IOC Report
https:/wentworth.az1.qualtrics.com/jfe/form/SV_bEnaGtb0Jw7NaWa?Q_DL=QrigjMFTYZVVTqH_bEnaGtb0Jw7NaWa_CGC_gCML4CuBSL0ABp7&Q_CHL=email

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 143
PNG image data, 3001 x 3222, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 144
ASCII text, with very long lines (42270), with no line terminators
downloaded
Chrome Cache Entry: 145
ASCII text, with very long lines (11183), with no line terminators
downloaded
Chrome Cache Entry: 146
HTML document, ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 147
ASCII text, with very long lines (20437), with no line terminators
downloaded
Chrome Cache Entry: 148
ASCII text, with very long lines (65424)
dropped
Chrome Cache Entry: 149
Unicode text, UTF-8 text, with very long lines (65426)
downloaded
Chrome Cache Entry: 150
HTML document, ASCII text, with very long lines (2707), with no line terminators
downloaded
Chrome Cache Entry: 151
PNG image data, 910 x 139, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 152
ASCII text, with very long lines (20437), with no line terminators
dropped
Chrome Cache Entry: 153
Web Open Font Format, TrueType, length 1004, version 1.0
downloaded
Chrome Cache Entry: 154
HTML document, ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 155
ASCII text, with very long lines (11183), with no line terminators
dropped
Chrome Cache Entry: 156
TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 26 names, Macintosh, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)PoppinsMedium2.201;ITFO;Popp
downloaded
Chrome Cache Entry: 157
PNG image data, 1459 x 368, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 158
data
downloaded
Chrome Cache Entry: 159
ASCII text, with very long lines (42270), with no line terminators
dropped
Chrome Cache Entry: 160
PNG image data, 3001 x 3222, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 161
ASCII text, with very long lines (47710), with no line terminators
dropped
Chrome Cache Entry: 162
ASCII text, with very long lines (65444)
downloaded
Chrome Cache Entry: 163
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 164
Unicode text, UTF-8 text, with very long lines (559)
downloaded
Chrome Cache Entry: 165
PNG image data, 910 x 139, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 166
data
dropped
Chrome Cache Entry: 167
Unicode text, UTF-8 text, with very long lines (65426)
dropped
Chrome Cache Entry: 168
HTML document, ASCII text, with very long lines (2707), with no line terminators
dropped
Chrome Cache Entry: 169
ASCII text, with very long lines (65444)
dropped
Chrome Cache Entry: 170
ASCII text, with very long lines (24499), with no line terminators
dropped
Chrome Cache Entry: 171
ASCII text, with very long lines (36501), with no line terminators
dropped
Chrome Cache Entry: 172
TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 26 names, Macintosh, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)PoppinsLight2.201;ITFO;Poppi
downloaded
Chrome Cache Entry: 173
ASCII text, with very long lines (65424)
downloaded
Chrome Cache Entry: 174
PNG image data, 1459 x 368, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 175
ASCII text, with very long lines (36501), with no line terminators
downloaded
Chrome Cache Entry: 176
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 177
ASCII text, with very long lines (24499), with no line terminators
downloaded
Chrome Cache Entry: 178
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 179
ASCII text, with very long lines (47710), with no line terminators
downloaded
There are 28 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1736 --field-trial-handle=2012,i,2871850995218753826,7982395101669501192,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https:/wentworth.az1.qualtrics.com/jfe/form/SV_bEnaGtb0Jw7NaWa?Q_DL=QrigjMFTYZVVTqH_bEnaGtb0Jw7NaWa_CGC_gCML4CuBSL0ABp7&Q_CHL=email"

URLs

Name
IP
Malicious
https:/wentworth.az1.qualtrics.com/jfe/form/SV_bEnaGtb0Jw7NaWa?Q_DL=QrigjMFTYZVVTqH_bEnaGtb0Jw7NaWa_CGC_gCML4CuBSL0ABp7&Q_CHL=email
https://indiantypefoundry.comThis
unknown
https://wentworth.az1.qualtrics.com/jfe/form/SV_bEnaGtb0Jw7NaWa?Q_DL=QrigjMFTYZVVTqH_bEnaGtb0Jw7NaWa_CGC_gCML4CuBSL0ABp7&Q_CHL=email
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLPoppinsMedium
unknown
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL
unknown
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLPoppinsLight
unknown
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLCopyright
unknown

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.214.172
s-part-0044.t-0009.fb-t-msedge.net
13.107.253.72
s-part-0017.t-0009.t-msedge.net
13.107.246.45
www.google.com
172.217.18.4
fp2e7a.wpc.phicdn.net
192.229.221.95
wentworth.az1.qualtrics.com
unknown
eu.qualtrics.com
unknown
qualtricsxmhgpw8frtb.qualtrics.com
unknown

IPs

IP
Domain
Country
Malicious
239.255.255.250
unknown
Reserved
172.217.18.4
www.google.com
United States
192.168.2.4
unknown
unknown

DOM / HTML

URL
Malicious
https://wentworth.az1.qualtrics.com/jfe/form/SV_bEnaGtb0Jw7NaWa?Q_DL=QrigjMFTYZVVTqH_bEnaGtb0Jw7NaWa_CGC_gCML4CuBSL0ABp7&Q_CHL=email
https://wentworth.az1.qualtrics.com/jfe/form/SV_bEnaGtb0Jw7NaWa?Q_DL=QrigjMFTYZVVTqH_bEnaGtb0Jw7NaWa_CGC_gCML4CuBSL0ABp7&Q_CHL=email