IOC Report
https://wearcheck.oilanalysis.net/v2.3/sites/wearcheck/logo_login.png

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:07:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:07:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:07:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:07:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:07:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 106
Unicode text, UTF-8 text, with very long lines (20952)
downloaded
Chrome Cache Entry: 107
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 108
ASCII text, with very long lines (14909), with no line terminators
downloaded
Chrome Cache Entry: 109
ASCII text, with very long lines (8308), with no line terminators
downloaded
Chrome Cache Entry: 110
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
downloaded
Chrome Cache Entry: 111
PNG image data, 9 x 9, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 112
Web Open Font Format (Version 2), TrueType, length 64464, version 4.262
downloaded
Chrome Cache Entry: 113
PNG image data, 200 x 75, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 114
Unicode text, UTF-8 text, with very long lines (17065)
downloaded
Chrome Cache Entry: 115
ASCII text, with very long lines (329), with CRLF line terminators
downloaded
Chrome Cache Entry: 116
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
dropped
Chrome Cache Entry: 117
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 118
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
downloaded
Chrome Cache Entry: 119
ASCII text, with very long lines (9503), with CRLF line terminators
downloaded
Chrome Cache Entry: 120
Unicode text, UTF-8 text, with very long lines (31036), with CRLF line terminators
downloaded
Chrome Cache Entry: 121
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
downloaded
Chrome Cache Entry: 122
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2017:04:20 13:51:03], baseline, precision 8, 1900x1439, components 4
dropped
Chrome Cache Entry: 123
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=18, height=3264, bps=0, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, width=4928], baseline, precision 8, 1900x1086, components 3
downloaded
Chrome Cache Entry: 124
ASCII text, with very long lines (1601)
downloaded
Chrome Cache Entry: 125
ASCII text
downloaded
Chrome Cache Entry: 126
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 127
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=3264, bps=218, compression=none, PhotometricIntepretation=CMYK, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, width=4928], baseline, precision 8, 1900x1258, components 3
dropped
Chrome Cache Entry: 128
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 129
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 130
Unicode text, UTF-8 text, with very long lines (32090)
downloaded
Chrome Cache Entry: 131
ASCII text, with very long lines (333), with CRLF line terminators
downloaded
Chrome Cache Entry: 132
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 133
Unicode text, UTF-8 text
downloaded
Chrome Cache Entry: 134
PNG image data, 200 x 75, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 135
ASCII text, with very long lines (5134)
downloaded
Chrome Cache Entry: 136
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 137
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=3264, bps=218, compression=none, PhotometricIntepretation=CMYK, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, width=4928], baseline, precision 8, 1900x1258, components 3
downloaded
Chrome Cache Entry: 138
ASCII text
downloaded
Chrome Cache Entry: 139
ASCII text, with very long lines (32038), with CRLF line terminators
downloaded
Chrome Cache Entry: 140
ASCII text, with very long lines (9162), with CRLF line terminators
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (4095)
downloaded
Chrome Cache Entry: 142
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 143
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 144
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 145
ASCII text, with very long lines (16011), with no line terminators
downloaded
Chrome Cache Entry: 146
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2017:04:20 13:51:03], baseline, precision 8, 1900x1439, components 4
downloaded
Chrome Cache Entry: 147
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 148
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
dropped
Chrome Cache Entry: 149
PNG image data, 493 x 763, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 150
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 151
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
dropped
Chrome Cache Entry: 152
ASCII text, with very long lines (32227), with CRLF line terminators
downloaded
Chrome Cache Entry: 153
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 154
assembler source, ASCII text, with very long lines (494), with CRLF line terminators
downloaded
Chrome Cache Entry: 155
troff or preprocessor input, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 156
HTML document, ASCII text, with very long lines (365)
downloaded
Chrome Cache Entry: 157
PNG image data, 493 x 763, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 158
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 159
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 160
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 161
PNG image data, 9 x 9, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 162
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 163
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 164
ASCII text, with very long lines (5487)
downloaded
Chrome Cache Entry: 165
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 166
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 167
ASCII text, with very long lines (1977), with no line terminators
downloaded
Chrome Cache Entry: 168
HTML document, ASCII text, with very long lines (4899), with CRLF line terminators
downloaded
Chrome Cache Entry: 169
ASCII text, with very long lines (26548)
downloaded
Chrome Cache Entry: 170
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
downloaded
Chrome Cache Entry: 171
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 172
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=18, height=3264, bps=0, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, width=4928], baseline, precision 8, 1900x1086, components 3
dropped
Chrome Cache Entry: 173
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 174
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 175
ASCII text, with very long lines (13933)
downloaded
Chrome Cache Entry: 176
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 177
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 178
ASCII text, with very long lines (65350), with CRLF line terminators
downloaded
Chrome Cache Entry: 179
troff or preprocessor input, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 180
ASCII text, with very long lines (32003)
downloaded
Chrome Cache Entry: 181
HTML document, ASCII text, with very long lines (365)
downloaded
Chrome Cache Entry: 182
ASCII text, with very long lines (15550)
downloaded
Chrome Cache Entry: 183
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 184
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 185
ASCII text, with very long lines (4889)
downloaded
There are 77 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://wearcheck.oilanalysis.net/v2.3/sites/wearcheck/logo_login.png
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1996,i,14940012144673034487,13958775349044550900,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

URLs

Name
IP
Malicious
https://wearcheck.oilanalysis.net/v2.3/sites/wearcheck/logo_login.png
https://www.oilanalysis.net/commonfiles/images/oem/tigercat/skidder.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/knuckleboom_loader.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/dbx.png
unknown
https://wearcheck.oilanalysis.net/assets/global/plugins/uniform/jquery.uniform.min.js
72.38.248.147
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/hydraulic_excavator_medium.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/liebherr/crawler_loader.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/wtgb.png
unknown
https://wearcheck.oilanalysis.net/assets/global/plugins/bootstrap-modal/js/bootstrap-modalmanager.js
72.38.248.147
http://cameronspear.com/blog/bootstrap-dropdown-on-hover-plugin/
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/de1.png
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/unknown.png
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/ac.png
unknown
http://www.opensource.org/licenses/mit-license.php
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/hydraulic_excavator_mini.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/backhoe_loader_15ft.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/volvo/truck.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/material_handler_wheeled.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/excavator_6t40t.jpg
unknown
http://getbootstrap.com)
unknown
https://www.oilanalysis.net/commonfiles/images/oem/mack/dump_truck.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/excavator_40t90t.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/hy.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/engine.jpg
unknown
https://wearcheck.oilanalysis.net/v2.3/css/themes/theme-wearcheck.css
72.38.248.147
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/truck_off-highway.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/tran.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/cable_skidder.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/waste_handler_dozer.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/wheel_asphalt_paver.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/wheel_tractor_scraper_elevating.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/articulated_dump_truck_l30t.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/d.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/motor_grader_42k.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/wheel_tractor_scraper_coal_bowl.jpg
unknown
https://wearcheck.oilanalysis.net/v2.3/js/portal.js
72.38.248.147
https://www.oilanalysis.net/commonfiles/images/icons/oem/blk.png
unknown
https://wearcheck.oilanalysis.net/v2.3/sites/wearcheck/logo_login.png
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/track_loader_waste_handler.jpg
unknown
http://fancyapps.com/fancybox/
unknown
http://www.opensource.org/licenses/mit-license.php)
unknown
https://www.oilanalysis.net/commonfiles/images/oem/terex/industrial_wheel_loader.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/wagner/scooptram.jpg
unknown
http://malsup.com/jquery/block/
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/wlmtr.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/articulated_truck.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/motor_grader.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/excavator_0t6t.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/volvo/crawler_excavator.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/liebherr/piling_and_drilling.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/komatsu/excavator_heavy.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/sandvik/wheeled_loader.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/unknown_industrial.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/compact_track_loader.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/komatsu/excavator_compact.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/mack/refuse_truck.jpg
unknown
https://wearcheck.oilanalysis.net/favicon.ico
72.38.248.147
https://wearcheck.oilanalysis.net/assets/global/plugins/bootstrap-modal/js/bootstrap-modal.js
72.38.248.147
https://www.oilanalysis.net/commonfiles/images/oem/volvo/backhoe_loader.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/pp.png
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/prgb.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/material_handler_waste_handling.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/motor_grader_45k.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/taylor/forklift_empty_container_handler.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/liebherr/mining_truck.jpg
unknown
https://wearcheck.oilanalysis.net/v2.3/content/login/scripts/html5-qrcode.min.js
72.38.248.147
http://daneden.me/animate
unknown
https://wearcheck.oilanalysis.net:443/v2.3/login.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/atlascopco/on-site_generator.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/mack/engine.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/slwgb.png
unknown
https://wearcheck.oilanalysis.net/v2.3/css/mi.css
72.38.248.147
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/material_handler_tracked.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/backhoe_loader.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/cvy.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/case/excavator_compact.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/forestry_crawler_dozer_g200hp.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/ge.png
unknown
https://wearcheck.oilanalysis.net/assets/global/plugins/jquery-validation/js/additional-methods.min.js
72.38.248.147
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/wheel_loader_2t4cy.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/terex/asphalt_paver.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/cl.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/terex/crane_truck_mounted.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/volvo/haulage_truck.jpg
unknown
https://wearcheck.oilanalysis.net/v2.3/js/purl.js
72.38.248.147
https://www.oilanalysis.net/commonfiles/images/oem/johndeere/skid_steer_50t75hp.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/case/wheel_loader_compact.jpg
unknown
https://wearcheck.oilanalysis.net/v2.3/content/login/scripts/jsqrcode-combined.min.js
72.38.248.147
https://www.oilanalysis.net/commonfiles/images/icons/oem/hys.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/loader_load-haul-dump.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/drv.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/atlascopco/portable_compressor_large.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/tb.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/terex/ready_mix_truck_front_discharge.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/oem/tigercat/loader.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/lube.png
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/gre.png
unknown
https://www.oilanalysis.net/commonfiles/images/oem/caterpillar/telehandler.jpg
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/ax.png
unknown
https://www.oilanalysis.net/commonfiles/images/icons/oem/no.png
unknown
http://jqueryvalidation.org/
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
lubrigard.com
72.38.248.170
www.google.com
142.250.186.100
wearcheck.oilanalysis.net
72.38.248.147
www.lubrigard.com
unknown

IPs

IP
Domain
Country
Malicious
72.38.248.170
lubrigard.com
Canada
192.168.2.17
unknown
unknown
192.168.2.16
unknown
unknown
192.168.2.4
unknown
unknown
239.255.255.250
unknown
Reserved
72.38.248.147
wearcheck.oilanalysis.net
Canada
142.250.186.100
www.google.com
United States

DOM / HTML

URL
Malicious
https://wearcheck.oilanalysis.net/v2.3/sites/wearcheck/logo_login.png
https://wearcheck.oilanalysis.net/v2.3/login.png
https://wearcheck.oilanalysis.net/v2.3/login.phg
https://wearcheck.oilanalysis.net/v2.3/login.php
https://wearcheck.oilanalysis.net/v2.3/login.php
https://wearcheck.oilanalysis.net/v2.3/login.php
https://wearcheck.oilanalysis.net/v2.3/login.php
https://wearcheck.oilanalysis.net/v2.3/login.php