Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://shop.awesoma...

windows10-2004-x64

1

Resubmissions

10/08/2023, 22:41 UTC

230810-2mj4sshd67 1

07/08/2023, 20:48 UTC

230807-zlwebshd39 1

06/08/2023, 01:58 UTC

230806-cd7q3agh6w 1

05/08/2023, 22:43 UTC

230805-2ndcmsfa69 1

04/08/2023, 23:11 UTC

230804-2593yaga7y 1

04/08/2023, 15:03 UTC

230804-se8bzsch5z 1

03/08/2023, 22:07 UTC

230803-11w5vagc74 1

03/08/2023, 11:46 UTC

230803-nxsl2aec4y 1

03/08/2023, 00:07 UTC

230803-aef9dsad88 1

02/08/2023, 19:21 UTC

230802-x2q4faaf5s 1

Analysis

  • max time kernel
    41s
  • max time network
    42s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/08/2023, 23:11 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://shop.awesomatix.com/auth

Score
1/10

Malware Config

Signatures

  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://shop.awesomatix.com/auth
    1⤵
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3628
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe40c59758,0x7ffe40c59768,0x7ffe40c59778
      2⤵
        PID:4824
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:2
        2⤵
          PID:4336
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
          2⤵
            PID:4856
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
            2⤵
              PID:5116
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3188 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
              2⤵
                PID:4276
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3184 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                2⤵
                  PID:5048
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
                  2⤵
                    PID:1956
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
                    2⤵
                      PID:2100
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5280 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                      2⤵
                        PID:4108
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5220 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
                        2⤵
                          PID:2704
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5568 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                          2⤵
                            PID:3504
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5688 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
                            2⤵
                              PID:2960
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5268 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
                              2⤵
                                PID:3692
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5276 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
                                2⤵
                                  PID:4140
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5992 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
                                  2⤵
                                    PID:2600
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:8
                                    2⤵
                                      PID:4092
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=1612 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                                      2⤵
                                        PID:1012
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5696 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                                        2⤵
                                          PID:1044
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5680 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                                          2⤵
                                            PID:116
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5660 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                                            2⤵
                                              PID:4416
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=892 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                                              2⤵
                                                PID:480
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5156 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                                                2⤵
                                                  PID:4600
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6012 --field-trial-handle=1888,i,17912586152793023745,6282144740877973295,131072 /prefetch:1
                                                  2⤵
                                                    PID:4964
                                                • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                  1⤵
                                                    PID:1676

                                                  Network

                                                  • flag-us
                                                    DNS
                                                    208.194.73.20.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    208.194.73.20.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                  • flag-us
                                                    DNS
                                                    126.138.241.8.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    126.138.241.8.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                  • flag-us
                                                    DNS
                                                    shop.awesomatix.com
                                                    chrome.exe
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    shop.awesomatix.com
                                                    IN A
                                                    Response
                                                    shop.awesomatix.com
                                                    IN A
                                                    176.9.76.13
                                                  • flag-de
                                                    GET
                                                    https://shop.awesomatix.com/auth
                                                    chrome.exe
                                                    Remote address:
                                                    176.9.76.13:443
                                                    Request
                                                    GET /auth HTTP/1.1
                                                    Host: shop.awesomatix.com
                                                    Connection: keep-alive
                                                    sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                    sec-ch-ua-mobile: ?0
                                                    sec-ch-ua-platform: "Windows"
                                                    Upgrade-Insecure-Requests: 1
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: navigate
                                                    Sec-Fetch-User: ?1
                                                    Sec-Fetch-Dest: document
                                                    Accept-Encoding: gzip, deflate, br
                                                    Accept-Language: en-US,en;q=0.9
                                                    Response
                                                    HTTP/1.1 301 Moved Permanently
                                                    Server: nginx/1.18.0 (Ubuntu)
                                                    Date: Fri, 04 Aug 2023 23:11:22 GMT
                                                    Content-Type: text/html; charset=iso-8859-1
                                                    Transfer-Encoding: chunked
                                                    Connection: keep-alive
                                                    Location: http://shop.awesomatix.com/auth/
                                                    Strict-Transport-Security: max-age=31536000;
                                                  • flag-de
                                                    GET
                                                    https://shop.awesomatix.com/auth/
                                                    chrome.exe
                                                    Remote address:
                                                    176.9.76.13:443
                                                    Request
                                                    GET /auth/ HTTP/1.1
                                                    Host: shop.awesomatix.com
                                                    Connection: keep-alive
                                                    Upgrade-Insecure-Requests: 1
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: navigate
                                                    Sec-Fetch-User: ?1
                                                    Sec-Fetch-Dest: document
                                                    sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                    sec-ch-ua-mobile: ?0
                                                    sec-ch-ua-platform: "Windows"
                                                    Accept-Encoding: gzip, deflate, br
                                                    Accept-Language: en-US,en;q=0.9
                                                    Response
                                                    HTTP/1.1 403 Forbidden
                                                    Server: nginx/1.18.0 (Ubuntu)
                                                    Date: Fri, 04 Aug 2023 23:11:22 GMT
                                                    Content-Type: text/html; charset=iso-8859-1
                                                    Transfer-Encoding: chunked
                                                    Connection: keep-alive
                                                    Content-Encoding: gzip
                                                  • flag-de
                                                    GET
                                                    https://shop.awesomatix.com/favicon.ico
                                                    chrome.exe
                                                    Remote address:
                                                    176.9.76.13:443
                                                    Request
                                                    GET /favicon.ico HTTP/1.1
                                                    Host: shop.awesomatix.com
                                                    Connection: keep-alive
                                                    sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                    sec-ch-ua-mobile: ?0
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                    sec-ch-ua-platform: "Windows"
                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                    Sec-Fetch-Site: same-origin
                                                    Sec-Fetch-Mode: no-cors
                                                    Sec-Fetch-Dest: image
                                                    Referer: https://shop.awesomatix.com/auth/
                                                    Accept-Encoding: gzip, deflate, br
                                                    Accept-Language: en-US,en;q=0.9
                                                    Response
                                                    HTTP/1.1 404 Not Found
                                                    Server: nginx/1.18.0 (Ubuntu)
                                                    Date: Fri, 04 Aug 2023 23:11:22 GMT
                                                    Content-Type: text/html; charset=iso-8859-1
                                                    Transfer-Encoding: chunked
                                                    Connection: keep-alive
                                                    Content-Encoding: gzip
                                                  • flag-us
                                                    DNS
                                                    apps.identrust.com
                                                    chrome.exe
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    apps.identrust.com
                                                    IN A
                                                    Response
                                                    apps.identrust.com
                                                    IN CNAME
                                                    identrust.edgesuite.net
                                                    identrust.edgesuite.net
                                                    IN CNAME
                                                    a1952.dscq.akamai.net
                                                    a1952.dscq.akamai.net
                                                    IN A
                                                    23.72.252.163
                                                    a1952.dscq.akamai.net
                                                    IN A
                                                    23.72.252.171
                                                  • flag-nl
                                                    GET
                                                    http://apps.identrust.com/roots/dstrootcax3.p7c
                                                    chrome.exe
                                                    Remote address:
                                                    23.72.252.163:80
                                                    Request
                                                    GET /roots/dstrootcax3.p7c HTTP/1.1
                                                    Connection: Keep-Alive
                                                    Accept: */*
                                                    User-Agent: Microsoft-CryptoAPI/10.0
                                                    Host: apps.identrust.com
                                                    Response
                                                    HTTP/1.1 200 OK
                                                    X-XSS-Protection: 1; mode=block
                                                    Strict-Transport-Security: max-age=15768000
                                                    X-Frame-Options: SAMEORIGIN
                                                    X-Content-Type-Options: nosniff
                                                    Content-Security-Policy: default-src 'self' *.identrust.com
                                                    Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
                                                    ETag: "37d-5f433188daa00"
                                                    Accept-Ranges: bytes
                                                    Content-Length: 893
                                                    X-Content-Type-Options: nosniff
                                                    X-Frame-Options: sameorigin
                                                    Content-Type: application/pkcs7-mime
                                                    Cache-Control: max-age=3600
                                                    Expires: Sat, 05 Aug 2023 00:11:21 GMT
                                                    Date: Fri, 04 Aug 2023 23:11:21 GMT
                                                    Connection: keep-alive
                                                  • flag-us
                                                    DNS
                                                    42.36.251.142.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    42.36.251.142.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                    42.36.251.142.in-addr.arpa
                                                    IN PTR
                                                    ams17s12-in-f101e100net
                                                  • flag-us
                                                    DNS
                                                    13.76.9.176.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    13.76.9.176.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                    13.76.9.176.in-addr.arpa
                                                    IN PTR
                                                    static13769176clients your-serverde
                                                  • flag-us
                                                    DNS
                                                    163.252.72.23.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    163.252.72.23.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                    163.252.72.23.in-addr.arpa
                                                    IN PTR
                                                    a23-72-252-163deploystaticakamaitechnologiescom
                                                  • flag-us
                                                    DNS
                                                    68.32.126.40.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    68.32.126.40.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                  • flag-us
                                                    DNS
                                                    95.221.229.192.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    95.221.229.192.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                  • flag-us
                                                    DNS
                                                    146.78.124.51.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    146.78.124.51.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                  • flag-us
                                                    DNS
                                                    apis.google.com
                                                    chrome.exe
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    apis.google.com
                                                    IN A
                                                    Response
                                                    apis.google.com
                                                    IN CNAME
                                                    plus.l.google.com
                                                    plus.l.google.com
                                                    IN A
                                                    172.217.23.206
                                                  • flag-de
                                                    GET
                                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_0
                                                    chrome.exe
                                                    Remote address:
                                                    172.217.23.206:443
                                                    Request
                                                    GET /_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_0 HTTP/2.0
                                                    host: apis.google.com
                                                    sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                    sec-ch-ua-mobile: ?0
                                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                    sec-ch-ua-platform: "Windows"
                                                    accept: */*
                                                    sec-fetch-site: cross-site
                                                    sec-fetch-mode: no-cors
                                                    sec-fetch-dest: script
                                                    accept-encoding: gzip, deflate, br
                                                    accept-language: en-US,en;q=0.9
                                                  • flag-us
                                                    DNS
                                                    196.168.217.172.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    196.168.217.172.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                    196.168.217.172.in-addr.arpa
                                                    IN PTR
                                                    ams16s32-in-f41e100net
                                                  • flag-us
                                                    DNS
                                                    195.179.250.142.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    195.179.250.142.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                    195.179.250.142.in-addr.arpa
                                                    IN PTR
                                                    ams15s42-in-f31e100net
                                                  • flag-us
                                                    DNS
                                                    206.23.217.172.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    206.23.217.172.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                    206.23.217.172.in-addr.arpa
                                                    IN PTR
                                                    ams16s37-in-f141e100net
                                                    206.23.217.172.in-addr.arpa
                                                    IN PTR
                                                    prg03s05-in-f14�I
                                                    206.23.217.172.in-addr.arpa
                                                    IN PTR
                                                    prg03s05-in-f206�I
                                                  • flag-us
                                                    DNS
                                                    86.23.85.13.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    86.23.85.13.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                  • flag-us
                                                    DNS
                                                    206.23.85.13.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    206.23.85.13.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                  • flag-us
                                                    DNS
                                                    240.81.21.72.in-addr.arpa
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    240.81.21.72.in-addr.arpa
                                                    IN PTR
                                                    Response
                                                  • flag-us
                                                    DNS
                                                    gitthub.site
                                                    chrome.exe
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    gitthub.site
                                                    IN A
                                                    Response
                                                  • flag-us
                                                    DNS
                                                    google.com
                                                    chrome.exe
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    google.com
                                                    IN A
                                                    Response
                                                    google.com
                                                    IN A
                                                    142.250.179.142
                                                  • flag-us
                                                    DNS
                                                    google.com
                                                    chrome.exe
                                                    Remote address:
                                                    8.8.8.8:53
                                                    Request
                                                    google.com
                                                    IN A
                                                    Response
                                                    google.com
                                                    IN A
                                                    142.250.179.142
                                                  • 176.9.76.13:443
                                                    https://shop.awesomatix.com/favicon.ico
                                                    tls, http
                                                    chrome.exe
                                                    3.2kB
                                                     7.4kB
                                                     13
                                                    16

                                                    HTTP Request

                                                    GET https://shop.awesomatix.com/auth

                                                    HTTP Response

                                                    301

                                                    HTTP Request

                                                    GET https://shop.awesomatix.com/auth/

                                                    HTTP Response

                                                    403

                                                    HTTP Request

                                                    GET https://shop.awesomatix.com/favicon.ico

                                                    HTTP Response

                                                    404
                                                  • 23.72.252.163:80
                                                    http://apps.identrust.com/roots/dstrootcax3.p7c
                                                    http
                                                    chrome.exe
                                                    324 B
                                                     1.6kB
                                                     4
                                                    4

                                                    HTTP Request

                                                    GET http://apps.identrust.com/roots/dstrootcax3.p7c

                                                    HTTP Response

                                                    200
                                                  • 172.217.23.206:443
                                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_0
                                                    tls, http2
                                                    chrome.exe
                                                    2.4kB
                                                     49.3kB
                                                     26
                                                    41

                                                    HTTP Request

                                                    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_0
                                                  • 8.8.8.8:53
                                                    208.194.73.20.in-addr.arpa
                                                    dns
                                                    72 B
                                                     158 B
                                                     1
                                                    1

                                                    DNS Request

                                                    208.194.73.20.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    126.138.241.8.in-addr.arpa
                                                    dns
                                                    72 B
                                                     126 B
                                                     1
                                                    1

                                                    DNS Request

                                                    126.138.241.8.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    shop.awesomatix.com
                                                    dns
                                                    chrome.exe
                                                    65 B
                                                     81 B
                                                     1
                                                    1

                                                    DNS Request

                                                    shop.awesomatix.com

                                                    DNS Response

                                                    176.9.76.13

                                                  • 8.8.8.8:53
                                                    apps.identrust.com
                                                    dns
                                                    chrome.exe
                                                    64 B
                                                     165 B
                                                     1
                                                    1

                                                    DNS Request

                                                    apps.identrust.com

                                                    DNS Response

                                                    23.72.252.163
                                                    23.72.252.171

                                                  • 8.8.8.8:53
                                                    42.36.251.142.in-addr.arpa
                                                    dns
                                                    72 B
                                                     111 B
                                                     1
                                                    1

                                                    DNS Request

                                                    42.36.251.142.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    13.76.9.176.in-addr.arpa
                                                    dns
                                                    70 B
                                                     125 B
                                                     1
                                                    1

                                                    DNS Request

                                                    13.76.9.176.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    163.252.72.23.in-addr.arpa
                                                    dns
                                                    72 B
                                                     137 B
                                                     1
                                                    1

                                                    DNS Request

                                                    163.252.72.23.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    68.32.126.40.in-addr.arpa
                                                    dns
                                                    71 B
                                                     157 B
                                                     1
                                                    1

                                                    DNS Request

                                                    68.32.126.40.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    95.221.229.192.in-addr.arpa
                                                    dns
                                                    73 B
                                                     144 B
                                                     1
                                                    1

                                                    DNS Request

                                                    95.221.229.192.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    146.78.124.51.in-addr.arpa
                                                    dns
                                                    72 B
                                                     158 B
                                                     1
                                                    1

                                                    DNS Request

                                                    146.78.124.51.in-addr.arpa

                                                  • 224.0.0.251:5353
                                                    chrome.exe
                                                    204 B
                                                     3
                                                  • 8.8.8.8:53
                                                    apis.google.com
                                                    dns
                                                    chrome.exe
                                                    61 B
                                                     98 B
                                                     1
                                                    1

                                                    DNS Request

                                                    apis.google.com

                                                    DNS Response

                                                    172.217.23.206

                                                  • 8.8.8.8:53
                                                    196.168.217.172.in-addr.arpa
                                                    dns
                                                    74 B
                                                     112 B
                                                     1
                                                    1

                                                    DNS Request

                                                    196.168.217.172.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    195.179.250.142.in-addr.arpa
                                                    dns
                                                    74 B
                                                     112 B
                                                     1
                                                    1

                                                    DNS Request

                                                    195.179.250.142.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    206.23.217.172.in-addr.arpa
                                                    dns
                                                    73 B
                                                     173 B
                                                     1
                                                    1

                                                    DNS Request

                                                    206.23.217.172.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    86.23.85.13.in-addr.arpa
                                                    dns
                                                    70 B
                                                     144 B
                                                     1
                                                    1

                                                    DNS Request

                                                    86.23.85.13.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    206.23.85.13.in-addr.arpa
                                                    dns
                                                    71 B
                                                     145 B
                                                     1
                                                    1

                                                    DNS Request

                                                    206.23.85.13.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    240.81.21.72.in-addr.arpa
                                                    dns
                                                    71 B
                                                     142 B
                                                     1
                                                    1

                                                    DNS Request

                                                    240.81.21.72.in-addr.arpa

                                                  • 8.8.8.8:53
                                                    gitthub.site
                                                    dns
                                                    chrome.exe
                                                    58 B
                                                     123 B
                                                     1
                                                    1

                                                    DNS Request

                                                    gitthub.site

                                                  • 8.8.8.8:53
                                                    google.com
                                                    dns
                                                    chrome.exe
                                                    56 B
                                                     72 B
                                                     1
                                                    1

                                                    DNS Request

                                                    google.com

                                                    DNS Response

                                                    142.250.179.142

                                                  • 8.8.8.8:53
                                                    google.com
                                                    dns
                                                    chrome.exe
                                                    56 B
                                                     72 B
                                                     1
                                                    1

                                                    DNS Request

                                                    google.com

                                                    DNS Response

                                                    142.250.179.142

                                                  MITRE ATT&CK Matrix

                                                  Replay Monitor

                                                  Loading Replay Monitor...

                                                  Downloads

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                    Filesize

                                                    539B

                                                    MD5

                                                    6d75d6237d71e7369a354e3a8ad50644

                                                    SHA1

                                                    557e9431daac78da6584f7e6a1ebf04b5a5cb37c

                                                    SHA256

                                                    1c2c62a609753a40db585c432720f01b02a96a803e3eab107eff71974322d681

                                                    SHA512

                                                    25fd2fa6c3703d2ad62e1e238babbd10e54eeb4da9f413cace2f39a89f90f1368452a499386f4a55a17220212025dee4e336eaa6c07a26f5bb9b5f56b88885d1

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                    Filesize

                                                    539B

                                                    MD5

                                                    8006ca8bd39831c9fd4c1cdaf5f4f4b2

                                                    SHA1

                                                    a86a12fc6daefac8de7db48392ae3c34916b496b

                                                    SHA256

                                                    b64dc3bf48d399e80da6a830e8c03234186b3aa8f542e11744ea67ae514695e7

                                                    SHA512

                                                    204e9b5da3097df1924de482cf6ddc174ebb0d0c4b6266971d342d15e17b4d4cf8eb4b50e399c03c283d6c05de2c1095c739c92e9b5f2001deab171f0213821d

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                    Filesize

                                                    6KB

                                                    MD5

                                                    8188223a54211032fd0e57887f3739a5

                                                    SHA1

                                                    14080f4f0c9f9aede821e22260f53a87b39198f7

                                                    SHA256

                                                    1373308afe9c241094677e717205cfa6927de0a80ead668acab6d448f7df25b3

                                                    SHA512

                                                    b57900e9f04294b4230830e6e625f977e4754cd6fd0d2345a29bca55c9221d079b765e73976a32acd84d2bb82003b49c1b58f8ada252932fdc3d483b5fd8e134

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                    Filesize

                                                    6KB

                                                    MD5

                                                    ed22c2372f0ecc176a70317876bf351a

                                                    SHA1

                                                    a24ea6b0edcd9bddff04b739b932eeb6d70d0e0d

                                                    SHA256

                                                    54c5989d61c726cf5219007e4a630a8e14e56fa49e2500c42c970b7c2ad5cde7

                                                    SHA512

                                                    88a1351334a0e23bcb576ac1a51d90a2d9d43a57fa4bab5eca65451eb5b596a4cd797cdb5080a3e69c6669a4ba12f8e5aa2126484bafea14f02f68ec135bcdc0

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                    Filesize

                                                    89KB

                                                    MD5

                                                    a387d46e76d35e2e52e2ee1c7a15f5fb

                                                    SHA1

                                                    948859ce33a7d92b189dffd5a57051c637d60444

                                                    SHA256

                                                    8235653e1f08eac5c025ab67936d0d256acf49345c35b92bec3aafa677ce39e5

                                                    SHA512

                                                    36066dc53e4ac53f437b91c4b38a4b6dfae1c2786b2296a11056678c3463de750580b48ec249a344c7a7ce39a75aa56380cd937fc6c4ea2ce8967f6d933a056a

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                    Filesize

                                                    89KB

                                                    MD5

                                                    494b652bb5c0fc15908d7f36f6aecf31

                                                    SHA1

                                                    a324a9d438888387d75a08ad878468c9772f748a

                                                    SHA256

                                                    f411f5a08757ed8128a1eaaf2f392e9939fba5c85845f1cce504db2d3bd30a77

                                                    SHA512

                                                    67cd219919c282095412311cb19531bfb237cb0ff8de59647b184490b9c1965db7565da1db3370c513767a15e99dfdb0d54947bcb4af8fe4b61cc4a1db26b6f9

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                    Filesize

                                                    89KB

                                                    MD5

                                                    844964ae4557dcbcab3270ea4d38afe2

                                                    SHA1

                                                    b36cf207b0744e6f2b08f8612c9152e453b094be

                                                    SHA256

                                                    96a4c171fab42b71dc3a9a286fbef7eeaa1cc038dac9dc1445936f576f624ca5

                                                    SHA512

                                                    b995aa5f6289d62b90eac7da65c5ff514e34f0bb498edce8a9728f603d33fd72f7897eec16311e1ad2db0312669f5965572ba3ec10aff46f620dde68d4cf463b

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
                                                    Filesize

                                                    2B

                                                    MD5

                                                    99914b932bd37a50b983c5e7c90ae93b

                                                    SHA1

                                                    bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                    SHA256

                                                    44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                    SHA512

                                                    27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                    Download Submit

                                                  We care about your privacy.

                                                  This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.