Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:41:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:41:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:41:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:41:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:41:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 132
|
gzip compressed data, was "main.css", last modified: Thu Aug 29 00:08:30 2024, from Unix, original size modulo 2^32 15106
|
downloaded
|
||
Chrome Cache Entry: 133
|
HTML document, ASCII text, with very long lines (845)
|
downloaded
|
||
Chrome Cache Entry: 134
|
ASCII text, with very long lines (44597)
|
dropped
|
||
Chrome Cache Entry: 135
|
ASCII text, with very long lines (44597)
|
downloaded
|
||
Chrome Cache Entry: 136
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 137
|
PNG image data, 327 x 65, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 138
|
PNG image data, 327 x 65, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 139
|
gzip compressed data, was "main.bundle.js", last modified: Wed Aug 28 22:18:07 2024, from Unix, original size modulo 2^32
141258
|
downloaded
|
||
Chrome Cache Entry: 140
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 141
|
gzip compressed data, was "main.bundle.js", last modified: Wed Aug 28 22:18:07 2024, from Unix, original size modulo 2^32
141258
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1908,i,1340846232224862490,1840415534050250397,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://url7213.silkecu.net/ls/click?upn=u001.chUl-2BZYxzqPT-2F6z-2BMVbsHu8FPTjs-2F8SmtKlRFVXyKvcMV8aBKojgvIVGD6zmr-2FvuFjmNyqHNa75QZwvYStFyDw-3D-3D7TlN_ntma8989hR1Cz5tvbiRySYBcwmhXpleUwgQEAmCrzKXfATJFSQNmN-2B95IYn2izs80F4zZhtcPrY240BiuI2zleCxSRIecxqQ785Lx8hXZYY0vcuUyJnTHGZMW1WqWG-2Bqmaw95z-2Fl1jPbUMFyEg5ldDN2InAFehFcIAoCeJZFDulQlbKBDmH1Wtw5hgtDTFlE4AEdIm8NzDCcVcrMDuercyc-2F1n35Ty0mfBj6zJIl9ThbOV2IA0GZYjbc3EmhTAzZUhxZ-2FDDF3j5mRET6rofuFnQ6JG0POfONY5UkLvPLRk55a-2B4VgfKAtZNO-2Fb4RVK9mfb-2BoD1rEAH2dJiLWz2KzDyswwtd-2FAURTlRv2v-2Fc8Gj3hog-2Bj7bLe8YufGobxh9s3JPhAms4q8KkBsRuW0GQM-2FUXwJ2YcSKrhmQHtECyY3JPTlpg5p4i9u9bVZ5m9vUl4l9OMP-2FedE0EIB2ChQ7Ya7ylqB-2FAme2Is3EopHdU78JyRTwkkzEZY-2FFRpQ-2FagQIDFxmtPrZ8ceHuRlHWLfwCYh-2BpVnuyligyE8UoBc2Xx7r3B-2FLYGNNu7T1tLIoCPbIWQ9PrY4vumNkHEyYNRBCgOTLahLAQt-2B1-2BeoH1fahjZ6h5Tf-2Fo2JXTekeUikI2FrB0TZjw1ZOu1rynFEANZvume2iHr81802cXU5QFTO0P7x18gz40UvzGdybXlEqMfjp-2FmQ-2FjdU6j31CoT0TiN0sqtQui1gAs-2BcYkIm18SYBSmp9RpN5oRPi11wuE5jz-2FlksQD0EttGBJmyO-2FMUV0ZUexWXz-2BD48uMZW32wlIQzwZV28cBHTAqqjltyGTQRgpkJkCzuBjZqp3NpK1MvGGqsWmDmg-3D-3D"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://url7213.silkecu.net/ls/click?upn=u001.chUl-2BZYxzqPT-2F6z-2BMVbsHu8FPTjs-2F8SmtKlRFVXyKvcMV8aBKojgvIVGD6zmr-2FvuFjmNyqHNa75QZwvYStFyDw-3D-3D7TlN_ntma8989hR1Cz5tvbiRySYBcwmhXpleUwgQEAmCrzKXfATJFSQNmN-2B95IYn2izs80F4zZhtcPrY240BiuI2zleCxSRIecxqQ785Lx8hXZYY0vcuUyJnTHGZMW1WqWG-2Bqmaw95z-2Fl1jPbUMFyEg5ldDN2InAFehFcIAoCeJZFDulQlbKBDmH1Wtw5hgtDTFlE4AEdIm8NzDCcVcrMDuercyc-2F1n35Ty0mfBj6zJIl9ThbOV2IA0GZYjbc3EmhTAzZUhxZ-2FDDF3j5mRET6rofuFnQ6JG0POfONY5UkLvPLRk55a-2B4VgfKAtZNO-2Fb4RVK9mfb-2BoD1rEAH2dJiLWz2KzDyswwtd-2FAURTlRv2v-2Fc8Gj3hog-2Bj7bLe8YufGobxh9s3JPhAms4q8KkBsRuW0GQM-2FUXwJ2YcSKrhmQHtECyY3JPTlpg5p4i9u9bVZ5m9vUl4l9OMP-2FedE0EIB2ChQ7Ya7ylqB-2FAme2Is3EopHdU78JyRTwkkzEZY-2FFRpQ-2FagQIDFxmtPrZ8ceHuRlHWLfwCYh-2BpVnuyligyE8UoBc2Xx7r3B-2FLYGNNu7T1tLIoCPbIWQ9PrY4vumNkHEyYNRBCgOTLahLAQt-2B1-2BeoH1fahjZ6h5Tf-2Fo2JXTekeUikI2FrB0TZjw1ZOu1rynFEANZvume2iHr81802cXU5QFTO0P7x18gz40UvzGdybXlEqMfjp-2FmQ-2FjdU6j31CoT0TiN0sqtQui1gAs-2BcYkIm18SYBSmp9RpN5oRPi11wuE5jz-2FlksQD0EttGBJmyO-2FMUV0ZUexWXz-2BD48uMZW32wlIQzwZV28cBHTAqqjltyGTQRgpkJkCzuBjZqp3NpK1MvGGqsWmDmg-3D-3D
|
|||
https://app.unbounce.com/5bf221b4-c7d7-4ffc-a063-31ebc673924e
|
unknown
|
||
https://pdf08292024-postauth.ubpages.com/microsoft-pdf/
|
|||
https://pdf08292024-postauth.ubpages.com/assets/d9a88011-6d8f-4466-bcf9-4b7bd07eb4a9/ach-screenshot.original.png?1724897966
|
104.18.41.137
|
||
http://pdf08292024-postauth.ubpages.com/microsoft-pdf/
|
unknown
|
||
https://d9hhrg4mnvzow.cloudfront.net/pdf08292024-postauth.ubpages.com/microsoft-pdf/582888cb-ach-screenshot_1000000000000000000028.png
|
18.239.102.196
|
||
https://builder-assets.unbounce.com/published-js/main.bundle-08d3f8b.z.js
|
13.227.219.60
|
||
https://pdf08292024-postauth.ubpages.com/_ub/i
|
104.18.41.137
|
||
https://pdf08292024-postauth.ubpages.com/microsoft-pdf/clkn/https/recaptcha-14f52d.webflow.io/
|
|||
https://pdf08292024-postauth.ubpages.com/microsoft-pdf
|
104.18.41.137
|
||
https://builder-assets.unbounce.com/published-css/main-ebbfc5e.z.css
|
13.227.219.60
|
||
https://pdf08292024-postauth.ubpages.com/favicon.ico
|
104.18.41.137
|
||
https://pdf08292024-postauth.ubpages.com/_ub/static/ts/e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js
|
104.18.41.137
|
||
https://app.unbounce.com/77e4c3a6-b295-40e4-8d1c-9d75e522b49d
|
unknown
|
There are 3 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
builder-assets.unbounce.com
|
13.227.219.60
|
||
d9hhrg4mnvzow.cloudfront.net
|
18.239.102.196
|
||
sendgrid.net
|
167.89.115.52
|
||
pdf08292024-postauth.ubpages.com
|
104.18.41.137
|
||
www.google.com
|
142.250.186.132
|
||
url7213.silkecu.net
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
167.89.115.52
|
sendgrid.net
|
United States
|
||
52.222.201.124
|
unknown
|
United States
|
||
192.168.2.8
|
unknown
|
unknown
|
||
172.64.146.119
|
unknown
|
United States
|
||
3.160.156.21
|
unknown
|
United States
|
||
18.239.102.196
|
d9hhrg4mnvzow.cloudfront.net
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
104.18.41.137
|
pdf08292024-postauth.ubpages.com
|
United States
|
||
13.227.219.60
|
builder-assets.unbounce.com
|
United States
|
||
142.250.186.132
|
www.google.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://pdf08292024-postauth.ubpages.com/microsoft-pdf/
|
||
https://pdf08292024-postauth.ubpages.com/microsoft-pdf/clkn/https/recaptcha-14f52d.webflow.io/
|