analyze malware
  • Huge database of samples and IOCs
  • Custom VM setup
  • Unlimited submissions
  • Interactive approach
Sign up, it’s free
URL:

http://player.canalplus.fr/mycanal/prod/downloadManager/myCANAL-setup.exe

Full analysis: https://app.any.run/tasks/4c907936-ab32-4843-a419-2934a3046336
Verdict: Malicious activity
Threats:

A loader is malicious software that infiltrates devices to deliver malicious payloads. This malware is capable of infecting victims’ computers, analyzing their system information, and installing other types of threats, such as trojans or stealers. Criminals usually deliver loaders through phishing emails and links by relying on social engineering to trick users into downloading and running their executables. Loaders employ advanced evasion and persistence tactics to avoid detection.

Analysis date: July 11, 2019, 18:44:28
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:
loader
Indicators:
MD5:

FD9AA6EF5478006751F85B8599A5A908

SHA1:

F5728D203A42CA8C7CD456E7EED450076F8B5B9E

SHA256:

008E95214BB87DE80AB489F6CE4D8852F05B2A15ACF5E964CAF996155745B0FC

SSDEEP:

3:N1KOJ1YHgVhyEJ4aKGE38nkA:COJ1YwhyEJhw38nkA

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.
  • MALICIOUS

    • Application was dropped or rewritten from another process

      • myCANAL-setup.exe (PID: 1020)
      • myCANAL-setup.exe (PID: 2480)
      • ns137C.tmp (PID: 3268)
      • ns1419.tmp (PID: 3812)
      • ns11B6.tmp (PID: 2860)
      • Silverlight.exe (PID: 884)
      • install.exe (PID: 2692)
      • coregen.exe (PID: 1728)
      • coregen.exe (PID: 3736)
      • coregen.exe (PID: 3248)
      • coregen.exe (PID: 3460)
      • coregen.exe (PID: 3912)
      • coregen.exe (PID: 2436)
      • coregen.exe (PID: 1472)
      • coregen.exe (PID: 3728)
      • coregen.exe (PID: 3456)
      • coregen.exe (PID: 3104)
      • coregen.exe (PID: 3784)
      • coregen.exe (PID: 640)
      • coregen.exe (PID: 3372)
      • coregen.exe (PID: 2736)
      • coregen.exe (PID: 3396)
      • ns8EA9.tmp (PID: 2236)
      • sllauncher.exe (PID: 3084)
      • nsAA24.tmp (PID: 4092)
      • ns9745.tmp (PID: 2288)
      • sllauncher.exe (PID: 1980)
      • nssm.exe (PID: 2084)
      • Silverlight.Configuration.exe (PID: 3748)
      • nsA699.tmp (PID: 3228)
      • nsA1C6.tmp (PID: 3504)
      • nssm.exe (PID: 3720)
      • nsAB00.tmp (PID: 2292)
      • nssm.exe (PID: 3388)
      • nssm.exe (PID: 3836)
      • nssm.exe (PID: 2060)
      • nssm.exe (PID: 3160)
      • nsAB7E.tmp (PID: 3760)
      • myCANAL.Service.exe (PID: 3140)
      • sllauncher.exe (PID: 1412)
    • Starts NET.EXE for service management

      • ns11B6.tmp (PID: 2860)
    • Downloads executable files from the Internet

      • chrome.exe (PID: 2960)
    • Loads dropped or rewritten executable

      • myCANAL-setup.exe (PID: 2480)
      • install.exe (PID: 2692)
      • coregen.exe (PID: 1728)
      • coregen.exe (PID: 3736)
      • coregen.exe (PID: 3248)
      • coregen.exe (PID: 3460)
      • coregen.exe (PID: 3912)
      • coregen.exe (PID: 2436)
      • coregen.exe (PID: 1472)
      • coregen.exe (PID: 3456)
      • coregen.exe (PID: 3728)
      • coregen.exe (PID: 3104)
      • coregen.exe (PID: 3784)
      • coregen.exe (PID: 2736)
      • coregen.exe (PID: 3372)
      • coregen.exe (PID: 640)
      • coregen.exe (PID: 3396)
      • rundll32.exe (PID: 3416)
      • sllauncher.exe (PID: 3084)
      • sllauncher.exe (PID: 1980)
      • explorer.exe (PID: 292)
      • sllauncher.exe (PID: 1412)
  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • chrome.exe (PID: 2960)
      • chrome.exe (PID: 3224)
      • myCANAL-setup.exe (PID: 2480)
      • Silverlight.exe (PID: 884)
      • coregen.exe (PID: 3736)
      • coregen.exe (PID: 1728)
      • coregen.exe (PID: 3248)
      • coregen.exe (PID: 3460)
      • msiexec.exe (PID: 2740)
      • coregen.exe (PID: 3912)
      • coregen.exe (PID: 2436)
      • coregen.exe (PID: 1472)
      • coregen.exe (PID: 3456)
      • coregen.exe (PID: 3728)
      • coregen.exe (PID: 3104)
      • coregen.exe (PID: 3372)
      • coregen.exe (PID: 640)
      • coregen.exe (PID: 2736)
      • coregen.exe (PID: 3396)
    • Starts application with an unusual extension

      • myCANAL-setup.exe (PID: 2480)
    • Starts SC.EXE for service management

      • ns137C.tmp (PID: 3268)
    • Creates files in the program directory

      • myCANAL-setup.exe (PID: 2480)
      • coregen.exe (PID: 1728)
      • coregen.exe (PID: 3736)
      • coregen.exe (PID: 3460)
      • coregen.exe (PID: 3248)
      • coregen.exe (PID: 3912)
      • coregen.exe (PID: 1472)
      • coregen.exe (PID: 2436)
      • coregen.exe (PID: 3104)
      • coregen.exe (PID: 3456)
      • coregen.exe (PID: 3728)
      • coregen.exe (PID: 3784)
      • coregen.exe (PID: 3372)
      • coregen.exe (PID: 640)
      • coregen.exe (PID: 2736)
      • coregen.exe (PID: 3396)
    • Creates COM task schedule object

      • msiexec.exe (PID: 2740)
    • Uses RUNDLL32.EXE to load library

      • install.exe (PID: 2692)
    • Changes IE settings (feature browser emulation)

      • msiexec.exe (PID: 2740)
    • Creates files in the user directory

      • Silverlight.Configuration.exe (PID: 3748)
    • Modifies the open verb of a shell class

      • myCANAL-setup.exe (PID: 2480)
    • Creates a software uninstall entry

      • myCANAL-setup.exe (PID: 2480)
      • Silverlight.Configuration.exe (PID: 3748)
    • Reads Internet Cache Settings

      • sllauncher.exe (PID: 1412)
      • explorer.exe (PID: 292)
    • Reads internet explorer settings

      • sllauncher.exe (PID: 1412)
    • Executed as Windows Service

      • nssm.exe (PID: 3160)
  • INFO

    • Creates files in the user directory

      • chrome.exe (PID: 3224)
    • Reads Internet Cache Settings

      • chrome.exe (PID: 3224)
    • Application launched itself

      • chrome.exe (PID: 3224)
      • msiexec.exe (PID: 2740)
    • Starts application with an unusual extension

      • msiexec.exe (PID: 2740)
    • Creates a software uninstall entry

      • msiexec.exe (PID: 2740)
    • Application was dropped or rewritten from another process

      • MSI3A12.tmp (PID: 3196)
    • Creates files in the program directory

      • msiexec.exe (PID: 2740)
    • Loads dropped or rewritten executable

      • MsiExec.exe (PID: 3468)
    • Reads settings of System Certificates

      • sllauncher.exe (PID: 1412)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
124
Monitored processes
60
Malicious processes
25
Suspicious processes
7

Behavior graph

Click at the process to see the details
drop and start drop and start start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start drop and start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs mycanal-setup.exe no specs mycanal-setup.exe ns11b6.tmp no specs chrome.exe no specs net.exe no specs net1.exe no specs ns137c.tmp no specs sc.exe no specs ns1419.tmp no specs silverlight.exe install.exe no specs msiexec.exe msi2455.tmp no specs msi3a12.tmp no specs coregen.exe coregen.exe coregen.exe coregen.exe coregen.exe coregen.exe coregen.exe coregen.exe coregen.exe coregen.exe coregen.exe no specs coregen.exe coregen.exe coregen.exe coregen.exe msiexec.exe no specs chrome.exe no specs rundll32.exe no specs ns8ea9.tmp no specs sllauncher.exe no specs ns9745.tmp no specs sllauncher.exe no specs explorer.exe no specs silverlight.configuration.exe no specs nsa1c6.tmp no specs nssm.exe no specs nsa699.tmp no specs nssm.exe no specs nsaa24.tmp no specs nssm.exe no specs nsab00.tmp no specs nssm.exe no specs nsab7e.tmp no specs nssm.exe no specs nssm.exe no specs mycanal.service.exe no specs chrome.exe no specs sllauncher.exe

Process information

PID
CMD
Path
Indicators
Parent process
3224"C:\Program Files\Google\Chrome\Application\chrome.exe" http://player.canalplus.fr/mycanal/prod/downloadManager/myCANAL-setup.exeC:\Program Files\Google\Chrome\Application\chrome.exe
explorer.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
75.0.3770.100
3668"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=75.0.3770.100 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6fb9a9d0,0x6fb9a9e0,0x6fb9a9ecC:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
75.0.3770.100
3188"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1808 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
75.0.3770.100
2784"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=992,17417941468302138703,7174163416768970117,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=10056207086602005228 --mojo-platform-channel-handle=1008 --ignored=" --type=renderer " /prefetch:2C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Version:
75.0.3770.100
2960"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=992,17417941468302138703,7174163416768970117,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=15177587056936146536 --mojo-platform-channel-handle=1600 /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exe
chrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
75.0.3770.100
1768"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=992,17417941468302138703,7174163416768970117,131072 --enable-features=PasswordImport --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=367565556307454590 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2212 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Version:
75.0.3770.100
3108"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=992,17417941468302138703,7174163416768970117,131072 --enable-features=PasswordImport --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6944750995337381900 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2240 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Version:
75.0.3770.100
2384"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=992,17417941468302138703,7174163416768970117,131072 --enable-features=PasswordImport --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13107749092325491781 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2460 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
75.0.3770.100
1020"C:\Users\admin\Downloads\myCANAL-setup.exe" C:\Users\admin\Downloads\myCANAL-setup.exechrome.exe
User:
admin
Company:
UCAYA
Integrity Level:
MEDIUM
Description:
myCANAL
Exit code:
3221226540
Version:
1.0.0.0
2480"C:\Users\admin\Downloads\myCANAL-setup.exe" C:\Users\admin\Downloads\myCANAL-setup.exe
chrome.exe
User:
admin
Company:
UCAYA
Integrity Level:
HIGH
Description:
myCANAL
Exit code:
0
Version:
1.0.0.0
Total events
7 472
Read events
4 564
Write events
0
Delete events
0

Modification events

No data
Executable files
231
Suspicious files
26
Text files
110
Unknown types
5

Dropped files

PID
Process
Filename
Type
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\6777be46-fda8-4019-8c53-3a66ddc2f182.tmp
MD5:
SHA256:
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000020.dbtmp
MD5:
SHA256:
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.oldtext
MD5:213AE3DA120D7862D60B5763B6C9D466
SHA256:5736534D6EE654C1BF1A8E79E73330AF58F622E8657285330D2C7189A55604F4
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldtext
MD5:C4D6CBB269C626168A5D6D0D8CCE6C30
SHA256:B62CDBB758278A0C2E50593357390119441D8DE09428EB29027F3DFD1332E348
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RFcd893.TMPtext
MD5:213AE3DA120D7862D60B5763B6C9D466
SHA256:5736534D6EE654C1BF1A8E79E73330AF58F622E8657285330D2C7189A55604F4
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG.old
MD5:
SHA256:
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RFcd873.TMPtext
MD5:DC32343F45B01764B6267AD36548102A
SHA256:A250F5AD57D4BD58AAE92810D50278E3BE2DBF869F126A3A3519691BCDFC2075
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldtext
MD5:A519780ED0A2F4336DB4F5651D79C369
SHA256:DA5B71BD0075B55757BF757BF5F4D4A1DCBCF0762CDA5B31B28680963E068C75
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old~RFcd8e1.TMPtext
MD5:3D551B6E929CF62F7AA66091E718704B
SHA256:1698A1B1BC3E86676392FB8BD4C712438302A5A2220503C08F290ED4B1790404
3224chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.oldtext
MD5:0ACECCA4CF9ADE756DA7CC9DCDF02D50
SHA256:18F910775132B4FEE014EA0FAB836D857F367E76232FAB4AE6A86A92E4C3EBEE
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
20
TCP/UDP connections
19
DNS requests
13
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
1412
sllauncher.exe
GET
200
2.16.106.65:80
http://player.canalplus.fr/mycanal/prod/downloadManager/configuration.xml
unknown
xml
20.4 Kb
whitelisted
1412
sllauncher.exe
GET
302
66.117.29.228:80
http://cplusglobalprod.112.2o7.net/b/ss/cplusglobalprod,cplusmycanalpreprod/0/CS-1.1-SL2/s04242581638620?AQB=1&ndh=1&t=11%2F6%2F2019%2019%3A46%3A8%20Thursday%20-60&ce=UTF-8&pageName=MyCWeb%20-%20Widget%20-%20Bibliotheque%20-%20Accueil&ch=MyCWeb&events=event3&c4=MyCWeb%20-%20Widget&c5=MyCWeb%20-%20Widget%20-%20Bibliotheque&c6=MyCWeb%20-%20Widget%20-%20Bibliotheque%20-%20Accueil&c33=MYCANAL&c40=11%2F07%2F2019%2019%3A46%3A08.452&AQE=1
US
whitelisted
1412
sllauncher.exe
HEAD
200
2.16.106.65:80
http://player.canalplus.fr/mycanal/prod/downloadManager/configuration.xml
unknown
whitelisted
2960
chrome.exe
GET
200
2.16.106.65:80
http://player.canalplus.fr/mycanal/prod/downloadManager/myCANAL-setup.exe
unknown
executable
11.6 Mb
whitelisted
1412
sllauncher.exe
GET
200
72.247.185.65:80
http://www.msftncsi.com/ncsi.txt?id=5d0f03b6-85b5-4db9-9d1b-0e305abf1fc6
NL
text
14 b
whitelisted
1412
sllauncher.exe
GET
200
72.247.185.65:80
http://www.msftncsi.com/ncsi.txt?id=87cda858-8c14-43ea-90ed-a2e59d6f79a7
NL
text
14 b
whitelisted
1412
sllauncher.exe
GET
200
72.247.185.65:80
http://www.msftncsi.com/ncsi.txt?id=076ca4a8-48c7-46cf-b710-fc02070eeea8
NL
text
14 b
whitelisted
1412
sllauncher.exe
GET
200
66.117.29.228:80
http://cplusglobalprod.112.2o7.net/b/ss/cplusglobalprod,cplusmycanalpreprod/0/CS-1.1-SL2/s03370529577774?AQB=1&pccr=true&&ndh=1&t=11%2F6%2F2019%2019%3A46%3A8%20Thursday%20-60&ce=UTF-8&pageName=MyCWeb%20-%20Widget%20-%20S%20identifier&ch=MyCWeb&events=event3&c4=MyCWeb%20-%20Widget&c5=MyCWeb%20-%20Widget%20-%20S%20identifier&c33=MYCANAL&c40=11%2F07%2F2019%2019%3A46%3A08.525&AQE=1
US
binary
1 b
whitelisted
1412
sllauncher.exe
GET
302
66.117.29.228:80
http://cplusglobalprod.112.2o7.net/b/ss/cplusglobalprod,cplusmycanalpreprod/0/CS-1.1-SL2/s03370529577774?AQB=1&ndh=1&t=11%2F6%2F2019%2019%3A46%3A8%20Thursday%20-60&ce=UTF-8&pageName=MyCWeb%20-%20Widget%20-%20S%20identifier&ch=MyCWeb&events=event3&c4=MyCWeb%20-%20Widget&c5=MyCWeb%20-%20Widget%20-%20S%20identifier&c33=MYCANAL&c40=11%2F07%2F2019%2019%3A46%3A08.525&AQE=1
US
binary
1 b
whitelisted
1412
sllauncher.exe
GET
200
2.16.106.65:80
http://player.canalplus.fr/mycanal/prod/downloadManager/version.txt?t=636984675680105859
unknown
text
7 b
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
2960
chrome.exe
172.217.23.163:443
clientservices.googleapis.com
Google Inc.
US
whitelisted
1412
sllauncher.exe
2.16.106.65:80
player.canalplus.fr
Akamai International B.V.
whitelisted
2960
chrome.exe
172.217.16.163:443
www.gstatic.com
Google Inc.
US
whitelisted
2960
chrome.exe
2.16.106.65:80
player.canalplus.fr
Akamai International B.V.
whitelisted
2960
chrome.exe
216.58.207.78:443
sb-ssl.google.com
Google Inc.
US
whitelisted
1412
sllauncher.exe
172.217.18.99:80
google.fr
Google Inc.
US
whitelisted
2960
chrome.exe
172.217.21.228:443
www.google.com
Google Inc.
US
whitelisted
1412
sllauncher.exe
66.117.29.228:80
cplusglobalprod.112.2o7.net
Adobe Systems Inc.
US
unknown
2.16.106.65:80
player.canalplus.fr
Akamai International B.V.
whitelisted
2960
chrome.exe
172.217.18.13:443
accounts.google.com
Google Inc.
US
whitelisted

DNS requests

Domain
IP
Reputation
player.canalplus.fr
  • 2.16.106.65
  • 2.16.106.115
whitelisted
clientservices.googleapis.com
  • 172.217.23.163
whitelisted
accounts.google.com
  • 172.217.18.13
shared
www.google.com
  • 172.217.21.228
whitelisted
sb-ssl.google.com
  • 216.58.207.78
whitelisted
ssl.gstatic.com
  • 172.217.16.131
whitelisted
www.gstatic.com
  • 172.217.16.163
whitelisted
www.msftncsi.com
  • 72.247.185.65
  • 95.100.39.10
whitelisted
cplusglobalprod.112.2o7.net
  • 66.117.29.228
unknown
google.fr
  • 172.217.18.99
whitelisted

Threats

PID
Process
Class
Message
2960
chrome.exe
Potential Corporate Privacy Violation
ET POLICY PE EXE or DLL Windows file download HTTP
No debug info