analyze malware
  • Huge database of samples and IOCs
  • Custom VM setup
  • Unlimited submissions
  • Interactive approach
Sign up, it’s free
URL:

http://www.gameofwhores.game/

Full analysis: https://app.any.run/tasks/0948d6d0-387a-4541-ab60-12b59bce6017
Verdict: Malicious activity
Analysis date: May 15, 2019, 08:55:55
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MD5:

25107964DF9331A77A8DF018E770C114

SHA1:

B01DC405683233DC7CB2ACB55333A2A0B93C13B3

SHA256:

A4376E98171CD5A610E6FEEC5D17F569FA63B7D8B7776C3B209228995E437A36

SSDEEP:

3:N1KJS4IDSrMI:Cc4IDSrMI

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Connects to CnC server

      • chrome.exe (PID: 3896)

  • SUSPICIOUS

    • Modifies files in Chrome extension folder

      • chrome.exe (PID: 3896)

  • INFO

    • Reads internet explorer settings

      • iexplore.exe (PID: 3044)

    • Reads Internet Cache Settings

      • iexplore.exe (PID: 3044)

    • Changes internet zones settings

      • iexplore.exe (PID: 3132)

    • Application launched itself

      • iexplore.exe (PID: 3132)
      • chrome.exe (PID: 3896)

    • Creates files in the user directory

      • iexplore.exe (PID: 3132)
      • iexplore.exe (PID: 3044)

    • Reads settings of System Certificates

      • chrome.exe (PID: 3896)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
67
Monitored processes
34
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start iexplore.exe iexplore.exe chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
3132"C:\Program Files\Internet Explorer\iexplore.exe" -nohomeC:\Program Files\Internet Explorer\iexplore.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Internet Explorer
Exit code:
1
Version:
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
3044"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:3132 CREDAT:71937C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Internet Explorer
Exit code:
0
Version:
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
3896"C:\Program Files\Google\Chrome\Application\chrome.exe" C:\Program Files\Google\Chrome\Application\chrome.exe
explorer.exe
User:
admin
Company:
Google Inc.
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
3172"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=73.0.3683.75 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6f5e0f18,0x6f5e0f28,0x6f5e0f34C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
836"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3904 --on-initialized-event-handle=308 --parent-handle=312 /prefetch:6C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
3428"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=952,738770015040327455,2354202183365589283,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=2717171604732266191 --mojo-platform-channel-handle=972 --ignored=" --type=renderer " /prefetch:2C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
3204"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,738770015040327455,2354202183365589283,131072 --enable-features=PasswordImport --service-pipe-token=5906586186935119080 --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5906586186935119080 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2036 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
1512"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,738770015040327455,2354202183365589283,131072 --enable-features=PasswordImport --service-pipe-token=12730067520250260882 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12730067520250260882 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2236 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
3632"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,738770015040327455,2354202183365589283,131072 --enable-features=PasswordImport --service-pipe-token=1535043835335744680 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1535043835335744680 --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2256 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
3940"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,738770015040327455,2354202183365589283,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=1287131780067048117 --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1287131780067048117 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3752 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
73.0.3683.75
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
Total events
1 011
Read events
850
Write events
153
Delete events
8

Modification events

(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Operation:writeName:CompatibilityFlags
Value:
0
(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
0
(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:AutoDetect
Value:
1
(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
Operation:writeName:SecuritySafe
Value:
1
(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Operation:writeName:ProxyEnable
Value:
0
(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
Operation:writeName:SavedLegacySettings
Value:
4600000071000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\Active
Operation:writeName:{4AE7313F-76EF-11E9-A09E-5254004A04AF}
Value:
0
(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Operation:writeName:Type
Value:
4
(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Operation:writeName:Count
Value:
1
(PID) Process:(3132) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Operation:writeName:Time
Value:
E307050003000F00080038000F00B500
Executable files
0
Suspicious files
131
Text files
203
Unknown types
12

Dropped files

PID
Process
Filename
Type
3132iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6QNMHE9\favicon[1].ico
MD5:
SHA256:
3132iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
MD5:
SHA256:
3044iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\00UYCZ76\gameofwhores_game[1].txt
MD5:
SHA256:
3044iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IYAZTC1D\style[1].csstext
MD5:96F84D0985AF87B4D4F6AE8816F9C5C5
SHA256:93A1109ADA0CD55DEDEAF7E9C4251A7F91AC3C3E1AB85E25E37B6CD4E47D504B
3132iexplore.exeC:\Users\admin\AppData\Local\Temp\~DFE75B9D772DEDA5E9.TMP
MD5:
SHA256:
3044iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.datdat
MD5:9D9CA37AD8B866D83FF31FE2CB1BEAA0
SHA256:A35E36C9C2D68EE8CD0204C5619FAF98CFA26E401942723C7BBB369B67BA6DDA
3044iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012019051520190516\index.datdat
MD5:5FA5FD1D22977F82ECF2D64C5A89B13E
SHA256:88580F8E63183959CB8DB76484E357CDE13EFD44F2C98CAE933A6839D53081FC
3044iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LALM9O0N\caf[1].jstext
MD5:47A96578FF0D564FF15D9DCB498984C2
SHA256:69CEB3C96A62F783582BFB09F668FA4F69A86A633EF0443EFF10C48DC5570FC0
3044iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.datdat
MD5:309D921E45FB5E7653B388C1BA06584C
SHA256:FF3616F4F204EAB4D610470E31AF821C7B9120E676244F73774B8C6C3E09045F
3044iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4RTXMEHB\jsparkcaf[1].phphtml
MD5:1126917146F99793E938FA17BABBD77C
SHA256:8161F59C3E3CF034064EAA0374702CCE14A783B895ADFFDFB2763D1D6656C244
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
33
TCP/UDP connections
80
DNS requests
61
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3896
chrome.exe
GET
200
198.54.117.200:80
http://www.gameofwhores.game/
US
html
1.58 Kb
malicious
3896
chrome.exe
GET
200
13.35.253.80:80
http://i.cdnpark.com/themes/assets/style.css
US
text
343 b
whitelisted
3044
iexplore.exe
GET
200
198.54.117.197:80
http://www.gameofwhores.game/
US
html
1.58 Kb
malicious
3044
iexplore.exe
GET
200
172.217.16.132:80
http://www.google.com/adsense/domains/caf.js
US
text
55.2 Kb
whitelisted
3896
chrome.exe
GET
200
172.217.18.163:80
http://www.gstatic.com/domainads/tracking/caf.gif?ts=1557910633492&rid=917687
US
image
43 b
whitelisted
3132
iexplore.exe
GET
404
198.54.117.197:80
http://www.gameofwhores.game/favicon.ico
US
html
185 b
malicious
3044
iexplore.exe
GET
200
13.35.253.65:80
http://i.cdnpark.com/themes/registrar/images/logo_namecheap.png
US
image
4.80 Kb
whitelisted
3896
chrome.exe
GET
200
185.53.179.29:80
http://parkingcrew.net/jsparkcaf.php?regcn=243142&_v=2&_h=www.gameofwhores.game&_t=1557910632656
DE
html
2.54 Kb
whitelisted
3896
chrome.exe
GET
200
185.53.178.30:80
http://js.parkingcrew.net/assets/scripts/jsparkcaf.js
DE
text
5.51 Kb
whitelisted
3896
chrome.exe
GET
200
185.53.178.30:80
http://js.parkingcrew.net/track.php?domain=gameofwhores.game&caf=1&toggle=answercheck&answer=yes&uid=MTU1NzkxMDYzMi45MzQyOmU2MDRkNDAwZjNmMmRmNGYwNzk2YWZkMjU4ZTk0ZDAxM2NlNzI3MjY5YjY4N2NkMTI4OTJmODc3ZmY0YzJkN2Y6NWNkYmQ0NjhlNDE4Yg%3D%3D
DE
binary
20 b
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
3132
iexplore.exe
204.79.197.200:80
www.bing.com
Microsoft Corporation
US
whitelisted
3896
chrome.exe
216.58.208.35:443
clientservices.googleapis.com
Google Inc.
US
whitelisted
3132
iexplore.exe
198.54.117.197:80
www.gameofwhores.game
Namecheap, Inc.
US
malicious
3896
chrome.exe
172.217.23.173:443
accounts.google.com
Google Inc.
US
whitelisted
3044
iexplore.exe
198.54.117.197:80
www.gameofwhores.game
Namecheap, Inc.
US
malicious
3044
iexplore.exe
13.35.253.65:80
i.cdnpark.com
US
suspicious
3044
iexplore.exe
185.53.179.29:80
parkingcrew.net
Team Internet AG
DE
malicious
3044
iexplore.exe
172.217.16.132:80
www.google.com
Google Inc.
US
whitelisted
3044
iexplore.exe
185.53.178.30:80
js.parkingcrew.net
Team Internet AG
DE
suspicious
3896
chrome.exe
172.217.16.195:443
www.google.com.ua
Google Inc.
US
whitelisted

DNS requests

Domain
IP
Reputation
www.bing.com
  • 204.79.197.200
  • 13.107.21.200
whitelisted
www.gameofwhores.game
  • 198.54.117.197
  • 198.54.117.198
  • 198.54.117.199
  • 198.54.117.200
malicious
i.cdnpark.com
  • 13.35.253.65
  • 13.35.253.110
  • 13.35.253.54
  • 13.35.253.80
whitelisted
parkingcrew.net
  • 185.53.179.29
whitelisted
www.google.com
  • 172.217.16.132
whitelisted
js.parkingcrew.net
  • 185.53.178.30
whitelisted
www.google.com.ua
  • 172.217.16.195
whitelisted
clientservices.googleapis.com
  • 216.58.208.35
whitelisted
accounts.google.com
  • 172.217.23.173
shared
clients1.google.com
  • 216.58.206.14
whitelisted

Threats

PID
Process
Class
Message
3896
chrome.exe
A Network Trojan was detected
ET CNC Zeus Tracker Reported CnC Server group 11
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2024 ANY.RUN LLC. ALL RIGHTS RESERVED
ANY.RUN
Reports
http://www.gameofwhores.game/