Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:27:19 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:27:19 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:27:19 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:27:19 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 22 14:27:19 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1390428351\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1390428351\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1390428351\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1390428351\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1390428351\sets.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1501033043\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1501033043\cr_en-us_500000_index.bin
|
data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1501033043\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1501033043\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1647812785\Google.Widevine.CDM.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1647812785\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1647812785\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_1647812785\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_464398295\Filtering Rules
|
data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_464398295\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_464398295\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_464398295\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping816_464398295\manifest.json
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 203
|
HTML document, ASCII text, with very long lines (3999), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 204
|
ASCII text, with very long lines (4962)
|
downloaded
|
||
|
Chrome Cache Entry: 205
|
PNG image data, 1722 x 319, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 206
|
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 207
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 208
|
ASCII text, with very long lines (33677)
|
downloaded
|
||
|
Chrome Cache Entry: 209
|
ASCII text, with very long lines (32033)
|
downloaded
|
||
|
Chrome Cache Entry: 210
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 211
|
ASCII text, with very long lines (8386)
|
downloaded
|
||
|
Chrome Cache Entry: 212
|
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 213
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 214
|
ASCII text, with very long lines (65371)
|
downloaded
|
||
|
Chrome Cache Entry: 215
|
HTML document, ASCII text, with very long lines (3999), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 216
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1440x1018,
components 3
|
dropped
|
||
|
Chrome Cache Entry: 217
|
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 218
|
HTML document, ASCII text, with very long lines (375)
|
downloaded
|
||
|
Chrome Cache Entry: 219
|
ASCII text, with very long lines (6557)
|
downloaded
|
||
|
Chrome Cache Entry: 220
|
ASCII text, with very long lines (32058)
|
downloaded
|
||
|
Chrome Cache Entry: 221
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1440x1018,
components 3
|
downloaded
|
||
|
Chrome Cache Entry: 222
|
ASCII text, with very long lines (65462)
|
downloaded
|
||
|
Chrome Cache Entry: 223
|
PNG image data, 1722 x 319, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 224
|
HTML document, ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 225
|
HTML document, ASCII text, with very long lines (3999), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 226
|
ASCII text, with very long lines (8127)
|
downloaded
|
There are 39 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://link.edgepilot.com/s/715c9804/bA5oaZ1Sgke_K2-8eD1dXA?u=https://url6.mailanyone.net/scanner?m=1s9UFM-000CiC-67%26d=4%257Cmail%252F90%252F1716316200%252F1s9UFM-000CiC-67%257Cin6e%257C57e1b682%257C26023477%257C10839452%257C664CE828D09A29E749862A491AAAC3E1%26o=%252Fphtt%253A%252Fgts.souacozr.igc%252F%26s=z8CAkeos8ozOMyOkyTtC0SiSxhU
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=1992,i,7532896312697136779,13714068032898897019,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://link.edgepilot.com/s/715c9804/bA5oaZ1Sgke_K2-8eD1dXA?u=https://url6.mailanyone.net/scanner?m=1s9UFM-000CiC-67%26d=4%257Cmail%252F90%252F1716316200%252F1s9UFM-000CiC-67%257Cin6e%257C57e1b682%257C26023477%257C10839452%257C664CE828D09A29E749862A491AAAC3E1%26o=%252Fphtt%253A%252Fgts.souacozr.igc%252F%26s=z8CAkeos8ozOMyOkyTtC0SiSxhU
|
|||
|
https://wieistmeineip.de
|
unknown
|
||
|
https://mercadoshops.com.co
|
unknown
|
||
|
https://gliadomain.com
|
unknown
|
||
|
https://poalim.xyz
|
unknown
|
||
|
https://mercadolivre.com
|
unknown
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://reshim.org
|
unknown
|
||
|
https://nourishingpursuits.com
|
unknown
|
||
|
https://medonet.pl
|
unknown
|
||
|
https://unotv.com
|
unknown
|
||
|
https://mercadoshops.com.br
|
unknown
|
||
|
https://joyreactor.cc
|
unknown
|
||
|
https://zdrowietvn.pl
|
unknown
|
||
|
https://songstats.com
|
unknown
|
||
|
https://baomoi.com
|
unknown
|
||
|
https://supereva.it
|
unknown
|
||
|
https://elfinancierocr.com
|
unknown
|
||
|
https://bolasport.com
|
unknown
|
||
|
https://rws1nvtvt.com
|
unknown
|
||
|
https://desimartini.com
|
unknown
|
||
|
https://hearty.app
|
unknown
|
||
|
http://getbootstrap.com)
|
unknown
|
||
|
https://hearty.gift
|
unknown
|
||
|
https://mercadoshops.com
|
unknown
|
||
|
https://heartymail.com
|
unknown
|
||
|
https://radio2.be
|
unknown
|
||
|
https://finn.no
|
unknown
|
||
|
https://hc1.com
|
unknown
|
||
|
https://kompas.tv
|
unknown
|
||
|
https://mystudentdashboard.com
|
unknown
|
||
|
https://songshare.com
|
unknown
|
||
|
https://mercadopago.com.mx
|
unknown
|
||
|
https://talkdeskqaid.com
|
unknown
|
||
|
https://mercadopago.com.pe
|
unknown
|
||
|
https://cardsayings.net
|
unknown
|
||
|
https://mightytext.net
|
unknown
|
||
|
https://pudelek.pl
|
unknown
|
||
|
https://joyreactor.com
|
unknown
|
||
|
https://cookreactor.com
|
unknown
|
||
|
https://wildixin.com
|
unknown
|
||
|
https://eworkbookcloud.com
|
unknown
|
||
|
https://nacion.com
|
unknown
|
||
|
https://chennien.com
|
unknown
|
||
|
https://mercadopago.cl
|
unknown
|
||
|
https://talkdeskstgid.com
|
unknown
|
||
|
https://bonvivir.com
|
unknown
|
||
|
https://carcostadvisor.be
|
unknown
|
||
|
https://salemovetravel.com
|
unknown
|
||
|
https://wpext.pl
|
unknown
|
||
|
https://welt.de
|
unknown
|
||
|
https://poalim.site
|
unknown
|
||
|
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
|
https://blackrockadvisorelite.it
|
unknown
|
||
|
https://cafemedia.com
|
unknown
|
||
|
https://mercadoshops.com.ar
|
unknown
|
||
|
https://elpais.uy
|
unknown
|
||
|
https://landyrev.com
|
unknown
|
||
|
https://commentcamarche.com
|
unknown
|
||
|
https://tucarro.com.ve
|
unknown
|
||
|
https://rws3nvtvt.com
|
unknown
|
||
|
https://eleconomista.net
|
unknown
|
||
|
https://mercadolivre.com.br
|
unknown
|
||
|
https://clmbtech.com
|
unknown
|
||
|
https://standardsandpraiserepurpose.com
|
unknown
|
||
|
https://salemovefinancial.com
|
unknown
|
||
|
https://mercadopago.com.br
|
unknown
|
||
|
https://commentcamarche.net
|
unknown
|
||
|
https://etfacademy.it
|
unknown
|
||
|
https://mighty-app.appspot.com
|
unknown
|
||
|
https://hj.rs
|
unknown
|
||
|
https://hearty.me
|
unknown
|
||
|
https://mercadolibre.com.gt
|
unknown
|
||
|
https://timesinternet.in
|
unknown
|
||
|
https://idbs-staging.com
|
unknown
|
||
|
https://blackrock.com
|
unknown
|
||
|
https://idbs-eworkbook.com
|
unknown
|
||
|
https://mercadolibre.co.cr
|
unknown
|
||
|
https://hjck.com
|
unknown
|
||
|
https://vrt.be
|
unknown
|
||
|
https://prisjakt.no
|
unknown
|
||
|
https://kompas.com
|
unknown
|
||
|
https://idbs-dev.com
|
unknown
|
||
|
https://wingify.com
|
unknown
|
||
|
https://mercadolibre.cl
|
unknown
|
||
|
https://player.pl
|
unknown
|
||
|
https://mercadopago.com.ar
|
unknown
|
||
|
https://mercadolibre.com.hn
|
unknown
|
||
|
https://linternaute.com
|
unknown
|
||
|
https://tucarro.com.co
|
unknown
|
||
|
https://landyrev.ru
|
unknown
|
||
|
https://clarosports.com
|
unknown
|
||
|
https://een.be
|
unknown
|
||
|
https://nien.com
|
unknown
|
||
|
https://punjabijagran.com
|
unknown
|
||
|
https://cmxd.com.mx
|
unknown
|
||
|
https://grupolpg.sv
|
unknown
|
||
|
https://rws2nvtvt.com
|
unknown
|
||
|
https://abczdrowie.pl
|
unknown
|
||
|
https://url6.mailanyone.net/scanner
|
|||
|
https://gallito.com.uy
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
link.edgepilot.com
|
199.30.234.133
|
||
|
code.jquery.com
|
151.101.66.137
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
||
|
www.google.com
|
216.58.206.36
|
||
|
url6.mailanyone.net
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
199.30.234.133
|
link.edgepilot.com
|
United States
|
||
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
192.168.2.18
|
unknown
|
unknown
|
||
|
216.58.206.36
|
www.google.com
|
United States
|
||
|
216.58.206.68
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
151.101.66.137
|
code.jquery.com
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://link.edgepilot.com/s/715c9804/bA5oaZ1Sgke_K2-8eD1dXA?u=https://url6.mailanyone.net/scanner?m=1s9UFM-000CiC-67%26d=4%257Cmail%252F90%252F1716316200%252F1s9UFM-000CiC-67%257Cin6e%257C57e1b682%257C26023477%257C10839452%257C664CE828D09A29E749862A491AAAC3E1%26o=%252Fphtt%253A%252Fgts.souacozr.igc%252F%26s=z8CAkeos8ozOMyOkyTtC0SiSxhU
|
||
|
https://url6.mailanyone.net/scanner
|
||
|
https://url6.mailanyone.net/scanner
|