URL:

http://elixx.me/wajax.html

Full analysis: https://app.any.run/tasks/fbc817af-9d1b-4e43-b081-085ecd0e9810
Verdict: Malicious activity
Analysis date: May 05, 2019, 15:56:55
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:
opendir
Indicators:
MD5:

C5DE4E3CCA52F9791C1803DF1DB20A2F

SHA1:

8467C92D2B6CF631E556B3DC9361304AF2417A9F

SHA256:

62F11EE2FEC403F16C3F73FB8D5AAD488C061F275F54DF4E5D44B1F6D1AA738E

SSDEEP:

3:N1KbCdGv/Jn:CiGJn

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Modifies files in Chrome extension folder

      • chrome.exe (PID: 2584)

  • INFO

    • Reads settings of System Certificates

      • chrome.exe (PID: 2584)

    • Changes settings of System certificates

      • chrome.exe (PID: 2584)

    • Application launched itself

      • chrome.exe (PID: 2584)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
76
Monitored processes
45
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
292"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=18286008402711664526 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18286008402711664526 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
556"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=13991112107261460072 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13991112107261460072 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
620"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=14619992105800722998 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14619992105800722998 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
664"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=2317181556358467953 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2317181556358467953 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
704"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=5628101385534766627 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5628101385534766627 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3644 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
1000"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --service-pipe-token=8154669110630229551 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8154669110630229551 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2004 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
1260"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=10403861837902262355 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10403861837902262355 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7452 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
1360"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=15210887370996877848 --mojo-platform-channel-handle=4520 /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
1440"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=13535027052059611491 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13535027052059611491 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
1488"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,7684098884706590447,18307735252959577817,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=17102479373894007689 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17102479373894007689 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
Total events
601
Read events
507
Write events
90
Delete events
4

Modification events

(PID) Process:(2584) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(2584) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(2584) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
Operation:writeName:StatusCodes
Value:
(PID) Process:(2584) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
Operation:writeName:StatusCodes
Value:
01000000
(PID) Process:(2584) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(2356) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
Operation:writeName:2584-13201545429307750
Value:
259
(PID) Process:(2584) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Operation:writeName:dr
Value:
1
(PID) Process:(2584) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome
Operation:writeName:UsageStatsInSample
Value:
0
(PID) Process:(2584) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
Operation:delete valueName:3488-13197474229333984
Value:
0
(PID) Process:(2584) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
Operation:delete valueName:2584-13201545429307750
Value:
259
Executable files
0
Suspicious files
243
Text files
226
Unknown types
22

Dropped files

PID
Process
Filename
Type
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\index
MD5:
SHA256:
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_0
MD5:
SHA256:
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
MD5:
SHA256:
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_2
MD5:
SHA256:
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_3
MD5:
SHA256:
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\cc896bef-a39f-4403-a329-e075036bb8df.tmp
MD5:
SHA256:
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000018.dbtmp
MD5:
SHA256:
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\index
MD5:
SHA256:
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0
MD5:
SHA256:
2584chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
154
TCP/UDP connections
349
DNS requests
192
Threats
857

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
2584
chrome.exe
GET
403
198.134.112.243:80
http://7hor9gul4s.com/1e/fd/dd/1efdddeb1af3b0bae8f8673d2654e32c.js
US
malicious
2584
chrome.exe
GET
403
198.134.112.241:80
http://5nt1gx7o57.com/787065dec1319608bed720646c5cef81/invoke.js
US
malicious
2584
chrome.exe
GET
192.99.0.18:80
http://s4.histats.com/stats/0.php?3989073&@f16&@g0&@h2&@i1&@j1557071831690&@k132&@l2&@mSCHEDULE&@n0&@ohttp%3A%2F%2Felixx.me%2Fwajax.html&@q0&@r0&@s0&@ten-US&@u1280&@b1:-82419505&@b3:1557071832&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Felixx.me%2Fschedule.html&@w
CA
whitelisted
2584
chrome.exe
GET
200
104.18.57.33:80
http://elixx.me/images/034befa26f_Arsene_Wenger.jpg
US
image
440 Kb
malicious
2584
chrome.exe
GET
200
104.18.57.33:80
http://elixx.me/images/footy.jpg
US
image
327 Kb
malicious
2584
chrome.exe
GET
200
46.105.201.240:80
http://s10.histats.com/js15_as.js
FR
html
4.42 Kb
whitelisted
2584
chrome.exe
GET
200
104.18.57.33:80
http://elixx.me/aw/wajax.php
US
html
1.51 Kb
malicious
2584
chrome.exe
GET
192.99.0.18:80
http://s4.histats.com/stats/0.php?3190245&@f16&@g1&@h1&@i1&@j1557071831674&@k0&@l1&@mAJAX&@n0&@ohttp%3A%2F%2Felixx.me%2Fwajax.html&@q0&@r0&@s0&@ten-US&@u1280&@b1:-177984766&@b3:1557071832&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Felixx.me%2Faw%2Fwajax.php&@w
CA
whitelisted
2584
chrome.exe
GET
200
104.18.35.166:80
http://wenger.stream/ws/ajax.php
US
html
1.39 Kb
malicious
2584
chrome.exe
GET
200
104.18.57.33:80
http://elixx.me/schedule.html
US
html
1.67 Kb
malicious
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
2584
chrome.exe
104.18.57.33:80
elixx.me
Cloudflare Inc
US
shared
2584
chrome.exe
172.217.21.227:443
clientservices.googleapis.com
Google Inc.
US
whitelisted
2584
chrome.exe
104.20.2.47:443
www.statcounter.com
Cloudflare Inc
US
shared
2584
chrome.exe
198.134.112.243:80
7hor9gul4s.com
Webair Internet Development Company Inc.
US
suspicious
2584
chrome.exe
172.217.16.141:443
accounts.google.com
Google Inc.
US
suspicious
2584
chrome.exe
198.134.112.241:80
7hor9gul4s.com
Webair Internet Development Company Inc.
US
suspicious
2584
chrome.exe
192.99.0.18:80
s4.histats.com
OVH SAS
CA
unknown
2584
chrome.exe
195.181.175.7:80
c1.popads.net
Datacamp Limited
DE
suspicious
2584
chrome.exe
104.18.35.166:80
wenger.stream
Cloudflare Inc
US
shared
2584
chrome.exe
104.24.107.25:80
whostreams.net
Cloudflare Inc
US
shared

DNS requests

Domain
IP
Reputation
clientservices.googleapis.com
  • 172.217.21.227
whitelisted
elixx.me
  • 104.18.57.33
  • 104.18.56.33
malicious
accounts.google.com
  • 172.217.16.141
shared
7hor9gul4s.com
  • 198.134.112.243
  • 198.134.112.242
  • 198.134.112.241
  • 198.134.112.244
malicious
www.statcounter.com
  • 104.20.2.47
  • 104.20.3.47
whitelisted
5nt1gx7o57.com
  • 198.134.112.241
  • 198.134.112.242
  • 198.134.112.244
  • 198.134.112.243
malicious
c1.popads.net
  • 195.181.175.7
whitelisted
s10.histats.com
  • 46.105.201.240
whitelisted
c.statcounter.com
  • 104.20.2.47
  • 104.20.3.47
whitelisted
old.reddit.com
  • 151.101.1.140
  • 151.101.65.140
  • 151.101.129.140
  • 151.101.193.140
whitelisted

Threats

PID
Process
Class
Message
2584
chrome.exe
Potential Corporate Privacy Violation
ET INFO Suspicious Darkwave Popads Pop Under Redirect
2584
chrome.exe
Generic Protocol Command Decode
SURICATA STREAM excessive retransmissions
2584
chrome.exe
Attempted User Privilege Gain
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
Attempted User Privilege Gain
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2584
chrome.exe
Attempted User Privilege Gain
ET INFO Session Traversal Utilities for NAT (STUN Binding Response)
Attempted User Privilege Gain
ET INFO Session Traversal Utilities for NAT (STUN Binding Response)
Attempted User Privilege Gain
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
Attempted User Privilege Gain
ET INFO Session Traversal Utilities for NAT (STUN Binding Response)
2584
chrome.exe
Attempted User Privilege Gain
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
Attempted User Privilege Gain
ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
http://elixx.me/wajax.html