F082BCC4761D658213F993EE873244B44E4845	4E5A73B0444F46AF624D43EDB502978E08C32B0DC032C9DBEE389D4BB458D09F
Chrome Cache Entry: 204	ASCII text, with very long lines (509)	FE68B59E840A1A274393B3AB03C85E96	C8C1B1196B05E9ADB6D342390956A231920B2017	9F01AEA27D73C422AC5E7E87C2F7F3CE364E1F940FAEB6CF3178B5E13CB43497
Chrome Cache Entry: 205	PNG image data, 64 x 32, 8-bit colormap, non-interlaced	1B154045F78CD13A0207F1B8583F4E4A	B1A2854114147C068C1FE82598ECA23278F78330	59B0F2DF8C4BE98473DF83B0FB50F846A18CD46A77BBCDFA33BB8DFF9E36EA95
Chrome Cache Entry: 207	ASCII text, with very long lines (3164)	5EE9E4E4E0A5FD39092E63D2D102B12B	1B66C81BD03006B327228854327C0FD3DF434BC2	441B9F212CD322C6B039A2691F999EB2FAFC10FD645BCDB043A6DEE2DD052DA7
Chrome Cache Entry: 209	Web Open Font Format (Version 2), TrueType, length 15436, version 1.0	037D830416495DEF72B7881024C14B7B	619389190B3CAFAFB5DB94113990350ACC8A0278	1D5B7C64458F4AF91DCFEE0354BE47ADDE1F739B5ADED03A7AB6068A1BB6CA97
Chrome Cache Entry: 211	ASCII text, with very long lines (510)	81B1EF0C4A6B80454291234FCD6E45B0	1353F3119D378FFB222149AE19755423EF5347BE	B05D865A37D5EFC60E028BC9FBC6B63459C78D21B0B70B3797AC97C1AD9BA88D
Chrome Cache Entry: 212	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	F3418A443E7D841097C714D69EC4BCB8	49263695F6B0CDD72F45CF1B775E660FDC36C606	6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
Chrome Cache Entry: 213	ASCII text, with very long lines (52717), with no line terminators	413FCC759CC19821B61B6941808B29B5	1AD23B8A202043539C20681B1B3E9F3BC5D55133	DAF7759FEDD9AF6C4D7E374B0D056547AE7CB245EC24A1C4ACF02932F30DC536
Chrome Cache Entry: 214	ASCII text, with very long lines (625)	891AA470BD82138640B2DAC6C0E6C734	8A3BAC5B2F4B0ECA0DE26D9982FF281D63E0497E	B0616AA69B52BE2F03A9500311EAF8FD8261256BE55D5AA0B1E3D8FFE7988A21
Chrome Cache Entry: 215	ASCII text	2ADD065651AFB45E8C80967DD7B86A41	32A99770B83F754338EDF886571A91CEDD404F70	3ECC4A2E8123EAD290D257F820C1CDAFB484A990B5D71AF3F6406CC85978B21B
Chrome Cache Entry: 216	ASCII text, with very long lines (5718), with no line terminators	383BC2BEA4266A833F7EDBBA4A90C368	CB8591B26DA23EB83ECD8629372A1480E6D04EFB	7CE935D097B4959A10EF7B1FE8E25B2A68E14C0D7F1BDAD27F89661BAA3325CB
Chrome Cache Entry: 217	ASCII text, with very long lines (1259)	769F6A4DF320D890ED2E0064DA143F14	C513DA9716D2F6A5C1C56502629997299B447391	84B9B750D81458CDF2942C64859DF846E15129CAAB68E1F3FFE13264B20D2643
Chrome Cache Entry: 219	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3	9DF32EE91A9560B7608E9D2DDB729C89	46DE6CE8BF9090A69FB312AA0692EEE231F86EEB	E3D501D7F3E2D231B0BB36A6C2393C3AF0FC994FDD08B3A82529BD9E3DE9F648
Chrome Cache Entry: 222	ASCII text, with very long lines (65531)	F3E89EF63BB9CF22DFB0437352B614AE	7A183B4BDC872AA9D60D7AF7B85DFA8105E07F68	84187B81BC81CD9EF0E3C347AE8CA81E1FACB2F1170BE8711802C2C4E32C5588
Chrome Cache Entry: 223	ASCII text, with very long lines (1696)	FCD0F3176C54DD3CD7A06A1643CF8E46	D66324D5860F772C42FCAA4E9030E58B121FCA17	72EE26CECA8DCCD570B9F965E861F643DC1F496DE7C986406B16F95613B1C028
Chrome Cache Entry: 224	Web Open Font Format (Version 2), TrueType, length 24652, version 1.0	87C2B09A983584B04A63F3FF44064D64	8796D5EF1AD1196309EF582CECEF3AB95DB27043	D4A4A801C412A8324A19F21511A7880815B373628E66016BC1785A5A85E0AFB0
Chrome Cache Entry: 225	ASCII text, with very long lines (1302)	A5D33473ED0997C008D1C053E0773EBE	FEB4CB89145601A0141CC5869BEDF9AE7CD5CB80	14C27BB0224FCF89A43B444B427DABE3D0AF184CAA7B6B4990CE228C51AE01C1
Chrome Cache Entry: 226	JSON data	5833AD195A77254BF0CFF8D28E44BDF4	3143BA365EC8AB8B8AA21DEB79275F91FDBC333C	3E567A0BB1A2FFB70C938E71EBCE714FD33635CA52C6FDE2E35C41EAAC1504FF
Chrome Cache Entry: 227	ASCII text, with very long lines (8292)	C3DA36A7D71AEEADBF35C8CE33757CF3	5C53E544E695E21A5A8B910BBBB05088E26749FB	E235B834C521591F0024898B9D321A812F98C1E379678A69B56614FD3C9EF732
Chrome Cache Entry: 228	ASCII text, with very long lines (566)	F381D5147C85EE687EA8FBEF32C83D37	EB654ABAF1DF5CCB830763D5A40140B5C093C49F	2D0832B29F1B3347C4B5046C373A635884B76ABAF2DE3FF650EE74D8B46F001E
Chrome Cache Entry: 229	ASCII text	9EEA5F80FED74A300CCBBAA4DC41DF2A	08568A33ED8E994237DB997AFABF85723AD7E92D	32E9B0F50257F381F3F1F3002B7DFD3AF138916429D53FAAC58FD9D0D1550CF4
Chrome Cache Entry: 232	ASCII text, with very long lines (8145)	28C55FDDDECB56DF50AE857D9AB9F7C1	07868BA2625AA64B444E6389069D0A4B401D3886	9DB54ECB998A5EDEF550700F6431CE50BDCBB618B73A084BCE5ADB0BBFD02925
Chrome Cache Entry: 233	Unicode text, UTF-8 text, with very long lines (65302)	561C834597FB9BC5AAC4021E21E006BE	C535802C0C6171B4BE1A776034C330418B36983D	D8BAB22B1506E8444C64D92431F521964F658C380F5D32738AFEA85C15F03013
Chrome Cache Entry: 235	Unicode text, UTF-8 text, with very long lines (64241)	B7AF9FB8EB3F12D3BAA37641537BEDC2	A3FBB622FD4D19CDB371F0B71146DD9F2605D8A4	928ACFBA36CCD911340D2753DB52423F0C7F6FEAA72824E2A1EF6F5667ED4A71
Chrome Cache Entry: 236	ASCII text, with very long lines (7376), with no line terminators	0F2376E7B5351EDF538C1BBA0CD5D331	B5B94E6EA914BB901E83591D95E36774FB1DBF53	FB5707022C2A6121E307CD7D7F271C1E99CA85CC6D1BB39D3A41F1C5F3B70C62
Chrome Cache Entry: 237	SVG Scalable Vector Graphics image	EDD0E34F60D7CA4A2F4ECE79CFF21AE3	2CC789A02534557380D92124E2F8B9483D198FB3	ED9087D76CDC6D1C53698F6068F79872E77E87C8D012C0CFDAD13B05B6CCB37C
Chrome Cache Entry: 239	ASCII text, with very long lines (64796)	B35EA76A4E4D21408E077E71695BDB42	BA6F48B9B934694A6192AEC7F00FA7F0123F5F64	3D6EEF656B661D99884A6C08DC46BC31FE2DA37FE948914C91B11E76C11A05BD
Chrome Cache Entry: 240	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3	D8406DF5E72CA80EFFA3E7B996A5CDA0	9DC4A26DEE018C43A1C13337C0D689712B3C41A1	5E3B5EA38C1D1EDBADD4F222F9A598A98F9B9ACEA5849204B3CFC395CC4C2706
Chrome Cache Entry: 242	ASCII text, with very long lines (522)	BB760995CE02ABF0B2BBAA53F4B06FCF	2351C496DAD29D05DDAA37AE90A236CD9C04E86B	2A72236C528887BCCF5763F83782CDF22B3309C5F27AA6EDBEB814ACEE1AB6E2
Chrome Cache Entry: 243	ASCII text	F25FEC6821F63D701A6B6291A4011894	1260AC884282372B86F3A600BA8903AD75983E67	DD8619BE444CCE5F8DB053215BB018C0BBC09AF7BAA9E66618BDF041B0A2E09C
Chrome Cache Entry: 244	ASCII text, with very long lines (3962)	5AFF4BA9D111A707C7BCEFFD3565975C	67CF5706EA1FE22DFB792E5FED887725D1A66E4E	8E6B1B171FD4B30BA61574CA421300D5CC39D4716478765F355412706EC095BC
Chrome Cache Entry: 247	ASCII text, with very long lines (505)	20AAFDF6904D3DC5DB0E0E33ABBFC1A4	CC1A639FF69FE0D8A8F1EFEE7FCB04941E7B57C8	EE4E620F350907CE3867454B2BD45984BE949EB46B113183D4B8B403032DA14D
Chrome Cache Entry: 248	HTML document, Unicode text, UTF-8 text, with very long lines (1833)	01139E13E5DCDCC7F61FEABB5D41E262	46C132EB9B91E4574C37D52A686CF3E3FE0C2708	93F4FA357BADB4523B8F9549899E3B914711ACBE814D8DCE96B19AEB7A286FED
Chrome Cache Entry: 250	ASCII text	F9F2395C582FA601707B7A5DFAE9F05F	27B15AECD0BFDD3B25556AC00755856D4D331E0D	D7D6D06624D4BDF6935B848DF342CE322D02B58D12BF12149DF92D557E5E9BC4
Chrome Cache Entry: 251	RIFF (little-endian) data, Web/P image	C3DFF0D9F30EC0BCF4DEC9524505916B	4B378403ACBEBC3747E08C69B5FD7770A850C9EB	73D788F86BE22112BB53762545989C0F1BBDB7343161130952C9BA3834FF81E3
Chrome Cache Entry: 252	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	FBE36EB2EECF1B90451A3A72701E49D2	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
Chrome Cache Entry: 253	ASCII text, with very long lines (605)	F23B45E78A4D0CA92AB0935AE2BB2AE0	88A0F2D402FFC520712F8328339F914E7F38D8C4	9EB7F85C9743A1495DDD34EFE9E996B571D6161248BB30EB77E4FBDA196E6B59
Chrome Cache Entry: 254	C source, ASCII text, with very long lines (65103)	FA4C76A7FDE62B18054CF7EB8E946012	B20150066A879D2B78DD3D4908F4ACD148EE66F8	09EBD7F407439990AAC227E70DA23E1A819E8E30282928E324370805F480BEC4
Chrome Cache Entry: 255	ASCII text, with very long lines (990)	4EC7263307D32C3F9C8BE6061888F8D9	2B4C07AA37E815EEEC1BF518C9C2188F0E934BF5	6C946510BF459E4783AF3BBC5637927E34C90D004ABCEC8BD7A4D63975E2D9D4
Chrome Cache Entry: 257	ASCII text, with very long lines (590)	4CFFC2C9B55F8BDE649E0D2535A1EEBD	2AAF4DF1E02ED4F5BB48F00A7423F748BF544E0C	7BB50A050792F761855CC330E0248D037B37DD68FD23FBB7DB8A7E8694F50A94
Chrome Cache Entry: 258	C++ source, ASCII text	1C7E214F5AF8CAA06F783A38D40127C6	61F88B722FAA7A7AE86D354DBCFC1D771FF23289	9EA42247944D18B77EB76FBCCAF1774559B6F312B1376002F553C4ECB827E4C5
Chrome Cache Entry: 259	HTML document, ASCII text, with very long lines (31345)	19AF42A196B22ECE0AF0C11D862F2D45	EE826CDECBEDA06194697E0E4A1C466071FB6B1D	821FCC582772BF1CA086112B57BE95AB006D0FF7CF272BA33624274BA0E483C6
Chrome Cache Entry: 260	ASCII text	106A6A519DAD38A935C4D5AA2786D6FB	3340ADF8A3220D92786A423BEED46092103C5D7D	C0F462098BFAC577C182C3A983C6A35A5016A5EE96655CF7B57A46F70EAB83EF
Chrome Cache Entry: 261	ASCII text, with very long lines (584)	FEB2D7B9574C6B769175093E3A05C4D2	7129DD82A3545C537A21AF43C9A17E5CB3E14274	868371BEB7D0A2FDF03849D1A4DAB6E70D6577E8FF5272C58547820651AED842
Chrome Cache Entry: 267	ASCII text, with very long lines (1689), with no line terminators	45DD7BD58C9F085DA52FA16A2A150066	9B5CF4B288EDE14AE8834F3EF2A58145B8EC8CBC	0D5C53FCC37C7A2CE26367BBE6197FCD9272DD7EBC81823D088A4DFFF5AE599B
Chrome Cache Entry: 268	ASCII text, with no line terminators	96F0C5B1219E39B8788028F5C17A5AD9	D6DCE0DE065B0D13905EAEDA0BA5C0DEA3D8F67C	1FC2BCE2D46DF4565B8C488B22225CFE7ADB7C37CC9A542D4F85B61995B306CB
Chrome Cache Entry: 270	SVG Scalable Vector Graphics image	554640F465EB3ED903B543DAE0A1BCAC	E0E6E2C8939008217EB76A3B3282CA75F3DC401A	99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
Chrome Cache Entry: 271	ASCII text, with very long lines (4047), with no line terminators	AF48F04773891DDF399D6B831213BB6D	6ACC8F319D52DF9C33E0849604C94B7A43C5EFF0	2CB7A79E4960F2FE53DF6FDBC1E4A6C59D851C083939090ECAD77445C1F1CEFD
Chrome Cache Entry: 272	ASCII text	44700D76F3F63FA33F30039BB9C74B39	F68B158102C2575081CB4308E4FEA483E1B9D604	FD73C7131FEA30896A95BC1D0E9F08F383FEFB03730DB9A433F43B319EFF33AC
Chrome Cache Entry: 273	C++ source, ASCII text	B884EF4864D6867BD00AA4A7A5CFB368	D45D8BD33632588A913575910B3D0EABD5AD3828	177F6B14CEB87D301946D00124195EBB755A452BA40ABCA5CF6A4E77E52222F5
Chrome Cache Entry: 276	ASCII text, with very long lines (655)	E347A14912B2A7436E7AD0FF79BD500F	27E48CC3B204DD9FD907CE0526ECBE5599C92241	75F38BCA5A83204E8DBC840F0AAE662E543232AC0099BF0C10B7D2628AEA804C
Chrome Cache Entry: 279	ASCII text	08C5F9CB4220E78FF920DAE3A7A8ED53	06063CC0DE00B0F698B07DEB66DDEDE5C60940E7	E8B12100E50470AE78CA039D5662394A89E01C61FE8D4682DFE606E906E677ED
Chrome Cache Entry: 280	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x61, components 3	0A6BFFCECF35B7A2ECB7718B7017D928	A6F7B6EB3A3173276C1927126407678DB8EAADF4	023EEDF0AA684930F968A6759448B6AE23FF678AC864A4A9F820D38EDBFE222D
Chrome Cache Entry: 282	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0	5D4AEB4E5F5EF754E307D7FFAEF688BD	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
Chrome Cache Entry: 283	JSON data	C4BDA196D8E483C55BD4FF45C2061474	AF571802E36FF3909CC5515CFD056A3B7AA17813	090372DE497148A656441610005F8DA48B4B36201302E4342AD2BF4F5979E845
Chrome Cache Entry: 284	ASCII text, with very long lines (652)	319FB5DB69BE3EC653FCD9C307A60BC9	60BE9B34C1D6261390D213F03749B5B52D7A352C	3478F98855B60D2FEC5C9AE5ECA2379BFC5CD53A40681EF7ED475A6FF9076ADB
Chrome Cache Entry: 287	Unicode text, UTF-8 text, with very long lines (1999)	3CB55A1B7E29CABDED7D23377524B55E	5731994750E31D9CD11085570630EAC99DC65845	0953ECFC1629CBBB80658EEC92D00BA89058F6862E5CD742A419412207088D3C
Chrome Cache Entry: 288	ASCII text, with no line terminators	D66C468F4CA17E83CCD97A4518B3E814	2E657440F653DA65E699AC9230D82FAEE414D8A5	8E1CE663720F6AFB2DEE29B587D3F7559EA89BC622F966120C9F108172A5C866
Chrome Cache Entry: 289	ASCII text, with very long lines (309), with no line terminators	D7106DB242C2B41F88A1B02418BEC7E2	7A445118F0B5712744AA4AED6889B28C1E7779F7	044527A735B287BD84D2AE6D2D3B89C85B52C9750BB07E5AEF19FB8F28F0442B
Chrome Cache Entry: 290	HTML document, Unicode text, UTF-8 text, with very long lines (1833)	99195C127A864DFCAE93F24088EF77B2	A9AE3789DF7C062FDD68B734B297AB23EB42D092	1AD6EFFD2E6C5EB3C270266419D441ABB74F4EBAAB379408DF48CDD83A2B0FA5
Chrome Cache Entry: 291	ASCII text, with very long lines (24289)	D5638F6EAE86C6C5D654E17FCB4D45BE	45D528C04C04016BA7135C0B294AC67A90D3DEFA	53CA3EBD2DC08530DE78C2827EBA05998E9E4BD408ACE3FCA14D81A15E0D0F00
Chrome Cache Entry: 292	ASCII text, with very long lines (21652)	927F0896BACF47B2D9ED2D34F7D99D5A	A5726E72605247F1593FE37291A3955BAE5980C5	96F733CB7C3C562787577EE462A4068A19D4147D67CC34B3F4AF6E94BC9E5553
Chrome Cache Entry: 293	ASCII text	2B143BED0FF34BC70BC0703346F70E08	7FB14A8842293FD041C7C138285AC2F822AC4B4C	C35BBDEE4A46BFBF552989E1126E1F09B454EB3DC2523376C38964BF6128BE86
Chrome Cache Entry: 294	ASCII text, with very long lines (678)	3DB5CF9FD3FAB92B3889302C8DE78D1B	1C493C13BC775036B36ACBA37941375ED0CE2ADA	D29DB6171FCF5458896561430C466007D6E9709F83DF0CB950E273B93DDA7853
Chrome Cache Entry: 296	ASCII text	9FAE2B6737B98261777262B14B586F28	79C894898B2CED39335EB0003C18B27AA8C6DDCD	F55F6B26E77DF6647E544AE5B45892DCEA380B7A6D2BFAA1E023EA112CE81E73
Chrome Cache Entry: 297	RIFF (little-endian) data, Web/P image	1E4ADFCE09B0D0C2E9DB0D9144ABAFE9	2058B270F22F40FB4B1EFD90CBF84BCF156564A4	460997174B5C47F2245ACB674BD5B1D0092272C4698AE83E504FC8CF06E1260B
Chrome Cache Entry: 299	GIF image data, version 89a, 1 x 1	325472601571F31E1BF00674C368D335	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B

Source: https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=azure+cr&oq=azure+cr+&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIJCAEQABgKGIAEMgkIAhAAGAoYgAQyCQgDEAAYChiABDIJCAQQABgKGIAEMgYIBRBFGDwyBggGEEUYPDIGCAcQRRg80gEINjUzM2owajeoAgCwAgA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:53896 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:53898 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:53899 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:53969 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:53894 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic

Source: global traffic	DNS traffic detected: DNS query: azurecr.io
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: dns-tunnel-check.googlezip.net
Source: global traffic	DNS traffic detected: DNS query: tunnel.googlezip.net
Source: global traffic	DNS traffic detected: DNS query: id.google.com
Source: global traffic	DNS traffic detected: DNS query: mdec.nelreports.net
Source: global traffic	DNS traffic detected: DNS query: s.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: c.go-mpulse.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53966
Source: unknown	Network traffic detected: HTTP traffic on port 53973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54019
Source: unknown	Network traffic detected: HTTP traffic on port 53921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54017
Source: unknown	Network traffic detected: HTTP traffic on port 54032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54020
Source: unknown	Network traffic detected: HTTP traffic on port 53976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53978
Source: unknown	Network traffic detected: HTTP traffic on port 54023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53977
Source: unknown	Network traffic detected: HTTP traffic on port 53993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53972
Source: unknown	Network traffic detected: HTTP traffic on port 54015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54025
Source: unknown	Network traffic detected: HTTP traffic on port 53962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54029
Source: unknown	Network traffic detected: HTTP traffic on port 53924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54028
Source: unknown	Network traffic detected: HTTP traffic on port 53899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54030
Source: unknown	Network traffic detected: HTTP traffic on port 53935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54034
Source: unknown	Network traffic detected: HTTP traffic on port 54012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54033
Source: unknown	Network traffic detected: HTTP traffic on port 53987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54031
Source: unknown	Network traffic detected: HTTP traffic on port 54026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53988
Source: unknown	Network traffic detected: HTTP traffic on port 53998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54038
Source: unknown	Network traffic detected: HTTP traffic on port 53927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53987
Source: unknown	Network traffic detected: HTTP traffic on port 54018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54041
Source: unknown	Network traffic detected: HTTP traffic on port 53984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54040
Source: unknown	Network traffic detected: HTTP traffic on port 53898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53913
Source: unknown	Network traffic detected: HTTP traffic on port 54021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53912
Source: unknown	Network traffic detected: HTTP traffic on port 53970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53999
Source: unknown	Network traffic detected: HTTP traffic on port 53989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53993
Source: unknown	Network traffic detected: HTTP traffic on port 53964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53996
Source: unknown	Network traffic detected: HTTP traffic on port 54038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54056
Source: unknown	Network traffic detected: HTTP traffic on port 54010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53924
Source: unknown	Network traffic detected: HTTP traffic on port 54022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53926
Source: unknown	Network traffic detected: HTTP traffic on port 53963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54060
Source: unknown	Network traffic detected: HTTP traffic on port 54013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53935
Source: unknown	Network traffic detected: HTTP traffic on port 54019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53937
Source: unknown	Network traffic detected: HTTP traffic on port 53997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53895
Source: unknown	Network traffic detected: HTTP traffic on port 53928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53898
Source: unknown	Network traffic detected: HTTP traffic on port 54036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53896
Source: unknown	Network traffic detected: HTTP traffic on port 53983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53946
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54000
Source: unknown	Network traffic detected: HTTP traffic on port 54011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53956
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53959
Source: unknown	Network traffic detected: HTTP traffic on port 54000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54003
Source: unknown	Network traffic detected: HTTP traffic on port 54017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54008
Source: unknown	Network traffic detected: HTTP traffic on port 53926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54007
Source: unknown	Network traffic detected: HTTP traffic on port 54056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54012
Source: unknown	Network traffic detected: HTTP traffic on port 54031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54010
Source: unknown	Network traffic detected: HTTP traffic on port 54003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53912 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:53896 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:53898 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:53899 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:53969 version: TLS 1.2

Source: classification engine

Classification label: sus21.win@29/91@29/278

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1944,i,10147407103075529040,6438901996377724678,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://azurecr.io"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1944,i,10147407103075529040,6438901996377724678,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

LLM: Page contains button: 'Create Your Free Account Today - Microsoft Azure Sign Up' Source: '2.0.pages.csv'

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

ID:	1544126
Product:	CloudBasic
Start time:	21:38:47
Start date:	28.10.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://azurecr.io

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://azurecr.io

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://azurecr.io