Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\LICENSE
|
ASCII text
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\manifest.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\sets.json
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 100
|
Unicode text, UTF-8 text, with very long lines (64729)
|
downloaded
|
||
Chrome Cache Entry: 101
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 102
|
Algol 68 source, ASCII text, with very long lines (31135)
|
downloaded
|
||
Chrome Cache Entry: 103
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 104
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 105
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 106
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 107
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 108
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 109
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 110
|
HTML document, Unicode text, UTF-8 text, with very long lines (372)
|
downloaded
|
||
Chrome Cache Entry: 111
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 112
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 113
|
Unicode text, UTF-8 text, with very long lines (64727)
|
downloaded
|
||
Chrome Cache Entry: 114
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 115
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 116
|
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 117
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 118
|
ASCII text, with very long lines (1572)
|
downloaded
|
||
Chrome Cache Entry: 119
|
Unicode text, UTF-8 text, with very long lines (64744)
|
downloaded
|
||
Chrome Cache Entry: 120
|
ASCII text
|
dropped
|
||
Chrome Cache Entry: 121
|
PDF document, version 1.7, 1288 pages (zip deflate encoded)
|
downloaded
|
||
Chrome Cache Entry: 122
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 123
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 124
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 125
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 126
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 127
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 128
|
ASCII text, with very long lines (19306), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 129
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 130
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 131
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 132
|
GIF image data, version 89a, 24 x 24
|
downloaded
|
||
Chrome Cache Entry: 133
|
PDF document, version 1.7, 1288 pages (zip deflate encoded)
|
dropped
|
||
Chrome Cache Entry: 134
|
HTML document, Unicode text, UTF-8 text, with very long lines (372)
|
downloaded
|
||
Chrome Cache Entry: 135
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 136
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 137
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 138
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 139
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 140
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 141
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 142
|
Unicode text, UTF-8 text
|
dropped
|
||
Chrome Cache Entry: 143
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 144
|
GIF image data, version 89a, 24 x 24
|
dropped
|
||
Chrome Cache Entry: 145
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 146
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 147
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 148
|
Unicode text, UTF-8 text
|
downloaded
|
||
Chrome Cache Entry: 149
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 150
|
PNG image data, 506 x 181, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 151
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 152
|
PNG image data, 506 x 181, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 153
|
HTML document, ASCII text, with very long lines (1238)
|
downloaded
|
||
Chrome Cache Entry: 85
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 86
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 87
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 88
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 89
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 90
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 91
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 92
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
Chrome Cache Entry: 93
|
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 94
|
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 95
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 96
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 97
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 98
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 99
|
SVG Scalable Vector Graphics image
|
dropped
|
There are 65 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2380 --field-trial-handle=2244,i,6037055554380594269,13750479082232346734,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sign.clickandsign.eu/h/KkObbSMhni"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://sign.clickandsign.eu/h/KkObbSMhni
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1972,i,9522242102715679292,17427946240984120786,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://sign.clickandsign.eu/h/KkObbSMhni
|
|||
https://wieistmeineip.de
|
unknown
|
||
https://mercadoshops.com.co
|
unknown
|
||
https://gliadomain.com
|
unknown
|
||
https://poalim.xyz
|
unknown
|
||
https://mercadolivre.com
|
unknown
|
||
https://sign.clickandsign.eu/pdfviewer/pdf.min.js
|
104.18.1.141
|
||
https://reshim.org
|
unknown
|
||
https://nourishingpursuits.com
|
unknown
|
||
https://medonet.pl
|
unknown
|
||
https://unotv.com
|
unknown
|
||
https://mercadoshops.com.br
|
unknown
|
||
https://joyreactor.cc
|
unknown
|
||
https://zdrowietvn.pl
|
unknown
|
||
https://songstats.com
|
unknown
|
||
https://baomoi.com
|
unknown
|
||
https://supereva.it
|
unknown
|
||
https://elfinancierocr.com
|
unknown
|
||
https://github.com/twbs/bootstrap/graphs/contributors)
|
unknown
|
||
https://bolasport.com
|
unknown
|
||
https://rws1nvtvt.com
|
unknown
|
||
https://sign.clickandsign.eu/landing/i18/es.json
|
104.18.1.141
|
||
https://desimartini.com
|
unknown
|
||
https://hearty.app
|
unknown
|
||
https://sign.clickandsign.eu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
|
104.18.1.141
|
||
https://hearty.gift
|
unknown
|
||
https://mercadoshops.com
|
unknown
|
||
https://heartymail.com
|
unknown
|
||
https://radio2.be
|
unknown
|
||
https://finn.no
|
unknown
|
||
https://hc1.com
|
unknown
|
||
https://kompas.tv
|
unknown
|
||
https://mystudentdashboard.com
|
unknown
|
||
https://songshare.com
|
unknown
|
||
https://mercadopago.com.mx
|
unknown
|
||
https://talkdeskqaid.com
|
unknown
|
||
https://sign.clickandsign.eu/pdfviewer/images/toolbarButton-viewAttachments.svg
|
104.18.1.141
|
||
https://mercadopago.com.pe
|
unknown
|
||
https://cardsayings.net
|
unknown
|
||
https://mightytext.net
|
unknown
|
||
https://api.lleida.net/cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4-
|
104.18.3.43
|
||
https://pudelek.pl
|
unknown
|
||
https://joyreactor.com
|
unknown
|
||
https://cookreactor.com
|
unknown
|
||
https://wildixin.com
|
unknown
|
||
https://eworkbookcloud.com
|
unknown
|
||
https://nacion.com
|
unknown
|
||
https://chennien.com
|
unknown
|
||
http://www.avatel.es/)
|
unknown
|
||
https://sign.clickandsign.eu/pdfviewer/pdf.worker.min.js
|
104.18.1.141
|
||
https://mercadopago.cl
|
unknown
|
||
https://talkdeskstgid.com
|
unknown
|
||
https://bonvivir.com
|
unknown
|
||
https://carcostadvisor.be
|
unknown
|
||
http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd
|
unknown
|
||
https://salemovetravel.com
|
unknown
|
||
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
|
104.16.79.73
|
||
https://sapo.io
|
unknown
|
||
https://wpext.pl
|
unknown
|
||
https://welt.de
|
unknown
|
||
https://poalim.site
|
unknown
|
||
https://blackrockadvisorelite.it
|
unknown
|
||
https://cafemedia.com
|
unknown
|
||
https://mercadoshops.com.ar
|
unknown
|
||
https://sign.clickandsign.eu/pdfviewer/images/toolbarButton-pageUp.svg
|
104.18.1.141
|
||
https://elpais.uy
|
unknown
|
||
https://landyrev.com
|
unknown
|
||
https://commentcamarche.com
|
unknown
|
||
https://tucarro.com.ve
|
unknown
|
||
https://rws3nvtvt.com
|
unknown
|
||
https://eleconomista.net
|
unknown
|
||
https://mercadolivre.com.br
|
unknown
|
||
https://sign.clickandsign.eu/pdfviewer/images/toolbarButton-editorInk.svg
|
104.18.1.141
|
||
https://clmbtech.com
|
unknown
|
||
https://standardsandpraiserepurpose.com
|
unknown
|
||
https://salemovefinancial.com
|
unknown
|
||
https://mercadopago.com.br
|
unknown
|
||
https://commentcamarche.net
|
unknown
|
||
https://etfacademy.it
|
unknown
|
||
https://mighty-app.appspot.com
|
unknown
|
||
https://hj.rs
|
unknown
|
||
https://hearty.me
|
unknown
|
||
https://sign.clickandsign.eu/cdn-cgi/rum?
|
104.18.1.141
|
||
https://mercadolibre.com.gt
|
unknown
|
||
https://timesinternet.in
|
unknown
|
||
https://sign.clickandsign.eu/pdfviewer/images/toolbarButton-pageDown.svg
|
104.18.1.141
|
||
https://idbs-staging.com
|
unknown
|
||
https://sign.clickandsign.eu/pdfviewer/locale/locale.properties
|
104.18.1.141
|
||
https://blackrock.com
|
unknown
|
||
https://idbs-eworkbook.com
|
unknown
|
||
https://mercadolibre.co.cr
|
unknown
|
||
https://hjck.com
|
unknown
|
||
https://vrt.be
|
unknown
|
||
https://prisjakt.no
|
unknown
|
||
https://kompas.com
|
unknown
|
||
https://idbs-dev.com
|
unknown
|
||
https://wingify.com
|
unknown
|
||
https://mercadolibre.cl
|
unknown
|
||
https://player.pl
|
unknown
|
||
https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0
|
|||
https://mercadopago.com.ar
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
static.cloudflareinsights.com
|
104.16.79.73
|
||
sign.clickandsign.eu
|
104.18.1.141
|
||
api.lleida.net
|
104.18.3.43
|
||
www.google.com
|
142.250.185.196
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
104.18.3.43
|
api.lleida.net
|
United States
|
||
104.18.2.43
|
unknown
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.250.185.196
|
www.google.com
|
United States
|
||
104.18.1.141
|
sign.clickandsign.eu
|
United States
|
||
104.16.79.73
|
static.cloudflareinsights.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://sign.clickandsign.eu/h/KkObbSMhni
|
||
https://sign.clickandsign.eu/h/KkObbSMhni
|
||
https://sign.clickandsign.eu/h/KkObbSMhni
|
||
https://sign.clickandsign.eu/h/KkObbSMhni
|
||
https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0
|
||
https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0
|
||
https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0
|
||
https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0
|
||
https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0
|