IOC Report
https://f66mv0kd.r.eu-west-1.awstrack.me/L0/https:%2F%2Fdrive.google.com%2Ffile%2Fd%2F1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh%2Fview%3Fusp=sharing/1/01020192d55b8c24-97675204-e5f2-418e-a3a9-716090b716c2-000000/GON8tjkNSJ6erX57Uvhm86QBKCA=397

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
ASCII text, with very long lines (2287)
downloaded
Chrome Cache Entry: 101
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 102
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 103
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 104
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 105
ASCII text, with very long lines (1195)
dropped
Chrome Cache Entry: 106
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 107
ASCII text, with very long lines (604)
downloaded
Chrome Cache Entry: 108
HTML document, ASCII text
downloaded
Chrome Cache Entry: 109
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 110
ASCII text, with very long lines (4009)
downloaded
Chrome Cache Entry: 111
PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 112
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
dropped
Chrome Cache Entry: 113
ASCII text, with very long lines (4009)
dropped
Chrome Cache Entry: 114
ASCII text, with very long lines (1195)
downloaded
Chrome Cache Entry: 115
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 116
ASCII text
downloaded
Chrome Cache Entry: 117
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 118
JSON data
dropped
Chrome Cache Entry: 119
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1448, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 120
JSON data
dropped
Chrome Cache Entry: 121
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
dropped
Chrome Cache Entry: 122
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
downloaded
Chrome Cache Entry: 123
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 124
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 125
ASCII text, with very long lines (684)
downloaded
Chrome Cache Entry: 126
ASCII text, with very long lines (4665)
dropped
Chrome Cache Entry: 127
JSON data
downloaded
Chrome Cache Entry: 128
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 129
ASCII text, with very long lines (611)
downloaded
Chrome Cache Entry: 130
ASCII text, with very long lines (2287)
dropped
Chrome Cache Entry: 75
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 76
ASCII text, with very long lines (2049)
dropped
Chrome Cache Entry: 77
JSON data
downloaded
Chrome Cache Entry: 78
PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 79
ASCII text, with very long lines (684)
dropped
Chrome Cache Entry: 80
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 81
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1448, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 82
ASCII text, with very long lines (4328)
downloaded
Chrome Cache Entry: 83
ASCII text, with very long lines (1259)
downloaded
Chrome Cache Entry: 84
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 85
ASCII text, with very long lines (3274), with no line terminators
downloaded
Chrome Cache Entry: 86
ASCII text, with very long lines (2258)
dropped
Chrome Cache Entry: 87
ASCII text, with very long lines (604)
dropped
Chrome Cache Entry: 88
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 89
ASCII text, with very long lines (4328)
dropped
Chrome Cache Entry: 90
ASCII text, with very long lines (1259)
dropped
Chrome Cache Entry: 91
Web Open Font Format (Version 2), TrueType, length 34184, version 1.0
downloaded
Chrome Cache Entry: 92
ASCII text, with very long lines (2049)
downloaded
Chrome Cache Entry: 93
ASCII text, with very long lines (4665)
downloaded
Chrome Cache Entry: 94
ASCII text, with very long lines (611)
dropped
Chrome Cache Entry: 95
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 96
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 97
ASCII text, with very long lines (2258)
downloaded
Chrome Cache Entry: 98
ASCII text, with very long lines (1302)
downloaded
Chrome Cache Entry: 99
ASCII text, with very long lines (1302)
dropped
There are 47 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 --field-trial-handle=1752,i,9014225724315281439,3053158090596537725,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://f66mv0kd.r.eu-west-1.awstrack.me/L0/https:%2F%2Fdrive.google.com%2Ffile%2Fd%2F1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh%2Fview%3Fusp=sharing/1/01020192d55b8c24-97675204-e5f2-418e-a3a9-716090b716c2-000000/GON8tjkNSJ6erX57Uvhm86QBKCA=397"

URLs

Name
IP
Malicious
https://f66mv0kd.r.eu-west-1.awstrack.me/L0/https:%2F%2Fdrive.google.com%2Ffile%2Fd%2F1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh%2Fview%3Fusp=sharing/1/01020192d55b8c24-97675204-e5f2-418e-a3a9-716090b716c2-000000/GON8tjkNSJ6erX57Uvhm86QBKCA=397
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0?le=scs
172.217.16.142
https://apis.google.com/js/googleapis.proxy.js?onload=startup
172.217.16.142
https://signaler-staging.sandbox.google.com
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_1
142.250.186.46
https://feedback.googleusercontent.com/resources/annotator.css
unknown
http://www.broofa.com
unknown
https://apis.google.com/js/client.js
unknown
https://feedback2-test.corp.googleusercontent.com/tools/feedback/%
unknown
https://support.google.com
unknown
https://apis.google.com/js/googleapis.proxy.js
unknown
http://localhost.proxy.googlers.com/inapp/
unknown
https://stagingqual-feedback-pa-googleapis.sandbox.google.com
unknown
https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
unknown
https://support.google.com/drive/answer/2423485?hl=%s
unknown
https://help.youtube.com/tools/feedback/
unknown
https://onepick-autopush.sandbox.google.com/picker/minpick/main
unknown
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
unknown
https://docs.google.com/document/d/1kganm9BHI3TsF8ogVulX2o4DzzO8XA4gu8aIKneTTNU/preview
unknown
https://policies.google.com/terms
unknown
https://www.youtube.com
unknown
https://asx-frontend-staging.corp.google.com/tools/feedback/
unknown
https://www.google.com
unknown
https://support.google.com/drive/answer/2407404?hl=en
unknown
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/docos/p/sync?resourcekey&id=1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh&reqid=0
142.250.185.142
https://pay.google.com/gp/v/widget/save
unknown
https://workspace.google.com
unknown
https://onepick-staging.sandbox.google.com/picker/minpick/main
unknown
https://support.google.com/legal/answer/3110420
unknown
https://support.google.com/docs/answer/49114
unknown
https://support.google.com/drive/answer/2423694
unknown
https://support.google.com/google-workspace-individual/?p=esignature_signer_terms
unknown
https://drive-thirdparty.googleusercontent.com/
unknown
https://www.google.com/shopping/customerreviews/optin?usegapi=1
unknown
https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/
unknown
https://onepick-preprod.sandbox.google.com/picker/minpick/main
unknown
https://developers.google.com/
unknown
https://onepick-staging-drivequal.sandbox.google.com/picker/minpick/main
unknown
https://calendar.google.com/calendar
unknown
https://developers.google.com/identity/gsi/web/guides/gis-migration)
unknown
https://www.google.com/tools/feedback
unknown
https://sandbox.google.com/inapp/%
unknown
https://tasks.google.com/
unknown
https://www.google.com/recaptcha/api.js?trustedtypes=true
unknown
https://apis.google.com/js/api.js
unknown
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
142.250.186.164
https://support.google.com/docs?p=vids-stock-content
unknown
https://www.google.com/tools/feedback/
unknown
https://www.youtube.com/subscribe_embed?usegapi=1
unknown
https://feedback2-test.corp.google.com/tools/feedback/%
unknown
https://punctual-dev.corp.google.com
unknown
https://plus.google.com
unknown
https://asx-frontend-autopush.corp.google.de/tools/feedback/
unknown
https://play.google.com/log?format=json&hasfast=true
172.217.18.14
https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/
unknown
https://clients5.google.com/webstore/wall/widget
unknown
https://asx-frontend-autopush.corp.google.com/inapp/
unknown
https://support.google.com/drive?p=gemini_drive_pdf
unknown
https://feedback.googleusercontent.com/resources/render_frame2.html
unknown
https://sandbox.google.com/tools/feedback/%
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0
142.250.186.46
https://localhost.corp.google.com/inapp/
unknown
https://support.google.com/drive/answer/7650301
unknown
https://drive.google.com
unknown
https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
unknown
https://policies.google.com/privacy
unknown
https://drive.google.com/requestreview?id=
unknown
https://support.google.com/docs/answer/65129?hl=en
unknown
https://f66mv0kd.r.eu-west-1.awstrack.me/L0/https:%2F%2Fdrive.google.com%2Ffile%2Fd%2F1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh%2Fview%3Fusp=sharing/1/01020192d55b8c24-97675204-e5f2-418e-a3a9-716090b716c2-000000/GON8tjkNSJ6erX57Uvhm86QBKCA=397
34.241.216.206
https://asx-frontend-staging.corp.google.com/inapp/
unknown
https://drive.google.com/drive/my-drive
unknown
https://support.google.com/docs/answer/13447609
unknown
https://fonts.google.com/license/googlerestricted
unknown
https://gemini.google.com/gems/view
unknown
https://clients6.google.com
unknown
http://localhost.corp.google.com/inapp/
unknown
https://play.google.com
unknown
https://clients5.google.com
unknown
https://drive.google.com/drive-viewer/AKGpihaRBcvu4JRBFfDDRgYRtwKmuu0drAqdCC6_2oQNoWZB38sbwElvNQqvE4d5wNITn2rSuamqoRCCYVxlIVo76PAgnxo9ljKb_wc=s1600-rw-v1
142.250.185.142
https://console.developers.google.com/
unknown
https://signaler-pa.youtube.com
unknown
https://support.google.com/inapp/%
unknown
https://asx-help-frontend-autopush.corp.youtube.com/inapp/
unknown
https://drivemetadata.clients6.google.com
unknown
https://support.google.com/docs/answer/148505
unknown
https://support.google.com/
unknown
https://support.google.com/docs/answer/37603
unknown
https://www.google.com/shopping/customerreviews/badge?usegapi=1
unknown
https://support.google.com/contacts/answer/7345608
unknown
https://drive.google.com/savetodrivebutton?usegapi=1
unknown
https://support.google.com/docs/answer/2494893?co=GENIE.Platform%3DDesktop#zippy=%2Cprevent-people-f
unknown
https://scone-pa.clients6.google.com
unknown
https://lh3.googleusercontent.com/a/default-user
unknown
https://support.google.com/inapp/
unknown
https://asx-frontend-autopush.corp.google.co.uk/inapp/
unknown
https://developers.google.com/api-client-library/javascript/reference/referencedocs
unknown
https://apis.google.com
unknown
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view?usp=sharing
142.250.185.142
https://drive.google.com/auth_warmup
142.250.185.142
https://asx-frontend-autopush.corp.google.com/tools/feedback/
unknown
https://asx-frontend-autopush.corp.youtube.com/tools/feedback/
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
blobcomments-pa.clients6.google.com
142.250.181.234
bg.microsoft.map.fastly.net
199.232.210.172
play.google.com
172.217.18.14
plus.l.google.com
142.250.186.46
drive.google.com
142.250.185.142
www.google.com
142.250.186.164
baconredirects-elb-1vu8uzbbqecyf-1056340931.eu-west-1.elb.amazonaws.com
34.241.216.206
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
217.20.57.35
peoplestackwebexperiments-pa.clients6.google.com
142.250.184.234
fp2e7a.wpc.phicdn.net
192.229.221.95
f66mv0kd.r.eu-west-1.awstrack.me
unknown
apis.google.com
unknown
There are 2 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
142.250.186.46
plus.l.google.com
United States
172.217.18.14
play.google.com
United States
192.168.2.6
unknown
unknown
34.241.216.206
baconredirects-elb-1vu8uzbbqecyf-1056340931.eu-west-1.elb.amazonaws.com
United States
142.250.185.142
drive.google.com
United States
142.250.186.110
unknown
United States
172.217.16.142
unknown
United States
239.255.255.250
unknown
Reserved
142.250.186.164
www.google.com
United States

DOM / HTML

URL
Malicious
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view
https://drive.google.com/file/d/1E4lmFGl-csyBU6z_PWZqfTFtji4q04Mh/view