IOC Report
https://app.graphiteconnect.com/signup?invite=N4IgpgtghglgNiAXCAMgTwHYYHQBUwD2AAnDAI4CuMAJjAC5oDOYATgG4wDGYj2nBEEABoQGKBDBJUmDAAJ8BYeAx16aAHLjJyAJIqwCEcwzVWmiVPUEWUWQDECFOgC8lGMAHdz21OSq0GWQBlVg5uRlkACgAJAgwAc1kAaTj4gEpZFBgIejBqJRgMDjowXAIAazAMKTA0ACkACwAjAHFOGAB5GDqdAFVnHQBGdRgdRj0AJQBWTgBhHQA2HXKA

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:32:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:32:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:32:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:32:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:32:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 141
ASCII text, with very long lines (48464)
downloaded
Chrome Cache Entry: 142
JSON data
downloaded
Chrome Cache Entry: 143
ASCII text, with very long lines (19948), with no line terminators
dropped
Chrome Cache Entry: 144
ASCII text
downloaded
Chrome Cache Entry: 145
JSON data
dropped
Chrome Cache Entry: 146
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 147
ASCII text, with very long lines (3222)
dropped
Chrome Cache Entry: 148
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 149
ASCII text, with very long lines (19948), with no line terminators
downloaded
Chrome Cache Entry: 150
ASCII text, with very long lines (3222)
downloaded
There are 7 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1988,i,9983116235666285936,3557895650930081653,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.graphiteconnect.com/signup?invite=N4IgpgtghglgNiAXCAMgTwHYYHQBUwD2AAnDAI4CuMAJjAC5oDOYATgG4wDGYj2nBEEABoQGKBDBJUmDAAJ8BYeAx16aAHLjJyAJIqwCEcwzVWmiVPUEWUWQDECFOgC8lGMAHdz21OSq0GWQBlVg5uRlkACgAJAgwAc1kAaTj4gEpZFBgIejBqJRgMDjowXAIAazAMKTA0ACkACwAjAHFOGAB5GDqdAFVnHQBGdRgdRj0AJQBWTgBhHQA2HXKABwANADVZuoBObFq6uCaMCZXqaLg6gC15pYArAE1hgBEARRfegAYru-iph4ATHVyupnBM4FdngBBDwPO4NGA3MY6CDqNhNCBTOAPADMpyaAKm11uOkeL3e6meXx+f0BwNB4MhMLhDRBQWREA2dAeAHU4OM7gQYE0LhQmjApt8eTsoa04AAPah88pQNbTTgAjZoagQOB3K5rACyFEBOzoOhgHi4nMVPI2zmoLTgFCunw2FEdcE+YF6cHKpKF6juUIALB0eb1YbhOM5Dc8GtieQBRb7PTgeDrPQ3OK48h4hi1WqA8uyfAPy0E6eWZ15TOMPDwobYrTg4w2dbrOKCaxgGiZsdq7PANHaGqEPOtQKY8gBm5QACg9DQsAEI7RhBKFQMB5KEYKFJFgynmGgC0Vzo1GezyanCUVVUDCkCymIZDr9fM4AHDtOE1qAA7CGeSfJ8TRfv+IAAL5AA"

URLs

Name
IP
Malicious
https://app.graphiteconnect.com/signup?invite=N4IgpgtghglgNiAXCAMgTwHYYHQBUwD2AAnDAI4CuMAJjAC5oDOYATgG4wDGYj2nBEEABoQGKBDBJUmDAAJ8BYeAx16aAHLjJyAJIqwCEcwzVWmiVPUEWUWQDECFOgC8lGMAHdz21OSq0GWQBlVg5uRlkACgAJAgwAc1kAaTj4gEpZFBgIejBqJRgMDjowXAIAazAMKTA0ACkACwAjAHFOGAB5GDqdAFVnHQBGdRgdRj0AJQBWTgBhHQA2HXKABwANADVZuoBObFq6uCaMCZXqaLg6gC15pYArAE1hgBEARRfegAYru-iph4ATHVyupnBM4FdngBBDwPO4NGA3MY6CDqNhNCBTOAPADMpyaAKm11uOkeL3e6meXx+f0BwNB4MhMLhDRBQWREA2dAeAHU4OM7gQYE0LhQmjApt8eTsoa04AAPah88pQNbTTgAjZoagQOB3K5rACyFEBOzoOhgHi4nMVPI2zmoLTgFCunw2FEdcE+YF6cHKpKF6juUIALB0eb1YbhOM5Dc8GtieQBRb7PTgeDrPQ3OK48h4hi1WqA8uyfAPy0E6eWZ15TOMPDwobYrTg4w2dbrOKCaxgGiZsdq7PANHaGqEPOtQKY8gBm5QACg9DQsAEI7RhBKFQMB5KEYKFJFgynmGgC0Vzo1GezyanCUVVUDCkCymIZDr9fM4AHDtOE1qAA7CGeSfJ8TRfv+IAAL5AA
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
104.16.80.73
https://stats.g.doubleclick.net/g/collect
unknown
https://app.graphiteconnect.com/assets/Note-9148f138.js
104.22.52.99
https://app.graphiteconnect.com/assets/index-548aef63.js
104.22.52.99
https://app.graphiteconnect.com/assets/badge-972ec911.js
104.22.52.99
https://app.graphiteconnect.com/assets/RiskScoreLabel-1dcd9646.js
104.22.52.99
https://app.graphiteconnect.com/assets/SignUp-260d5828.css
104.22.52.99
https://app.graphiteconnect.com/assets/SimplePagination-469b6bd8.js
104.22.52.99
https://app.graphiteconnect.com/assets/dowjones-8c12f29b.js
104.22.52.99
https://app.graphiteconnect.com/assets/ViewAddressAnswer-89b5528c.css
104.22.52.99
https://app.graphiteconnect.com/assets/LineClamp-1e86b013.js
104.22.52.99
https://app.graphiteconnect.com/assets/CompanyNameWithPopover.vue_vue_type_script_setup_true_lang-747a64b2.js
104.22.52.99
https://app.graphiteconnect.com/api/env
104.22.52.99
https://app.graphiteconnect.com/assets/ClickToCopyWrap.vue_vue_type_style_index_0_lang-c8c0aab5.js
104.22.52.99
https://app.graphiteconnect.com/assets/RiskScoreLabel-18eb7b4c.css
104.22.52.99
https://app.graphiteconnect.com/assets/index-1043fc5d.js
104.22.52.99
https://app.graphiteconnect.com/assets/index-96cea874.js
104.22.52.99
https://app.graphiteconnect.com/assets/IdAuthVerify-16019ef7.js
104.22.52.99
https://fontawesome.com
unknown
https://www.google.com
unknown
https://www.youtube.com/iframe_api
unknown
https://app.graphiteconnect.com/assets/StaticMap.vue_vue_type_script_setup_true_lang-07863839.js
104.22.52.99
https://app.graphiteconnect.com/assets/injections-f0e74dfa.js
104.22.52.99
https://app.graphiteconnect.com/assets/public-a667c5af.css
104.22.52.99
https://app.graphiteconnect.com/version.json
104.22.52.99
https://app.graphiteconnect.com/assets/SideRail-55dd7d00.css
104.22.52.99
https://app.graphiteconnect.com/assets/ConnectionStatus-d5ef6a30.js
104.22.52.99
https://app.graphiteconnect.com/assets/TwoFactorAuthCodeWarning-9736c7b7.js
104.22.52.99
https://app.graphiteconnect.com/assets/index-f4486a1d.js
104.22.52.99
https://app.graphiteconnect.com/assets/overlaypanel.esm-894c05e1.js
104.22.52.99
https://app.graphiteconnect.com/assets/ResponderUploader-81d561fc.css
104.22.52.99
https://app.graphiteconnect.com/assets/IdAuthVerify-15ea2f7b.css
104.22.52.99
https://app.graphiteconnect.com/assets/LineClamp-d4f5413f.css
104.22.52.99
https://app.graphiteconnect.com/assets/SimpleAddress.vue_vue_type_script_setup_true_lang-6292564d.js
104.22.52.99
https://app.graphiteconnect.com/assets/ViewAddressAnswer-08c8842a.js
104.22.52.99
https://app.graphiteconnect.com/assets/MenuWrapper-7859783f.css
104.22.52.99
https://app.graphiteconnect.com/assets/PhoneNumberInput-4037993a.js
104.22.52.99
https://app.graphiteconnect.com/assets/Avatar-71769b12.css
104.22.52.99
https://o211640.ingest.sentry.io/api/1337294/envelope/?sentry_key=8afca619c1994bec83baa5fb7ad26a23&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.102.0
34.120.195.249
https://app.graphiteconnect.com/assets/Locked-76b06db1.css
104.22.52.99
https://app.graphiteconnect.com/assets/bitsight-688e4026.js
104.22.52.99
https://app.graphiteconnect.com/assets/Avatar-720058a4.js
104.22.52.99
https://app.graphiteconnect.com/assets/permissionUtils-dd1ddde8.js
104.22.52.99
https://app.graphiteconnect.com/assets/ActionIconHorizontal-62538c8b.js
104.22.52.99
https://app.graphiteconnect.com/assets/NavDropdown-70bbe151.js
104.22.52.99
https://app.graphiteconnect.com/assets/ConnectionStatus-b53d5da2.css
104.22.52.99
https://app.graphiteconnect.com/assets/public-29d05e7b.js
104.22.52.99
https://app.graphiteconnect.com/assets/injections-3c2013b0.js
104.22.52.99
https://app.graphiteconnect.com/assets/SimplePagination-fa66eae5.css
104.22.52.99
https://app.graphiteconnect.com/assets/QuestionTree.vue_vue_type_style_index_0_lang-3941ad00.js
104.22.52.99
https://app.graphiteconnect.com/assets/QuestionTree-d85bf4c7.css
104.22.52.99
https://app.graphiteconnect.com/assets/ViewStringAnswer-b1c396e3.css
104.22.52.99
https://app.graphiteconnect.com/assets/inputgroup.esm-140c7742.js
104.22.52.99
https://app.graphiteconnect.com/assets/ResponderUploader-b0c41d5d.js
104.22.52.99
https://app.graphiteconnect.com/assets/index-91d9e13e.js
104.22.52.99
https://portal.rapidratings.com
unknown
https://app.graphiteconnect.com/assets/TaskTable-55d9cbef.css
104.22.52.99
https://app.graphiteconnect.com/assets/QuestionMarkTip-da22ad7a.css
104.22.52.99
https://app.graphiteconnect.com/assets/AuthHeader-45fa5100.js
104.22.52.99
https://app.graphiteconnect.com/assets/DrawerModal-bd23d723.css
104.22.52.99
https://app.graphiteconnect.com/assets/ActionsMixin-7f7ccca7.js
104.22.52.99
https://app.graphiteconnect.com/assets/ChatMessages-4e02eb6a.css
104.22.52.99
https://app.graphiteconnect.com/assets/ViewStringAnswer-5510c36f.js
104.22.52.99
https://cct.google/taggy/agent.js
unknown
https://app.graphiteconnect.com/assets/NavDropdown-8bde686e.css
104.22.52.99
https://app.graphiteconnect.com/assets/TopicAssign-8e94a373.js
104.22.52.99
https://app.graphiteconnect.com/assets/NavDropdownItem-599373f2.css
104.22.52.99
https://app.graphiteconnect.com/assets/index-6e5b5536.js
104.22.52.99
https://app.graphiteconnect.com/assets/search-2980a589.js
104.22.52.99
https://app.graphiteconnect.com/assets/form-7515682a.js
104.22.52.99
https://app.graphiteconnect.com/api/users/check
104.22.52.99
https://app.graphiteconnect.com/assets/LocalLoader-e961589e.css
104.22.52.99
https://app.graphiteconnect.com/assets/NavDropdownItem-b0f92c70.js
104.22.52.99
https://app.graphiteconnect.com/assets/SignUp-482469a1.js
104.22.52.99
https://app.graphiteconnect.com/assets/TopicAssign-4b945871.css
104.22.52.99
https://app.graphiteconnect.com/assets/TextInput-44a1b148.js
104.22.52.99
https://app.graphiteconnect.com/assets/urlFormatter-27ea1d8f.js
104.22.52.99
https://app.graphiteconnect.com/assets/MarkdownText-d0576d04.css
104.22.52.99
https://app.graphiteconnect.com/assets/invite-13559288.js
104.22.52.99
https://app.graphiteconnect.com/assets/findIndex-e9521eb5.js
104.22.52.99
http://www.imagemagick.org
unknown
https://app.graphiteconnect.com/assets/g_header_logo-f102a625.js
104.22.52.99
https://app.graphiteconnect.com/assets/SideRail-48020e68.js
104.22.52.99
https://app.graphiteconnect.com/assets/Locked-ec4c97ea.js
104.22.52.99
https://app.graphiteconnect.com/assets/http-10b8de61.js
104.22.52.99
https://app.graphiteconnect.com/assets/style-a970d2e8.css
104.22.52.99
https://app.graphiteconnect.com/assets/addresses-c79c3ed4.js
104.22.52.99
https://app.graphiteconnect.com/assets/index-431ae14f.js
104.22.52.99
https://app.graphiteconnect.com/assets/ActionIcon-b880af0d.js
104.22.52.99
https://app.graphiteconnect.com/assets/GraphiteTabs-6cc5bdac.css
104.22.52.99
https://app.graphiteconnect.com/assets/DrawerModal.vue_vue_type_style_index_0_lang-17a25b00.js
104.22.52.99
https://app.graphiteconnect.com/assets/moment-9fda8318.js
104.22.52.99
https://app.graphiteconnect.com/assets/style-0a811df5.js
104.22.52.99
https://app.graphiteconnect.com/assets/ChatMessages-593ae6b3.js
104.22.52.99
https://fontawesome.com/license/free
unknown
https://app.graphiteconnect.com/static/favicon-32x32.png
104.22.52.99
https://app.graphiteconnect.com/assets/ContactGraphiteSupport-8d411cc7.css
104.22.52.99
https://app.graphiteconnect.com/assets/Badge-b3179b8e.js
104.22.52.99
https://app.graphiteconnect.com/assets/Template-954866aa.css
104.22.52.99
https://app.graphiteconnect.com/assets/ActionIcon-c3817a37.css
104.22.52.99
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.210.172
o211640.ingest.sentry.io
34.120.195.249
static.cloudflareinsights.com
104.16.80.73
www.google.com
172.217.16.132
app.graphiteconnect.com
104.22.52.99
fp2e7a.wpc.phicdn.net
192.229.221.95
use.fontawesome.com
unknown

IPs

IP
Domain
Country
Malicious
104.16.80.73
static.cloudflareinsights.com
United States
192.168.2.5
unknown
unknown
104.22.52.99
app.graphiteconnect.com
United States
239.255.255.250
unknown
Reserved
34.120.195.249
o211640.ingest.sentry.io
United States
172.217.16.132
www.google.com
United States

DOM / HTML

URL
Malicious
https://app.graphiteconnect.com/signup?invite=N4IgpgtghglgNiAXCAMgTwHYYHQBUwD2AAnDAI4CuMAJjAC5oDOYATgG4wDGYj2nBEEABoQGKBDBJUmDAAJ8BYeAx16aAHLjJyAJIqwCEcwzVWmiVPUEWUWQDECFOgC8lGMAHdz21OSq0GWQBlVg5uRlkACgAJAgwAc1kAaTj4gEpZFBgIejBqJRgMDjowXAIAazAMKTA0ACkACwAjAHFOGAB5GDqdAFVnHQBGdRgdRj0AJQBWTgBhHQA2HXKABwANADVZuoBObFq6uCaMCZXqaLg6gC15pYArAE1hgBEARRfegAYru-iph4ATHVyupnBM4FdngBBDwPO4NGA3MY6CDqNhNCBTOAPADMpyaAKm11uOkeL3e6meXx+f0BwNB4MhMLhDRBQWREA2dAeAHU4OM7gQYE0LhQmjApt8eTsoa04AAPah88pQNbTTgAjZoagQOB3K5rACyFEBOzoOhgHi4nMVPI2zmoLTgFCunw2FEdcE+YF6cHKpKF6juUIALB0eb1YbhOM5Dc8GtieQBRb7PTgeDrPQ3OK48h4hi1WqA8uyfAPy0E6eWZ15TOMPDwobYrTg4w2dbrOKCaxgGiZsdq7PANHaGqEPOtQKY8gBm5QACg9DQsAEI7RhBKFQMB5KEYKFJFgynmGgC0Vzo1GezyanCUVVUDCkCymIZDr9fM4AHDtOE1qAA7CGeSfJ8TRfv+IAAL5AA
https://app.graphiteconnect.com/signup?invite=N4IgpgtghglgNiAXCAMgTwHYYHQBUwD2AAnDAI4CuMAJjAC5oDOYATgG4wDGYj2nBEEABoQGKBDBJUmDAAJ8BYeAx16aAHLjJyAJIqwCEcwzVWmiVPUEWUWQDECFOgC8lGMAHdz21OSq0GWQBlVg5uRlkACgAJAgwAc1kAaTj4gEpZFBgIejBqJRgMDjowXAIAazAMKTA0ACkACwAjAHFOGAB5GDqdAFVnHQBGdRgdRj0AJQBWTgBhHQA2HXKABwANADVZuoBObFq6uCaMCZXqaLg6gC15pYArAE1hgBEARRfegAYru-iph4ATHVyupnBM4FdngBBDwPO4NGA3MY6CDqNhNCBTOAPADMpyaAKm11uOkeL3e6meXx+f0BwNB4MhMLhDRBQWREA2dAeAHU4OM7gQYE0LhQmjApt8eTsoa04AAPah88pQNbTTgAjZoagQOB3K5rACyFEBOzoOhgHi4nMVPI2zmoLTgFCunw2FEdcE+YF6cHKpKF6juUIALB0eb1YbhOM5Dc8GtieQBRb7PTgeDrPQ3OK48h4hi1WqA8uyfAPy0E6eWZ15TOMPDwobYrTg4w2dbrOKCaxgGiZsdq7PANHaGqEPOtQKY8gBm5QACg9DQsAEI7RhBKFQMB5KEYKFJFgynmGgC0Vzo1GezyanCUVVUDCkCymIZDr9fM4AHDtOE1qAA7CGeSfJ8TRfv+IAAL5AA