Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 58
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 379
|
dropped
|
||
|
Chrome Cache Entry: 59
|
PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 60
|
PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 61
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 62
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 63
|
JPEG image data, baseline, precision 8, 1920x1080, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 64
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
|
downloaded
|
||
|
Chrome Cache Entry: 65
|
GIF image data, version 89a, 352 x 3
|
downloaded
|
||
|
Chrome Cache Entry: 66
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1378
|
dropped
|
||
|
Chrome Cache Entry: 67
|
GIF image data, version 89a, 352 x 3
|
dropped
|
||
|
Chrome Cache Entry: 68
|
GIF image data, version 89a, 352 x 3
|
dropped
|
||
|
Chrome Cache Entry: 69
|
GIF image data, version 89a, 352 x 3
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 71
|
PNG image data, 81 x 68, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 72
|
JPEG image data, baseline, precision 8, 1920x1080, components 3
|
dropped
|
||
|
Chrome Cache Entry: 73
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 379
|
downloaded
|
||
|
Chrome Cache Entry: 74
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 75
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
|
dropped
|
||
|
Chrome Cache Entry: 76
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 78
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
downloaded
|
||
|
Chrome Cache Entry: 79
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data,
big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision
8, 50x28, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
dropped
|
||
|
Chrome Cache Entry: 81
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 82
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 83
|
ASCII text, with very long lines (42526)
|
downloaded
|
||
|
Chrome Cache Entry: 84
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data,
big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision
8, 50x28, components 3
|
dropped
|
||
|
Chrome Cache Entry: 85
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113124
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
|
dropped
|
||
|
Chrome Cache Entry: 90
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 91
|
PNG image data, 81 x 68, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 92
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1378
|
downloaded
|
There are 27 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=1996,i,2492806512525018564,2187908613118736078,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://link.elliottscotthr.com/api/redirect.me?track=000000&url=https%3A%2F%2Fwww.atjehupdate.com/3tvdgh"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://link.elliottscotthr.com/api/redirect.me?track=000000&url=https%3A%2F%2Fwww.atjehupdate.com/3tvdgh
|
 |
||
|
https://link.elliottscotthr.com/api/redirect.me?track=000000&url=https%3A%2F%2Fwww.atjehupdate.com/3tvdgh
|
77.72.7.206
|
|
|
|
https://www.atjehupdate.com/3tvdgh/
|
|||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qoeoy/0x4AAAAAAAXYIizYYwtXwO6I/auto/normal
|
|||
|
https://login.microsoftonline.com
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1601930154:1716577982:ptjrSQ46cdxjVm5k4r4ancR-5FTXsCulSkuwh600DHI/888fb5e42caa0f90/74c1337cf6b3855
|
104.17.2.184
|
||
|
http://www.opensource.org/licenses/mit-license.php)
|
unknown
|
||
|
https://documentsharehub.com/?cqpvjmep
|
45.61.58.9
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/888fb5e42caa0f90/1716579137040/xVOq4fQjj_28n-K
|
104.17.2.184
|
||
|
https://outlook.office365.com/owa/prefetch.aspx
|
|||
|
https://challenges.cloudflare.com/turnstile/v0/api.js
|
104.17.2.184
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.17.2.184
|
||
|
https://www.atjehupdate.com/favicon.ico
|
103.134.153.80
|
||
|
https://n65bzqybjc3.loginauth.online/
|
45.61.58.9
|
||
|
http://knockoutjs.com/
|
unknown
|
||
|
https://www.atjehupdate.com/3tvdgh
|
103.134.153.80
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/888fb5e42caa0f90/1716579137043/b4b12407ccfb9d73c6e71b54ffe89aa072e57633c052e776138e9954d0648415/YyLIi3SbiYs0TGW
|
104.17.2.184
|
||
|
https://login.windows-ppe.net
|
unknown
|
||
|
https://n65bzqybjc3.loginauth.online/favicon.ico
|
45.61.58.9
|
||
|
https://js.monitor.azure.com/scripts/c/ms.analytics-web-2.min.js
|
unknown
|
||
|
https://challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js
|
104.17.2.184
|
||
|
http://www.json.org/json2.js
|
unknown
|
||
|
https://n65bzqybjc3.loginauth.online/owa/
|
45.61.58.9
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=888fb5e42caa0f90
|
104.17.2.184
|
There are 13 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
n65bzqybjc3.loginauth.online
|
45.61.58.9
|
|
|
|
part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
cs1100.wpc.omegacdn.net
|
152.199.23.37
|
||
|
documentsharehub.com
|
45.61.58.9
|
||
|
challenges.cloudflare.com
|
104.17.2.184
|
||
|
www.google.com
|
142.250.186.100
|
||
|
atjehupdate.com
|
103.134.153.80
|
||
|
HHN-efz.ms-acdc.office.com
|
52.98.152.242
|
||
|
link.elliottscotthr.com
|
77.72.7.206
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
www.atjehupdate.com
|
unknown
|
||
|
r4.res.office365.com
|
unknown
|
||
|
aadcdn.msftauth.net
|
unknown
|
||
|
outlook.office365.com
|
unknown
|
There are 4 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.61.58.9
|
documentsharehub.com
|
United States
|
|
|
|
103.134.153.80
|
atjehupdate.com
|
Singapore
|
||
|
13.107.246.45
|
part-0017.t-0009.t-msedge.net
|
United States
|
||
|
192.168.2.6
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
77.72.7.206
|
link.elliottscotthr.com
|
United Kingdom
|
||
|
52.98.152.242
|
HHN-efz.ms-acdc.office.com
|
United States
|
||
|
142.250.186.100
|
www.google.com
|
United States
|
||
|
104.17.2.184
|
challenges.cloudflare.com
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://n65bzqybjc3.loginauth.online/?fmovsnvax=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MGQ3OGMwMWEtNmFlMi03NjYwLTM3MzEtNTcwNDYyZTAwNWJiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODUyMTc1OTY2NzI4Nzk4Ny40NzBjZTJlOC1lNDAzLTRkYzAtYTNhZi00ODJiMzA5MTdkYWUmc3RhdGU9RGN0QkZvQWdDQUJSck5keFNFUVNQSTRwYlZ0Ml9WajgyVTBDZ0Qxc0lWRUV0Rlc3dU9qVlcxTTI3YWFuS0Uxbk4zU2hpckltNGFqalFURy1LX1dpYTNpSzk4anZOX0lQ
|
|
|
|
https://n65bzqybjc3.loginauth.online/?fmovsnvax=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MGQ3OGMwMWEtNmFlMi03NjYwLTM3MzEtNTcwNDYyZTAwNWJiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODUyMTc1OTY2NzI4Nzk4Ny40NzBjZTJlOC1lNDAzLTRkYzAtYTNhZi00ODJiMzA5MTdkYWUmc3RhdGU9RGN0QkZvQWdDQUJSck5keFNFUVNQSTRwYlZ0Ml9WajgyVTBDZ0Qxc0lWRUV0Rlc3dU9qVlcxTTI3YWFuS0Uxbk4zU2hpckltNGFqalFURy1LX1dpYTNpSzk4anZOX0lQ&sso_reload=true
|
|
|
|
https://n65bzqybjc3.loginauth.online/?fmovsnvax=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MGQ3OGMwMWEtNmFlMi03NjYwLTM3MzEtNTcwNDYyZTAwNWJiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODUyMTc1OTY2NzI4Nzk4Ny40NzBjZTJlOC1lNDAzLTRkYzAtYTNhZi00ODJiMzA5MTdkYWUmc3RhdGU9RGN0QkZvQWdDQUJSck5keFNFUVNQSTRwYlZ0Ml9WajgyVTBDZ0Qxc0lWRUV0Rlc3dU9qVlcxTTI3YWFuS0Uxbk4zU2hpckltNGFqalFURy1LX1dpYTNpSzk4anZOX0lQ&sso_reload=true
|
|
|
|
https://n65bzqybjc3.loginauth.online/?fmovsnvax=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MGQ3OGMwMWEtNmFlMi03NjYwLTM3MzEtNTcwNDYyZTAwNWJiJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODUyMTc1OTY2NzI4Nzk4Ny40NzBjZTJlOC1lNDAzLTRkYzAtYTNhZi00ODJiMzA5MTdkYWUmc3RhdGU9RGN0QkZvQWdDQUJSck5keFNFUVNQSTRwYlZ0Ml9WajgyVTBDZ0Qxc0lWRUV0Rlc3dU9qVlcxTTI3YWFuS0Uxbk4zU2hpckltNGFqalFURy1LX1dpYTNpSzk4anZOX0lQ&sso_reload=true
|
|
|
|
https://www.atjehupdate.com/3tvdgh/
|
||
|
https://www.atjehupdate.com/3tvdgh/
|
||
|
https://www.atjehupdate.com/3tvdgh/
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qoeoy/0x4AAAAAAAXYIizYYwtXwO6I/auto/normal
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qoeoy/0x4AAAAAAAXYIizYYwtXwO6I/auto/normal
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qoeoy/0x4AAAAAAAXYIizYYwtXwO6I/auto/normal
|
||
|
https://outlook.office365.com/owa/prefetch.aspx
|
||
|
https://outlook.office365.com/owa/prefetch.aspx
|
||
|
https://outlook.office365.com/owa/prefetch.aspx
|
There are 3 hidden doms, click here to show them.