Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Downloads\Unconfirmed 50388.crdownload
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
||
|
C:\Users\user\Downloads\e8cd9a0e-7bcc-494d-a1e3-77a6881d1398.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
Chrome Cache Entry: 47
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
downloaded
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2444 --field-trial-handle=2280,i,4223461016561115128,7120510906204730086,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored-setup.exe"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US
--service-sandbox-type=icon_reader --mojo-platform-channel-handle=3056 --field-trial-handle=2280,i,4223461016561115128,7120510906204730086,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored-setup.exe
|
|||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
|
unknown
|
||
|
https://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored-setup.exe
|
49.12.121.47
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
download.filezilla-project.org
|
49.12.121.47
|
||
|
www.google.com
|
142.251.41.4
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.16
|
unknown
|
unknown
|
||
|
192.168.2.7
|
unknown
|
unknown
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
49.12.121.47
|
download.filezilla-project.org
|
Germany
|
||
|
142.251.41.4
|
www.google.com
|
United States
|