IOC Report
https://12dec6c2-3c78-e425-b87e-b20197f5da10.powerappsportals.com/

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:03:27 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:03:27 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:03:27 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:03:27 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:03:27 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 129
JSON data
downloaded
Chrome Cache Entry: 131
JSON data
downloaded
Chrome Cache Entry: 132
Unicode text, UTF-8 text, with CRLF line terminators
downloaded
Chrome Cache Entry: 133
JSON data
dropped
Chrome Cache Entry: 134
JSON data
dropped
Chrome Cache Entry: 135
ASCII text, with very long lines (11766), with no line terminators
downloaded
Chrome Cache Entry: 140
ASCII text, with very long lines (39862)
downloaded
Chrome Cache Entry: 141
PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 144
ASCII text, with very long lines (394)
downloaded
Chrome Cache Entry: 146
ASCII text, with very long lines (32012)
downloaded
Chrome Cache Entry: 147
ASCII text, with very long lines (48395)
downloaded
Chrome Cache Entry: 148
ASCII text, with very long lines (1839)
downloaded
Chrome Cache Entry: 151
Web Open Font Format (Version 2), TrueType, length 150516, version 770.768
downloaded
Chrome Cache Entry: 152
gzip compressed data, max compression, from TOPS/20, original size modulo 2^32 101839
downloaded
Chrome Cache Entry: 153
assembler source, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 155
ASCII text, with very long lines (45034)
dropped
Chrome Cache Entry: 156
ASCII text, with very long lines (383)
downloaded
Chrome Cache Entry: 157
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 159
ASCII text, with very long lines (42815)
dropped
Chrome Cache Entry: 161
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 163
ASCII text, with very long lines (1991)
downloaded
Chrome Cache Entry: 164
ASCII text, with very long lines (1993)
dropped
Chrome Cache Entry: 166
JSON data
dropped
Chrome Cache Entry: 168
HTML document, Unicode text, UTF-8 text, with very long lines (864), with CRLF line terminators
downloaded
Chrome Cache Entry: 169
ASCII text, with very long lines (871)
downloaded
Chrome Cache Entry: 170
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 171
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 172
ASCII text, with very long lines (50758)
dropped
Chrome Cache Entry: 175
JSON data
dropped
Chrome Cache Entry: 176
ASCII text, with very long lines (7625)
downloaded
Chrome Cache Entry: 177
ASCII text, with very long lines (8056)
dropped
Chrome Cache Entry: 180
ASCII text, with very long lines (967)
downloaded
Chrome Cache Entry: 181
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 182
C++ source, ASCII text, with very long lines (8580)
dropped
Chrome Cache Entry: 183
ASCII text, with very long lines (47992), with no line terminators
dropped
Chrome Cache Entry: 184
ASCII text, with very long lines (65393), with CRLF line terminators
dropped
Chrome Cache Entry: 185
ASCII text, with very long lines (25293)
dropped
Chrome Cache Entry: 187
Unicode text, UTF-8 text, with very long lines (65300), with CRLF line terminators
downloaded
Chrome Cache Entry: 189
ASCII text, with very long lines (19015)
downloaded
Chrome Cache Entry: 190
Unicode text, UTF-8 text, with very long lines (61934), with no line terminators
downloaded
Chrome Cache Entry: 194
ASCII text, with very long lines (540), with no line terminators
downloaded
Chrome Cache Entry: 195
ASCII text, with very long lines (64184)
downloaded
Chrome Cache Entry: 196
gzip compressed data, max compression, from TOPS/20, original size modulo 2^32 115300
downloaded
Chrome Cache Entry: 197
PNG image data, 225 x 225, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 200
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
Chrome Cache Entry: 204
PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 206
HTML document, ASCII text, with very long lines (445), with CRLF line terminators
dropped
Chrome Cache Entry: 208
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 209
Unicode text, UTF-8 text, with very long lines (65445)
dropped
Chrome Cache Entry: 212
ASCII text, with very long lines (6203)
downloaded
Chrome Cache Entry: 214
JSON data
downloaded
Chrome Cache Entry: 217
ASCII text, with very long lines (32065)
downloaded
Chrome Cache Entry: 219
ASCII text, with very long lines (361), with no line terminators
dropped
Chrome Cache Entry: 220
ASCII text, with very long lines (65294), with CRLF line terminators
downloaded
Chrome Cache Entry: 229
ASCII text, with very long lines (48664)
downloaded
Chrome Cache Entry: 231
ASCII text, with very long lines (61300)
downloaded
Chrome Cache Entry: 232
ASCII text, with very long lines (54049)
dropped
Chrome Cache Entry: 234
PNG image data, 28 x 23, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 235
ASCII text, with very long lines (28287)
downloaded
Chrome Cache Entry: 236
ASCII text, with very long lines (8178)
dropped
Chrome Cache Entry: 237
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
downloaded
There are 58 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://12dec6c2-3c78-e425-b87e-b20197f5da10.powerappsportals.com/
malicious
https://12dec6c2-3c78-e425-b87e-b20197f5da10.powerappsportals.com/
malicious
https://dashboard-home-mysharepoint.com/#test@test.com
malicious

Domains

Name
IP
Malicious
stackpath.bootstrapcdn.com
104.18.11.207
jsdelivr.map.fastly.net
151.101.193.229
dual-spo-0005.spo-msedge.net
13.107.136.10
bizblitzed.com.de
188.114.96.3
a.nel.cloudflare.com
35.190.80.1
mira-ssc.tm-4.office.com
52.107.243.88
maxcdn.bootstrapcdn.com
104.18.10.207
code.jquery.com
151.101.66.137
dashboard-home-mysharepoint.com
104.21.20.188
cdnjs.cloudflare.com
104.17.24.14
challenges.cloudflare.com
104.18.95.41
www.google.com
142.250.9.99
s-part-0032.t-0009.t-msedge.net
13.107.246.60
superyachtstbarth.sharepoint.com
unknown
cdn.jsdelivr.net
unknown
12dec6c2-3c78-e425-b87e-b20197f5da10.powerappsportals.com
unknown
content.powerapps.com
unknown
There are 7 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
142.250.186.46
unknown
United States
104.18.10.207
maxcdn.bootstrapcdn.com
United States
13.107.136.10
dual-spo-0005.spo-msedge.net
United States
74.125.21.95
unknown
United States
151.101.193.229
jsdelivr.map.fastly.net
United States
172.217.18.14
unknown
United States
192.168.2.17
unknown
unknown
13.107.246.60
s-part-0032.t-0009.t-msedge.net
United States
52.107.243.88
mira-ssc.tm-4.office.com
United States
172.67.194.19
unknown
United States
151.101.66.137
code.jquery.com
United States
151.101.194.137
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
172.217.18.10
unknown
United States
142.250.9.99
www.google.com
United States
23.38.98.96
unknown
United States
66.102.1.84
unknown
United States
216.58.212.170
unknown
United States
142.250.184.195
unknown
United States
104.17.24.14
cdnjs.cloudflare.com
United States
151.101.1.229
unknown
United States
1.1.1.1
unknown
Australia
142.250.186.163
unknown
United States
104.18.95.41
challenges.cloudflare.com
United States
216.58.206.46
unknown
United States
104.18.11.207
stackpath.bootstrapcdn.com
United States
151.101.2.137
unknown
United States
20.189.173.25
unknown
United States
239.255.255.250
unknown
Reserved
64.233.177.100
unknown
United States
188.114.96.3
bizblitzed.com.de
European Union
20.119.128.8
unknown
United States
104.21.20.188
dashboard-home-mysharepoint.com
United States
There are 23 hidden IPs, click here to show them.