Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:17:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:17:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:17:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:17:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:17:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
ASCII text, with very long lines (4013)
|
dropped
|
||
|
Chrome Cache Entry: 102
|
ASCII text, with very long lines (4013)
|
dropped
|
||
|
Chrome Cache Entry: 103
|
ASCII text, with very long lines (4013)
|
dropped
|
||
|
Chrome Cache Entry: 104
|
HTML document, ASCII text, with very long lines (438)
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 106
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 107
|
ASCII text, with very long lines (17582)
|
dropped
|
||
|
Chrome Cache Entry: 108
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 109
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 110
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 111
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 113
|
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 114
|
ASCII text, with very long lines (22043)
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
ASCII text, with very long lines (2740)
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
ASCII text, with very long lines (17582)
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
ASCII text, with very long lines (19948), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 119
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
ASCII text, with very long lines (4013)
|
dropped
|
||
|
Chrome Cache Entry: 121
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 122
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 123
|
HTML document, ASCII text, with very long lines (438)
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 125
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 126
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 127
|
Unicode text, UTF-8 text, with very long lines (19092)
|
dropped
|
||
|
Chrome Cache Entry: 128
|
HTML document, ASCII text, with very long lines (438)
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 130
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 132
|
Unicode text, UTF-8 text, with very long lines (19092)
|
downloaded
|
||
|
Chrome Cache Entry: 133
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 134
|
ASCII text, with very long lines (4013)
|
dropped
|
||
|
Chrome Cache Entry: 90
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 91
|
ASCII text, with very long lines (2740)
|
dropped
|
||
|
Chrome Cache Entry: 92
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 93
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 94
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 95
|
ASCII text, with very long lines (4013)
|
dropped
|
||
|
Chrome Cache Entry: 96
|
ASCII text, with very long lines (19948), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 97
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 98
|
ASCII text, with very long lines (4006)
|
dropped
|
||
|
Chrome Cache Entry: 99
|
ASCII text, with very long lines (1325)
|
downloaded
|
There are 42 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2320 --field-trial-handle=2268,i,5802622656167740786,11857891175710028565,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://6lzq.sevenround.com/biVGd5U77vj/n4/NEgffsnVZMl1jr9/veMrBck/EDmDM88N1Q/r/WbQFMlJQq1/_Yvd/0PDkFNCCr56EvF/5r/sjr9Qb8xEIGcoW3/rdv/VFJ5bmuDDo/57M7xM/6H3vZ0KWPKTac/"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://6lzq.sevenround.com/biVGd5U77vj/n4/NEgffsnVZMl1jr9/veMrBck/EDmDM88N1Q/r/WbQFMlJQq1/_Yvd/0PDkFNCCr56EvF/5r/sjr9Qb8xEIGcoW3/rdv/VFJ5bmuDDo/57M7xM/6H3vZ0KWPKTac/
|
|||
|
https://umami.optoutsystem.com
|
unknown
|
||
|
https://www.emailunjoin.com/assets/script-e6d51933b9c387e0333322740e94168c.js
|
67.222.157.73
|
||
|
https://api.optoutsystem.com/optout/optout-key/decrypt
|
54.212.26.20
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
|
104.16.80.73
|
||
|
https://www.emailunjoin.com/cdn-cgi/rum?
|
67.222.157.73
|
||
|
https://oleesquat.com/0/2/58256/udb307f5b4363406b3ada9b2ff94d4e7a/
|
193.124.15.117
|
||
|
https://www.emailunjoin.com/favicon.ico
|
67.222.157.73
|
||
|
https://www.emailunjoin.com/assets/index-Xvh6_nwk.css
|
67.222.157.73
|
||
|
http://6lzq.sevenround.com/biVGd5U77vj/n4/NEgffsnVZMl1jr9/veMrBck/EDmDM88N1Q/r/WbQFMlJQq1/_Yvd/0PDkFNCCr56EvF/5r/sjr9Qb8xEIGcoW3/rdv/VFJ5bmuDDo/57M7xM/6H3vZ0KWPKTac/
|
143.244.170.10
|
||
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24/complaint
|
|||
|
https://api.optoutsystem.com/optout/optout-key/page/271045
|
54.212.26.20
|
||
|
https://www.emailunjoin.com/assets/index-jAVn9zvO.js
|
67.222.157.73
|
||
|
https://www.emailunjoin.com/assets/index-tNeFPzap.js
|
67.222.157.73
|
||
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24/
|
|||
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24
|
|||
|
https://sentry.io/api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0
|
35.186.247.156
|
||
|
https://umami.optoutsystem.com/api/send
|
54.212.26.20
|
||
|
https://www.emailunjoin.com/assets/index-rXJICDJD.css
|
67.222.157.73
|
||
|
https://www.emailunjoin.com/assets/clsx-OznMxRcp.js
|
67.222.157.73
|
||
|
https://www.emailunjoin.com/favicon.svg
|
67.222.157.73
|
||
|
https://adsense.com.
|
unknown
|
||
|
https://a.nel.cloudflare.com/report/v4?s=on8DS0RUrYWvaCYaU41aysZXsJGBv0NXrqcNXzp5YHGRw0RqJjqciiuny%2BL6MaJ1R7oHsxQd7N9czcWWIsCdgwVloUA9Eja%2Fl7Re%2BoQMzqIFxobYiFC%2FWr8ASYc1c5YgUge%2FSmZY1wM9oXBg62Fg
|
35.190.80.1
|
||
|
https://www.google.com/adsense
|
unknown
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
static.cloudflareinsights.com
|
104.16.80.73
|
||
|
api.optoutsystem.com
|
54.212.26.20
|
||
|
sentry.io
|
35.186.247.156
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
6lzq.sevenround.com
|
143.244.170.10
|
||
|
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
217.20.57.38
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
oleesquat.com
|
193.124.15.117
|
||
|
umami.optoutsystem.com
|
54.212.26.20
|
||
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
googleads.g.doubleclick.net
|
142.250.186.130
|
||
|
www.google.com
|
142.250.181.228
|
||
|
www.emailunjoin.com
|
67.222.157.73
|
||
|
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
There are 5 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
54.148.17.207
|
unknown
|
United States
|
||
|
142.250.186.130
|
googleads.g.doubleclick.net
|
United States
|
||
|
193.124.15.117
|
oleesquat.com
|
Russian Federation
|
||
|
35.186.247.156
|
sentry.io
|
United States
|
||
|
54.212.26.20
|
api.optoutsystem.com
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
104.16.80.73
|
static.cloudflareinsights.com
|
United States
|
||
|
54.190.243.193
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.181.228
|
www.google.com
|
United States
|
||
|
67.222.157.73
|
www.emailunjoin.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
104.16.79.73
|
unknown
|
United States
|
||
|
143.244.170.10
|
6lzq.sevenround.com
|
United States
|
There are 4 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24
|
||
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24
|
||
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24
|
||
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24/complaint
|
||
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24/complaint
|
||
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24/
|
||
|
https://www.emailunjoin.com/o-twxs-r36-38745e47f6945333b7c390250dec0c24/
|