Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 15:38:40 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 15:38:40 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 15:38:40 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 15:38:40 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 15:38:40 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 123
|
ASCII text, with very long lines (32182)
|
dropped
|
||
|
Chrome Cache Entry: 124
|
ASCII text, with very long lines (22806)
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
Web Open Font Format (Version 2), TrueType, length 35152, version 2.19660
|
downloaded
|
||
|
Chrome Cache Entry: 127
|
PNG image data, 507 x 613, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 128
|
ASCII text, with very long lines (1258)
|
dropped
|
||
|
Chrome Cache Entry: 129
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 133
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
ASCII text, with very long lines (18482)
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 144
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 145
|
ASCII text, with very long lines (1490)
|
dropped
|
||
|
Chrome Cache Entry: 147
|
ASCII text, with very long lines (28931)
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
ASCII text, with very long lines (9198)
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
ASCII text, with very long lines (20915)
|
dropped
|
||
|
Chrome Cache Entry: 152
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 153
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 156
|
ASCII text, with very long lines (24171)
|
dropped
|
||
|
Chrome Cache Entry: 157
|
Web Open Font Format (Version 2), TrueType, length 35228, version 2.19660
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 163
|
ASCII text, with very long lines (32058)
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
ASCII text, with very long lines (5672)
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
ASCII text, with very long lines (48664)
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 71723
|
dropped
|
||
|
Chrome Cache Entry: 167
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 168
|
ASCII text, with very long lines (32403)
|
dropped
|
||
|
Chrome Cache Entry: 170
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 174
|
ASCII text, with very long lines (19015)
|
downloaded
|
||
|
Chrome Cache Entry: 176
|
ASCII text, with very long lines (26070)
|
dropped
|
||
|
Chrome Cache Entry: 177
|
ASCII text, with very long lines (1862)
|
downloaded
|
||
|
Chrome Cache Entry: 180
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 181
|
ASCII text, with very long lines (20915)
|
downloaded
|
||
|
Chrome Cache Entry: 182
|
ASCII text, with very long lines (2924), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 183
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 184
|
ASCII text, with very long lines (16155)
|
dropped
|
||
|
Chrome Cache Entry: 185
|
Web Open Font Format (Version 2), TrueType, length 35236, version 2.19660
|
downloaded
|
||
|
Chrome Cache Entry: 187
|
ASCII text, with very long lines (905)
|
dropped
|
||
|
Chrome Cache Entry: 189
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 190
|
ASCII text, with very long lines (65325)
|
downloaded
|
||
|
Chrome Cache Entry: 192
|
ASCII text, with very long lines (58929)
|
downloaded
|
||
|
Chrome Cache Entry: 193
|
gzip compressed data, from Unix, original size modulo 2^32 4158
|
dropped
|
||
|
Chrome Cache Entry: 194
|
ASCII text, with very long lines (923)
|
downloaded
|
||
|
Chrome Cache Entry: 196
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 197
|
HTML document, ASCII text, with very long lines (562), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 198
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
downloaded
|
There are 42 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://outbound.knectit.co.uk/u/click?_t=bnBkL3ZkcGpzYnVvcHV0c2pnQW9icGUvenNzYmMwd2ZlL3RzZmxzcHgvNjYxNHNmb3NmeHQvZm9qbmJnM29wbzAwO3RxdXVp
|
 |
||
|
https://farmboyclothing.com/u/click?_t=Cz9tbnVpMD0LP3VxanNkdDA9ISEhIQs8Kn4hISEhISEhIQs8KilpdGJJb0ptamJuRnVmdCEhISEhISEhISEhIQsLPH4hISEhISEhISEhISELfiEhISEhISEhISEhISEhISELPCoxNiEtfiEhISEhISEhISEhISEhISEhISEhCzwqKWVicG1mcy9vcGp1YmRwbS94cGVvanghISEhISEhISEhISEhISEhISEhISEhISELfCE/PiEqKSl1dnBmbmpVdWZ0ISEhISEhISEhISEhISEhISEhISELPG1qYm5mIT4haXRiaS9vcGp1YmRwbS94cGVvanghISEhISEhISEhISEhISEhISEhIQt8ISptamJuZiE+PiIhKjIpaG9qc3V0Y3Z0L2l0Ymkvb3BqdWJkcG0veHBlb2p4IX19IWl0Ymkvb3BqdWJkcG0veHBlb2p4IikhZ2ohISEhISEhISEhISEhISEhCzwjbnBkL3ZkcGpzYnVvcHV0c2pnQW9icGUvenNzYmMjIT4hbWpibmYhdXRvcGQhISEhISEhISEhISEhISEhC3whPz4hKikhPiFpdGJJb0ptamJuRnVmdCF1dG9wZCEhISEhISEhISEhIQt8IT8+ISopIS0oZWZlYnBNdW9mdW9wRE5QRSgpc2ZvZnV0ak11b2Z3RmVlYi91b2ZudmRwZSEhISEhISEhCz8jdXFqc2R0YndiayM+aG9ibSF1cWpzZHQ9ISEhIQs/dXFqc2R0MD0/I3RrL3lmZW9qMGx2L3BkL3VqdWRmb2wwMDt0cXV1aSM+ZHN0IXVxanNkdD0hISEhCz8jMS8yPmZtYmR0Lm1ianVqb2ohLWl1ZWp4LmZkandmZT5pdWVqeCM+dW9mdW9wZCEjdXNwcXhmancjPmZuYm8hYnVmbj0hISEhCz8jOS5HVVYjPnVmdHNiaWQhYnVmbj0hISEhCz9lYmZpPQs/I29mIz5ob2JtIW1udWk9Cz9tbnVpIUZRWlVEUEUiPQs#barry.doan@firstontariocu.com
|
|
||
|
https://connect.intuit.com/t/scs-v1-77680828184847679aa6ceba887a2701e0cbde088b7640928428df28d81e1777b790a67867b846368d2937c8c4f4b81c?cta=viewinvoicenow&locale=en_US#barry.doan@firstontariocu.com
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
farmboyclothing.com
|
188.114.96.3
|
|
|
|
logo.clearbit.com
|
unknown
|
|
|
|
c38-prod.qbomono3prdusw2.iks2.a.intuit.com
|
44.229.208.61
|
||
|
knectit.co.uk
|
109.70.148.48
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
||
|
outbound.knectit.co.uk
|
109.70.148.48
|
||
|
eventbus.a.intuit.com
|
54.200.55.78
|
||
|
prd-sb04.apigwsbgprdusw2.iks2.a.intuit.com
|
44.240.11.160
|
||
|
static.cns-icn-prod.a.intuit.com
|
108.156.60.20
|
||
|
d26p066pn2w0s0.cloudfront.net
|
18.239.36.8
|
||
|
d296je7bbdd650.cloudfront.net
|
99.86.8.175
|
||
|
code.jquery.com
|
151.101.2.137
|
||
|
cdnjs.cloudflare.com
|
104.17.25.14
|
||
|
non2famine.swerner3055.workers.dev
|
172.67.217.253
|
||
|
www.google.com
|
216.58.206.68
|
||
|
smx.intuit.com
|
unknown
|
||
|
c38.qbo.intuit.com
|
unknown
|
||
|
connect.intuit.com
|
unknown
|
||
|
cdn.segment.com
|
unknown
|
||
|
logs-ghexb7h3g8djhjhq.eastus-01.azurewebsites.net
|
unknown
|
||
|
eventbus.intuit.com
|
unknown
|
There are 11 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
farmboyclothing.com
|
European Union
|
|
|
|
142.250.186.46
|
unknown
|
United States
|
||
|
20.119.0.39
|
unknown
|
United States
|
||
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
|
216.58.206.72
|
unknown
|
United States
|
||
|
172.217.18.14
|
unknown
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
44.240.11.160
|
prd-sb04.apigwsbgprdusw2.iks2.a.intuit.com
|
United States
|
||
|
151.101.130.137
|
unknown
|
United States
|
||
|
74.125.206.84
|
unknown
|
United States
|
||
|
172.67.217.253
|
non2famine.swerner3055.workers.dev
|
United States
|
||
|
108.156.60.20
|
static.cns-icn-prod.a.intuit.com
|
United States
|
||
|
3.162.38.86
|
unknown
|
United States
|
||
|
54.200.55.78
|
eventbus.a.intuit.com
|
United States
|
||
|
142.250.186.99
|
unknown
|
United States
|
||
|
216.58.212.170
|
unknown
|
United States
|
||
|
44.229.208.61
|
c38-prod.qbomono3prdusw2.iks2.a.intuit.com
|
United States
|
||
|
172.217.16.202
|
unknown
|
United States
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
216.58.212.138
|
unknown
|
United States
|
||
|
54.69.227.5
|
unknown
|
United States
|
||
|
142.250.185.138
|
unknown
|
United States
|
||
|
216.58.206.68
|
www.google.com
|
United States
|
||
|
23.55.229.208
|
unknown
|
United States
|
||
|
151.101.2.137
|
code.jquery.com
|
United States
|
||
|
142.250.186.106
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
18.239.36.8
|
d26p066pn2w0s0.cloudfront.net
|
United States
|
||
|
23.197.9.160
|
unknown
|
United States
|
||
|
99.86.8.175
|
d296je7bbdd650.cloudfront.net
|
United States
|
||
|
172.217.18.104
|
unknown
|
United States
|
||
|
172.217.16.195
|
unknown
|
United States
|
||
|
109.70.148.48
|
knectit.co.uk
|
United Kingdom
|
||
|
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
There are 24 hidden IPs, click here to show them.