IOC Report
https://trk.pmifunds.com/y.z?l=http://security1.b-cdn.net&j=375634604&e=3028&p=1&t=h&D6EBE0CCEBB74CE191551D6EE653FA1E

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 43
HTML document, ASCII text
downloaded
Chrome Cache Entry: 44
ASCII text
dropped
Chrome Cache Entry: 45
gzip compressed data, from Unix, original size modulo 2^32 7041
downloaded
Chrome Cache Entry: 46
ASCII text
downloaded
Chrome Cache Entry: 47
HTML document, ASCII text
downloaded
Chrome Cache Entry: 48
ASCII text, with very long lines (15005)
downloaded
Chrome Cache Entry: 49
ASCII text, with very long lines (15005)
dropped
Chrome Cache Entry: 50
HTML document, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 51
HTML document, ASCII text
downloaded

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 --field-trial-handle=2192,i,10110161044368454811,7874456063879550184,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://trk.pmifunds.com/y.z?l=http://security1.b-cdn.net&j=375634604&e=3028&p=1&t=h&D6EBE0CCEBB74CE191551D6EE653FA1E"

URLs

Name
IP
Malicious
https://trk.pmifunds.com/y.z?l=http://security1.b-cdn.net&j=375634604&e=3028&p=1&t=h&D6EBE0CCEBB74CE191551D6EE653FA1E
malicious
https://trk.pmifunds.com/y.z?l=http://security1.b-cdn.net&j=375634604&e=3028&p=1&t=h&D6EBE0CCEBB74CE191551D6EE653FA1E
104.248.15.35
 malicious
http://l4wjyimk.zone.investir-sur-mesure.fr/preview/
malicious
https://fingerprint.com)
unknown
https://trk.pmifunds.com/z.aspx?page=y&l=http%3a%2f%2fsecurity1.b-cdn.net&j=375634604&e=3028&p=1&t=h&D6EBE0CCEBB74CE191551D6EE653FA1E
104.248.15.35
https://l4wjyimk.zone.investir-sur-mesure.fr/preview
34.233.69.206
http://www.opensource.org/licenses/mit-license.php)
unknown
https://l4wjyimk.zone.investir-sur-mesure.fr/
http://security1.b-cdn.net/
169.150.247.36
https://l4wjyimk.zone.investir-sur-mesure.fr/?_js=_1
34.233.69.206
https://l4wjyimk.zone.investir-sur-mesure.fr/?_r=
34.233.69.206
https://security1.b-cdn.net/
169.150.247.36
http://l4wjyimk.zone.investir-sur-mesure.fr/favicon.ico
52.205.53.110
https://l4wjyimk.zone.investir-sur-mesure.fr/favicon.ico
34.233.69.206
https://openfpcdn.io/botd/v1
3.160.150.40
There are 4 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
openfpcdn.io
3.160.150.40
jngo.net
104.248.15.35
fien-198008767.us-east-1.elb.amazonaws.com
34.233.69.206
www.google.com
142.250.185.132
security1.b-cdn.net
169.150.247.36
fp2e7a.wpc.phicdn.net
192.229.221.95
l4wjyimk.zone.investir-sur-mesure.fr
unknown
trk.pmifunds.com
unknown

IPs

IP
Domain
Country
Malicious
3.160.150.111
unknown
United States
52.205.53.110
unknown
United States
142.250.185.132
www.google.com
United States
192.168.2.4
unknown
unknown
3.160.150.40
openfpcdn.io
United States
34.233.69.206
fien-198008767.us-east-1.elb.amazonaws.com
United States
169.150.247.36
security1.b-cdn.net
United States
104.248.15.35
jngo.net
United States
239.255.255.250
unknown
Reserved

DOM / HTML

URL
Malicious
http://l4wjyimk.zone.investir-sur-mesure.fr/preview/
 malicious
https://l4wjyimk.zone.investir-sur-mesure.fr/
http://l4wjyimk.zone.investir-sur-mesure.fr/preview/