IOC Report
https://nuget.optimizely.com/feed/packages.svc/

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 102
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 103
XML 1.0 document, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 104
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
downloaded

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2028,i,17975104149279702251,9227171067535932405,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://nuget.optimizely.com/feed/packages.svc/"

URLs

Name
IP
Malicious
https://nuget.optimizely.com/feed/packages.svc/
https://nuget.optimizely.com/favicon.ico
172.64.145.246
https://nuget.optimizely.com/feed/packages.svc
unknown
https://nuget.optimizely.com/feed/packages.svc/
172.64.145.246

Domains

Name
IP
Malicious
nuget.optimizely.com
172.64.145.246
www.google.com
142.250.185.100
bg.download.windowsupdate.com.mwcname.com
138.113.27.176
fp2e7a.wpc.phicdn.net
192.229.221.95

IPs

IP
Domain
Country
Malicious
104.18.42.10
unknown
United States
239.255.255.250
unknown
Reserved
172.64.145.246
nuget.optimizely.com
United States
142.250.185.100
www.google.com
United States
192.168.2.4
unknown
unknown