Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | May 3, 2024, 7:45 a.m. | May 3, 2024, 7:55 a.m. |
-
-
chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
2144-
chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\test22\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\test22\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\test22\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=86.0.4240.111 --initial-client-data=0xb0,0xb4,0xb8,0x84,0xbc,0x7fef3e36e00,0x7fef3e36e10,0x7fef3e36e20
2232
-
-
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
file | C:\Program Files (x86)\Google\Chrome\Application\chrome.exe |
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe\PATH |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Crashpad |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\CrashpadMetrics-spare.pma |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\CrashpadMetrics-active.pma |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Crashpad\reports |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Crashpad\metadata |
section | {u'size_of_data': u'0x00046200', u'virtual_address': u'0x000d4000', u'entropy': 7.844093186587957, u'name': u'.rsrc', u'virtual_size': u'0x0004617c'} | entropy | 7.84409318659 | description | A section with a high entropy has been found | |||||||||
entropy | 0.246485061511 | description | Overall entropy of this PE file is high |
parent_process | chrome.exe | martian_process | "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\test22\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\test22\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\test22\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=86.0.4240.111 --initial-client-data=0xb0,0xb4,0xb8,0x84,0xbc,0x7fef3e36e00,0x7fef3e36e10,0x7fef3e36e20 |
Bkav | W32.AIDetectMalware |
Cynet | Malicious (score: 99) |
Skyhigh | BehavesLike.Win32.Injector.tc |
Cylance | unsafe |
Sangfor | Virus.Win32.Save.a |
K7GW | Trojan ( 005b26d31 ) |
K7AntiVirus | Trojan ( 005b26d31 ) |
Elastic | malicious (high confidence) |
ESET-NOD32 | a variant of Win32/Autoit.OQF |
F-Secure | Trojan.TR/AutoIt.zstul |
FireEye | Generic.mg.6b31dd4a6560603d |
Sophos | Generic ML PUA (PUA) |
Ikarus | Trojan.Win32.Autoit |
Jiangmin | Trojan.Script.awbz |
Detected | |
Avira | TR/AutoIt.zstul |
Varist | W32/AutoIt.XQ.gen!Eldorado |
BitDefenderTheta | Gen:NN.ZexaCO.36804.hvW@aaqTHpki |
TACHYON | Trojan/W32.Agent.1166336.C |
DeepInstinct | MALICIOUS |
Malwarebytes | Backdoor.NetWiredRC.AutoIt.Generic |
Fortinet | AutoIt/Agent.OQF!tr |