IOC Report
https://c.web.de/@337550745597380876/74ahEl4NT1un_FYZa8msnw

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Local\Microsoft\Office\Features\1-7FeatureCache.txt (copy)
data
dropped
C:\Users\user\AppData\Local\Temp\5C2BD76B.tmp
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:58:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:58:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:58:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:58:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Aug 28 10:58:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\Downloads\57361.xlsx (copy)
Microsoft Excel 2007+
dropped
C:\Users\user\Downloads\57361.xlsx.crdownload (copy)
Microsoft Excel 2007+
dropped
C:\Users\user\Downloads\9865efbd-ac21-42cd-b457-5bb4cab79430.tmp
Microsoft Excel 2007+
dropped
C:\Users\user\Downloads\~$57361.xlsx
data
dropped
Chrome Cache Entry: 176
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 179
Web Open Font Format, TrueType, length 18080, version 1.0
downloaded
Chrome Cache Entry: 180
ASCII text, with very long lines (1156)
dropped
Chrome Cache Entry: 181
ASCII text, with very long lines (10217)
dropped
Chrome Cache Entry: 182
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 183
ASCII text, with very long lines (1148)
downloaded
Chrome Cache Entry: 185
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 189
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
downloaded
Chrome Cache Entry: 190
JSON data
downloaded
Chrome Cache Entry: 191
JSON data
downloaded
Chrome Cache Entry: 192
JSON data
downloaded
Chrome Cache Entry: 193
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 197
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x200, components 3
downloaded
Chrome Cache Entry: 198
ASCII text, with very long lines (60878)
dropped
Chrome Cache Entry: 199
HTML document, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
There are 18 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://c.web.de/@337550745597380876/74ahEl4NT1un_FYZa8msnw
https://c.web.de/@337550745597380876/74ahEl4NT1un_FYZa8msnw

Domains

Name
IP
Malicious
wa.web.de
82.165.229.39
cgateu01we.g-ha-web.de
195.20.251.168
uim-tifbs.ha-cdn.de
195.20.251.111
www.google.com
142.250.185.164
sdthumbs.ui-static.net
195.20.251.162
cloud.web.de
217.72.199.4
s-part-0032.t-0009.t-msedge.net
13.107.246.60
s-part-0029.t-0009.t-msedge.net
13.107.246.57
img.web.de
unknown
s.uicdn.com
unknown
c.web.de
unknown
cgateu01we.storage-webde.de
unknown
dl.web.de
unknown
img.ui-portal.de
unknown
uim.tifbs.net
unknown
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
52.113.194.132
unknown
United States
142.250.185.68
unknown
United States
1.1.1.1
unknown
Australia
34.104.35.123
unknown
United States
184.27.96.196
unknown
United States
51.132.193.105
unknown
United Kingdom
74.125.133.84
unknown
United States
13.107.246.57
s-part-0029.t-0009.t-msedge.net
United States
142.250.186.163
unknown
United States
192.168.2.16
unknown
unknown
217.72.199.4
cloud.web.de
Germany
195.20.251.162
sdthumbs.ui-static.net
Germany
195.20.251.111
uim-tifbs.ha-cdn.de
Germany
82.165.229.39
wa.web.de
Germany
52.109.68.129
unknown
United States
239.255.255.250
unknown
Reserved
142.250.185.164
www.google.com
United States
195.20.251.168
cgateu01we.g-ha-web.de
Germany
52.109.28.46
unknown
United States
142.250.185.195
unknown
United States
184.28.90.27
unknown
United States
142.250.184.206
unknown
United States
There are 12 hidden IPs, click here to show them.