Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 100
|
ASCII text, with very long lines (65348)
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
PNG image data, 608 x 456, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=960, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=960], progressive, precision 8, 150x150, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 103
|
PNG image data, 705 x 255, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=642, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=640], progressive, precision 8, 150x150, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=658, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=640], progressive, precision 8, 150x154, components 3
|
dropped
|
||
|
Chrome Cache Entry: 106
|
PNG image data, 94 x 93, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
HTML document, Unicode text, UTF-8 text, with very long lines (390), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 109
|
ASCII text, with very long lines (65350)
|
dropped
|
||
|
Chrome Cache Entry: 110
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2015, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=1504], progressive, precision 8, 150x150, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 111
|
PNG image data, 960 x 960, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=237, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=350], progressive, precision 8, 237x350, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=960, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=960], progressive, precision 8, 150x150, components 3
|
dropped
|
||
|
Chrome Cache Entry: 114
|
PNG image data, 138 x 133, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 115
|
PNG image data, 960 x 834, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
PNG image data, 705 x 329, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 118
|
PNG image data, 608 x 456, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 119
|
ASCII text, with very long lines (65350)
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=237, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=350], progressive, precision 8, 237x350, components 3
|
dropped
|
||
|
Chrome Cache Entry: 121
|
ASCII text, with very long lines (8020)
|
downloaded
|
||
|
Chrome Cache Entry: 73
|
ASCII text, with very long lines (11700)
|
downloaded
|
||
|
Chrome Cache Entry: 74
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2015, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=1504], progressive, precision 8, 150x150, components 3
|
dropped
|
||
|
Chrome Cache Entry: 75
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 76
|
PNG image data, 138 x 133, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
PNG image data, 705 x 255, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 78
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=642, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=640], progressive, precision 8, 150x150, components 3
|
dropped
|
||
|
Chrome Cache Entry: 79
|
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=730, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=729], progressive, precision 8, 150x150, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 81
|
PNG image data, 960 x 960, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 82
|
PNG image data, 705 x 329, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 83
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 84
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=658, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=640], progressive, precision 8, 150x154, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=730, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=729], progressive, precision 8, 150x150, components 3
|
dropped
|
||
|
Chrome Cache Entry: 86
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=360, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=480], progressive, precision 8, 264x406, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=360, bps=0, PhotometricIntepretation=RGB,
orientation=upper-left, width=480], progressive, precision 8, 264x406, components 3
|
dropped
|
||
|
Chrome Cache Entry: 91
|
PNG image data, 960 x 834, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 92
|
Unicode text, UTF-8 text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
Unicode text, UTF-8 text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 95
|
ASCII text, with very long lines (8139)
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
GIF image data, version 89a, 184 x 182
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
ASCII text, with very long lines (8139)
|
dropped
|
||
|
Chrome Cache Entry: 98
|
PNG image data, 94 x 93, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 99
|
ASCII text, with no line terminators
|
downloaded
|
There are 40 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1988,i,14903081262762435386,205354612108010880,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://email.edms.trackingmore.com/c/eJx0zrFuhDAMgOGnCWPE2YHAkKELr4FsxwF05EBJWun69JU6den8D_8XQz88mKXT8PCICDi6udsDJB44oUuePHiZGCABe0UvMAlP3RGGSSHOI4w--d7NiUdBAlQPKglkNq7Pb9sKyfN4bfkqauXK3Rn21m6DHwYWA0usZKlGu50X03lT2-tOJ1mNn_Z1G1hK7PJ7zVorbboe8Y9z_T7kWS7W0tD1xvVbpuP8vZTwf_sK8BMAAP__3p9Nvw#4UjjVf19156dXgi477henjyiztuh1607QELNKWKBNFUHFFI32RLCJ32096s9/84502vqz"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://email.edms.trackingmore.com/c/eJx0zrFuhDAMgOGnCWPE2YHAkKELr4FsxwF05EBJWun69JU6den8D_8XQz88mKXT8PCICDi6udsDJB44oUuePHiZGCABe0UvMAlP3RGGSSHOI4w--d7NiUdBAlQPKglkNq7Pb9sKyfN4bfkqauXK3Rn21m6DHwYWA0usZKlGu50X03lT2-tOJ1mNn_Z1G1hK7PJ7zVorbboe8Y9z_T7kWS7W0tD1xvVbpuP8vZTwf_sK8BMAAP__3p9Nvw#4UjjVf19156dXgi477henjyiztuh1607QELNKWKBNFUHFFI32RLCJ32096s9/84502vqz
|
 |
||
|
https://dementateranunculaceae.online/images/5.jpg
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/4.jpg
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/logo2.png
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/js/datehead.js
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/prize1.png
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/f_guarantee.png
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/3.jpg
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/css/animate.min.css
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/favicon.ico
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/service-worker.js
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/f_secure_1.png
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/css/style.css
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/2.jpg
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/bg.png
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/comm_pic_1.jpg
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/js/script.js
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/loadingRD.gif
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/k4DAG6nShNRrFAXWBaf-TROBGTPhcK6IU/?encoded_value=223GDT1&sub1=29ed16bab6f74acf9d948f96ead557bf&sub2=&sub3=&sub4=&sub5=23272&source_id=20184&ip=8.46.123.228&domain=www.clicknloader.com
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/flaglogo.png
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/product.png
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/comm_pic_2.jpg
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/logo.png
|
104.21.38.92
|
|
|
|
https://dementateranunculaceae.online/images/1.jpg
|
104.21.38.92
|
|
|
|
https://trk-quantivex.com/scripts/push/script/64d5p99gj0?url=
|
unknown
|
||
|
https://dementateranunculaceae.online/?encoded_value=223GDT1&sub1=29ed16bab6f74acf9d948f96ead557bf&sub2=&sub3=&sub4=&sub5=23272&source_id=20184&ip=8.46.123.228&domain=www.clicknloader.com
|
|||
|
https://www.tivozon.com/25PBNZ99/7DFLXWR8/?sub1=9&sub2=477-19156&sub3=1607-32-32096
|
104.21.80.1
|
||
|
http://dsa.asd.globalpathshala.edu.np/favicon.ico
|
159.65.226.43
|
||
|
https://secureanalytic.com/scripts/sw/script/64d5p99gj0?url=dementateranunculaceae.online
|
104.21.77.48
|
||
|
https://use.fontawesome.com/releases/v5.15.4/js/all.js
|
unknown
|
||
|
https://secureanalytic.com/scripts/ext/script/64d5p99gj0?url=dementateranunculaceae.online
|
104.21.77.48
|
||
|
https://trk-quantivex.com/scripts/push/script/64d5p99gj0?url=dementateranunculaceae.online
|
172.67.156.201
|
||
|
http://opensource.org/licenses/MIT
|
unknown
|
||
|
https://animate.style/
|
unknown
|
||
|
https://www.hb6trk.com/K31267/9WDPQ6B/
|
unknown
|
||
|
http://dsa.asd.globalpathshala.edu.np/rd
|
159.65.226.43
|
||
|
https://fontawesome.com/license/free
|
unknown
|
||
|
https://fontawesome.com
|
unknown
|
||
|
http://dsa.asd.globalpathshala.edu.np/t/4UjjVf19156dXgi477henjyiztuh1607QELNKWKBNFUHFFI32RLCJ32096s9/84502vqz
|
|||
|
https://secureanalytic.com/scripts/sw/script/64d5p99gj0?url=
|
unknown
|
||
|
https://event.trk-quantivex.com/register/event_log/v9e17zypez
|
104.21.13.162
|
||
|
http://dsa.asd.globalpathshala.edu.np/rd/
|
159.65.226.43
|
||
|
https://www.clicknloader.com/2W1Q1KK/2G76N4GF/?sub1=29ed16bab6f74acf9d948f96ead557bf&source_id=20184&sub5=101311
|
104.21.42.128
|
||
|
http://email.edms.trackingmore.com/c/eJx0zrFuhDAMgOGnCWPE2YHAkKELr4FsxwF05EBJWun69JU6den8D_8XQz88mKXT8PCICDi6udsDJB44oUuePHiZGCABe0UvMAlP3RGGSSHOI4w--d7NiUdBAlQPKglkNq7Pb9sKyfN4bfkqauXK3Rn21m6DHwYWA0usZKlGu50X03lT2-tOJ1mNn_Z1G1hK7PJ7zVorbboe8Y9z_T7kWS7W0tD1xvVbpuP8vZTwf_sK8BMAAP__3p9Nvw
|
34.110.180.34
|
||
|
https://secureanalytic.com/scripts/ext/script/64d5p99gj0?url=
|
unknown
|
There are 34 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
trk-quantivex.com
|
172.67.156.201
|
|
|
|
dsa.asd.globalpathshala.edu.np
|
159.65.226.43
|
|
|
|
dementateranunculaceae.online
|
104.21.38.92
|
|
|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
event.trk-quantivex.com
|
104.21.13.162
|
||
|
www.clicknloader.com
|
104.21.42.128
|
||
|
secureanalytic.com
|
104.21.77.48
|
||
|
www.tivozon.com
|
104.21.80.1
|
||
|
www.google.com
|
172.217.21.36
|
||
|
mailgun.org
|
34.110.180.34
|
||
|
use.fontawesome.com
|
unknown
|
||
|
email.edms.trackingmore.com
|
unknown
|
There are 2 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.38.92
|
dementateranunculaceae.online
|
United States
|
|
|
|
192.168.2.4
|
unknown
|
unknown
|
|
|
|
172.67.156.201
|
trk-quantivex.com
|
United States
|
|
|
|
159.65.226.43
|
dsa.asd.globalpathshala.edu.np
|
United States
|
|
|
|
34.110.180.34
|
mailgun.org
|
United States
|
||
|
104.21.80.1
|
www.tivozon.com
|
United States
|
||
|
104.21.42.128
|
www.clicknloader.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
104.21.13.162
|
event.trk-quantivex.com
|
United States
|
||
|
104.21.77.48
|
secureanalytic.com
|
United States
|
||
|
172.217.21.36
|
www.google.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
There are 2 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
http://dsa.asd.globalpathshala.edu.np/t/4UjjVf19156dXgi477henjyiztuh1607QELNKWKBNFUHFFI32RLCJ32096s9/84502vqz
|
||
|
https://dementateranunculaceae.online/?encoded_value=223GDT1&sub1=29ed16bab6f74acf9d948f96ead557bf&sub2=&sub3=&sub4=&sub5=23272&source_id=20184&ip=8.46.123.228&domain=www.clicknloader.com
|
||
|
https://dementateranunculaceae.online/?encoded_value=223GDT1&sub1=29ed16bab6f74acf9d948f96ead557bf&sub2=&sub3=&sub4=&sub5=23272&source_id=20184&ip=8.46.123.228&domain=www.clicknloader.com
|
||
|
https://dementateranunculaceae.online/?encoded_value=223GDT1&sub1=29ed16bab6f74acf9d948f96ead557bf&sub2=&sub3=&sub4=&sub5=23272&source_id=20184&ip=8.46.123.228&domain=www.clicknloader.com
|
||
|
https://dementateranunculaceae.online/?encoded_value=223GDT1&sub1=29ed16bab6f74acf9d948f96ead557bf&sub2=&sub3=&sub4=&sub5=23272&source_id=20184&ip=8.46.123.228&domain=www.clicknloader.com
|
||
|
https://dementateranunculaceae.online/?encoded_value=223GDT1&sub1=29ed16bab6f74acf9d948f96ead557bf&sub2=&sub3=&sub4=&sub5=23272&source_id=20184&ip=8.46.123.228&domain=www.clicknloader.com
|