Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Chrome Cache Entry: 35
|
ASCII text, with very long lines (391)
|
dropped
|
||
Chrome Cache Entry: 36
|
ASCII text, with very long lines (391)
|
downloaded
|
||
Chrome Cache Entry: 37
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
Chrome Cache Entry: 38
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
Chrome Cache Entry: 39
|
ASCII text, with very long lines (46786)
|
downloaded
|
||
Chrome Cache Entry: 40
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 41
|
ASCII text, with very long lines (5432), with no line terminators
|
downloaded
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1984,i,10690167938548330350,1584271508537821794,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=900&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Fyour-account%2Forder-summary.html%3Fie%3DUTF8%26orderID%3DD01-5896735-3043411"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=900&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Fyour-account%2Forder-summary.html%3Fie%3DUTF8%26orderID%3DD01-5896735-3043411
|
|||
http://jqueryui.com
|
unknown
|
||
https://m.media-amazon.com/images/S/sash/7eHlJ0EDZSYjbs0.gif)
|
unknown
|
||
https://m.media-amazon.com/images/S/sash/ydDD9hnRfziI$y7.png);width:34px;height:52px;outline:0
|
unknown
|
||
https://images-na.ssl-images-amazon.com/images/I/61dZRKtG0VL._RC%7C11Fd9tJOdtL.css,11tfezETfFL.css,31WoRZHct0L.css,31Hhzr7NyHL.css_.css?AUIClients/AmazonUI
|
151.101.1.16
|
||
https://m.media-amazon.com/images/S/sash/tRfJHOgYB6QY-yf.gif)
|
unknown
|
||
https://fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:145-3313656-3402638:A4JGTZS2S69RP9XV5ZQG$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DA4JGTZS2S69RP9XV5ZQG:0
|
34.231.25.159
|
||
https://www.amazon.com/ap/signin?_encoding=UTF8&accountStatusPolicy=P1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=900&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Fgp%2Fdigital%2Fyour-account%2Forder-summary.html%3Fie%3DUTF8%26orderID%3DD01-5896735-3043411
|
99.86.2.175
|
||
https://images-na.ssl-images-amazon.com/images/I/21cwI2AAWQL.css?AUIClients/CVFAssets
|
151.101.1.16
|
||
https://static.siege-amazon.com/prod/profiles/AuthenticationPortalSigninNA.js
|
18.239.83.11
|
||
https://images-na.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,51EK8BINbtL.css_.css?AUIClients/AuthenticationPortalAssets
|
151.101.1.16
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
static.siege-amazon.com
|
18.239.83.11
|
||
www.google.com
|
142.250.185.164
|
||
d3ag4hukkh62yn.cloudfront.net
|
99.86.2.175
|
||
media.amazon.map.fastly.net
|
151.101.1.16
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
endpoint.prod.us-east-1.forester.a2z.com
|
34.231.25.159
|
||
windowsupdatebg.s.llnwi.net
|
46.228.146.128
|
||
www.amazon.com
|
unknown
|
||
images-na.ssl-images-amazon.com
|
unknown
|
||
fls-na.amazon.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
99.86.2.175
|
d3ag4hukkh62yn.cloudfront.net
|
United States
|
||
151.101.1.16
|
media.amazon.map.fastly.net
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
18.239.83.11
|
static.siege-amazon.com
|
United States
|
||
142.250.185.164
|
www.google.com
|
United States
|
||
18.239.83.75
|
unknown
|
United States
|
||
34.231.25.159
|
endpoint.prod.us-east-1.forester.a2z.com
|
United States
|
||
52.207.153.116
|
unknown
|
United States
|