IOC Report
https://maya-lopez.filemail.com/t/BLFGBJSQ

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 9 15:38:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 9 15:38:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 9 15:38:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 9 15:38:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 9 15:38:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\Downloads\Inv-91129.pdf (copy)
PDF document, version 1.6 (zip deflate encoded)
dropped
C:\Users\user\Downloads\Inv-91129.pdf.crdownload
PDF document, version 1.6 (zip deflate encoded)
dropped
C:\Users\user\Downloads\e9e16f55-defc-4645-85bc-57c7653514fc.tmp
PDF document, version 1.6 (zip deflate encoded)
dropped
Chrome Cache Entry: 111
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
downloaded
Chrome Cache Entry: 112
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 113
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 114
ASCII text, with very long lines (4814), with no line terminators
downloaded
Chrome Cache Entry: 116
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 117
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x1200, components 3
downloaded
Chrome Cache Entry: 118
HTML document, ASCII text, with very long lines (9881)
dropped
Chrome Cache Entry: 119
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x1200, components 3
downloaded
Chrome Cache Entry: 121
ASCII text, with very long lines (65450), with CRLF line terminators
dropped
Chrome Cache Entry: 122
PNG image data, 22 x 69, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 123
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x1231, components 3
dropped
Chrome Cache Entry: 126
ASCII text, with very long lines (4831), with no line terminators
dropped
Chrome Cache Entry: 127
HTML document, ASCII text, with very long lines (63029), with CRLF line terminators
downloaded
Chrome Cache Entry: 128
HTML document, ASCII text, with very long lines (815)
downloaded
Chrome Cache Entry: 130
ASCII text, with very long lines (51734)
downloaded
Chrome Cache Entry: 132
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 134
Web Open Font Format (Version 2), TrueType, length 156892, version 329.30932
downloaded
Chrome Cache Entry: 136
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x1200, components 3
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (1530), with no line terminators
dropped
Chrome Cache Entry: 142
Web Open Font Format (Version 2), TrueType, length 23484, version 1.0
downloaded
Chrome Cache Entry: 143
Unicode text, UTF-8 text, with very long lines (65450)
downloaded
Chrome Cache Entry: 145
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
downloaded
Chrome Cache Entry: 147
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 149
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x1196, components 3
downloaded
Chrome Cache Entry: 151
JSON data
downloaded
Chrome Cache Entry: 153
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 155
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 156
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 157
ASCII text, with very long lines (545)
downloaded
Chrome Cache Entry: 159
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
downloaded
Chrome Cache Entry: 161
ASCII text, with very long lines (10450)
downloaded
Chrome Cache Entry: 163
ASCII text, with very long lines (3969)
dropped
Chrome Cache Entry: 164
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 165
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 166
ASCII text, with very long lines (54011)
dropped
Chrome Cache Entry: 168
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 513
downloaded
Chrome Cache Entry: 169
HTML document, ASCII text, with very long lines (9817)
downloaded
Chrome Cache Entry: 172
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
downloaded
Chrome Cache Entry: 173
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 174
ASCII text, with very long lines (1601)
downloaded
Chrome Cache Entry: 175
ASCII text, with very long lines (18281)
dropped
Chrome Cache Entry: 176
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
dropped
Chrome Cache Entry: 177
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1600x1600, components 3
downloaded
Chrome Cache Entry: 178
ASCII text, with very long lines (1223)
downloaded
Chrome Cache Entry: 179
ASCII text, with very long lines (47691)
downloaded
Chrome Cache Entry: 182
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 184
SVG Scalable Vector Graphics image
downloaded
There are 47 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://maya-lopez.filemail.com/t/BLFGBJSQ
malicious
file:///C:/Users/user/Downloads/Inv-91129.pdf
malicious
https://app.filemail.com/t/BLFGBJSQ
malicious

Domains

Name
IP
Malicious
skov-dk.com
217.77.11.121
 malicious
jsdelivr.map.fastly.net
151.101.193.229
a.nel.cloudflare.com
35.190.80.1
app.filemail.com
178.21.23.181
s-part-0035.t-0009.t-msedge.net
13.107.246.63
www.filemail.com
178.21.23.181
googleads.g.doubleclick.net
172.217.17.66
cdnjs.cloudflare.com
104.17.24.14
ip.1013.filemail.com
142.215.209.74
challenges.cloudflare.com
104.18.94.41
sni1gl.wpc.omegacdn.net
152.199.21.175
www.google.com
142.250.181.100
td.doubleclick.net
172.217.17.34
api-001.filemail.com
20.82.124.160
d19d360lklgih4.cloudfront.net
18.165.220.53
cdn.jsdelivr.net
unknown
aadcdn.msftauth.net
unknown
1013.filemail.com
unknown
maya-lopez.filemail.com
unknown
analytics.filemail.com
unknown
ok4static.oktacdn.com
unknown
There are 11 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
217.77.11.121
skov-dk.com
United Kingdom
malicious
13.107.246.63
s-part-0035.t-0009.t-msedge.net
United States
172.217.17.66
googleads.g.doubleclick.net
United States
151.101.193.229
jsdelivr.map.fastly.net
United States
104.18.94.41
challenges.cloudflare.com
United States
192.168.2.16
unknown
unknown
216.58.208.227
unknown
United States
142.250.181.136
unknown
United States
20.82.124.160
api-001.filemail.com
United States
172.217.21.35
unknown
United States
172.217.21.36
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
142.250.181.66
unknown
United States
104.17.24.14
cdnjs.cloudflare.com
United States
172.217.19.238
unknown
United States
1.1.1.1
unknown
Australia
172.217.17.34
td.doubleclick.net
United States
172.217.17.78
unknown
United States
172.217.17.35
unknown
United States
151.101.65.229
unknown
United States
104.18.95.41
unknown
United States
18.165.220.53
d19d360lklgih4.cloudfront.net
United States
142.250.181.100
www.google.com
United States
142.250.181.106
unknown
United States
239.255.255.250
unknown
Reserved
178.21.23.181
app.filemail.com
Netherlands
152.199.21.175
sni1gl.wpc.omegacdn.net
United States
173.194.222.84
unknown
United States
142.215.209.74
ip.1013.filemail.com
Canada
127.0.0.1
unknown
unknown
172.217.17.72
unknown
United States
104.17.25.14
unknown
United States
There are 22 hidden IPs, click here to show them.