3.8
中危
该样本未表现出任何异常!
重新分析
更多

22e7265a65a37f02479d55986c075dc47feb852503c429906435c25b19603756

a7b72d6dbf8fa6089b131996cdb6090f.exe

分析耗时

93s

最近分析

文件大小

2.5MB
静态报毒 动态报毒
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20201027 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20201027 18.4.3895.0
Tencent 20201027 1.0.0.1
Kingsoft 20201027 2013.8.14.323
CrowdStrike 20190702 1.0
行为判定
动态指标
HTTP traffic contains suspicious features which may be indicative of malware related traffic (1 个事件)
suspicious_features POST method with no referer header suspicious_request POST https://update.googleapis.com/service/update2?cup2key=10:682656342&cup2hreq=a1deab9cc7f75974a668639be1617f5d5f81fee095cf68f20041a71225e9554c
Performs some HTTP requests (4 个事件)
request HEAD http://redirector.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe
request HEAD http://r1---sn-j5o7dn7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=202.100.214.100&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1620808827&mv=m&mvi=1&pl=23&shardbypass=yes
request HEAD http://r3---sn-j5o7dn7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?mh=ms&pl=17&shardbypass=yes&redirect_counter=1&rm=sn-j5ok7e&req_id=5063692b5cd0e740&cms_redirect=yes&ipbypass=yes&mip=59.50.85.19&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1620808827&mv=m&mvi=3
request POST https://update.googleapis.com/service/update2?cup2key=10:682656342&cup2hreq=a1deab9cc7f75974a668639be1617f5d5f81fee095cf68f20041a71225e9554c
Sends data using the HTTP POST Method (1 个事件)
request POST https://update.googleapis.com/service/update2?cup2key=10:682656342&cup2hreq=a1deab9cc7f75974a668639be1617f5d5f81fee095cf68f20041a71225e9554c
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1620808800.656125
NtAllocateVirtualMemory
process_identifier: 2504
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x006d0000
success 0 0
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-05-21 13:56:25

Imports

Library mpr.dll:
0x66b94c WNetEnumResourceW
0x66b954 WNetGetConnectionW
0x66b958 WNetCloseEnum
0x66b95c WNetOpenEnumW
Library comdlg32.dll:
0x66b964 GetSaveFileNameW
0x66b968 GetOpenFileNameW
Library comctl32.dll:
0x66b974 InitCommonControls
0x66b978 ImageList_DragMove
0x66b97c ImageList_Destroy
0x66b980 _TrackMouseEvent
0x66b988 ImageList_Add
0x66b994 ImageList_Create
0x66b998 ImageList_EndDrag
0x66b99c ImageList_DrawEx
0x66b9a4 FlatSB_GetScrollPos
0x66b9a8 FlatSB_SetScrollPos
0x66b9ac InitializeFlatSB
0x66b9b4 ImageList_Write
0x66b9c0 ImageList_BeginDrag
0x66b9c4 ImageList_GetIcon
0x66b9cc ImageList_DragEnter
0x66b9d8 ImageList_Read
0x66b9dc ImageList_DragLeave
0x66b9e0 ImageList_Draw
0x66b9e4 ImageList_Remove
Library shell32.dll:
0x66b9ec SHBrowseForFolderW
0x66b9f0 ExtractIconW
0x66b9f4 SHGetMalloc
0x66b9f8 SHGetFileInfoW
0x66b9fc SHChangeNotify
0x66ba00 Shell_NotifyIconW
0x66ba04 ShellExecuteW
0x66ba0c ShellExecuteExW
Library user32.dll:
0x66ba14 CopyImage
0x66ba18 CreateWindowExW
0x66ba1c GetMenuItemInfoW
0x66ba20 SetMenuItemInfoW
0x66ba24 DefFrameProcW
0x66ba28 GetDCEx
0x66ba2c GetMessageW
0x66ba30 PeekMessageW
0x66ba34 MonitorFromWindow
0x66ba38 GetDlgCtrlID
0x66ba3c ScrollWindowEx
0x66ba40 SetTimer
0x66ba44 WindowFromPoint
0x66ba48 BeginPaint
0x66ba50 FrameRect
0x66ba54 MapVirtualKeyW
0x66ba58 OffsetRect
0x66ba5c IsWindowUnicode
0x66ba64 FillRect
0x66ba68 GetMenuStringW
0x66ba6c DispatchMessageW
0x66ba70 SendMessageA
0x66ba74 DefMDIChildProcW
0x66ba78 EnumWindows
0x66ba7c GetClassInfoW
0x66ba80 GetSystemMenu
0x66ba84 WaitForInputIdle
0x66ba88 ShowOwnedPopups
0x66ba8c GetScrollRange
0x66ba90 GetScrollPos
0x66ba94 SetScrollPos
0x66ba98 GetActiveWindow
0x66ba9c SetActiveWindow
0x66baa0 DrawEdge
0x66baa4 InflateRect
0x66baac OemToCharBuffA
0x66bab0 LoadBitmapW
0x66bab4 DrawFocusRect
0x66bab8 EnumChildWindows
0x66babc GetScrollBarInfo
0x66bac0 SendNotifyMessageW
0x66bac4 ReleaseCapture
0x66bac8 UnhookWindowsHookEx
0x66bacc LoadCursorW
0x66bad0 GetCapture
0x66bad4 SetCapture
0x66bad8 CreatePopupMenu
0x66badc ScrollWindow
0x66bae0 ShowCaret
0x66bae4 GetMenuItemID
0x66bae8 GetLastActivePopup
0x66baec CharLowerBuffW
0x66baf0 GetSystemMetrics
0x66baf4 SetWindowLongW
0x66baf8 PostMessageW
0x66bafc DrawMenuBar
0x66bb00 SetParent
0x66bb04 IsZoomed
0x66bb08 CharUpperBuffW
0x66bb0c GetClientRect
0x66bb10 IsChild
0x66bb14 ClientToScreen
0x66bb18 SetWindowPlacement
0x66bb1c IsIconic
0x66bb20 CallNextHookEx
0x66bb24 GetMonitorInfoW
0x66bb28 ShowWindow
0x66bb2c CheckMenuItem
0x66bb30 CharUpperW
0x66bb34 DefWindowProcW
0x66bb38 GetForegroundWindow
0x66bb3c SetForegroundWindow
0x66bb40 GetWindowTextW
0x66bb44 EnableWindow
0x66bb48 DestroyWindow
0x66bb4c IsDialogMessageW
0x66bb50 EndMenu
0x66bb54 RegisterClassW
0x66bb58 CharNextW
0x66bb60 RedrawWindow
0x66bb64 GetDC
0x66bb68 GetFocus
0x66bb6c SetFocus
0x66bb70 EndPaint
0x66bb74 ExitWindowsEx
0x66bb78 ReleaseDC
0x66bb80 LoadKeyboardLayoutW
0x66bb84 GetClassLongW
0x66bb8c GetParent
0x66bb90 CharToOemBuffA
0x66bb94 DrawTextW
0x66bb98 SetScrollRange
0x66bb9c InsertMenuItemW
0x66bba0 PeekMessageA
0x66bba4 GetPropW
0x66bba8 SetClassLongW
0x66bbac MessageBoxW
0x66bbb0 MessageBeep
0x66bbb4 SetPropW
0x66bbb8 SetRectEmpty
0x66bbbc UpdateWindow
0x66bbc0 RemovePropW
0x66bbc4 GetSubMenu
0x66bbcc DestroyMenu
0x66bbd0 DestroyIcon
0x66bbd4 SetWindowsHookExW
0x66bbd8 IsWindowVisible
0x66bbdc DispatchMessageA
0x66bbe0 UnregisterClassW
0x66bbe4 GetTopWindow
0x66bbe8 SendMessageW
0x66bbec AdjustWindowRectEx
0x66bbf0 DrawIcon
0x66bbf4 IsWindow
0x66bbf8 EnumThreadWindows
0x66bbfc InvalidateRect
0x66bc00 GetKeyboardState
0x66bc04 DrawFrameControl
0x66bc08 ScreenToClient
0x66bc0c SendMessageTimeoutW
0x66bc10 BringWindowToTop
0x66bc14 SetCursor
0x66bc18 CreateIcon
0x66bc1c CreateMenu
0x66bc20 LoadStringW
0x66bc24 CharLowerW
0x66bc28 SetWindowPos
0x66bc2c SetWindowRgn
0x66bc30 GetMenuItemCount
0x66bc34 RemoveMenu
0x66bc38 AppendMenuW
0x66bc3c GetSysColorBrush
0x66bc44 GetWindowDC
0x66bc48 TranslateMessage
0x66bc4c DrawTextExW
0x66bc50 MapWindowPoints
0x66bc54 EnumDisplayMonitors
0x66bc58 CallWindowProcW
0x66bc5c DestroyCursor
0x66bc60 ReplyMessage
0x66bc64 GetScrollInfo
0x66bc68 SetWindowTextW
0x66bc6c GetMessageExtraInfo
0x66bc70 EnableScrollBar
0x66bc74 GetSysColor
0x66bc78 TrackPopupMenu
0x66bc7c DrawIconEx
0x66bc80 PostQuitMessage
0x66bc84 GetClassNameW
0x66bc88 ShowScrollBar
0x66bc8c EnableMenuItem
0x66bc90 GetIconInfo
0x66bc94 GetMessagePos
0x66bc98 SetScrollInfo
0x66bc9c GetKeyNameTextW
0x66bca0 GetDesktopWindow
0x66bca4 GetCursorPos
0x66bca8 SetCursorPos
0x66bcac HideCaret
0x66bcb0 GetMenu
0x66bcb4 GetMenuState
0x66bcb8 SetMenu
0x66bcbc SetRect
0x66bcc0 GetKeyState
0x66bcc4 FindWindowExW
0x66bcc8 MonitorFromPoint
0x66bcd0 LoadIconW
0x66bcd4 GetCursor
0x66bcd8 GetWindow
0x66bcdc GetWindowLongW
0x66bce0 GetWindowRect
0x66bce4 InsertMenuW
0x66bce8 KillTimer
0x66bcec WaitMessage
0x66bcf0 IsWindowEnabled
0x66bcf4 IsDialogMessageA
0x66bcfc GetWindowPlacement
0x66bd00 FindWindowW
0x66bd04 DeleteMenu
0x66bd08 GetKeyboardLayout
Library version.dll:
0x66bd14 VerQueryValueW
0x66bd18 GetFileVersionInfoW
Library oleaut32.dll:
0x66bd20 SafeArrayPutElement
0x66bd24 LoadTypeLib
0x66bd28 GetErrorInfo
0x66bd2c VariantInit
0x66bd30 VariantClear
0x66bd34 SysFreeString
0x66bd38 SysReAllocStringLen
0x66bd3c SafeArrayCreate
0x66bd40 SafeArrayGetElement
0x66bd44 GetActiveObject
0x66bd48 SysAllocStringLen
0x66bd4c SafeArrayPtrOfIndex
0x66bd50 SafeArrayGetUBound
0x66bd54 SafeArrayGetLBound
0x66bd58 VariantCopy
0x66bd5c RegisterTypeLib
0x66bd60 VariantChangeType
0x66bd64 VariantCopyInd
Library advapi32.dll:
0x66bd6c RegSetValueExW
0x66bd70 RegEnumKeyExW
0x66bd78 OpenThreadToken
0x66bd7c GetUserNameW
0x66bd80 RegDeleteKeyW
0x66bd88 OpenProcessToken
0x66bd8c RegOpenKeyExW
0x66bd90 RegQueryInfoKeyW
0x66bd98 FreeSid
0x66bd9c EqualSid
0x66bda0 RegDeleteValueW
0x66bda4 RegFlushKey
0x66bda8 RegQueryValueExW
0x66bdac RegEnumValueW
0x66bdb0 GetTokenInformation
0x66bdb8 RegCloseKey
0x66bdbc RegCreateKeyExW
Library netapi32.dll:
0x66bdc8 NetWkstaGetInfo
0x66bdcc NetApiBufferFree
Library kernel32.dll:
0x66bdd4 SetFileAttributesW
0x66bdd8 SetFileTime
0x66bddc GetACP
0x66bde0 GetExitCodeProcess
0x66bde4 IsBadWritePtr
0x66bde8 CloseHandle
0x66bdec LocalFree
0x66bdf0 GetCurrentProcessId
0x66bdf4 SizeofResource
0x66bdf8 VirtualProtect
0x66be00 FindNextFileW
0x66be04 GetFullPathNameW
0x66be08 VirtualFree
0x66be0c ExitProcess
0x66be10 HeapAlloc
0x66be14 WriteProfileStringW
0x66be18 GetCPInfoExW
0x66be1c RtlUnwind
0x66be20 GetCPInfo
0x66be24 GetStdHandle
0x66be2c GetModuleHandleW
0x66be30 FreeLibrary
0x66be34 HeapDestroy
0x66be38 CompareFileTime
0x66be3c ReadFile
0x66be40 CreateProcessW
0x66be44 TransactNamedPipe
0x66be48 GetLastError
0x66be4c GetModuleFileNameW
0x66be50 SetLastError
0x66be54 FindResourceW
0x66be58 OpenMutexW
0x66be5c CreateThread
0x66be60 CompareStringW
0x66be64 CopyFileW
0x66be68 CreateMutexW
0x66be6c LoadLibraryA
0x66be70 ResetEvent
0x66be74 MulDiv
0x66be78 FreeResource
0x66be7c GetDriveTypeW
0x66be80 GetVersion
0x66be84 RaiseException
0x66be88 MoveFileW
0x66be8c GlobalAddAtomW
0x66be94 FormatMessageW
0x66be98 OpenProcess
0x66be9c SwitchToThread
0x66bea0 GetExitCodeThread
0x66bea4 GetCurrentThread
0x66bea8 GetLogicalDrives
0x66beb4 LoadLibraryExW
0x66beb8 TerminateProcess
0x66bebc LockResource
0x66bec4 GetShortPathNameW
0x66bec8 GetCurrentThreadId
0x66bed0 MoveFileExW
0x66bed4 VirtualQuery
0x66bed8 GlobalFindAtomW
0x66bedc VirtualQueryEx
0x66bee0 Sleep
0x66bee8 SetFilePointer
0x66beec ReleaseMutex
0x66bef0 FlushFileBuffers
0x66bef4 LoadResource
0x66bef8 SuspendThread
0x66befc GetTickCount
0x66bf04 GetFileSize
0x66bf08 GetStartupInfoW
0x66bf0c GlobalDeleteAtom
0x66bf10 GetFileAttributesW
0x66bf20 GetThreadPriority
0x66bf24 GetCurrentProcess
0x66bf28 SetThreadPriority
0x66bf2c VirtualAlloc
0x66bf30 GetSystemInfo
0x66bf34 GetCommandLineW
0x66bf3c GetProcAddress
0x66bf40 ResumeThread
0x66bf44 GetVersionExW
0x66bf48 VerifyVersionInfoW
0x66bf4c HeapCreate
0x66bf54 DeviceIoControl
0x66bf58 GetDiskFreeSpaceW
0x66bf5c VerSetConditionMask
0x66bf60 FindFirstFileW
0x66bf68 lstrlenW
0x66bf70 SetEndOfFile
0x66bf74 lstrcmpW
0x66bf78 HeapFree
0x66bf7c WideCharToMultiByte
0x66bf80 FindClose
0x66bf84 MultiByteToWideChar
0x66bf88 LoadLibraryW
0x66bf8c SetEvent
0x66bf90 CreateFileW
0x66bf94 GetLocaleInfoW
0x66bf98 GetSystemDirectoryW
0x66bf9c DeleteFileW
0x66bfa4 GetLocalTime
0x66bfa8 WaitForSingleObject
0x66bfac WriteFile
0x66bfb0 CreateNamedPipeW
0x66bfb4 ExitThread
0x66bfbc GetDateFormatW
0x66bfc0 TlsGetValue
0x66bfc4 SetErrorMode
0x66bfc8 GetComputerNameW
0x66bfcc IsValidLocale
0x66bfd0 TlsSetValue
0x66bfd4 CreateDirectoryW
0x66bfd8 GetOverlappedResult
0x66bfe0 EnumCalendarInfoW
0x66bfe4 GetProfileStringW
0x66bfe8 LocalAlloc
0x66bff0 RemoveDirectoryW
0x66bff4 IsDBCSLeadByte
0x66bff8 CreateEventW
0x66c004 GetThreadLocale
0x66c008 SetThreadLocale
Library ole32.dll:
0x66c014 CoCreateInstance
0x66c018 CLSIDFromString
0x66c01c CoUninitialize
0x66c020 IsEqualGUID
0x66c024 OleInitialize
0x66c030 CLSIDFromProgID
0x66c034 OleUninitialize
0x66c038 CoDisconnectObject
0x66c03c CoInitialize
0x66c040 CoTaskMemFree
0x66c044 CoTaskMemAlloc
0x66c048 StringFromCLSID
Library gdi32.dll:
0x66c050 Arc
0x66c054 Pie
0x66c058 SetBkMode
0x66c05c SelectPalette
0x66c064 ExcludeClipRect
0x66c068 RectVisible
0x66c06c SetWindowOrgEx
0x66c070 MaskBlt
0x66c074 AngleArc
0x66c078 Chord
0x66c07c SetTextColor
0x66c080 StretchBlt
0x66c084 SetDIBits
0x66c088 SetViewportOrgEx
0x66c08c CreateRectRgn
0x66c090 RealizePalette
0x66c094 SetDIBColorTable
0x66c098 GetDIBColorTable
0x66c09c RoundRect
0x66c0a0 RestoreDC
0x66c0a4 SetRectRgn
0x66c0a8 GetTextMetricsW
0x66c0ac RemoveFontResourceW
0x66c0b0 GetWindowOrgEx
0x66c0b4 CreatePalette
0x66c0b8 CreateBrushIndirect
0x66c0bc PatBlt
0x66c0c0 LineDDA
0x66c0c4 PolyBezierTo
0x66c0c8 GetStockObject
0x66c0cc CreateSolidBrush
0x66c0d0 Polygon
0x66c0d4 Rectangle
0x66c0d8 MoveToEx
0x66c0dc DeleteDC
0x66c0e0 SaveDC
0x66c0e4 BitBlt
0x66c0e8 Ellipse
0x66c0ec FrameRgn
0x66c0f0 GetDeviceCaps
0x66c0f4 GetBitmapBits
0x66c0fc GetClipBox
0x66c100 Polyline
0x66c104 IntersectClipRect
0x66c10c CreateBitmap
0x66c110 AddFontResourceW
0x66c114 CreateDIBitmap
0x66c118 GetStretchBltMode
0x66c11c CreateDIBSection
0x66c120 CreatePenIndirect
0x66c124 SetStretchBltMode
0x66c128 GetDIBits
0x66c12c CreateFontIndirectW
0x66c130 PolyBezier
0x66c134 LineTo
0x66c138 GetRgnBox
0x66c13c EnumFontsW
0x66c144 DeleteObject
0x66c148 SelectObject
0x66c14c ExtFloodFill
0x66c150 UnrealizeObject
0x66c154 SetBkColor
0x66c158 CreateCompatibleDC
0x66c15c GetObjectW
0x66c160 GetBrushOrgEx
0x66c168 SetROP2
0x66c16c GetTextExtentPointW
0x66c170 ExtTextOutW
0x66c174 SetBrushOrgEx
0x66c178 GetPixel
0x66c17c ArcTo
0x66c180 GdiFlush
0x66c184 SetPixel
0x66c188 EnumFontFamiliesExW
0x66c18c GetPaletteEntries

Exports

Ordinal Address Name
3 0x4aefc0 TMethodImplementationIntercept
2 0x40eb68 __dbk_fcall_wrapper
1 0x66663c dbkFCallWrapperAddr

Hosts

No hosts contacted.

TCP

Source Source Port Destination Destination Port
192.168.56.101 49183 113.108.239.194 r1---sn-j5o7dn7e.gvt1.com 80
192.168.56.101 49184 113.108.239.196 r3---sn-j5o7dn7e.gvt1.com 80
192.168.56.101 49182 203.208.41.65 redirector.gvt1.com 80
192.168.56.101 49181 203.208.41.98 update.googleapis.com 443

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 51378 114.114.114.114 53
192.168.56.101 54178 114.114.114.114 53
192.168.56.101 54991 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 56743 114.114.114.114 53
192.168.56.101 58070 114.114.114.114 53
192.168.56.101 58970 114.114.114.114 53
192.168.56.101 63429 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 50568 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 53210 224.0.0.252 5355
192.168.56.101 53237 224.0.0.252 5355
192.168.56.101 53657 224.0.0.252 5355

HTTP & HTTPS Requests

URI Data
http://redirector.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe 
HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: redirector.gvt1.com
http://r1---sn-j5o7dn7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=202.100.214.100&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1620808827&mv=m&mvi=1&pl=23&shardbypass=yes 
HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?cms_redirect=yes&mh=ms&mip=202.100.214.100&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1620808827&mv=m&mvi=1&pl=23&shardbypass=yes HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: r1---sn-j5o7dn7e.gvt1.com
http://r3---sn-j5o7dn7e.gvt1.com/edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?mh=ms&pl=17&shardbypass=yes&redirect_counter=1&rm=sn-j5ok7e&req_id=5063692b5cd0e740&cms_redirect=yes&ipbypass=yes&mip=59.50.85.19&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1620808827&mv=m&mvi=3 
HEAD /edgedl/release2/update2/AIUdiWYcaIvMz1IBNCM0PPo_1.3.36.82/GoogleUpdateSetup.exe?mh=ms&pl=17&shardbypass=yes&redirect_counter=1&rm=sn-j5ok7e&req_id=5063692b5cd0e740&cms_redirect=yes&ipbypass=yes&mip=59.50.85.19&mm=28&mn=sn-j5o7dn7e&ms=nvh&mt=1620808827&mv=m&mvi=3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: r3---sn-j5o7dn7e.gvt1.com

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.