Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Import_Declainvoice.htm
|
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
|
initial sample
|
 |
|
|
Chrome Cache Entry: 67
|
JPEG image data, baseline, precision 8, 446x579, components 3
|
dropped
|
||
|
Chrome Cache Entry: 68
|
JPEG image data, baseline, precision 8, 446x579, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
PNG image data, 2048 x 2048, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
PNG image data, 2048 x 2048, 8-bit/color RGBA, non-interlaced
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\Import_Declainvoice.htm"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=2004,i,11286483845921524513,2529850306068480806,262144
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/Import_Declainvoice.htm
|
|
||
|
https://i.imgur.com/GJAwAn5.png
|
199.232.192.193
|
||
|
https://imgur.com/Zq9axgm.png
|
199.232.192.193
|
||
|
https://i.imgur.com/Zq9axgm.png
|
199.232.192.193
|
||
|
https://imgur.com/GJAwAn5.png
|
199.232.192.193
|
||
|
https://electricmotor.my/eir/PDFNEW.php
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
imgur.com
|
199.232.192.193
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
www.google.com
|
142.250.185.100
|
||
|
ipv4.imgur.map.fastly.net
|
199.232.192.193
|
||
|
15.164.165.52.in-addr.arpa
|
unknown
|
||
|
i.imgur.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
199.232.192.193
|
imgur.com
|
United States
|
||
|
142.250.185.100
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
199.232.196.193
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.168.2.13
|
unknown
|
unknown
|
||
|
192.168.2.23
|
unknown
|
unknown
|
||
|
192.168.2.14
|
unknown
|
unknown
|
||
|
142.250.184.228
|
unknown
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/Import_Declainvoice.htm
|
|