IOC Report
https://laimilano.powerappsportals.com/

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 101
assembler source, ASCII text, with very long lines (496)
downloaded
Chrome Cache Entry: 102
JSON data
dropped
Chrome Cache Entry: 103
PNG image data, 61 x 73, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 104
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 105
ASCII text, with very long lines (48395)
dropped
Chrome Cache Entry: 106
ASCII text, with very long lines (11766), with no line terminators
downloaded
Chrome Cache Entry: 107
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
downloaded
Chrome Cache Entry: 108
ASCII text, with very long lines (61300)
dropped
Chrome Cache Entry: 109
ASCII text, with very long lines (39862)
downloaded
Chrome Cache Entry: 110
PNG image data, 51 x 42, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 111
PNG image data, 50 x 58, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 112
PNG image data, 50 x 58, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 113
ASCII text, with very long lines (65447)
dropped
Chrome Cache Entry: 114
ASCII text, with very long lines (48395)
downloaded
Chrome Cache Entry: 115
PNG image data, 61 x 73, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 116
ASCII text, with very long lines (28287)
downloaded
Chrome Cache Entry: 117
ASCII text, with very long lines (65312), with CRLF line terminators
downloaded
Chrome Cache Entry: 118
ASCII text, with very long lines (1835)
dropped
Chrome Cache Entry: 119
ASCII text, with very long lines (2804)
dropped
Chrome Cache Entry: 120
JSON data
downloaded
Chrome Cache Entry: 121
JSON data
dropped
Chrome Cache Entry: 122
ASCII text, with very long lines (383)
downloaded
Chrome Cache Entry: 123
ASCII text, with very long lines (42815)
dropped
Chrome Cache Entry: 124
Unicode text, UTF-8 text, with very long lines (65445)
downloaded
Chrome Cache Entry: 125
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 126
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 127
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 128
PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 129
PNG image data, 51 x 42, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 130
JSON data
dropped
Chrome Cache Entry: 131
Unicode text, UTF-8 text, with CRLF line terminators
dropped
Chrome Cache Entry: 132
ASCII text, with very long lines (65294), with CRLF line terminators
dropped
Chrome Cache Entry: 133
JSON data
dropped
Chrome Cache Entry: 134
C++ source, ASCII text, with very long lines (8608)
downloaded
Chrome Cache Entry: 135
JSON data
downloaded
Chrome Cache Entry: 136
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 137
C++ source, ASCII text, with very long lines (8608)
dropped
Chrome Cache Entry: 138
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 139
ASCII text, with very long lines (8422)
dropped
Chrome Cache Entry: 140
ASCII text, with very long lines (65393), with CRLF line terminators
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (8735), with no line terminators
downloaded
Chrome Cache Entry: 142
ASCII text, with very long lines (25293)
dropped
Chrome Cache Entry: 143
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 144
PNG image data, 49 x 63, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 145
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 146
ASCII text, with very long lines (39862)
dropped
Chrome Cache Entry: 147
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 148
ASCII text, with very long lines (65393), with CRLF line terminators
dropped
Chrome Cache Entry: 149
Unicode text, UTF-8 text, with very long lines (61934), with no line terminators
downloaded
Chrome Cache Entry: 150
ASCII text, with very long lines (540), with no line terminators
downloaded
Chrome Cache Entry: 151
PNG image data, 263 x 31, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 152
ASCII text, with very long lines (64184)
downloaded
Chrome Cache Entry: 153
Unicode text, UTF-8 text, with very long lines (61934), with no line terminators
dropped
Chrome Cache Entry: 154
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 155
PNG image data, 49 x 63, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 156
ASCII text, with very long lines (394), with CRLF line terminators
downloaded
Chrome Cache Entry: 157
JSON data
dropped
Chrome Cache Entry: 158
ASCII text, with very long lines (361), with no line terminators
downloaded
Chrome Cache Entry: 159
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
Chrome Cache Entry: 160
ASCII text, with very long lines (1835)
downloaded
Chrome Cache Entry: 161
HTML document, ASCII text, with very long lines (1238)
downloaded
Chrome Cache Entry: 162
PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 163
Unicode text, UTF-8 text, with very long lines (65445)
dropped
Chrome Cache Entry: 164
Unicode text, UTF-8 text, with very long lines (65300), with CRLF line terminators
downloaded
Chrome Cache Entry: 165
JSON data
downloaded
Chrome Cache Entry: 166
ASCII text, with very long lines (64184)
dropped
Chrome Cache Entry: 167
ASCII text, with very long lines (6203)
downloaded
Chrome Cache Entry: 168
ASCII text, with very long lines (6203)
dropped
Chrome Cache Entry: 169
PNG image data, 52 x 40, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 170
ASCII text, with very long lines (64632), with CRLF line terminators
downloaded
Chrome Cache Entry: 171
PNG image data, 52 x 40, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 172
ASCII text, with very long lines (8422)
downloaded
Chrome Cache Entry: 173
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 174
ASCII text, with very long lines (8727), with no line terminators
dropped
Chrome Cache Entry: 175
JSON data
dropped
Chrome Cache Entry: 176
Unicode text, UTF-8 text, with CRLF line terminators
downloaded
Chrome Cache Entry: 177
ASCII text, with very long lines (361), with no line terminators
dropped
Chrome Cache Entry: 178
ASCII text, with very long lines (65294), with CRLF line terminators
downloaded
Chrome Cache Entry: 179
JSON data
dropped
Chrome Cache Entry: 180
ASCII text, with very long lines (2804)
downloaded
Chrome Cache Entry: 181
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 182
ASCII text, with very long lines (54049)
downloaded
Chrome Cache Entry: 183
PNG image data, 263 x 31, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 184
assembler source, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 185
ASCII text, with very long lines (25293)
downloaded
Chrome Cache Entry: 186
ASCII text, with very long lines (28287)
dropped
Chrome Cache Entry: 187
ASCII text, with very long lines (383)
dropped
Chrome Cache Entry: 188
ASCII text, with very long lines (61300)
downloaded
Chrome Cache Entry: 189
JSON data
downloaded
Chrome Cache Entry: 190
ASCII text, with very long lines (54049)
dropped
Chrome Cache Entry: 191
ASCII text, with very long lines (42815)
downloaded
Chrome Cache Entry: 192
HTML document, ASCII text, with very long lines (1238)
dropped
Chrome Cache Entry: 193
JSON data
downloaded
Chrome Cache Entry: 194
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 195
JSON data
downloaded
Chrome Cache Entry: 196
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
downloaded
There are 87 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 --field-trial-handle=2272,i,10880344811088556588,10724681239299619440,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://laimilano.powerappsportals.com/"

URLs

Name
IP
Malicious
https://laimilano.powerappsportals.com/
malicious
https://portalpowerfiles.top/xezwd/Wrgo8yjIWTUp7EVGqlkYvKhROFo0rgoitAcuU9A3BnMsSG6LbJE8ozSxdfzpqHXBloQF2gfe7mm3XeYN65LCL6yXlDnMkBnV4m1FzoH0JPa3sPw79iRabahcUKf5Zv1IPOGuZw2dtvCNMC4j0pexcQ/verify
malicious
https://portalpowerfiles.top/xezwd
malicious
https://portalpowerfiles.top/xezwd/
malicious
https://laimilano.powerappsportals.com/
malicious
https://content.powerapps.com/resource/powerappsportal/img/close.png
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/dist/pcf-extended.bundle-e303d53553.js
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/dist/bootstrap.BootstrapV5.bundle-be8391e97d.js
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/controls/host/867.0578a1c628.chunk.js
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/controls/host/90.24327273f1.chunk.js
13.107.246.63
http://www.datejs.com/
unknown
https://content.powerapps.com/resource/powerappsportal/dist/pcf-style.bundle-2659c6f064.css
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/dist/pwa-style.bundle-2739c60227.css
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/dist/preform.BootstrapV5.bundle-66ccebb849.css
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/controls/host/main.38f3cbbbdc.chunk.js
13.107.246.63
https://code.jquery.com/jquery-3.6.0.min.js
151.101.130.137
https://content.powerapps.com/resource/powerappsportal/controls/data_grid/manifest-1.1.31.json
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/controls/host/874.d64d28bc67.chunk.js
13.107.246.63
http://www.datejs.com/license/.
unknown
https://developer.mozilla.org/en-US/docs/Web/API/PerformanceObserver/PerformanceObserver
unknown
https://portalpowerfiles.top/xezwd/page/images/verify_code.png
104.21.22.164
http://jqueryui.com
unknown
http://medialize.github.io/URI.js
unknown
https://content.powerapps.com/resource/powerappsportal/controls/host/448.462407f435.chunk.js
13.107.246.63
https://png.pngtree.com/png-clipart/20220612/original/pngtree-pdf-file-icon-png-png-image_7965915.png
104.18.3.157
https://content.powerapps.com/resource/powerappsportal/controls/host/469.bc70744318.chunk.js
13.107.246.63
https://fontawesome.com/license/free
unknown
http://jqueryui.com/themeroller/?ffDefault=Verdana%2CArial%2Csans-serif&fwDefault=normal&fsDefault=1
unknown
https://fontawesome.com
unknown
https://content.powerapps.com/resource/powerappsportal/controls/pcf_controls/manifest-3.3.2.json
13.107.246.63
http://www.opensource.org/licenses/mit-license.php
unknown
https://github.com/twbs/bootstrap/graphs/contributors)
unknown
https://portalpowerfiles.top/xezwd/Wrgo8yjIWTUp7EVGqlkYvKhROFo0rgoitAcuU9A3BnMsSG6LbJE8ozSxdfzpqHXBloQF2gfe7mm3XeYN65LCL6yXlDnMkBnV4m1FzoH0JPa3sPw79iRabahcUKf5Zv1IPOGuZw2dtvCNMC4j0pexcQ/index
104.21.22.164
https://portalpowerfiles.top/xezwd/page/images/logo.png
104.21.22.164
https://content.powerapps.com/resource/powerappsportal/dist/preform.BootstrapV5.moment_2_29_4.bundle-cf8e0fd942.js
13.107.246.63
http://getbootstrap.com)
unknown
https://content.powerapps.com/resource/powerappsportal/controls/host/841.8a5182f1f0.chunk.js
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/controls/host/manifest-0.5.0.json
13.107.246.63
https://a.nel.cloudflare.com/report/v4?s=Ily1n0RRa1ZdQvNcbgWfasnvAqntPSxzhwf%2B6LmR5rbmAXfc%2BzTZZct%2B3Skr7JiSNwe7eBcCCEFqRyysFjS6by1lQttUB3jd5hWYL1DuTayK5WsoLgfTXdyDAAMV%2BWqQg9Yx3L3Y4Q%3D%3D
35.190.80.1
https://github.com/Eonasdan/bootstrap-datetimepicker/
unknown
https://underscorejs.org
unknown
https://portalpowerfiles.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
104.21.22.164
https://github.com/Microsoft/ApplicationInsights-JS#example-setting-cloud-role-name
unknown
http://www.coolite.com/).
unknown
https://content.powerapps.com/resource/powerappsportal/dist/font-awesome.BootstrapV5.bundle-2ce6efb497.css
13.107.246.63
https://portalpowerfiles.top/xezwd/page/images/verify_sms.png
104.21.22.164
https://content.powerapps.com/resource/powerappsportal/dist/app.BootstrapV5.bundle-5e253b544f.js
13.107.246.63
http://www.coolite.com/
unknown
https://content.powerapps.com/resource/powerappsportal/dist/default-1033.moment_2_29_4.bundle-eda4e638fd.js
13.107.246.63
https://portalpowerfiles.top/xezwd/page/images/verify_app.png
104.21.22.164
https://portalpowerfiles.top/xezwd/page/images/appnotif2.png
104.21.22.164
https://portalpowerfiles.top/xezwd/page/images/verify.png
104.21.22.164
http://timeago.yarp.com/
unknown
https://content.powerapps.com/resource/powerappsportal/controls/controls_fluent_v9/manifest-0.0.33.json
13.107.246.63
https://github.com/twbs/bootstrap/blob/main/LICENSE)
unknown
https://content.powerapps.com/resource/powerappsportal/controls/host/170.c9e6b9a6e9.chunk.js
13.107.246.63
http://malsup.com/jquery/form/
unknown
https://content.powerapps.com/resource/powerappsportal/dist/pcf-dependency.bundle-805a1661b7.js
13.107.246.63
https://developer.mozilla.org/en-US/docs/Web/API/PerformanceResourceTiming
unknown
https://content.powerapps.com/resource/powerappsportal/controls/mf_shared/manifest-0.2.10.json
13.107.246.63
https://portalpowerfiles.top/xezwd/page/styles/app.css
104.21.22.164
https://getbootstrap.com/)
unknown
https://portalpowerfiles.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.22.164
http://fb.me/use-check-prop-types
unknown
https://content.powerapps.com/resource/powerappsportal/dist/client-telemetry.bundle-c71b2e2d47.js
13.107.246.63
https://portalpowerfiles.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
104.21.22.164
https://content.powerapps.com/resource/powerappsportal/dist/pcf-loader.bundle-f4a0e619b8.js
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/controls/host/243.37970f022e.chunk.js
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/controls/pcf_loader/manifest-0.0.30.json
13.107.246.63
https://jquery.org/license
unknown
https://jquery.com/
unknown
https://github.com/gjunge/rateit.js
unknown
https://content.powerapps.com/resource/powerappsportal/dist/postpreform.BootstrapV5.bundle-11a5a91493.js
13.107.246.63
https://portalpowerfiles.top/cdn-cgi/challenge-platform/h/b/jsd/r/8f684fd4ceff42df
104.21.22.164
https://content.powerapps.com/resource/powerappsportal/controls/host/573.676281aef2.chunk.js
13.107.246.63
https://content.powerapps.com/resource/powerappsportal/dist/client-telemetry-wrapper.bundle-633e70f51b.js
13.107.246.63
https://github.com/twbs/bootstrap/blob/master/LICENSE)
unknown
https://portalpowerfiles.top/xezwd/page/images/info.png
104.21.22.164
https://fb.me/react-polyfills
unknown
https://github.com/malsup/form
unknown
https://content.powerapps.com/resource/powerappsportal/img/web.png
13.107.246.63
https://portalpowerfiles.top/xezwd/page/images/back.png
104.21.22.164
https://github.com/Eonasdan/bootstrap-datetimepicker
unknown
https://sizzlejs.com/
unknown
https://js.foundation/
unknown
https://content.powerapps.com/resource/powerappsportal/dist/pcf.bundle-9183da3d63.js
13.107.246.63
There are 75 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
portalpowerfiles.top
104.21.22.164
malicious
a.nel.cloudflare.com
35.190.80.1
png.pngtree.com
104.18.3.157
code.jquery.com
151.101.130.137
www.google.com
172.217.21.36
s-part-0035.t-0009.t-msedge.net
13.107.246.63
laimilano.powerappsportals.com
unknown
cdn.jsdelivr.net
unknown
content.powerapps.com
unknown

IPs

IP
Domain
Country
Malicious
104.21.22.164
portalpowerfiles.top
United States
malicious
192.168.2.4
unknown
unknown
151.101.130.137
code.jquery.com
United States
151.101.2.137
unknown
United States
239.255.255.250
unknown
Reserved
104.18.3.157
png.pngtree.com
United States
172.217.21.36
www.google.com
United States
35.190.80.1
a.nel.cloudflare.com
United States

DOM / HTML

URL
Malicious
https://laimilano.powerappsportals.com/
malicious
https://portalpowerfiles.top/xezwd/Wrgo8yjIWTUp7EVGqlkYvKhROFo0rgoitAcuU9A3BnMsSG6LbJE8ozSxdfzpqHXBloQF2gfe7mm3XeYN65LCL6yXlDnMkBnV4m1FzoH0JPa3sPw79iRabahcUKf5Zv1IPOGuZw2dtvCNMC4j0pexcQ/verify
malicious
https://portalpowerfiles.top/xezwd/Wrgo8yjIWTUp7EVGqlkYvKhROFo0rgoitAcuU9A3BnMsSG6LbJE8ozSxdfzpqHXBloQF2gfe7mm3XeYN65LCL6yXlDnMkBnV4m1FzoH0JPa3sPw79iRabahcUKf5Zv1IPOGuZw2dtvCNMC4j0pexcQ/verify
malicious
https://portalpowerfiles.top/xezwd
https://portalpowerfiles.top/xezwd
https://portalpowerfiles.top/xezwd/
https://portalpowerfiles.top/xezwd/
https://portalpowerfiles.top/xezwd/