Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_427325990\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_427325990\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_427325990\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_427325990\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_427325990\sets.json
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 100
|
ASCII text, with very long lines (1267)
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
ISO Media, MP4 v2 [ISO 14496-14]
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 84899
|
downloaded
|
||
|
Chrome Cache Entry: 103
|
ASCII text, with very long lines (42164)
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian,
direntries=1], baseline, precision 8, 442x270, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 107
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
PNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 109
|
Java source, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 111
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 112
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 113
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 246409
|
dropped
|
||
|
Chrome Cache Entry: 114
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 144400
|
dropped
|
||
|
Chrome Cache Entry: 115
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106,
resolutionunit=2, software=Adobe Photoshop 25.4 (Macintosh), datetime=2024:04:22 17:00:21], progressive, precision 8, 600x374,
components 3
|
dropped
|
||
|
Chrome Cache Entry: 116
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
PNG image data, 840 x 487, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
ISO Media, MP4 v2 [ISO 14496-14]
|
downloaded
|
||
|
Chrome Cache Entry: 119
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 163075
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 163075
|
dropped
|
||
|
Chrome Cache Entry: 121
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 122
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
PNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
ASCII text, with very long lines (42164)
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 200401
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106,
resolutionunit=2, software=Adobe Photoshop 25.4 (Macintosh), datetime=2024:04:22 17:00:21], progressive, precision 8, 600x374,
components 3
|
downloaded
|
||
|
Chrome Cache Entry: 127
|
WebAssembly (wasm) binary module version 0x1 (MVP)
|
downloaded
|
||
|
Chrome Cache Entry: 128
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106,
resolutionunit=2, software=Adobe Photoshop 25.4 (Macintosh), datetime=2024:03:27 16:16:22], progressive, precision 8, 600x350,
components 3
|
dropped
|
||
|
Chrome Cache Entry: 129
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106,
resolutionunit=2, software=Adobe Photoshop 25.4 (Macintosh), datetime=2024:03:27 16:16:22], progressive, precision 8, 600x350,
components 3
|
downloaded
|
||
|
Chrome Cache Entry: 130
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
PNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 132
|
PNG image data, 320 x 320, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 133
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 131568
|
downloaded
|
||
|
Chrome Cache Entry: 135
|
ASCII text, with very long lines (1267)
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 84899
|
dropped
|
||
|
Chrome Cache Entry: 137
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 138
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 139
|
ASCII text, with very long lines (42164)
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 144400
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian,
direntries=1], baseline, precision 8, 290x270, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 144
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 145
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 102073
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
ASCII text, with very long lines (1267)
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
WebAssembly (wasm) binary module version 0x1 (MVP)
|
dropped
|
||
|
Chrome Cache Entry: 149
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 151
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1246x260, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 152
|
ASCII text, with very long lines (22681)
|
downloaded
|
||
|
Chrome Cache Entry: 153
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 154
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 110206
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 131568
|
dropped
|
||
|
Chrome Cache Entry: 156
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 157
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 110206
|
dropped
|
||
|
Chrome Cache Entry: 158
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 246409
|
downloaded
|
||
|
Chrome Cache Entry: 159
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian,
direntries=1], baseline, precision 8, 290x270, components 3
|
dropped
|
||
|
Chrome Cache Entry: 160
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 161
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 162
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 163
|
PNG image data, 840 x 487, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 164
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
PNG image data, 320 x 320, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 102073
|
dropped
|
||
|
Chrome Cache Entry: 167
|
PNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 168
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 169
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 170
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 91
|
ASCII text, with very long lines (2979), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian,
direntries=1], baseline, precision 8, 442x270, components 3
|
dropped
|
||
|
Chrome Cache Entry: 93
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 140502
|
dropped
|
||
|
Chrome Cache Entry: 94
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 95
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x320, components
3
|
dropped
|
||
|
Chrome Cache Entry: 96
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 140502
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 200401
|
dropped
|
||
|
Chrome Cache Entry: 98
|
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x320, components
3
|
downloaded
|
There are 76 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2260 --field-trial-handle=2212,i,5931843426714858406,7304963966521873370,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://free.putrivpn.biz.id/"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://free.putrivpn.biz.id/
|
 |
||
|
https://wieistmeineip.de
|
unknown
|
||
|
https://mercadoshops.com.co
|
unknown
|
||
|
https://osx.telegram.org/updates/site/artboard.png)
|
unknown
|
||
|
https://gliadomain.com
|
unknown
|
||
|
https://poalim.xyz
|
unknown
|
||
|
https://telegram.org/file/464001418/1/fabnJFzygPY.17422/bc9dec9fd8bd26e00e
|
149.154.167.99
|
||
|
https://mercadolivre.com
|
unknown
|
||
|
https://reshim.org
|
unknown
|
||
|
https://nourishingpursuits.com
|
unknown
|
||
|
https://medonet.pl
|
unknown
|
||
|
https://unotv.com
|
unknown
|
||
|
https://mercadoshops.com.br
|
unknown
|
||
|
https://joyreactor.cc
|
unknown
|
||
|
https://zdrowietvn.pl
|
unknown
|
||
|
https://songstats.com
|
unknown
|
||
|
https://telegram.org/file/464001166/1/01aTJ2ISKeU.21801/24028c7b6d07639794
|
149.154.167.99
|
||
|
https://baomoi.com
|
unknown
|
||
|
https://supereva.it
|
unknown
|
||
|
https://elfinancierocr.com
|
unknown
|
||
|
https://bolasport.com
|
unknown
|
||
|
https://rws1nvtvt.com
|
unknown
|
||
|
https://desimartini.com
|
unknown
|
||
|
https://hearty.app
|
unknown
|
||
|
http://getbootstrap.com)
|
unknown
|
||
|
https://hearty.gift
|
unknown
|
||
|
https://mercadoshops.com
|
unknown
|
||
|
https://heartymail.com
|
unknown
|
||
|
https://radio2.be
|
unknown
|
||
|
https://finn.no
|
unknown
|
||
|
https://hc1.com
|
unknown
|
||
|
https://kompas.tv
|
unknown
|
||
|
https://mystudentdashboard.com
|
unknown
|
||
|
https://songshare.com
|
unknown
|
||
|
https://mercadopago.com.mx
|
unknown
|
||
|
https://talkdeskqaid.com
|
unknown
|
||
|
https://telegram.org/file/464001828/11e99/2FUYW30UXAI.12708/7604effa1e02ddf7f9
|
149.154.167.99
|
||
|
https://mercadopago.com.pe
|
unknown
|
||
|
https://desktop.telegram.org/
|
|||
|
https://cardsayings.net
|
unknown
|
||
|
https://telegram.org/file/464001880/3/xOpm7ohoHQ0.12690.png/feb1e161b1d3608613
|
149.154.167.99
|
||
|
https://mightytext.net
|
unknown
|
||
|
https://pudelek.pl
|
unknown
|
||
|
https://joyreactor.com
|
unknown
|
||
|
https://cookreactor.com
|
unknown
|
||
|
https://wildixin.com
|
unknown
|
||
|
https://eworkbookcloud.com
|
unknown
|
||
|
https://nacion.com
|
unknown
|
||
|
https://chennien.com
|
unknown
|
||
|
https://mercadopago.cl
|
unknown
|
||
|
https://talkdeskstgid.com
|
unknown
|
||
|
https://bonvivir.com
|
unknown
|
||
|
https://carcostadvisor.be
|
unknown
|
||
|
https://salemovetravel.com
|
unknown
|
||
|
https://sapo.io
|
unknown
|
||
|
https://wpext.pl
|
unknown
|
||
|
https://welt.de
|
unknown
|
||
|
https://poalim.site
|
unknown
|
||
|
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
|
https://blackrockadvisorelite.it
|
unknown
|
||
|
https://cafemedia.com
|
unknown
|
||
|
https://mercadoshops.com.ar
|
unknown
|
||
|
https://elpais.uy
|
unknown
|
||
|
https://landyrev.com
|
unknown
|
||
|
https://telegram.org/file/464001484/1/bzi7gr7XRGU.10147/815df2ef527132dd23
|
149.154.167.99
|
||
|
https://osx.telegram.org/updates/site/artboard_2x.png);
|
unknown
|
||
|
https://telegram.org/css/bootstrap.min.css?3
|
149.154.167.99
|
||
|
https://telegram.org/img/twitter.png
|
149.154.167.99
|
||
|
https://commentcamarche.com
|
unknown
|
||
|
https://tucarro.com.ve
|
unknown
|
||
|
https://twitter.com/intent/tweet?text=
|
unknown
|
||
|
https://gist.github.com/92d2ac1b31978642b6b6
|
unknown
|
||
|
https://rws3nvtvt.com
|
unknown
|
||
|
https://eleconomista.net
|
unknown
|
||
|
https://mercadolivre.com.br
|
unknown
|
||
|
https://clmbtech.com
|
unknown
|
||
|
https://standardsandpraiserepurpose.com
|
unknown
|
||
|
https://telegram.org/img/t_main_Android_demo.mp4
|
149.154.167.99
|
||
|
https://salemovefinancial.com
|
unknown
|
||
|
https://mercadopago.com.br
|
unknown
|
||
|
https://commentcamarche.net
|
unknown
|
||
|
https://telegram.org/file/464001132/3/-1qvqKPZsQQ.17975.png/7d57d7159cf4fbe9b2
|
149.154.167.99
|
||
|
https://etfacademy.it
|
unknown
|
||
|
https://mighty-app.appspot.com
|
unknown
|
||
|
https://telegram.org/file/464001897/3/f0Go0rLpEwk.11343.png/dd4eeb46cc5efc0688
|
149.154.167.99
|
||
|
https://hj.rs
|
unknown
|
||
|
https://hearty.me
|
unknown
|
||
|
https://telegram.org/
|
|||
|
https://mercadolibre.com.gt
|
unknown
|
||
|
https://timesinternet.in
|
unknown
|
||
|
https://idbs-staging.com
|
unknown
|
||
|
https://blackrock.com
|
unknown
|
||
|
https://idbs-eworkbook.com
|
unknown
|
||
|
https://mercadolibre.co.cr
|
unknown
|
||
|
https://hjck.com
|
unknown
|
||
|
https://vrt.be
|
unknown
|
||
|
https://telegram.org/img/SiteIconAndroid.svg
|
149.154.167.99
|
||
|
https://prisjakt.no
|
unknown
|
||
|
https://kompas.com
|
unknown
|
||
|
https://idbs-dev.com
|
unknown
|
||
|
https://wingify.com
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
desktop.telegram.org
|
149.154.167.99
|
||
|
telegram.org
|
149.154.167.99
|
||
|
free.putrivpn.biz.id
|
188.114.96.3
|
||
|
www.google.com
|
142.250.184.196
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
cdn5.cdn-telegram.org
|
34.111.108.175
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.111.108.175
|
cdn5.cdn-telegram.org
|
United States
|
||
|
142.250.184.196
|
www.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
188.114.96.3
|
free.putrivpn.biz.id
|
European Union
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
149.154.167.99
|
desktop.telegram.org
|
United Kingdom
|
||
|
192.168.2.5
|
unknown
|
unknown
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://free.putrivpn.biz.id/
|
||
|
https://telegram.org/
|
||
|
https://telegram.org/
|
||
|
https://desktop.telegram.org/
|