Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 57
|
HTML document, ASCII text, with very long lines (881)
|
downloaded
|
||
|
Chrome Cache Entry: 58
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 59
|
gzip compressed data, max speed, from Unix, original size modulo 2^32 2086
|
downloaded
|
||
|
Chrome Cache Entry: 60
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 61
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 62
|
HTML document, ASCII text, with very long lines (29706), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 63
|
HTML document, ASCII text, with very long lines (881)
|
dropped
|
||
|
Chrome Cache Entry: 64
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 65
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 66
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 67
|
HTML document, ASCII text, with very long lines (881)
|
downloaded
|
||
|
Chrome Cache Entry: 68
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
gzip compressed data, max speed, from Unix, original size modulo 2^32 688
|
downloaded
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2008,i,838962248140844,11012590354686055809,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ok.clicknowvip.com"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=5636 --field-trial-handle=2008,i,838962248140844,11012590354686055809,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService
--lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5760 --field-trial-handle=2008,i,838962248140844,11012590354686055809,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ok.clicknowvip.com
|
 |
||
|
http://ok.clicknowvip.com/page/bouncy.php?&bpae=GbhGd6c6okx%2Fj3OE4HtYIA68CX9ntwpoDg8E5j%2F4dndljne37pKkD5CpSoioxJaypSWFN%2B%2F7d0pdJjT%2FXeAaZtK52aNdDQePqFw%2BU3EtFy8HVw1CurFHa9v1SNkwpEvnt6kapzzY0jmrtiBi%2Fs0p6Hg1%2BWybmADL5b%2FeGqxaUo%2B3ZgqC1TD15ONDM9JCdp0IuM2%2F0ahg0EaD%2B3knPKHcpKzBm7rSKjhlh7dhj2PtSd9vXMAEGyg4Pdl4F9WFOCMl66J4OK%2FdlD4%2BJGBkAIUa4c04kq%2BFeoq%2FA6%2BDbxRArOdXle6ANZXCYNYN4VzpUDKqHkNwNdhyHvjL72y%2Fvg1F7wOrPTIlFWMmR%2FUJVZi%2FtHCN2VT7pp%2F4kFPLl%2Fsqa62NdgRS%2FlX0MozXYx6%2FHCam5PersGjq21a7r7kzBfCWTg%3D%3D&redirectType=js&inIframe=false&inPopUp=false
|
72.52.178.23
|
|
|
|
http://ok.clicknowvip.com/
|
72.52.178.23
|
|
|
|
https://qdjm0rrmgivd.n4.adsco.re/
|
38.132.109.126
|
||
|
http://google.com/
|
unknown
|
||
|
https://c.adsco.re/favicon.ico?type=log&code=
|
unknown
|
||
|
https://c.adsco.re
|
unknown
|
||
|
https://github.com/nodeca/pako
|
unknown
|
||
|
https://826470.visualmirage.co/
|
|||
|
http://click-v4.jundclikrmdi.com/click?i=pmThu4xdySo_0
|
198.134.116.17
|
||
|
https://adsco.re/
|
unknown
|
||
|
https://qdjm0rrmgivd.s4.adsco.re/
|
185.200.116.60
|
||
|
https://4.adsco.re/
|
162.252.214.5
|
||
|
https://adsco.re/p
|
162.252.214.5
|
||
|
http://c.adsco.re
|
unknown
|
||
|
https://826470.visualmirage.co/?jspr=1&mlk=4Zd8bnYIEreyAf9Bw%2BOiEk9nO2KWfcPufufYC%2Fx57LcXye4UKVp3W
|
unknown
|
||
|
https://6.adsco.re/
|
104.17.167.186
|
||
|
https://6.adsco.re:2087/
|
unknown
|
||
|
https://www.dhgate.com?f=bm%7Caff%7Cyfaf%7C864561%7C864561_885949_336400%7CL65ae6abfe4b015d01d868cee
|
unknown
|
||
|
https://qdjm0rrmgivd.l4.adsco.re/
|
185.200.118.62
|
||
|
https://c.adsco.re/
|
104.17.167.186
|
||
|
https://4.adsco.re:2087/
|
unknown
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
leoyard.xml-v4.ak-is2.net
|
198.134.116.17
|
||
|
adsco.re
|
162.252.214.5
|
||
|
826470.visualmirage.co
|
172.67.222.251
|
||
|
6.adsco.re
|
104.17.167.186
|
||
|
4.adsco.re
|
162.252.214.5
|
||
|
qdjm0rrmgivd.n4.adsco.re
|
38.132.109.126
|
||
|
c.adsco.re
|
104.17.167.186
|
||
|
www.google.com
|
142.250.184.228
|
||
|
qdjm0rrmgivd.s4.adsco.re
|
185.200.116.60
|
||
|
ok.clicknowvip.com
|
72.52.178.23
|
||
|
qdjm0rrmgivd.l4.adsco.re
|
185.200.118.62
|
||
|
_2087._https.6.adsco.re
|
unknown
|
||
|
www.dhgate.com
|
unknown
|
||
|
_2087._https.4.adsco.re
|
unknown
|
||
|
click-v4.jundclikrmdi.com
|
unknown
|
There are 5 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.200.116.90
|
unknown
|
United Kingdom
|
||
|
185.200.118.90
|
unknown
|
United Kingdom
|
||
|
185.200.118.62
|
qdjm0rrmgivd.l4.adsco.re
|
United Kingdom
|
||
|
38.132.109.186
|
unknown
|
United States
|
||
|
185.200.116.60
|
qdjm0rrmgivd.s4.adsco.re
|
United Kingdom
|
||
|
162.252.214.5
|
adsco.re
|
United States
|
||
|
38.132.109.126
|
qdjm0rrmgivd.n4.adsco.re
|
United States
|
||
|
172.67.222.251
|
826470.visualmirage.co
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
72.52.178.23
|
ok.clicknowvip.com
|
United States
|
||
|
198.134.116.17
|
leoyard.xml-v4.ak-is2.net
|
United States
|
||
|
104.17.166.186
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
104.17.167.186
|
6.adsco.re
|
United States
|
||
|
142.250.184.228
|
www.google.com
|
United States
|
There are 5 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://826470.visualmirage.co/?mlk=4Zd8bnYIEreyAf9Bw%2BOiEk9nO2KWfcPufufYC%2Fx57LcXye4UKVp3WO7csbbBI%2BMNyC8C6DW%2FkYfnOlQXltkCzgMA7Ea9JlFMzFSCQ1vlbCdQmxBJ%2Bx73wMA%2B4nuHYWQxPNfcV6mVtYI5IKVK3hSKQVZv2kjCcJCV9NG%2Fhars7BzJSNvFJ3OpAIx4rCrnOc6jc6wE6Zpvfo%2F4qcraOFkKPf53%2FDrTLRl7XAn1JV%2FqaIP8VGgO0fDsOhH%2Fqm%2BCOhd09sYGUDkWCMh6qSBKTf8zK4beipqr%2FOakh91ifCNhd9DwlA4aF1xUIzH%2FpRt8tzTV43NnWzeB8ZywYOmazjwu%2BrJKYoVV97xjFHCf5ZSu0lT1IaK5X7cu1E8GsCxq6r%2BGFgkx6Q7nKWl%2Bt58f%2BIgJw5%2B2dmW9NEPvowcttM4oj1CehQxDjNLv8Y%2BDBLVNEXa%2B3OpaOUbuGeyYlrKSBRtsY80bINkXO53oNOyqdsV7VFjG74Ts9iJS0n7pMR%2FWJJeHuMqDg2l5CwuMYIZdfrrMZg%3D%3D
|
||
|
https://826470.visualmirage.co/
|