IOC Report
http://myssl.jp

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 13:43:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 13:43:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 13:43:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 13:43:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 13:43:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
GIF image data, version 89a, 160 x 18
dropped
Chrome Cache Entry: 101
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 102
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 103
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel
downloaded
Chrome Cache Entry: 104
GIF image data, version 89a, 123 x 53
dropped
Chrome Cache Entry: 105
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 106
GIF image data, version 89a, 100 x 100
dropped
Chrome Cache Entry: 107
HTML document, Non-ISO extended-ASCII text
downloaded
Chrome Cache Entry: 108
GIF image data, version 89a, 98 x 45
dropped
Chrome Cache Entry: 109
GIF image data, version 89a, 780 x 50
downloaded
Chrome Cache Entry: 110
GIF image data, version 89a, 100 x 24
dropped
Chrome Cache Entry: 111
HTML document, Non-ISO extended-ASCII text, with very long lines (671)
downloaded
Chrome Cache Entry: 112
GIF image data, version 89a, 123 x 53
dropped
Chrome Cache Entry: 113
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 114
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 115
GIF image data, version 89a, 150 x 76
dropped
Chrome Cache Entry: 116
GIF image data, version 89a, 150 x 14
dropped
Chrome Cache Entry: 117
GIF image data, version 89a, 7 x 10
downloaded
Chrome Cache Entry: 118
GIF image data, version 89a, 123 x 53
downloaded
Chrome Cache Entry: 119
GIF image data, version 89a, 780 x 50
downloaded
Chrome Cache Entry: 120
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 70x41, components 3
downloaded
Chrome Cache Entry: 121
GIF image data, version 89a, 780 x 50
dropped
Chrome Cache Entry: 122
HTML document, ASCII text
downloaded
Chrome Cache Entry: 123
GIF image data, version 89a, 150 x 76
downloaded
Chrome Cache Entry: 124
ASCII text
downloaded
Chrome Cache Entry: 125
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 126
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 127
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 128
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 129
GIF image data, version 89a, 58 x 66
dropped
Chrome Cache Entry: 130
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 131
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 132
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 133
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 134
GIF image data, version 89a, 98 x 29
dropped
Chrome Cache Entry: 135
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 136
GIF image data, version 89a, 440 x 207
dropped
Chrome Cache Entry: 137
GIF image data, version 89a, 600 x 93
downloaded
Chrome Cache Entry: 138
GIF image data, version 89a, 150 x 54
dropped
Chrome Cache Entry: 139
GIF image data, version 89a, 150 x 14
downloaded
Chrome Cache Entry: 140
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 70x41, components 3
dropped
Chrome Cache Entry: 141
GIF image data, version 89a, 600 x 93
dropped
Chrome Cache Entry: 142
GIF image data, version 89a, 400 x 100
downloaded
Chrome Cache Entry: 143
GIF image data, version 89a, 160 x 18
downloaded
Chrome Cache Entry: 144
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 145
GIF image data, version 89a, 160 x 10
downloaded
Chrome Cache Entry: 146
GIF image data, version 89a, 7 x 10
dropped
Chrome Cache Entry: 147
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 148
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 149
GIF image data, version 89a, 100 x 24
downloaded
Chrome Cache Entry: 150
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 151
GIF image data, version 89a, 150 x 36
dropped
Chrome Cache Entry: 152
GIF image data, version 89a, 160 x 29
dropped
Chrome Cache Entry: 153
ASCII text, with very long lines (321)
downloaded
Chrome Cache Entry: 154
GIF image data, version 89a, 150 x 54
downloaded
Chrome Cache Entry: 155
GIF image data, version 89a, 160 x 23
dropped
Chrome Cache Entry: 156
GIF image data, version 89a, 98 x 61
downloaded
Chrome Cache Entry: 157
GIF image data, version 89a, 780 x 34
dropped
Chrome Cache Entry: 158
GIF image data, version 89a, 58 x 66
downloaded
Chrome Cache Entry: 159
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 160
GIF image data, version 89a, 400 x 100
dropped
Chrome Cache Entry: 161
GIF image data, version 89a, 160 x 10
dropped
Chrome Cache Entry: 162
GIF image data, version 89a, 150 x 19
dropped
Chrome Cache Entry: 163
GIF image data, version 89a, 100 x 100
downloaded
Chrome Cache Entry: 164
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel
dropped
Chrome Cache Entry: 165
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 166
GIF image data, version 89a, 160 x 29
downloaded
Chrome Cache Entry: 167
GIF image data, version 89a, 150 x 19
dropped
Chrome Cache Entry: 168
GIF image data, version 89a, 123 x 53
downloaded
Chrome Cache Entry: 169
HTML document, Non-ISO extended-ASCII text, with very long lines (2217)
downloaded
Chrome Cache Entry: 170
GIF image data, version 89a, 10 x 1000
downloaded
Chrome Cache Entry: 171
GIF image data, version 89a, 376 x 108
downloaded
Chrome Cache Entry: 70
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 71
GIF image data, version 89a, 98 x 61
dropped
Chrome Cache Entry: 72
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 73
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel
downloaded
Chrome Cache Entry: 74
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 75
GIF image data, version 89a, 98 x 29
downloaded
Chrome Cache Entry: 76
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 77
HTML document, Unicode text, UTF-8 text
downloaded
Chrome Cache Entry: 78
GIF image data, version 89a, 129 x 20
dropped
Chrome Cache Entry: 79
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 80
GIF image data, version 89a, 150 x 19
downloaded
Chrome Cache Entry: 81
GIF image data, version 89a, 98 x 45
downloaded
Chrome Cache Entry: 82
HTML document, Non-ISO extended-ASCII text
downloaded
Chrome Cache Entry: 83
GIF image data, version 89a, 440 x 207
downloaded
Chrome Cache Entry: 84
GIF image data, version 89a, 90 x 55
downloaded
Chrome Cache Entry: 85
GIF image data, version 89a, 129 x 20
downloaded
Chrome Cache Entry: 86
GIF image data, version 89a, 90 x 55
dropped
Chrome Cache Entry: 87
GIF image data, version 89a, 160 x 23
downloaded
Chrome Cache Entry: 88
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel
dropped
Chrome Cache Entry: 89
ASCII text
downloaded
Chrome Cache Entry: 90
GIF image data, version 89a, 100 x 100
downloaded
Chrome Cache Entry: 91
GIF image data, version 89a, 780 x 50
dropped
Chrome Cache Entry: 92
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 93
GIF image data, version 89a, 10 x 1000
dropped
Chrome Cache Entry: 94
GIF image data, version 89a, 376 x 108
dropped
Chrome Cache Entry: 95
GIF image data, version 89a, 100 x 100
dropped
Chrome Cache Entry: 96
GIF image data, version 89a, 150 x 19
downloaded
Chrome Cache Entry: 97
GIF image data, version 89a, 780 x 34
downloaded
Chrome Cache Entry: 98
HTML document, ASCII text
downloaded
Chrome Cache Entry: 99
GIF image data, version 89a, 150 x 36
downloaded
There are 99 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://myssl.jp/
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1880,i,11079429363911824844,15051641503318524601,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

URLs

Name
IP
Malicious
http://myssl.jp
https://www.netgroove.ne.jp/image/hosting1.gif
49.212.213.242
https://www.netgroove.ne.jp/error/style.css
unknown
https://www.netgroove.ne.jp/designfont.css
49.212.213.242
https://www.netgroove.ne.jp/image/toplogo200404.gif
49.212.213.242
http://www.netgroove.ne.jp/acdata/php-stats.php
unknown
http://www.netgroove.ne.jp/mydomain/domain/index.html
unknown
https://www.netgroove.ne.jp/image/image/hostingindex.data_/images/spacer.gif
49.212.213.242
http://referrals.tucows.com/auth_res/auth_res.cgi?seal_r=338&signature=f20c85d4515954a7a72738e2aaa7d
unknown
http://www12.a8.net/0.gif?a8mat=U74IM
unknown
https://www.netgroove.ne.jp/image/myssl_link.gif
49.212.213.242
https://www.netgroove.ne.jp/image/image/hostingindex.data_/images/hostingindex_01.gif
49.212.213.242
https://www.netgroove.ne.jp/image/logotop2.gif
49.212.213.242
https://www.netgroove.ne.jp/image/topbar_basic.gif
49.212.213.242
http://www.netgroove.ne.jp/index.html
unknown
http://ad.jp.ap.valuecommerce.com/servlet/jsbanner?sid=2030802&pid=870093556
unknown
http://www.netgroove.ne.jp/whois/
unknown
https://www21.a8.net/svt/bgt?aid=050720926822&wid=001&eno=01&mid=s00000001045001062000&mc=1
150.230.193.202
http://www.netgroove.ne.jp/mydomain/mailonly/index.html
unknown
http://www.netgroove.ne.jp/report/report.cgi?
unknown
https://www.netgroove.ne.jp/image/image/hostingindex.data_/images/hostingindex_03.gif
49.212.213.242
https://www.netgroove.ne.jp/image/hosting.gif
49.212.213.242
http://www.minim.jp
unknown
https://www.netgroove.ne.jp/error/images/500.gif
unknown
https://www.myssl.jp/favicon.ico
153.127.61.138
https://www.netgroove.ne.jp/image/t_info.gif
49.212.213.242
https://www12.a8.net/0.gif?a8mat=U74IM+DLEC1E+82A+6BMG1
150.230.193.202
http://www.netgroove.ne.jp/mydomain/server/userguide/index.html
unknown
https://www.netgroove.ne.jp/report/report.cgi
unknown
https://www.netgroove.ne.jp/image/image/companyindex.data_/images/spacer.gif
49.212.213.242
https://www.netgroove.ne.jp/image/underbar.gif
49.212.213.242
http://www.netgroove.ne.jp/company/index.html
unknown
https://www.netgroove.ne.jp/image/company1.gif
49.212.213.242
https://www.netgroove.ne.jp/image/image/companyindex.data_/images/companyindex_01.gif
49.212.213.242
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=4
unknown
http://www.netgroove.ne.jp/design/index.html
49.212.213.242
https://www.netgroove.ne.jp/image/9861_01b.gif
49.212.213.242
http://www.netgroove.ne.jp/mydomain/server/index.html
unknown
https://www.netgroove.ne.jp/image/back_b.gif
49.212.213.242
https://www.netgroove.ne.jp/design/index.html
https://www.netgroove.ne.jp/srsverify/seal_secure_site_tr.gif
49.212.213.242
https://www.netgroove.ne.jp/font.css
49.212.213.242
https://www.netgroove.ne.jp/image/c_card_s.gif
49.212.213.242
https://www.netgroove.ne.jp/image/image/companyindex.data_/images/companyindex_03.gif
49.212.213.242
https://www.netgroove.ne.jp/image/image/whoisbg.data_/images/whoisbg_02.gif
49.212.213.242
http://ad.jp.ap.valuecommerce.com/servlet/htmlbanner?sid=2030802&pid=870093556
unknown
https://www.netgroove.ne.jp/image/whatdomain2b.gif
49.212.213.242
https://www.netgroove.ne.jp/image/home1.gif
49.212.213.242
http://resellers.tucows.com/opensrs/
unknown
https://www.netgroove.ne.jp/image/contact1.gif
49.212.213.242
https://www.netgroove.ne.jp/image/domain_top_basic.gif
49.212.213.242
http://www.netgroove.ne.jp/mydomain/agreement.html
unknown
https://www.netgroove.ne.jp/manage/
unknown
https://www.netgroove.ne.jp/image/company.gif
49.212.213.242
https://www.myssl.jp/
http://www.netgroove.ne.jp/acdata/php-stats.js.php
unknown
https://www.netgroove.ne.jp/change/index.html
unknown
http://www.netgroove.ne.jp/mydomain/server/userguide/change.html
unknown
https://www.netgroove.ne.jp/image/linkicon.gif
49.212.213.242
https://www.myssl.jp/images/mysslerror.gif
unknown
http://www.netgroove.ne.jp/mydomain/pay.html
unknown
http://ck.jp.ap.valuecommerce.com/servlet/referral?sid=2030802&pid=870093556
unknown
https://www.netgroove.ne.jp/mydomain/index.html
https://www.netgroove.ne.jp/image/image/whoisbg.data_/images/whoisbg_03.gif
49.212.213.242
https://www.netgroove.ne.jp/image/image/hostingindex.data_/images/hostingindex_02.gif
49.212.213.242
https://www.netgroove.ne.jp/order/index.html
unknown
http://www.myssl.jp/
153.127.61.138
https://www.netgroove.ne.jp/image/favicon.ico
49.212.213.242
http://www.netgroove.ne.jp/contact/index.html
unknown
http://www.netgroove.ne.jp/mydomain/info/
unknown
https://www.netgroove.ne.jp/image/design.gif
49.212.213.242
http://www.netgroove.ne.jp/mydomain/privacy.html
unknown
http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash
unknown
http://www.yourname.jp/
unknown
https://www.netgroove.ne.jp/image/image/whoisbg.data_/images/whoisbg_05.gif
49.212.213.242
http://myssl.jp/
153.127.61.138
https://www.netgroove.ne.jp/image/design1.gif
49.212.213.242
http://jprs.jp
unknown
https://www.netgroove.ne.jp/image/whatdomain2.gif
49.212.213.242
https://www.netgroove.ne.jp/image/t_ssl.gif
49.212.213.242
https://www.netgroove.ne.jp/GeneratedItems/CSScriptLib.js
49.212.213.242
http://www21.a8.net/svt/bgt?aid=050720926822&wid=001&eno=01&mid=s00000001045001062000&mc=1
unknown
https://www.netgroove.ne.jp/error/images/banner.gif
unknown
https://www.netgroove.ne.jp/favicon.ico
49.212.213.242
http://www.netgroove.ne.jp/mydomain/index.html
49.212.213.242
http://www.netgroove.ne.jp/mydomain/mailonly/guide/index.html
unknown
https://www.netgroove.ne.jp/mydomain
49.212.213.242
https://www.netgroove.ne.jp/image/webmail/webmaillink.gif
49.212.213.242
https://www.netgroove.ne.jp/image/image/whoisbg.data_/images/spacer.gif
49.212.213.242
https://www.netgroove.ne.jp/image/home.gif
49.212.213.242
https://www.myssl.jp/images/myssl.gif
153.127.61.138
https://www.netgroove.ne.jp/image/JPRS_logo_w100.jpg
49.212.213.242
http://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=2030802&pid=870093556
unknown
https://www.netgroove.ne.jp/image/image/whoisbg.data_/images/whoisbg_01.gif
49.212.213.242
https://www.netgroove.ne.jp/design/sodan.html
https://www.netgroove.ne.jp/image/contact.gif
49.212.213.242
https://www.netgroove.ne.jp/image/image/companyindex.data_/images/companyindex_02.gif
49.212.213.242
https://www.netgroove.ne.jp/report/report.cgi?
49.212.213.242
http://www.netgroove.ne.jp/faq/index.html
unknown
http://px.a8.net/svt/ejp?a8mat=U74IM
unknown
https://www.netgroove.ne.jp/image/bg0409.gif
49.212.213.242
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
www21.a8.net
150.230.193.202
myssl.jp
153.127.61.138
www.myssl.jp
153.127.61.138
www12.a8.net
150.230.193.202
www.netgroove.ne.jp
49.212.213.242
www.google.com
142.250.184.228

IPs

IP
Domain
Country
Malicious
153.127.61.138
myssl.jp
Japan
239.255.255.250
unknown
Reserved
150.230.193.202
www21.a8.net
United States
192.168.2.16
unknown
unknown
49.212.213.242
www.netgroove.ne.jp
Japan
142.250.184.228
www.google.com
United States

DOM / HTML

URL
Malicious
https://www.myssl.jp/
https://www.netgroove.ne.jp/mydomain/
https://www.netgroove.ne.jp/mydomain/
https://www.netgroove.ne.jp/mydomain/index.html
https://www.netgroove.ne.jp/design/index.html
https://www.netgroove.ne.jp/design/sodan.html