Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
ATT60255.HTM
|
HTML document, Unicode text, UTF-8 text, with very long lines (2363), with CRLF line terminators
|
initial sample
|
||
Chrome Cache Entry: 159
|
ASCII text, with very long lines (48316), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 160
|
ASCII text, with very long lines (45667)
|
downloaded
|
||
Chrome Cache Entry: 161
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 162
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 163
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 164
|
HTML document, ASCII text, with very long lines (65209), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 165
|
data
|
dropped
|
||
Chrome Cache Entry: 166
|
ASCII text, with very long lines (65447)
|
dropped
|
||
Chrome Cache Entry: 167
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 168
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 169
|
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
|
downloaded
|
||
Chrome Cache Entry: 170
|
ASCII text, with very long lines (10017)
|
downloaded
|
||
Chrome Cache Entry: 171
|
ASCII text, with very long lines (65451)
|
downloaded
|
||
Chrome Cache Entry: 172
|
ASCII text, with very long lines (45034)
|
downloaded
|
||
Chrome Cache Entry: 173
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 174
|
ASCII text, with very long lines (45034)
|
dropped
|
||
Chrome Cache Entry: 175
|
PNG image data, 86 x 73, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 176
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
Chrome Cache Entry: 177
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 178
|
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 179
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 180
|
ASCII text, with very long lines (23638), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 181
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 182
|
ASCII text, with very long lines (48316), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 183
|
data
|
downloaded
|
||
Chrome Cache Entry: 184
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 185
|
ASCII text, with very long lines (45667)
|
dropped
|
||
Chrome Cache Entry: 186
|
ASCII text, with very long lines (10450)
|
downloaded
|
||
Chrome Cache Entry: 187
|
very short file (no magic)
|
dropped
|
||
Chrome Cache Entry: 188
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 189
|
ASCII text, with very long lines (1434), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 190
|
Web Open Font Format, TrueType, length 36696, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 191
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 192
|
PNG image data, 86 x 73, 8-bit/color RGB, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 193
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 194
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 195
|
ASCII text, with very long lines (10017)
|
dropped
|
||
Chrome Cache Entry: 196
|
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 197
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 198
|
ASCII text, with very long lines (51734)
|
downloaded
|
||
Chrome Cache Entry: 199
|
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 200
|
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 201
|
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 202
|
Web Open Font Format, TrueType, length 35970, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 203
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 204
|
ASCII text, with very long lines (65451)
|
dropped
|
||
Chrome Cache Entry: 205
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 206
|
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 207
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 208
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 209
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 210
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 211
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 212
|
ASCII text, with very long lines (1434), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 213
|
very short file (no magic)
|
downloaded
|
||
Chrome Cache Entry: 214
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 215
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 216
|
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
|
downloaded
|
||
Chrome Cache Entry: 217
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 218
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 219
|
SVG Scalable Vector Graphics image
|
dropped
|
There are 52 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\ATT60255.HTM"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2452 --field-trial-handle=2320,i,10043383887662201719,1952149342407670854,262144
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://code.jquery.com/jquery-3.6.0.min.js
|
151.101.130.137
|
||
file:///C:/Users/user/Desktop/ATT60255.HTM#?em=natasha.hammond@lchs.com.au
|
|||
https://href.li/?https://KPL2.r04ar2.com/KPL2/?em=natasha.hammond@lchs.com.au
|
192.0.78.26
|
||
https://KPL2.r04ar2.com/KPL2/?em=natasha.hammond
|
unknown
|
||
https://kpl2.r04ar2.com/DSJKBRRSHVQKQNAYPHULNIARMPWNRQ72apgg8emy45ecxep2ox1c2zsodu5g?xltqgngmggtbsusyffglroeuadacufhsz3353779624593154474507208783787GEQB3HVF5MU7QFRI5NQBGGHV97QLOLQW
|
188.114.96.3
|
||
https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
|
13.33.187.68
|
||
https://kpl2.r04ar2.com/90BLxVXhpRTD45c1Cvst53
|
188.114.96.3
|
||
https://developers.google.com/recaptcha/docs/faq#localhost_support
|
unknown
|
||
https://kpl2.r04ar2.com/90e3UQoFnPZnefHhdNMQPyz73
|
188.114.96.3
|
||
https://support.google.com/recaptcha#6262736
|
unknown
|
||
https://kpl2.r04ar2.com/ijnd8sg6QezUuY8NkwAQx6Mva2UqiWIRuKitmhbhPvV0dW8953IaxnO5zyk4DAWXKxNh96jT7SddDXEWlab230
|
188.114.96.3
|
||
https://kpl2.r04ar2.com/wxHVaG32Jkcs0chiqe2Yu17gtGastmDvkLvL2DuF334122
|
188.114.96.3
|
||
https://support.google.com/recaptcha/?hl=en#6223828
|
unknown
|
||
https://kpl2.r04ar2.com/opKLYDT4iSj1EzadhEhDpI1lluB1YhaGl3mnNYoW0cvfRvYM2rnq8TyFW67136
|
188.114.96.3
|
||
https://cloud.google.com/contact
|
unknown
|
||
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
|
13.33.187.68
|
||
https://kpl2.r04ar2.com/12HMveiyHPabpIUo8913
|
188.114.96.3
|
||
https://github.com/fent)
|
unknown
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8b9f6497ee820fa4&lang=auto
|
104.18.94.41
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1155709742:1724793999:jZYsAJ5BQ_g2p6ZQyC6e2YcpgeQ98hmygX8r-9lG55k/8b9f6497ee820fa4/ec492f91dc9d6a6
|
104.18.94.41
|
||
https://kpl2.r04ar2.com/12Vj5xeItpngol5p78GsRYKIFop50
|
188.114.96.3
|
||
https://www.google.com/recaptcha/api.js
|
142.250.185.164
|
||
https://kpl2.r04ar2.com/xy7B16Rpqjcafef30
|
188.114.96.3
|
||
https://support.google.com/recaptcha/#6175971
|
unknown
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.18.94.41
|
||
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
|
104.18.94.41
|
||
https://www.google.com/recaptcha/api2/
|
unknown
|
||
https://support.google.com/recaptcha
|
unknown
|
||
https://kpl2.r04ar2.com/ghNzQHRb9jvqvVbqkpfSFV6klWOhd48QqGY5YO1FOv4o4ZFC6Ief204
|
188.114.96.3
|
||
https://kpl2.r04ar2.com/rsudZieQRPg934N9fbuv40
|
188.114.96.3
|
||
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
|
104.17.25.14
|
||
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
|
13.33.187.68
|
||
https://kpl2.r04ar2.com/34u2dqhNgiTTAmhQJRfAlijwjGO22rrieg8N89109
|
188.114.96.3
|
||
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
https://kpl2.r04ar2.com/45lL7KipMN4YrD89WlFkKCVxy70
|
188.114.96.3
|
||
https://recaptcha.net
|
unknown
|
||
https://kpl2.r04ar2.com/eflbaMIh8KvYQ56Fw0I2qKmn100
|
188.114.96.3
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8b9f6497ee820fa4/1724796641795/JJoPtCsZIVs8EyO
|
104.18.94.41
|
||
https://a.nel.cloudflare.com/report/v4?s=sIxc%2BZUUEOrNpQDWB9EM7I7KmFejegSrUZkqAmRHFxitgwVo5ALHeTjQ8lJXvTyvY0hx3XK79w4PAfrQpGB%2FeUnI%2BYYGnE14edccKFBWCZEFC1LyJAV9TiVnbge89w%3D%3D
|
35.190.80.1
|
||
https://kpl2.r04ar2.com/mnYZrvj92fDlYVB6kIIxHwk2kldgIYDnxxWUlq6qF78141
|
188.114.96.3
|
||
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
|
unknown
|
||
https://a.nel.cloudflare.com/report/v4?s=M%2B3Hwfm5URa0VIteODWMU8DrfSEvhq2TVdS8YuOi20LAechWtbpiyhuqmicuzV2Bgmk6g52Ft91M1q3K0Ga0TX76s19zPo9ucrgRAgL%2FcN5%2BeBG%2F84dvq1celzyB%2Bw%3D%3D
|
35.190.80.1
|
||
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
https://www.gstatic.c..?/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__.
|
unknown
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8b9f6497ee820fa4/1724796641793/1d41b0915d96664d4c421588daa101f93a8179105dc076a56dbf01d319f547c8/wIkiMbIg4-l0Z4N
|
104.18.94.41
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/idxkc/0x4AAAAAAAhuDbq9Zssi-YOu/auto/fbE/normal/auto/
|
104.18.94.41
|
||
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
|
unknown
|
||
https://nse.idwp.ru/srsldqgbwnlyknaiuilfjcyqoKGYnePGFJAVJGZCNGFCUJYLNOCYUZRFYFVSVVQBpqvHhnoPyzuWRNahuv40
|
104.21.67.3
|
||
https://cdn.socket.io/4.6.0/socket.io.min.js
|
13.227.219.40
|
||
https://kpl2.r04ar2.com/KPL2/?em=natasha.hammond@lchs.com.au
|
188.114.96.3
|
||
https://kpl2.r04ar2.com/opGHJkGaKvnTmNyFMzfZnzJcWrEqLJbZTjGMiH6wVdpvwstZXuhyaUJEfnge69Z5HGqTwYsoleWcuQeXcd239
|
188.114.96.3
|
||
https://get.geojs.io/v1/ip/geo.json
|
172.67.70.233
|
||
https://kpl2.r04ar2.com/apsDh9aBaVhYjUySTyaOt7dEJs5t
|
188.114.96.3
|
||
https://kpl2.r04ar2.com/yzv6APvxjrgntZxQ45HdaVBv4bb9NWKLthursnlZg6hH9j5QVqA9pJa5M90173
|
188.114.96.3
|
||
https://kpl2.r04ar2.com/opiCvib1OfbhHAtLAPQFkZJXG9XLLMrDTuv80Ycdhp7wkulvQ9LZaUjk5Jb8fief193
|
188.114.96.3
|
||
https://kpl2.r04ar2.com/lvytc1gAYeGHFHs4NJuMNMax70PlgNRGw39kizb
|
188.114.96.3
|
||
https://wox.dultzman.ru/yujumitzgvwdmelzinmewQxtLOYJNEVXSSDHIHSVCETCIEVPNERHTXNUMDDPXUKLBBLLJCZAYXXBKOEQPMAUCC
|
188.114.97.3
|
There are 47 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
href.li
|
192.0.78.26
|
||
code.jquery.com
|
151.101.130.137
|
||
a.nel.cloudflare.com
|
35.190.80.1
|
||
nse.idwp.ru
|
104.21.67.3
|
||
wox.dultzman.ru
|
188.114.97.3
|
||
github.com
|
140.82.121.3
|
||
kpl2.r04ar2.com
|
188.114.96.3
|
||
d2vgu95hoyrpkh.cloudfront.net
|
13.227.219.40
|
||
cdnjs.cloudflare.com
|
104.17.25.14
|
||
challenges.cloudflare.com
|
104.18.94.41
|
||
get.geojs.io
|
172.67.70.233
|
||
www.google.com
|
172.217.16.132
|
||
d19d360lklgih4.cloudfront.net
|
13.33.187.68
|
||
objects.githubusercontent.com
|
185.199.110.133
|
||
cdn.socket.io
|
unknown
|
||
ok4static.oktacdn.com
|
unknown
|
There are 6 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
151.101.130.137
|
code.jquery.com
|
United States
|
||
192.0.78.26
|
href.li
|
United States
|
||
104.21.67.3
|
nse.idwp.ru
|
United States
|
||
104.18.94.41
|
challenges.cloudflare.com
|
United States
|
||
104.26.1.100
|
unknown
|
United States
|
||
192.168.2.7
|
unknown
|
unknown
|
||
192.168.2.4
|
unknown
|
unknown
|
||
192.168.2.6
|
unknown
|
unknown
|
||
192.168.2.5
|
unknown
|
unknown
|
||
142.250.185.164
|
unknown
|
United States
|
||
18.245.31.5
|
unknown
|
United States
|
||
185.199.109.133
|
unknown
|
Netherlands
|
||
13.227.219.40
|
d2vgu95hoyrpkh.cloudfront.net
|
United States
|
||
151.101.66.137
|
unknown
|
United States
|
||
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
185.199.110.133
|
objects.githubusercontent.com
|
Netherlands
|
||
104.17.24.14
|
unknown
|
United States
|
||
65.9.86.56
|
unknown
|
United States
|
||
13.33.187.68
|
d19d360lklgih4.cloudfront.net
|
United States
|
||
140.82.121.3
|
github.com
|
United States
|
||
216.58.206.68
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
188.114.97.3
|
wox.dultzman.ru
|
European Union
|
||
188.114.96.3
|
kpl2.r04ar2.com
|
European Union
|
||
172.67.70.233
|
get.geojs.io
|
United States
|
||
172.217.16.132
|
www.google.com
|
United States
|
||
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
There are 17 hidden IPs, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
file:///C:/Users/user/Desktop/ATT60255.HTM#?em=natasha.hammond@lchs.com.au
|
||
file:///C:/Users/user/Desktop/ATT60255.HTM#?em=natasha.hammond@lchs.com.au
|
||
file:///C:/Users/user/Desktop/ATT60255.HTM#?em=natasha.hammond@lchs.com.au
|
||
file:///C:/Users/user/Desktop/ATT60255.HTM#?em=natasha.hammond@lchs.com.au
|
||
file:///C:/Users/user/Desktop/ATT60255.HTM#?em=natasha.hammond@lchs.com.au
|
||
file:///C:/Users/user/Desktop/ATT60255.HTM#?em=natasha.hammond@lchs.com.au
|
||
file:///C:/Users/user/Desktop/ATT60255.HTM#?em=natasha.hammond@lchs.com.au
|