URL:

http://www.hitcpm.com:80/watch?key=94b3243e2cb6d7e17112c16515a33942

Full analysis: https://app.any.run/tasks/c9735abc-b17b-4437-8734-1a689b16e9ed
Verdict: No threats detected
Analysis date: February 06, 2019, 09:50:19
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MD5:

7F5E283E357B6753A0E6E338C36BC930

SHA1:

0AFDA8F56571CF6F1C3AF0EB3907D70C1FD3A2BC

SHA256:

AFE7DA3C81CAB2ED911880D3F661ACEFB69C597B3A97AB095B5BD6FA709E82D0

SSDEEP:

3:N1KJS4pR4oGCQR2Fx+dn:Cc4HGz64d

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    • Application launched itself

      • chrome.exe (PID: 2748)

    • Reads settings of System Certificates

      • chrome.exe (PID: 2748)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
41
Monitored processes
12
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1708"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=960,1271383365220138652,16944992696421106841,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=153BB5CC97A8AB5D733E45B8F14BEB42 --mojo-platform-channel-handle=3940 /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
2540"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=960,1271383365220138652,16944992696421106841,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=F62BEC0C2D5D389709977FC52004CFE7 --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=F62BEC0C2D5D389709977FC52004CFE7 --renderer-client-id=9 --mojo-platform-channel-handle=2420 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
2552"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=960,1271383365220138652,16944992696421106841,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=23610DA0D906EEF5B49896B6A3ABE3BE --mojo-platform-channel-handle=4172 --ignored=" --type=renderer " /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
2648"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=960,1271383365220138652,16944992696421106841,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=6A17D464B53A041A170D5AC971AB53A2 --mojo-platform-channel-handle=3808 /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
2748"C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.hitcpm.com:80/watch?key=94b3243e2cb6d7e17112c16515a33942C:\Program Files\Google\Chrome\Application\chrome.exe
explorer.exe
User:
admin
Company:
Google Inc.
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
2812"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=960,1271383365220138652,16944992696421106841,131072 --enable-features=PasswordImport --service-pipe-token=6594FA022F0CF9BA49D6BA57F21202F0 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6594FA022F0CF9BA49D6BA57F21202F0 --renderer-client-id=4 --mojo-platform-channel-handle=1856 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
2880"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=960,1271383365220138652,16944992696421106841,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=1F0B49F7521FB4F0BFB88672B619BEB7 --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1F0B49F7521FB4F0BFB88672B619BEB7 --renderer-client-id=10 --mojo-platform-channel-handle=2284 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
2884"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2752 --on-initialized-event-handle=304 --parent-handle=308 /prefetch:6C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
3148"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=960,1271383365220138652,16944992696421106841,131072 --enable-features=PasswordImport --disable-gpu-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=5DCCB594F3D21FDD16C415730B21CF05 --mojo-platform-channel-handle=3720 /prefetch:2C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
3356"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=960,1271383365220138652,16944992696421106841,131072 --enable-features=PasswordImport --service-pipe-token=9A45B09FC40F5B70804A3CCA333C02B1 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9A45B09FC40F5B70804A3CCA333C02B1 --renderer-client-id=3 --mojo-platform-channel-handle=2064 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google Inc.
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
68.0.3440.106
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
Total events
535
Read events
489
Write events
43
Delete events
3

Modification events

(PID) Process:(2748) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(2748) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(2748) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(2884) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
Operation:writeName:2748-13193920230155875
Value:
259
(PID) Process:(2748) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Operation:writeName:dr
Value:
1
(PID) Process:(2748) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome
Operation:writeName:UsageStatsInSample
Value:
0
(PID) Process:(2748) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
Operation:delete valueName:3516-13180984670829101
Value:
0
(PID) Process:(2748) chrome.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
Operation:writeName:usagestats
Value:
0
(PID) Process:(2748) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
Operation:delete valueName:2748-13193920230155875
Value:
259
(PID) Process:(2748) chrome.exeKey:HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Operation:writeName:metricsid
Value:
Executable files
0
Suspicious files
20
Text files
89
Unknown types
1

Dropped files

PID
Process
Filename
Type
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\c730f3bf-3507-4d26-9272-1b9b3213fecc.tmp
MD5:
SHA256:
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\000016.dbtmp
MD5:
SHA256:
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000016.dbtmp
MD5:
SHA256:
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\d7833807-104c-48dd-add4-f9b199a6e86e.tmp
MD5:
SHA256:
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF245a17.TMPtext
MD5:
SHA256:
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldtext
MD5:
SHA256:
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.oldtext
MD5:
SHA256:
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.old~RF245ac3.TMPtext
MD5:
SHA256:
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.oldtext
MD5:
SHA256:
2748chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Translate Ranker Model~RF245d05.TMPbinary
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
11
TCP/UDP connections
45
DNS requests
34
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
2748
chrome.exe
GET
302
198.134.112.244:80
http://www.hitcpm.com/watch?shu=e0bb6cb6c850d445b443e625837080b53590d1d1f687fe0e0fd6df4a4a4a27ee472181aa4a02967f5f1c1f5cf0f06c81b39bfe80a36c01a1506db0e736f3a4167839ee21fddda68cea7fe7&pst=1549446691&rmtc=t&uuid=3fc307c2-e545-4b3b-95a9-10cd9101fa39%3A3%3A1&pii=&in=false&key=94b3243e2cb6d7e17112c16515a33942
US
whitelisted
2748
chrome.exe
GET
302
2.19.43.19:80
http://s.click.aliexpress.com/e/bFmyn62G?af=33287&dp=HO__10474__1026145da4250af900257faa9a6b4e&cv=14197325&u_id=ace531e81af78d5bc46dbbcdcd3b22a3
unknown
whitelisted
2748
chrome.exe
GET
200
198.134.112.244:80
http://www.hitcpm.com/watch?key=94b3243e2cb6d7e17112c16515a33942
US
html
1.16 Kb
whitelisted
2748
chrome.exe
GET
200
198.134.112.244:80
http://www.hitcpm.com/favicon.ico
US
compressed
1.16 Kb
whitelisted
2748
chrome.exe
GET
200
23.111.224.1:80
http://r.remarketingpixel.com/stats
NL
text
40 b
whitelisted
2748
chrome.exe
GET
302
54.76.227.123:80
http://track.iafov.com/aff_c?offer_id=10474&aff_id=33287&aff_sub2=ace531e81af78d5bc46dbbcdcd3b22a3&aff_sub1=14197325
IE
html
340 b
unknown
2748
chrome.exe
GET
200
23.45.102.209:80
http://ae01.alicdn.com/kf/HTB1lDF0a5DxK1Rjy1zc761GeXXaz.png?v=1549004408775
NL
image
84.2 Kb
whitelisted
2748
chrome.exe
GET
200
23.45.102.209:80
http://ae01.alicdn.com/kf/HTB1Y77OaU_rK1Rjy0Fc762EvVXax.png?v=1549003412645
NL
image
66.1 Kb
whitelisted
2748
chrome.exe
GET
200
23.45.102.209:80
http://ae01.alicdn.com/kf/HTB1d90iaZfrK1Rjy1Xd761emFXap.png?v=1549003693296
NL
image
79.1 Kb
whitelisted
2748
chrome.exe
GET
200
23.45.102.209:80
http://ae01.alicdn.com/kf/HTB1ngNha5zxK1RjSspjq6AS.pXaJ.jpg?v=1549033753986
NL
image
217 Kb
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
2748
chrome.exe
198.134.112.244:80
www.hitcpm.com
Webair Internet Development Company Inc.
US
suspicious
2748
chrome.exe
23.45.102.209:443
i.alicdn.com
Akamai International B.V.
NL
whitelisted
2748
chrome.exe
23.45.102.209:80
i.alicdn.com
Akamai International B.V.
NL
whitelisted
2748
chrome.exe
205.204.101.182:443
gj.mmstat.com
Alibaba (China) Technology Co., Ltd.
US
suspicious
2748
chrome.exe
205.204.101.142:443
cmap.alibaba.com
Alibaba (China) Technology Co., Ltd.
US
unknown
2748
chrome.exe
47.88.68.42:443
acs.aliexpress.com
Alibaba (China) Technology Co., Ltd.
US
unknown
2748
chrome.exe
198.11.132.57:443
fourier.alibaba.com
Alibaba (China) Technology Co., Ltd.
US
unknown
2748
chrome.exe
216.58.208.46:443
translate.google.com
Google Inc.
US
whitelisted
2748
chrome.exe
172.217.18.99:443
clientservices.googleapis.com
Google Inc.
US
whitelisted
2748
chrome.exe
216.58.205.227:443
www.gstatic.com
Google Inc.
US
whitelisted

DNS requests

Domain
IP
Reputation
www.gstatic.com
  • 216.58.205.227
whitelisted
clientservices.googleapis.com
  • 172.217.18.99
whitelisted
www.hitcpm.com
  • 198.134.112.244
  • 198.134.112.241
  • 198.134.112.243
  • 198.134.112.242
whitelisted
accounts.google.com
  • 216.58.208.45
shared
r.remarketingpixel.com
  • 23.111.224.1
  • 23.111.224.2
whitelisted
track.iafov.com
  • 54.76.227.123
  • 52.211.100.111
  • 34.246.101.33
unknown
s.click.aliexpress.com
  • 2.19.43.19
whitelisted
best.aliexpress.com
  • 104.111.246.208
whitelisted
i.alicdn.com
  • 23.45.102.209
whitelisted
safebrowsing.googleapis.com
  • 216.58.208.42
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
http://www.hitcpm.com:80/watch?key=94b3243e2cb6d7e17112c16515a33942