Windows Analysis Report
http://mmahumble.com/alpine

Overview

General Information

Sample URL:	http://mmahumble.com/alpine
Analysis ID:	1562589
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	60%

Signatures

Stores files to the Windows start menu directory

Classification

Signatures

Source: http://mmahumble.com/alpine

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49718 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50

Source: global traffic	HTTP traffic detected: GET /alpine HTTP/1.1Host: mmahumble.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mmahumble.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://mmahumble.com/alpineAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: mmahumble.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jsinit.directfwd.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 25 Nov 2024 17:33:01 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, Keep-AliveLast-Modified: Tue, 15 Mar 2022 22:06:20 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 355Keep-Alive: timeout=5, max=75Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 8d 52 4b 4f c3 30 0c be f3 2b ac a0 49 70 58 db bd 2a d6 97 38 73 81 13 d7 29 6b d2 d6 6b 9a 44 49 f6 62 e2 bf 93 ae 53 81 03 12 89 94 d8 f9 3e 7f 96 ed 64 8d eb 44 71 97 35 9c b2 e2 0e fc ca ac 3b 0b 3e d8 fd 0a 84 a2 8c 1b b8 c0 56 19 6f 24 30 8b f5 09 ac 12 c8 e0 be 5a f4 3b bd 61 53 a7 f4 6f 7c b1 5c 3f b1 ed 88 1b ca 70 6f 13 58 45 93 14 8e c8 5c e3 e9 f3 48 9f 52 68 38 d6 8d 1b 5d 2a b1 a3 0e 95 4c c0 6a 94 30 b7 20 50 72 6a 00 65 85 12 1d 4f 41 2b 8b 03 a5 c2 13 67 29 5c d3 2f 7b 6d c1 2b 77 33 3f c7 52 9e 5b 7e ae 0c ed b8 1d 34 2f 10 4d fc e1 0c 95 b6 52 a6 4b c0 28 47 1d 7f 88 18 af 1f 7d 24 cc a2 3f 18 8b 78 e4 0c fa 59 f8 a3 6f 99 2d 0d 6a 07 82 ca 7a 4f 6b 9e 93 17 7a a0 c3 23 29 0e be 88 8d 6d 3f 36 da 77 28 07 b2 7e 7b 5d c5 cb d5 7b 4c 52 af 72 25 fd 43 06 ac 29 73 d2 38 a7 93 30 2c 99 0c 76 b6 6f 4b c0 d0 f0 d2 55 47 16 94 aa 0b 6d 3b dd 59 4d 4d bb b9 82 ba d1 a4 f8 4e 92 85 c3 dc b3 ad 62 67 7f 31 3c 40 29 a8 b5 39 19 a6 4e 00 59 4e bc c8 cd f5 b1 9e d3 07 de 22 c2 e1 ff 7c 01 0a 46 45 97 47 02 00 00 Data Ascii: RKO0+IpX8s)kkDIbS>dDq5;>Vo$0Z;aSo\|\?poXE\HRh8]Lj0 PrjeOA+g)\/{m+w3?R[~4/MRK(G}$?xYo-jzOkz#)m?6w(~{]{LRr%C)s80,voKUGm;YMMNbg1<@)9NYN"\|FEG
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 25 Nov 2024 17:33:03 GMTServer: ApacheLast-Modified: Tue, 15 Mar 2022 22:06:20 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 355Keep-Alive: timeout=5, max=74Connection: Keep-AliveContent-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 8d 52 4b 4f c3 30 0c be f3 2b ac a0 49 70 58 db bd 2a d6 97 38 73 81 13 d7 29 6b d2 d6 6b 9a 44 49 f6 62 e2 bf 93 ae 53 81 03 12 89 94 d8 f9 3e 7f 96 ed 64 8d eb 44 71 97 35 9c b2 e2 0e fc ca ac 3b 0b 3e d8 fd 0a 84 a2 8c 1b b8 c0 56 19 6f 24 30 8b f5 09 ac 12 c8 e0 be 5a f4 3b bd 61 53 a7 f4 6f 7c b1 5c 3f b1 ed 88 1b ca 70 6f 13 58 45 93 14 8e c8 5c e3 e9 f3 48 9f 52 68 38 d6 8d 1b 5d 2a b1 a3 0e 95 4c c0 6a 94 30 b7 20 50 72 6a 00 65 85 12 1d 4f 41 2b 8b 03 a5 c2 13 67 29 5c d3 2f 7b 6d c1 2b 77 33 3f c7 52 9e 5b 7e ae 0c ed b8 1d 34 2f 10 4d fc e1 0c 95 b6 52 a6 4b c0 28 47 1d 7f 88 18 af 1f 7d 24 cc a2 3f 18 8b 78 e4 0c fa 59 f8 a3 6f 99 2d 0d 6a 07 82 ca 7a 4f 6b 9e 93 17 7a a0 c3 23 29 0e be 88 8d 6d 3f 36 da 77 28 07 b2 7e 7b 5d c5 cb d5 7b 4c 52 af 72 25 fd 43 06 ac 29 73 d2 38 a7 93 30 2c 99 0c 76 b6 6f 4b c0 d0 f0 d2 55 47 16 94 aa 0b 6d 3b dd 59 4d 4d bb b9 82 ba d1 a4 f8 4e 92 85 c3 dc b3 ad 62 67 7f 31 3c 40 29 a8 b5 39 19 a6 4e 00 59 4e bc c8 cd f5 b1 9e d3 07 de 22 c2 e1 ff 7c 01 0a 46 45 97 47 02 00 00 Data Ascii: RKO0+IpX8s)kkDIbS>dDq5;>Vo$0Z;aSo\|\?poXE\HRh8]Lj0 PrjeOA+g)\/{m+w3?R[~4/MRK(G}$?xYo-jzOkz#)m?6w(~{]{LRr%C)s80,voKUGm;YMMNbg1<@)9NYN"\|FEG

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443

Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49718 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@18/6@11/98

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1780,i,12240063944751155419,3213979065630557473,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://mmahumble.com/alpine"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1780,i,12240063944751155419,3213979065630557473,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
74.125.205.84	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.17.67	unknown	United States	15169	GOOGLEUS	false
208.91.199.181	mmahumble.com	United States	394695	PUBLIC-DOMAIN-REGISTRYUS	false
172.217.17.46	unknown	United States	15169	GOOGLEUS	false
142.250.181.68	www.google.com	United States	15169	GOOGLEUS	false
216.58.208.227	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
www.google.com	142.250.181.68	true
mmahumble.com	208.91.199.181	true
cdn.jsinit.directfwd.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://mmahumble.com/alpine/wp-content	false		unknown
http://mmahumble.com/alpine	false		unknown
http://mmahumble.com/favicon.ico	false	Avira URL Cloud: safe	unknown

ID:	1562589
Product:	CloudBasic
Start time:	18:32:30
Start date:	25.11.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 16:33:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	B90E5BAD2B4DF3B32F5F1A4B6A82C69E	C3AD870C4A91A400336B39C7107612137047E8DB	1CBF61BA52B40DEE4A2ED19A0145672A905FF8FF54005A5A500AFECC89178BC3
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 16:33:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	A46BFDBC88FC0E1C6936CB0A66A198E3	6786EAAA94AA53285B160B3C97B117E340E6B056	22369131A6A6073BCC7EB997EB933007823EA4142D3F409A4E0D9D6D852C2656
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	3C94B32ABEA7BDBD29C3F1A0B997C529	6813F2B87BE1858FB49FD9F7DE1B93E59DF76405	80A53FA8CFF81881F0938B0326B12B5542BADED3D45FC40D3A44E8E264410396
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 16:33:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	96D817FC43C602D3017AC1A3FFF61AFF	049F2173E1EC41C5A73073E05A060E786A774018	E1169AE3EE76E7C56B9357DFE4F9DAAAA3B34C577407904DE21AB9EFDCD97D7F
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 16:33:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	AE798C71351E9B0635AC05DA7F2E6FA2	41F46163A2083FB1A6ACF86055597F61D7BD2630	A37EFC6B1B2849616618A21FE898F41CEB839463C11DB86D2143A9316C75503F
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 16:33:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	4765EE97698E6F4268C55CF5FB6602E2	47086BB8B20798C832FFC3E37F33A22F2221800B	E5EB243CCFF582C42CC46E06CD2F08B4F4EF90A9EEB632623E394843CDDB7333

Windows Analysis Report
http://mmahumble.com/alpine

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://mmahumble.com/alpine

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://mmahumble.com/alpine