Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 109
|
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 110
|
ASCII text, with very long lines (3637)
|
downloaded
|
||
|
Chrome Cache Entry: 111
|
HTML document, ASCII text, with very long lines (2602), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
HTML document, ASCII text, with very long lines (3450), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 114
|
ASCII text, with very long lines (17287), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 116
|
ASCII text, with very long lines (1877), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
ASCII text, with very long lines (2824)
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 142367
|
dropped
|
||
|
Chrome Cache Entry: 119
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
PNG image data, 594 x 332, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 122
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
ASCII text, with very long lines (17287), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 124
|
ASCII text, with very long lines (2674)
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
ASCII text, with very long lines (503)
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
PNG image data, 594 x 332, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 127
|
ASCII text, with very long lines (65451)
|
downloaded
|
||
|
Chrome Cache Entry: 128
|
PNG image data, 767 x 263, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
|
Chrome Cache Entry: 130
|
ASCII text, with very long lines (65398)
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
ASCII text, with very long lines (65398)
|
dropped
|
||
|
Chrome Cache Entry: 132
|
Unicode text, UTF-8 text, with very long lines (45900)
|
downloaded
|
||
|
Chrome Cache Entry: 133
|
PNG image data, 594 x 332, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
ASCII text, with very long lines (2230), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 135
|
ASCII text, with very long lines (11631)
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 137
|
ASCII text, with very long lines (65394)
|
dropped
|
||
|
Chrome Cache Entry: 138
|
ASCII text, with very long lines (3637)
|
dropped
|
||
|
Chrome Cache Entry: 139
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
PNG image data, 297 x 166, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 142367
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
ASCII text, with very long lines (52565)
|
dropped
|
||
|
Chrome Cache Entry: 143
|
ASCII text, with very long lines (4873), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
ASCII text, with very long lines (65460)
|
dropped
|
||
|
Chrome Cache Entry: 145
|
ASCII text, with very long lines (2824)
|
dropped
|
||
|
Chrome Cache Entry: 146
|
Unicode text, UTF-8 text, with very long lines (45900)
|
dropped
|
||
|
Chrome Cache Entry: 147
|
PNG image data, 186 x 200, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
ASCII text, with very long lines (34235), with CRLF, LF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 149
|
PNG image data, 297 x 166, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 150
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
Web Open Font Format (Version 2), TrueType, length 36748, version 0.0
|
downloaded
|
||
|
Chrome Cache Entry: 152
|
Unicode text, UTF-8 (with BOM) text, with very long lines (26071), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 153
|
ASCII text, with very long lines (65460)
|
downloaded
|
||
|
Chrome Cache Entry: 154
|
Unicode text, UTF-8 text, with very long lines (64241)
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
Unicode text, UTF-8 (with BOM) text, with very long lines (10387), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 156
|
ASCII text, with very long lines (52565)
|
downloaded
|
||
|
Chrome Cache Entry: 157
|
ASCII text, with very long lines (1789), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
ASCII text, with very long lines (4370), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 159
|
ASCII text, with very long lines (2974), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
|
Chrome Cache Entry: 161
|
Unicode text, UTF-8 text, with very long lines (64025)
|
downloaded
|
||
|
Chrome Cache Entry: 162
|
ASCII text, with very long lines (65451)
|
dropped
|
||
|
Chrome Cache Entry: 163
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
PNG image data, 594 x 332, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 165
|
Unicode text, UTF-8 (with BOM) text, with very long lines (65513), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
PNG image data, 186 x 200, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 167
|
ASCII text, with very long lines (11631)
|
dropped
|
||
|
Chrome Cache Entry: 168
|
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 169
|
ASCII text, with very long lines (65394)
|
downloaded
|
||
|
Chrome Cache Entry: 170
|
ASCII text, with very long lines (1685), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 171
|
Unicode text, UTF-8 text, with very long lines (61463)
|
dropped
|
||
|
Chrome Cache Entry: 172
|
ASCII text, with very long lines (2674)
|
dropped
|
||
|
Chrome Cache Entry: 173
|
ASCII text, with very long lines (30237)
|
dropped
|
||
|
Chrome Cache Entry: 174
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 175
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 176
|
ASCII text, with very long lines (6125), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 177
|
ASCII text, with very long lines (780), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 178
|
ASCII text, with very long lines (42133)
|
downloaded
|
||
|
Chrome Cache Entry: 179
|
Unicode text, UTF-8 text, with very long lines (61463)
|
downloaded
|
||
|
Chrome Cache Entry: 180
|
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 181
|
PNG image data, 594 x 332, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 182
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 183
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
|
Chrome Cache Entry: 184
|
PNG image data, 262 x 96, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 185
|
PNG image data, 594 x 332, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 186
|
PNG image data, 767 x 263, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 187
|
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 188
|
Web Open Font Format (Version 2), TrueType, length 29888, version 0.0
|
downloaded
|
||
|
Chrome Cache Entry: 189
|
ASCII text, with very long lines (503)
|
dropped
|
||
|
Chrome Cache Entry: 190
|
Web Open Font Format, TrueType, length 26288, version 0.0
|
downloaded
|
||
|
Chrome Cache Entry: 191
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 192
|
PNG image data, 262 x 96, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 193
|
ASCII text, with very long lines (30237)
|
downloaded
|
||
|
Chrome Cache Entry: 194
|
ASCII text, with very long lines (42133)
|
dropped
|
||
|
Chrome Cache Entry: 195
|
ASCII text, with very long lines (34235), with CRLF, LF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 196
|
ASCII text, with very long lines (3385), with no line terminators
|
downloaded
|
There are 79 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2416 --field-trial-handle=2328,i,6851776921165257546,3480618083689952521,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sgwarch-my.sharepoint.com/:f:/p/setup1/EiozDTFdgcdOj57XSlxa0wgB_yucGXpVtBz0YeRUUS4djA?e=J1BMm6&xsdata=MDV8MDJ8bG9nYW5AaG9sdHhwLmNvbXw4NzViY2I1MjBhNzQ0NjAxMGYxODA4ZGQxODZlODVlN3w0Y2NhZDYyOTg3ZWM0MmRmOTU3YTYxMmI0OTU2YmE3NXwwfDB8NjM4NjkzNTg1MTc0NTY1ODEyfFVua25vd258VFdGcGJHWnNiM2Q4ZXlKRmJYQjBlVTFoY0draU9uUnlkV1VzSWxZaU9pSXdMakF1TURBd01DSXNJbEFpT2lKWGFXNHpNaUlzSWtGT0lqb2lUV0ZwYkNJc0lsZFVJam95ZlE9PXwwfHx8&sdata=cmt5N3BwOXR0VGIwbDEyNWFnZmRKYVBMMzhQVUJ4bmJpNnppZGtydXJjST0%3d"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://sgwarch-my.sharepoint.com/:f:/p/setup1/EiozDTFdgcdOj57XSlxa0wgB_yucGXpVtBz0YeRUUS4djA?e=J1BMm6&xsdata=MDV8MDJ8bG9nYW5AaG9sdHhwLmNvbXw4NzViY2I1MjBhNzQ0NjAxMGYxODA4ZGQxODZlODVlN3w0Y2NhZDYyOTg3ZWM0MmRmOTU3YTYxMmI0OTU2YmE3NXwwfDB8NjM4NjkzNTg1MTc0NTY1ODEyfFVua25vd258VFdGcGJHWnNiM2Q4ZXlKRmJYQjBlVTFoY0draU9uUnlkV1VzSWxZaU9pSXdMakF1TURBd01DSXNJbEFpT2lKWGFXNHpNaUlzSWtGT0lqb2lUV0ZwYkNJc0lsZFVJam95ZlE9PXwwfHx8&sdata=cmt5N3BwOXR0VGIwbDEyNWFnZmRKYVBMMzhQVUJ4bmJpNnppZGtydXJjST0%3d
|
 |
||
|
https://nam04.safelinks.protection.outlook.com
|
unknown
|
||
|
https://logincdn.msftauth.net/16.000/content/js/MeControl_yl3C2NknpDMsGqlCvzLtmA2.js
|
152.199.21.175
|
||
|
http://knockoutjs.com/
|
unknown
|
||
|
https://login.microsoftonline.com
|
unknown
|
||
|
http://www.opensource.org/licenses/mit-license.php)
|
unknown
|
||
|
https://github.com/douglascrockford/JSON-js
|
unknown
|
||
|
https://login.windows-ppe.net
|
unknown
|
||
|
http://github.com/requirejs/almond/LICENSE
|
unknown
|
||
|
https://nam04.safelinks.protection.outlook.com/Content/Scripts/safelinksv2.css
|
104.47.73.156
|
||
|
https://nam04.safelinks.protection.outlook.com/Content/Scripts/site.js
|
104.47.73.156
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/FetchSessions_Core_9mEr1-U6IfYSYEIq9V-gwA2.js
|
152.199.21.175
|
||
|
https://nam04.safelinks.protection.outlook.com/Content/images/cross.png
|
104.47.73.156
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dual-spo-0005.spo-msedge.net
|
13.107.136.10
|
||
|
nam04.safelinks.eop-tm2.outlook.com
|
104.47.73.156
|
||
|
sni1gl.wpc.alphacdn.net
|
152.199.21.175
|
||
|
sni1gl.wpc.omegacdn.net
|
152.199.21.175
|
||
|
www.google.com
|
142.250.181.100
|
||
|
s-part-0035.t-0009.t-msedge.net
|
13.107.246.63
|
||
|
js.monitor.azure.com
|
unknown
|
||
|
c.s-microsoft.com
|
unknown
|
||
|
nam04.safelinks.protection.outlook.com
|
unknown
|
||
|
support.content.office.net
|
unknown
|
||
|
aadcdn.msftauth.net
|
unknown
|
||
|
sgwarch-my.sharepoint.com
|
unknown
|
||
|
logincdn.msftauth.net
|
unknown
|
||
|
login.microsoftonline.com
|
unknown
|
||
|
acctcdn.msftauth.net
|
unknown
|
||
|
mem.gfx.ms
|
unknown
|
There are 6 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.107.136.10
|
dual-spo-0005.spo-msedge.net
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
104.47.73.28
|
unknown
|
United States
|
||
|
142.250.181.100
|
www.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
152.199.21.175
|
sni1gl.wpc.alphacdn.net
|
United States
|
||
|
104.47.73.156
|
nam04.safelinks.eop-tm2.outlook.com
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsgwarch-my.sharepoint.com%2F%3Af%3A%2Fp%2Fsetup1%2FEiozDTFdgcdOj57XSlxa0wgB_yucGXpVtBz0YeRUUS4djA%3Fe%3DJ1BMm6&data=05%7C02%7Clogan%40holtxp.com%7C875bcb520a7446010f1808dd186e85e7%7C4ccad62987ec42df957a612b4956ba75%7C0%7C0%7C638693907761177650%7CBad%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyLCJBUCI6eyJGSWQiOiIxOTMyNjciLCJGTGJsIjoiVVNfMjAyX0NvbnRlbnQiLCJHZW8iOiJOQU0iLCJSZXFJZCI6Ijk2MDU2Y2ExLTYwNTQtNzAwMC0yOGM2LTViMmE2OWM3YmZlOCIsIk1JZCI6Ijc3MzE3MjgiLCJNTmFtZSI6IlVTUjE5MzI2Ny01NDYiLCJDbGllbnRJUCI6IjguNDYuMTIzLjIyOCIsIkNsaWVudC1BZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTcuMC4wLjAgU2FmYXJpLzUzNy4zNiIsIkNJRC1PcmlnaW4iOiJTUE8ifX0%3D%7C1%7CODc1YmNiNTItMGE3NC00NjAxLTBmMTgtMDhkZDE4NmU4NWU3%7C96312a5cd3664397915708dd18b9a43c%7C96056ca16054700028c6573466f3ca82&sdata=4Ast15FJtfcHdUgk4EYxyTgJnQcBnRxtPddvNJI81HM%3D&r
|
|
|
|
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsgwarch-my.sharepoint.com%2F%3Af%3A%2Fp%2Fsetup1%2FEiozDTFdgcdOj57XSlxa0wgB_yucGXpVtBz0YeRUUS4djA%3Fe%3DJ1BMm6&data=05%7C02%7Clogan%40holtxp.com%7C875bcb520a7446010f1808dd186e85e7%7C4ccad62987ec42df957a612b4956ba75%7C0%7C0%7C638693907761177650%7CBad%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyLCJBUCI6eyJGSWQiOiIxOTMyNjciLCJGTGJsIjoiVVNfMjAyX0NvbnRlbnQiLCJHZW8iOiJOQU0iLCJSZXFJZCI6Ijk2MDU2Y2ExLTYwNTQtNzAwMC0yOGM2LTViMmE2OWM3YmZlOCIsIk1JZCI6Ijc3MzE3MjgiLCJNTmFtZSI6IlVTUjE5MzI2Ny01NDYiLCJDbGllbnRJUCI6IjguNDYuMTIzLjIyOCIsIkNsaWVudC1BZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTcuMC4wLjAgU2FmYXJpLzUzNy4zNiIsIkNJRC1PcmlnaW4iOiJTUE8ifX0%3D%7C1%7CODc1YmNiNTItMGE3NC00NjAxLTBmMTgtMDhkZDE4NmU4NWU3%7C96312a5cd3664397915708dd18b9a43c%7C96056ca16054700028c6573466f3ca82&sdata=4Ast15FJtfcHdUgk4EYxyTgJnQcBnRxtPddvNJI81HM%3D&r
|
|
|
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/topic/what-to-do-when-you-are-blocked-from-a-site-and-believe-the-result-is-mistaken-6f41d3fd-55d3-467e-a5a4-49da4132bb9c
|
||
|
https://support.microsoft.com/en-us/security
|
||
|
https://support.microsoft.com/en-us/security
|
||
|
https://support.microsoft.com/en-us/security
|
||
|
https://support.microsoft.com/en-us/security
|
||
|
https://support.microsoft.com/en-us/security
|
||
|
https://support.microsoft.com/en-us/security
|
||
|
https://support.microsoft.com/en-us/security
|
||
|
https://support.microsoft.com/en-us/security
|
There are 10 hidden doms, click here to show them.