Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Chrome Cache Entry: 42
|
very short file (no magic)
|
downloaded
|
||
Chrome Cache Entry: 43
|
HTML document, ASCII text
|
downloaded
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2564 --field-trial-handle=2336,i,26614888388893994,4439860193939050144,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://emp.eduyield.com/el?aid=2ekidda0e6c-1865-11ef-80aa-0217a07992df&rid=33766156&pid=771868&cid=497&dest=google.com.////amp/s/megashopmedellin.com/kaku/z8xvf/captcha/aW5mb0Bud2NvbXMuY29t"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://emp.eduyield.com/el?aid=2ekidda0e6c-1865-11ef-80aa-0217a07992df&rid=33766156&pid=771868&cid=497&dest=google.com.////amp/s/megashopmedellin.com/kaku/z8xvf/captcha/aW5mb0Bud2NvbXMuY29t
|
|||
https://google.com/amp/s/megashopmedellin.com/kaku/z8xvf/captcha/aW5mb0Bud2NvbXMuY29t
|
142.250.181.238
|
||
https://elvisgroup.com/n/?c3Y9bzM2NV8xX3ZvaWNlJnJhbmQ9U21GRWVqWT0mdWlkPVVTRVIyOTA3MjAyNFUyNjA3MjkxMQ=
|
148.163.69.161
|
||
https://megashopmedellin.com/kaku/z8xvf/captcha/aW5mb0Bud2NvbXMuY29t
|
|||
https://elvisgroup.com/n/?c3Y9bzM2NV8xX3ZvaWNlJnJhbmQ9U21GRWVqWT0mdWlkPVVTRVIyOTA3MjAyNFUyNjA3MjkxMQ=#info@nwcoms.com
|
|||
https://megashopmedellin.com/favicon.ico
|
107.182.225.19
|
||
https://elvisgroup.com/favicon.ico
|
148.163.69.161
|
||
https://google.com.////amp/s/megashopmedellin.com/kaku/z8xvf/captcha/aW5mb0Bud2NvbXMuY29t
|
142.250.186.46
|
||
https://www.google.com/amp/s/megashopmedellin.com/kaku/z8xvf/captcha/aW5mb0Bud2NvbXMuY29t
|
142.250.186.164
|
||
https://emp.eduyield.com/el?aid=2ekidda0e6c-1865-11ef-80aa-0217a07992df&rid=33766156&pid=771868&cid=497&dest=google.com.////amp/s/megashopmedellin.com/kaku/z8xvf/captcha/aW5mb0Bud2NvbXMuY29t
|
3.211.51.78
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
google.com
|
142.250.184.206
|
||
emp.eduyield.com
|
3.211.51.78
|
||
elvisgroup.com
|
148.163.69.161
|
||
www.google.com
|
142.250.186.164
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
megashopmedellin.com
|
107.182.225.19
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
142.250.186.46
|
unknown
|
United States
|
||
148.163.69.161
|
elvisgroup.com
|
United States
|
||
107.182.225.19
|
megashopmedellin.com
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
142.250.181.238
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
3.211.51.78
|
emp.eduyield.com
|
United States
|
||
142.250.186.164
|
www.google.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://megashopmedellin.com/kaku/z8xvf/captcha/aW5mb0Bud2NvbXMuY29t
|
||
https://elvisgroup.com/n/?c3Y9bzM2NV8xX3ZvaWNlJnJhbmQ9U21GRWVqWT0mdWlkPVVTRVIyOTA3MjAyNFUyNjA3MjkxMQ=#info@nwcoms.com
|