IOC Report
https://business-system-profile.com/robots.txt

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 51
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 52
ASCII text
downloaded
Chrome Cache Entry: 53
ASCII text, with very long lines (16894), with no line terminators
downloaded
Chrome Cache Entry: 54
PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 55
JSON data
dropped
Chrome Cache Entry: 56
ASCII text, with very long lines (65465)
downloaded
Chrome Cache Entry: 57
JSON data
downloaded
Chrome Cache Entry: 58
Unicode text, UTF-8 text, with very long lines (65306)
downloaded
Chrome Cache Entry: 59
HTML document, ASCII text, with very long lines (1155), with no line terminators
downloaded
Chrome Cache Entry: 60
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
downloaded
Chrome Cache Entry: 61
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 62
HTML document, ASCII text, with very long lines (1155), with no line terminators
downloaded
Chrome Cache Entry: 63
PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced
dropped
There are 4 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2216,i,5655018662110156981,14113531232772573046,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://business-system-profile.com/robots.txt"

URLs

Name
IP
Malicious
https://business-system-profile.com/robots.txt
malicious
https://business-system-profile.com/robots.txt
malicious
https://business-system-profile.com/profile
malicious
https://business-system-profile.com/static/media/waring-03.7d77588f436c6958b86c.webp
104.21.28.197
https://api.db-ip.com/v2/free/self
104.26.4.15
https://cdn.jsdelivr.net/npm/bootstrap
unknown
https://res.cloudinary.com/ductham087/image/upload/v1694658537/mlipp554tgpfzfa4o3zy.jpg
unknown
https://getbootstrap.com/)
unknown
https://static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
157.240.251.9
https://business-system-profile.com/static/js/main.071cc8cc.js
104.21.28.197
https://github.com/twbs/bootstrap/blob/main/LICENSE)
unknown
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
151.101.65.229
https://business-system-profile.com/static/css/main.b294cd56.css
104.21.28.197
There are 2 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
business-system-profile.com
104.21.28.197
 malicious
jsdelivr.map.fastly.net
151.101.65.229
bg.microsoft.map.fastly.net
199.232.214.172
scontent.xx.fbcdn.net
157.240.251.9
api.db-ip.com
104.26.4.15
www.google.com
172.217.18.4
fp2e7a.wpc.phicdn.net
192.229.221.95
cdn.jsdelivr.net
unknown
static.xx.fbcdn.net
unknown

IPs

IP
Domain
Country
Malicious
104.21.28.197
business-system-profile.com
United States
malicious
172.217.18.4
www.google.com
United States
151.101.65.229
jsdelivr.map.fastly.net
United States
104.26.4.15
api.db-ip.com
United States
192.168.2.4
unknown
unknown
192.168.2.6
unknown
unknown
157.240.0.6
unknown
United States
157.240.251.9
scontent.xx.fbcdn.net
United States
239.255.255.250
unknown
Reserved

DOM / HTML

URL
Malicious
https://business-system-profile.com/profile
 malicious
https://business-system-profile.com/robots.txt