Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 14:47:51 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 14:47:51 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 14:47:51 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 14:47:51 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 14:47:51 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 64
|
ASCII text, with very long lines (3114)
|
downloaded
|
||
Chrome Cache Entry: 65
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x64, components
3
|
downloaded
|
||
Chrome Cache Entry: 66
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x44, components
3
|
downloaded
|
||
Chrome Cache Entry: 67
|
ASCII text, with very long lines (609)
|
downloaded
|
||
Chrome Cache Entry: 68
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components
3
|
downloaded
|
||
Chrome Cache Entry: 69
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components
3
|
downloaded
|
||
Chrome Cache Entry: 70
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components
3
|
downloaded
|
||
Chrome Cache Entry: 71
|
ASCII text, with very long lines (935)
|
downloaded
|
||
Chrome Cache Entry: 72
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 73
|
ASCII text, with very long lines (2045)
|
downloaded
|
||
Chrome Cache Entry: 74
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian,
direntries=4, description=OLYMPUS DIGITAL CAMERA, software=Google], baseline, precision 8, 92x92, components 3
|
downloaded
|
||
Chrome Cache Entry: 75
|
ASCII text, with very long lines (799)
|
downloaded
|
||
Chrome Cache Entry: 76
|
ASCII text, with very long lines (630)
|
downloaded
|
||
Chrome Cache Entry: 77
|
ASCII text, with very long lines (547)
|
downloaded
|
||
Chrome Cache Entry: 78
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components
3
|
downloaded
|
||
Chrome Cache Entry: 79
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x58, components
3
|
downloaded
|
||
Chrome Cache Entry: 80
|
XML 1.0 document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 81
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components
3
|
downloaded
|
||
Chrome Cache Entry: 82
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x35, components
3
|
downloaded
|
||
Chrome Cache Entry: 83
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 84
|
ASCII text, with very long lines (363)
|
downloaded
|
||
Chrome Cache Entry: 85
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 86
|
ASCII text, with very long lines (1617)
|
downloaded
|
||
Chrome Cache Entry: 87
|
PNG image data, 64 x 42, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 88
|
ASCII text, with very long lines (362)
|
downloaded
|
||
Chrome Cache Entry: 89
|
PNG image data, 64 x 27, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 90
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 91
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components
3
|
downloaded
|
||
Chrome Cache Entry: 92
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 93
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 94
|
XML 1.0 document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 95
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components
3
|
downloaded
|
||
Chrome Cache Entry: 96
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x36, components
3
|
downloaded
|
||
Chrome Cache Entry: 97
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components
3
|
downloaded
|
There are 31 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://d3k0gij77b1jti.cloudfront.net/
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1928,i,11253576738177546024,6209397194130133784,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://d3k0gij77b1jti.cloudfront.net
|
|||
https://pb-logs.media.net/
|
|||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23.82&oit=4&cp=5&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23.82.12.&oit=4&cp=9&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23%3A82%3A&oit=4&cp=6&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23&oit=4&cp=2&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80n&oit=1&cp=6&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd8&oit=1&cp=4&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-&oit=1&cp=3&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://23.82.12.31:443/
|
23.82.12.31
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23%3A82%3A12%3A&oit=4&cp=9&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb&oit=1&cp=2&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs.med&oit=3&cp=11&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23.&oit=4&cp=3&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs.media&oit=3&cp=13&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80n7apv&oit=1&cp=10&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80n7apv.bea&oit=1&cp=14&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://esd80n7apv.beauty/
|
|||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs&oit=1&cp=7&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs.m&oit=1&cp=9&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs.medi&oit=1&cp=12&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80&oit=1&cp=5&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs.me&oit=3&cp=10&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80n7apv.be&oit=3&cp=13&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs.media.&oit=3&cp=14&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://lh5.googleusercontent.com/p/AF1QipM1AF06CxaMLr3ogY34t4eZnkQ0EgX3PGYL8Iua=w92-h92-n-k-no
|
172.217.23.97
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs.&oit=1&cp=8&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs.media.n&oit=1&cp=15&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=pb-logs.media.net&oit=3&cp=17&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80n7apv.beau&oit=1&cp=15&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80n7apv.b&oit=1&cp=12&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23%3A&oit=4&cp=3&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80n7ap&oit=1&cp=9&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd&oit=1&cp=3&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://d3k0gij77b1jti.cloudfront.net/favicon.ico
|
13.32.118.214
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80n7a&oit=1&cp=8&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=esd80n7apv.beauty&oit=3&cp=17&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23.8&oit=4&cp=4&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23.82.12&oit=4&cp=8&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=23.82.12.31&oit=3&cp=11&pgcl=4&gs_rn=42&psi=62JYTPuu1jgnXuqn&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
172.217.23.100
|
||
https://d3k0gij77b1jti.cloudfront.net/
|
13.32.118.214
|
There are 31 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
d3k0gij77b1jti.cloudfront.net
|
13.32.118.214
|
||
www.google.com
|
172.217.23.100
|
||
esd80n7apv.beauty
|
34.197.100.133
|
||
googlehosted.l.googleusercontent.com
|
172.217.23.97
|
||
lh5.googleusercontent.com
|
unknown
|
||
pb-logs.media.net
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
13.32.118.214
|
d3k0gij77b1jti.cloudfront.net
|
United States
|
||
192.168.2.17
|
unknown
|
unknown
|
||
172.217.23.97
|
googlehosted.l.googleusercontent.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
172.217.23.100
|
www.google.com
|
United States
|
||
142.250.186.100
|
unknown
|
United States
|
||
34.197.100.133
|
esd80n7apv.beauty
|
United States
|
||
23.82.12.31
|
unknown
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://esd80n7apv.beauty/
|
||
https://pb-logs.media.net/
|