Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:44:36 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:44:36 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:44:36 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:44:36 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:44:36 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\Downloads\a5c98876-310a-45db-9c1e-4c2240b847f8.tmp
|
PDF document, version 1.5
|
dropped
|
||
C:\Users\user\Downloads\downloaded.pdf (copy)
|
PDF document, version 1.5
|
dropped
|
||
C:\Users\user\Downloads\downloaded.pdf.crdownload
|
PDF document, version 1.5
|
dropped
|
||
C:\Users\user\Downloads\f01c7ac1-a3d5-4eaf-8e0b-1f16ebf5e4d9.tmp
|
PDF document, version 1.5
|
dropped
|
||
Chrome Cache Entry: 76
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 77
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 78
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 79
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250
|
downloaded
|
||
Chrome Cache Entry: 80
|
ASCII text, with very long lines (15005)
|
downloaded
|
||
Chrome Cache Entry: 81
|
PNG image data, 1948 x 1230, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 82
|
HTML document, ASCII text, with very long lines (3341)
|
downloaded
|
||
Chrome Cache Entry: 83
|
Unicode text, UTF-8 text, with very long lines (39376)
|
downloaded
|
||
Chrome Cache Entry: 84
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 85
|
troff or preprocessor input, ASCII text, with very long lines (372)
|
downloaded
|
||
Chrome Cache Entry: 86
|
XML 1.0 document, ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 87
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250
|
dropped
|
||
Chrome Cache Entry: 88
|
ASCII text, with very long lines (32030)
|
downloaded
|
||
Chrome Cache Entry: 89
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2905
|
downloaded
|
||
Chrome Cache Entry: 90
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2905
|
dropped
|
||
Chrome Cache Entry: 91
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390
|
downloaded
|
||
Chrome Cache Entry: 92
|
HTML document, ASCII text
|
dropped
|
||
Chrome Cache Entry: 93
|
PNG image data, 1948 x 1230, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 94
|
PDF document, version 1.5
|
downloaded
|
||
Chrome Cache Entry: 95
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390
|
dropped
|
||
Chrome Cache Entry: 96
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 97
|
HTML document, ASCII text, with very long lines (62292)
|
downloaded
|
||
Chrome Cache Entry: 98
|
XML 1.0 document, ASCII text, with no line terminators
|
downloaded
|
There are 24 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://lnkd.in/exwPeXjc
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1928,i,3036787709100133626,7959615547617459310,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://lnkd.in/exwPeXjc
|
|||
https://new-pdf-document-approval.us-lax-1.linodeobjects.com/app.html#john.smith@outlook.com
|
|||
https://document-display-verifycation-download-pdf.us-east-1.linodeobjects.com/safe.html
|
|||
https://4454275f.rwnbqwuligbumyzvpodsthfkaftacy.pages.dev/justintime.png
|
188.114.97.3
|
||
https://a9d041c33434.wazo-biawalkeks.ru/p/89?session=be20ea5bbbe9ef456236afd95beaab99d2c85bfef4d89e6fa105930dad415426
|
104.21.44.57
|
||
https://fingerprint.com)
|
unknown
|
||
https://a9d041c33434.wazo-biawalkeks.ru/s/f522420955
|
104.21.44.57
|
||
https://opensource.org/license/mit/
|
unknown
|
||
http://fontawesome.io
|
unknown
|
||
https://a9d041c33434.wazo-biawalkeks.ru
|
unknown
|
||
https://lnkd.in/exwPeXjc
|
13.107.42.14
|
||
https://a9d041c33434.wazo-biawalkeks.ru/r/17?session=be20ea5bbbe9ef456236afd95beaab99d2c85bfef4d89e6fa105930dad415426
|
104.21.44.57
|
||
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
|
104.17.24.14
|
||
http://www.opensource.org/licenses/mit-license.php)
|
unknown
|
||
https://media.licdn.com/favicon.ico
|
152.199.21.118
|
||
https://code.jquery.com/jquery-3.1.1.min.js
|
151.101.194.137
|
||
https://mariadb.com/bsl11/
|
unknown
|
||
file:///C:/Users/user/Downloads/downloaded.pdf
|
|||
https://a9d041c33434.wazo-biawalkeks.ru/s/17?0
|
104.21.44.57
|
||
about:blank
|
|||
https://new-pdf-document-approval.us-lax-1.linodeobjects.com/app.html
|
unknown
|
||
https://a.nel.cloudflare.com/report/v4?s=nrKzxdK6ZWtiB360dfcgyfHlEyQrmcteEszO2SGLLfo%2BWTBTqD5nD2LJw3uYAZoDVdYoYw0VIFG%2BykgplEJ7ziwW4QVub3UEYQePbdig3sSEGaNiOrII630vnzkYOXSd2ll%2FzHuhGhVFdlUIhPf32re2
|
35.190.80.1
|
||
https://openfpcdn.io/botd/v1
|
13.32.99.33
|
||
https://media.licdn.com/dms/document/media/D4E1FAQHFhtSoZc3ecA/feedshare-document-pdf-analyzed/0/1719999064861?e=1720656000&v=beta&t=LBGMvkRjVKeHwsuNkcV3IvRRVllumgKht0mdUo0Jks4
|
|||
http://fontawesome.io/license
|
unknown
|
There are 14 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
document-display-verifycation-download-pdf.us-east-1.linodeobjects.com
|
unknown
|
||
lnkd.in
|
13.107.42.14
|
||
openfpcdn.io
|
13.32.99.33
|
||
s-part-0014.t-0009.t-msedge.net
|
13.107.246.42
|
||
a9d041c33434.wazo-biawalkeks.ru
|
104.21.44.57
|
||
a.nel.cloudflare.com
|
35.190.80.1
|
||
4454275f.rwnbqwuligbumyzvpodsthfkaftacy.pages.dev
|
188.114.97.3
|
||
code.jquery.com
|
151.101.194.137
|
||
cdnjs.cloudflare.com
|
104.17.24.14
|
||
cs1404.wpc.epsiloncdn.net
|
152.199.21.118
|
||
www.google.com
|
142.250.185.164
|
||
media.licdn.com
|
unknown
|
||
new-pdf-document-approval.us-lax-1.linodeobjects.com
|
unknown
|
There are 3 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
13.107.246.42
|
s-part-0014.t-0009.t-msedge.net
|
United States
|
||
152.199.21.118
|
cs1404.wpc.epsiloncdn.net
|
United States
|
||
104.21.44.57
|
a9d041c33434.wazo-biawalkeks.ru
|
United States
|
||
192.168.2.17
|
unknown
|
unknown
|
||
13.32.99.33
|
openfpcdn.io
|
United States
|
||
13.107.42.14
|
lnkd.in
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
188.114.97.3
|
4454275f.rwnbqwuligbumyzvpodsthfkaftacy.pages.dev
|
European Union
|
||
142.250.185.164
|
www.google.com
|
United States
|
||
188.114.96.3
|
unknown
|
European Union
|
||
151.101.194.137
|
code.jquery.com
|
United States
|
||
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
There are 3 hidden IPs, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://document-display-verifycation-download-pdf.us-east-1.linodeobjects.com/safe.html
|
||
https://new-pdf-document-approval.us-lax-1.linodeobjects.com/app.html#john.smith@outlook.com
|
||
https://new-pdf-document-approval.us-lax-1.linodeobjects.com/app.html#john.smith@outlook.com
|
||
https://media.licdn.com/dms/document/media/D4E1FAQHFhtSoZc3ecA/feedshare-document-pdf-analyzed/0/1719999064861?e=1720656000&v=beta&t=LBGMvkRjVKeHwsuNkcV3IvRRVllumgKht0mdUo0Jks4
|
||
file:///C:/Users/user/Downloads/downloaded.pdf
|
||
file:///C:/Users/user/Downloads/downloaded.pdf
|
||
file:///C:/Users/user/Downloads/downloaded.pdf
|
||
about:blank
|
||
https://document-display-verifycation-download-pdf.us-east-1.linodeobjects.com/safe.html
|
||
https://new-pdf-document-approval.us-lax-1.linodeobjects.com/app.html#john.smith@outlook.com
|