Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 1 21:24:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 1 21:24:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 1 21:24:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 1 21:24:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 1 21:24:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 138
|
gzip compressed data, from Unix, original size modulo 2^32 167871
|
dropped
|
||
|
Chrome Cache Entry: 139
|
Web Open Font Format (Version 2), TrueType, length 13980, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
gzip compressed data, from Unix, original size modulo 2^32 167871
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
gzip compressed data, from Unix, original size modulo 2^32 920
|
dropped
|
||
|
Chrome Cache Entry: 142
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 143
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 96x96, segment length 16, baseline, precision 8, 128x128, components
3
|
dropped
|
||
|
Chrome Cache Entry: 144
|
gzip compressed data, from Unix, original size modulo 2^32 817372
|
dropped
|
||
|
Chrome Cache Entry: 145
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 146
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
gzip compressed data, from Unix, original size modulo 2^32 920
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
gzip compressed data, from Unix, original size modulo 2^32 199573
|
downloaded
|
||
|
Chrome Cache Entry: 149
|
gzip compressed data, from Unix, original size modulo 2^32 17456
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
gzip compressed data, from Unix, original size modulo 2^32 111307
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
gzip compressed data, from Unix, original size modulo 2^32 27408
|
downloaded
|
||
|
Chrome Cache Entry: 152
|
gzip compressed data, from Unix, original size modulo 2^32 37755
|
dropped
|
||
|
Chrome Cache Entry: 153
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 154
|
gzip compressed data, from Unix, original size modulo 2^32 15086
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
gzip compressed data, from Unix, original size modulo 2^32 15086
|
dropped
|
||
|
Chrome Cache Entry: 156
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 157
|
gzip compressed data, from Unix, original size modulo 2^32 97951
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
gzip compressed data, from Unix, original size modulo 2^32 265985
|
downloaded
|
||
|
Chrome Cache Entry: 159
|
gzip compressed data, from Unix, original size modulo 2^32 817372
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
gzip compressed data, from Unix, original size modulo 2^32 1587
|
downloaded
|
||
|
Chrome Cache Entry: 161
|
gzip compressed data, from Unix, original size modulo 2^32 3756
|
downloaded
|
||
|
Chrome Cache Entry: 162
|
gzip compressed data, from Unix, original size modulo 2^32 530342
|
dropped
|
||
|
Chrome Cache Entry: 163
|
Unicode text, UTF-8 text
|
dropped
|
||
|
Chrome Cache Entry: 164
|
gzip compressed data, from Unix, original size modulo 2^32 530342
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
gzip compressed data, from Unix, original size modulo 2^32 8730
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 96x96, segment length 16, baseline, precision 8, 128x128, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 167
|
gzip compressed data, from Unix, original size modulo 2^32 3756
|
dropped
|
||
|
Chrome Cache Entry: 168
|
gzip compressed data, from Unix, original size modulo 2^32 37755
|
downloaded
|
||
|
Chrome Cache Entry: 169
|
Unicode text, UTF-8 text
|
downloaded
|
There are 29 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2408 --field-trial-handle=2352,i,14461873916932311397,1829108876129542777,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://telegramrt.club/"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://telegramrt.club/
|
 |
||
|
http://telegramrt.club/
|
|
||
|
http://telegramrt.club/assets/js/jquery-3.5.1.min.js
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/css/bootstrap.min.css
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/datas/countries/phoneCode.json
|
103.76.84.225
|
|
|
|
http://telegramrt.club/runtime.d0a0d8313f8d1e00.js
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/layui-v2.6.8/layui/layui.js
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/layui-v2.6.8/layui/css/modules/code.css?v=2
|
103.76.84.225
|
|
|
|
http://telegramrt.club/main.7b574a882822896f.js
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/images/logo.jpg
|
103.76.84.225
|
|
|
|
http://telegramrt.club/favicon.ico
|
103.76.84.225
|
|
|
|
http://telegramrt.club/styles.e2974b719a0acf9b.css
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/download/filename.js
|
103.76.84.225
|
|
|
|
http://telegramrt.club/polyfills.9225875df2b05e64.js
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/css/font-awesome.min.css
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/layui-v2.6.8/layui/css/modules/laydate/default/laydate.css?v=5.3.1
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/layui-v2.6.8/layui/css/modules/layer/default/layer.css?v=3.5.1
|
103.76.84.225
|
|
|
|
http://telegramrt.club/assets/layui-v2.6.8/layui/css/layui.css
|
103.76.84.225
|
|
|
|
https://www.cloudflare.com/cdn-cgi/trace
|
104.16.123.96
|
||
|
https://ipinfo.io/?token=ad76fbd92e6bbb
|
34.117.59.81
|
There are 9 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
www.cloudflare.com
|
104.16.123.96
|
||
|
ipinfo.io
|
34.117.59.81
|
||
|
www.google.com
|
142.250.184.228
|
||
|
telegramrt.club
|
103.76.84.225
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.76.84.225
|
telegramrt.club
|
China
|
||
|
34.117.59.81
|
ipinfo.io
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.184.228
|
www.google.com
|
United States
|
||
|
104.16.123.96
|
www.cloudflare.com
|
United States
|
||
|
104.16.124.96
|
unknown
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
http://telegramrt.club/
|
|
|
|
http://telegramrt.club/
|
|