URL:

1soft.space

Full analysis: https://app.any.run/tasks/e5b6d66d-913c-4c40-a368-7e67773f32f6
Verdict: Malicious activity
Analysis date: February 22, 2024, 05:40:55
OS: Windows 10 Professional (build: 19044, 64 bit)
Indicators:
MD5:

8A06DFA0BB0EF09D611C5305D18F3555

SHA1:

3DDB7B32946A59DFBBE82F3D726D5CB70BFA18EC

SHA256:

AE66E3CFC5655FE5E1BA7030DD1BCE8042E57247E6DE51E066CE6634CF4BE681

SSDEEP:

3:PKNL3X:EjX

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    • Reads security settings of Internet Explorer

      • BackgroundTransferHost.exe (PID: 5356)
      • BackgroundTransferHost.exe (PID: 1780)
      • BackgroundTransferHost.exe (PID: 3752)
      • BackgroundTransferHost.exe (PID: 1336)
      • BackgroundTransferHost.exe (PID: 6688)

    • Reads Microsoft Office registry keys

      • chrome.exe (PID: 4040)

    • Creates files or folders in the user directory

      • BackgroundTransferHost.exe (PID: 1780)

    • Reads the software policy settings

      • BackgroundTransferHost.exe (PID: 1780)
      • slui.exe (PID: 5752)

    • Checks proxy server information

      • BackgroundTransferHost.exe (PID: 1780)
      • slui.exe (PID: 5752)

    • Drops the executable file immediately after the start

      • chrome.exe (PID: 1740)
      • chrome.exe (PID: 5956)

    • Executable content was dropped or overwritten

      • chrome.exe (PID: 5956)
      • chrome.exe (PID: 1740)

    • Application launched itself

      • chrome.exe (PID: 4040)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
175
Monitored processes
37
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs backgroundtransferhost.exe no specs backgroundtransferhost.exe backgroundtransferhost.exe no specs backgroundtransferhost.exe no specs backgroundtransferhost.exe no specs slui.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs filecoauth.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
436"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=4552 --field-trial-handle=1904,i,3466898513431225561,4602238718736485622,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
112.0.5615.50
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\112.0.5615.50\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1128"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=1468 --field-trial-handle=1904,i,3466898513431225561,4602238718736485622,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
112.0.5615.50
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\112.0.5615.50\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1308"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=4976 --field-trial-handle=1904,i,3466898513431225561,4602238718736485622,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
112.0.5615.50
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\112.0.5615.50\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1336"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1C:\Windows\System32\BackgroundTransferHost.exesvchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Download/Upload Host
Exit code:
1
Version:
10.0.19041.746 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\backgroundtransferhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\kernel.appcore.dll
c:\windows\system32\bcryptprimitives.dll
1492"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=4760 --field-trial-handle=1904,i,3466898513431225561,4602238718736485622,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
112.0.5615.50
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\112.0.5615.50\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1556"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --disable-quic --mojo-platform-channel-handle=4356 --field-trial-handle=1904,i,3466898513431225561,4602238718736485622,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
112.0.5615.50
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\112.0.5615.50\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1596"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=2412 --field-trial-handle=1904,i,3466898513431225561,4602238718736485622,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
112.0.5615.50
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\112.0.5615.50\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1660"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --disable-quic --mojo-platform-channel-handle=4376 --field-trial-handle=1904,i,3466898513431225561,4602238718736485622,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
112.0.5615.50
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\112.0.5615.50\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1724"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=4724 --field-trial-handle=1904,i,3466898513431225561,4602238718736485622,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
112.0.5615.50
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\112.0.5615.50\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1740"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=4864 --field-trial-handle=1904,i,3466898513431225561,4602238718736485622,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exe
chrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
112.0.5615.50
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\112.0.5615.50\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
Total events
14 103
Read events
14 051
Write events
46
Delete events
6

Modification events

(PID) Process:(4040) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(4040) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(4040) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\ThirdParty
Operation:writeName:StatusCodes
Value:
(PID) Process:(4040) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\ThirdParty
Operation:writeName:StatusCodes
Value:
01000000
(PID) Process:(4040) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(4040) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Operation:writeName:dr
Value:
1
(PID) Process:(4040) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\StabilityMetrics
Operation:writeName:user_experience_metrics.stability.exited_cleanly
Value:
0
(PID) Process:(4040) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome
Operation:writeName:UsageStatsInSample
Value:
0
(PID) Process:(4040) chrome.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
Operation:writeName:usagestats
Value:
0
(PID) Process:(4040) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Operation:writeName:metricsid
Value:
Executable files
12
Suspicious files
103
Text files
87
Unknown types
302

Dropped files

PID
Process
Filename
Type
4040chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\commerce_subscription_db\LOG.old~RF1354bb.TMP
MD5:
SHA256:
4040chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\commerce_subscription_db\LOG.old
MD5:
SHA256:
4040chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\coupon_db\LOG.old~RF135893.TMP
MD5:
SHA256:
4040chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldtext
MD5:602C51DB8380F8CD0A961D9A46AF1186
SHA256:84F716E38017F52138A76222524A3152DB8D3A7FBE30E94067458568B14DC36D
4040chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\coupon_db\LOG.old
MD5:
SHA256:
4040chrome.exeC:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\LAST VERSIONtext
MD5:6938856FB4E39ADCAA9D9664D679E7E3
SHA256:9FC3A390773A9E5326F7731EF4D54D80400FB7C36BAA62CA81AC2CA8141EDBD3
4040chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG.old~RF13571c.TMPtext
MD5:A89F9952DB446BABF3D64662E1968AE0
SHA256:5536332FF24533430195D3DB5B94989AB71460E67ED736B9CA14DCEFEDCE8E43
4040chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF135651.TMPtext
MD5:9F028AF7B9C59724CD4325DEBD825188
SHA256:7F1814E5CD5E049F854BC3519AB636A8338278E0C1A839314BD4D7F1AC373975
4040chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old~RF1354bb.TMPtext
MD5:8AECEF772A78DF729B6B67A742DF8DD1
SHA256:7BC5ED6F062C5C36D2CD60F07A622A4DF35B03D7747E33D5129558752243BB0D
4040chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldtext
MD5:139F545948FC1F10256A27E3C2CEF062
SHA256:9399CC6F9C335015E086DB37208B1816A7831221A005B04AC83C4F86CC04230D
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
85
TCP/UDP connections
82
DNS requests
62
Threats
3

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
7052
chrome.exe
GET
302
193.56.8.81:80
http://1soft.space/
unknown
unknown
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
binary
471 b
unknown
1440
backgroundTaskHost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAzlnDD9eoNTLi0BRrMy%2BWU%3D
unknown
binary
312 b
unknown
7084
svchost.exe
GET
200
2.16.241.12:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
binary
1.01 Kb
unknown
4492
backgroundTaskHost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEA177el9ggmWelJjG4vdGL0%3D
unknown
binary
471 b
unknown
6896
MoUsoCoreWorker.exe
GET
200
2.16.241.12:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
binary
1.01 Kb
unknown
4528
svchost.exe
HEAD
200
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acs7jwb4vh357wtsxdlrthyegyqq_2023.11.27.1202/ggkkehgbnfjpeggfpleeakpidbkibbmn_2023.11.27.1202_all_admxda2vchtoykhnnwzdlbnqqt6a.crx3
unknown
unknown
1780
BackgroundTransferHost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAzlnDD9eoNTLi0BRrMy%2BWU%3D
unknown
binary
312 b
unknown
4528
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acs7jwb4vh357wtsxdlrthyegyqq_2023.11.27.1202/ggkkehgbnfjpeggfpleeakpidbkibbmn_2023.11.27.1202_all_admxda2vchtoykhnnwzdlbnqqt6a.crx3
unknown
binary
121 b
unknown
4528
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acs7jwb4vh357wtsxdlrthyegyqq_2023.11.27.1202/ggkkehgbnfjpeggfpleeakpidbkibbmn_2023.11.27.1202_all_admxda2vchtoykhnnwzdlbnqqt6a.crx3
unknown
binary
2.49 Kb
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
3848
svchost.exe
239.255.255.250:1900
unknown
4
System
192.168.100.255:138
whitelisted
5928
svchost.exe
20.190.159.73:443
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
6896
MoUsoCoreWorker.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
4040
chrome.exe
239.255.255.250:1900
unknown
7052
chrome.exe
193.56.8.81:80
1soft.space
Zomro B.V.
NL
unknown
7052
chrome.exe
64.233.184.84:443
accounts.google.com
GOOGLE
US
unknown
7052
chrome.exe
193.56.8.81:443
1soft.space
Zomro B.V.
NL
unknown
7052
chrome.exe
172.217.18.106:443
fonts.googleapis.com
GOOGLE
US
whitelisted
7052
chrome.exe
216.58.206.35:443
fonts.gstatic.com
GOOGLE
US
whitelisted

DNS requests

Domain
IP
Reputation
1soft.space
  • 193.56.8.81
unknown
accounts.google.com
  • 64.233.184.84
shared
fonts.googleapis.com
  • 172.217.18.106
whitelisted
fonts.gstatic.com
  • 216.58.206.35
whitelisted
smatr.net
  • 88.208.46.222
unknown
www.googletagmanager.com
  • 142.250.186.136
whitelisted
runoffree.bid
  • 104.21.40.149
  • 172.67.153.14
unknown
cdn.gtranslate.net
  • 104.26.14.75
  • 104.26.15.75
  • 172.67.72.192
unknown
mc.yandex.ru
  • 87.250.250.119
  • 93.158.134.119
  • 77.88.21.119
  • 87.250.251.119
whitelisted
smelel.icu
  • 88.208.46.222
unknown

Threats

PID
Process
Class
Message
7052
chrome.exe
Potentially Bad Traffic
ET INFO DNS Query for Suspicious .icu Domain
7052
chrome.exe
Potentially Bad Traffic
ET INFO Suspicious Domain (*.icu) in TLS SNI
7052
chrome.exe
Potentially Bad Traffic
ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
1soft.space