Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun May 26 21:31:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun May 26 21:31:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun May 26 21:31:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun May 26 21:31:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun May 26 21:31:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 68
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 69
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x70, components
1
|
downloaded
|
||
Chrome Cache Entry: 70
|
ASCII text, with very long lines (522), with overstriking
|
downloaded
|
||
Chrome Cache Entry: 71
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 72
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 73
|
PNG image data, 400 x 600, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 74
|
PNG image data, 400 x 600, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 75
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x70, components
1
|
dropped
|
||
Chrome Cache Entry: 76
|
MS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 77
|
ASCII text, with very long lines (544)
|
downloaded
|
||
Chrome Cache Entry: 78
|
ASCII text, with very long lines (7210), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 79
|
ASCII text, with very long lines (1829), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 80
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
Chrome Cache Entry: 81
|
MS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 82
|
GIF image data, version 89a, 1 x 1
|
dropped
|
There are 12 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2184,i,9567639934707349239,5249068664901002946,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://anged.pages.dev/"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://anged.pages.dev/
|
|||
https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1
|
unknown
|
||
https://images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/aui_sprite_0007-1x._V383827579_.png
|
151.101.1.16
|
||
https://anged.pages.dev/
|
|||
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
|
151.101.1.16
|
||
https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
|
151.101.1.16
|
||
https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
|
151.101.1.16
|
||
https://anged.pages.dev/favicon.ico
|
172.66.47.93
|
||
https://fls-na.amazon.com/1/oc-csi/1/OP/requestId=7EG795AX91W3JWTDQ9M5&js=1
|
3.228.116.235
|
||
https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496
|
unknown
|
||
https://fls-na.amazon.com/1/oc-csi/1/OP/requestId=7EG795AX91W3JWTDQ9M5&js=0
|
unknown
|
||
https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
|
151.101.1.16
|
||
https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/
|
unknown
|
||
https://fls-na.amazon.com/1/batch/1/OE/
|
3.228.116.235
|
||
https://affiliate-program.amazon.com/gp/advertising/api/detail/main.html/ref=rm_c_ac
|
unknown
|
||
https://developer.amazonservices.com/ref=rm_c_sv
|
unknown
|
||
https://www.amazon.com/gp/help/customer/display.html/ref=footer_cou?ie=UTF8&nodeId=508088
|
unknown
|
||
https://images-na.ssl-images-amazon.com/captcha/qamfifum/Captcha_pcbtbhdjad.jpg
|
151.101.1.16
|
||
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1
|
unknown
|
||
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
|
151.101.1.16
|
||
https://fls-na.amaz
|
unknown
|
||
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/
|
unknown
|
There are 11 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
anged.pages.dev
|
172.66.47.93
|
||
www.google.com
|
216.58.206.36
|
||
media.amazon.map.fastly.net
|
151.101.1.16
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
endpoint.prod.us-east-1.forester.a2z.com
|
3.228.116.235
|
||
images-na.ssl-images-amazon.com
|
unknown
|
||
fls-na.amazon.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
192.168.2.8
|
unknown
|
unknown
|
||
151.101.1.16
|
media.amazon.map.fastly.net
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
216.58.206.36
|
www.google.com
|
United States
|
||
18.205.164.121
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
172.66.47.93
|
anged.pages.dev
|
United States
|
||
151.101.129.16
|
unknown
|
United States
|
||
3.228.116.235
|
endpoint.prod.us-east-1.forester.a2z.com
|
United States
|
||
44.199.175.147
|
unknown
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://anged.pages.dev/
|