Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 10:13:10 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 10:13:10 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 10:13:10 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 10:13:10 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 10:13:10 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
PNG image data, 340 x 336, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
ASCII text, with very long lines (5945)
|
dropped
|
||
|
Chrome Cache Entry: 103
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 106
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 107
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 109
|
ASCII text, with very long lines (3546)
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 111
|
ASCII text, with very long lines (4980), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
ASCII text, with very long lines (558)
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 114
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
GIF image data, version 87a, 200 x 75
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
ASCII text, with very long lines (65203)
|
downloaded
|
||
|
Chrome Cache Entry: 119
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision
8, 365x79, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
GIF image data, version 87a, 10 x 84
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
GIF image data, version 87a, 482 x 84
|
dropped
|
||
|
Chrome Cache Entry: 122
|
ASCII text, with very long lines (464)
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
PNG image data, 142 x 142, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
ASCII text, with very long lines (11231)
|
dropped
|
||
|
Chrome Cache Entry: 125
|
ASCII text, with very long lines (5945)
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 127
|
PNG image data, 340 x 336, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 128
|
ASCII text, with very long lines (839)
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
ASCII text, with very long lines (32578)
|
downloaded
|
||
|
Chrome Cache Entry: 130
|
GIF image data, version 87a, 10 x 84
|
dropped
|
||
|
Chrome Cache Entry: 131
|
ASCII text, with very long lines (21215)
|
downloaded
|
||
|
Chrome Cache Entry: 132
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 133
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 134
|
ASCII text, with very long lines (558)
|
dropped
|
||
|
Chrome Cache Entry: 135
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
GIF image data, version 87a, 482 x 84
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
ASCII text, with very long lines (4345)
|
dropped
|
||
|
Chrome Cache Entry: 138
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 139
|
ASCII text, with very long lines (7448), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
ASCII text, with very long lines (464)
|
dropped
|
||
|
Chrome Cache Entry: 141
|
HTML document, ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 142
|
ASCII text, with very long lines (11734)
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
ASCII text, with very long lines (32089)
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
ASCII text, with very long lines (32179)
|
downloaded
|
||
|
Chrome Cache Entry: 145
|
GIF image data, version 87a, 226 x 84
|
dropped
|
||
|
Chrome Cache Entry: 146
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
ASCII text, with very long lines (11391)
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
PNG image data, 1388 x 159, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 83
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 84
|
ASCII text, with very long lines (11231)
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
GIF image data, version 87a, 226 x 84
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
GIF image data, version 87a, 200 x 75
|
dropped
|
||
|
Chrome Cache Entry: 87
|
PNG image data, 1388 x 159, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
ASCII text, with very long lines (21215)
|
dropped
|
||
|
Chrome Cache Entry: 89
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision
8, 365x79, components 3
|
dropped
|
||
|
Chrome Cache Entry: 90
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 91
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
ASCII text, with very long lines (32179)
|
dropped
|
||
|
Chrome Cache Entry: 93
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 94
|
PNG image data, 142 x 142, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 95
|
ASCII text, with very long lines (4345)
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
ASCII text, with very long lines (839)
|
dropped
|
||
|
Chrome Cache Entry: 97
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 98
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
ASCII text, with very long lines (32089)
|
dropped
|
There are 63 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2576 --field-trial-handle=2540,i,9563059841440261199,17293549768448224459,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.virtualriskmanager.net/global/manager/login.php?distributor=iamroadsmart"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://app.virtualriskmanager.net/global/manager/login.php?distributor=iamroadsmart
|
|||
|
https://app.virtualriskmanager.net/global/manager/login.php?distributor=iamroadsmart
|
 |
||
|
https://stats.g.doubleclick.net/g/collect
|
unknown
|
||
|
https://privacyportal-uk.onetrust.com/favicon.ico
|
172.64.155.119
|
||
|
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
|
104.18.32.137
|
||
|
http://getbootstrap.com/customize/?id=46b9d4d12ee8a5b38deb)
|
unknown
|
||
|
http://www.telerik.com/purchase/license-agreement/kendo-ui-complete
|
unknown
|
||
|
https://app.virtualriskmanager.net/vrm/assets/images/header/iamroadsmart/virtual-risk-manager.gif
|
104.17.75.185
|
||
|
https://www.google.com
|
unknown
|
||
|
https://app.virtualriskmanager.net/global/mis_common/css/bootstrap-navs.css
|
104.17.75.185
|
||
|
http://getbootstrap.com)
|
unknown
|
||
|
https://cdn-ukwest.onetrust.com/logos/static/ot_close.svg
|
104.18.32.137
|
||
|
https://cdn-ukwest.onetrust.com/scripttemplates/202211.2.0/assets/otCookieSettingsButton.json
|
104.18.32.137
|
||
|
https://app.virtualriskmanager.net/global/manager/css/template.css
|
104.17.75.185
|
||
|
http://angularjs.org
|
unknown
|
||
|
https://app.virtualriskmanager.net/global/manager/favicon.ico
|
104.17.75.185
|
||
|
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
|
104.18.32.137
|
||
|
https://cdn-ukwest.onetrust.com/scripttemplates/202211.2.0/otBannerSdk.js
|
104.18.32.137
|
||
|
https://cdn-ukwest.onetrust.com/scripttemplates/202211.2.0/assets/otCommonStyles.css
|
104.18.32.137
|
||
|
https://app.virtualriskmanager.net/global/mis_common/css/bootstrap-panel.css
|
104.17.75.185
|
||
|
https://privacyportal-uk.onetrust.com/ui/
|
172.64.155.119
|
||
|
https://app.virtualriskmanager.net/global/manager/images/login_footer.jpg
|
104.17.75.185
|
||
|
https://www.edriving.com/privacy/
|
unknown
|
||
|
https://cdn-ukwest.onetrust.com/scripttemplates/202211.2.0/assets/otFloatingRoundedIcon.json
|
104.18.32.137
|
||
|
https://app.virtualriskmanager.net/global/mis_common/css/Uniform/sprite.png
|
104.17.75.185
|
||
|
https://cdn-ukwest.onetrust.com/consent/a2eee68b-60e9-4303-ae6f-3efdb5c570a2/OtAutoBlock.js
|
104.18.32.137
|
||
|
https://cdn-ukwest.onetrust.com/consent/a2eee68b-60e9-4303-ae6f-3efdb5c570a2/7a885a4e-6291-46b9-a63c-066118d239a2/en.json
|
104.18.32.137
|
||
|
https://cdn-ukwest.onetrust.com/scripttemplates/202211.2.0/assets/v2/otPcPanel.json
|
104.18.32.137
|
||
|
https://app.virtualriskmanager.net/vrm/assets/images/header/iamroadsmart/iamroadsmart.gif
|
104.17.75.185
|
||
|
http://errors.angularjs.org/1.3.15/
|
unknown
|
||
|
http://getbootstrap.com/customize/?id=b008730b81701d252465)
|
unknown
|
||
|
https://app.virtualriskmanager.net/global/mis_common/css/kendo.common.min.css
|
104.17.75.185
|
||
|
https://cct.google/taggy/agent.js
|
unknown
|
||
|
https://static.vrm-mentor.com/assets/images/cookie-icon.png
|
104.18.210.38
|
||
|
https://cdn-ukwest.onetrust.com/logos/34f432b0-cc28-4e86-851a-125137f7dffd/38feb959-9433-4423-9aad-ea8418a05656/4130734e-80c7-414e-b771-d06e5b63e3e9/edriving_solera_2022lockup_purple_OT.jpeg
|
104.18.32.137
|
||
|
https://td.doubleclick.net
|
unknown
|
||
|
https://app.virtualriskmanager.net/vrm/assets/images/header/iamroadsmart/bg.gif
|
104.17.75.185
|
||
|
https://app.virtualriskmanager.net/global/mis_common/js/jquery.min.js
|
104.17.75.185
|
||
|
https://www.merchant-center-analytics.goog
|
unknown
|
||
|
https://app.virtualriskmanager.net/repeat/title.gif
|
104.17.75.185
|
||
|
http://getbootstrap.com/customize/?id=e05958254badaa716a5e)
|
unknown
|
||
|
https://gist.github.com/b008730b81701d252465
|
unknown
|
||
|
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
|
https://privacyportal-uk.onetrust.com/webform/34f432b0-cc28-4e86-851a-125137f7dffd/676e281c-a034-45de-9707-264be08ed1aa
|
|||
|
https://app.virtualriskmanager.net/global/mis_common/js/angular.min.js
|
104.17.75.185
|
||
|
https://app.virtualriskmanager.net/global/common/js/time_zone_offset.js
|
104.17.75.185
|
||
|
https://app.virtualriskmanager.net/global/mis_common/css/bootstrap-grid.css
|
104.17.75.185
|
||
|
https://app.virtualriskmanager.net/global/mis_common/css/kendo.dataviz.min.css
|
104.17.75.185
|
||
|
https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg
|
104.18.32.137
|
||
|
https://app.virtualriskmanager.net/global/mis_common/css/kendo.uniform.min.css
|
104.17.75.185
|
||
|
https://adservice.google.com/pagead/regclk?
|
unknown
|
||
|
https://app.virtualriskmanager.net/global/mis_common/js/kendo.all.min.js
|
104.17.75.185
|
||
|
https://app.virtualriskmanager.net/global/manager/ot_guard_logo.svg
|
104.17.75.185
|
||
|
http://www.telerik.com/kendo-ui)
|
unknown
|
||
|
https://cdn-ukwest.onetrust.com/consent/a2eee68b-60e9-4303-ae6f-3efdb5c570a2/a2eee68b-60e9-4303-ae6f-3efdb5c570a2.json
|
104.18.32.137
|
||
|
http://browsehappy.com/
|
unknown
|
There are 45 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
static.vrm-mentor.com
|
104.18.210.38
|
||
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
cdn-ukwest.onetrust.com
|
104.18.32.137
|
||
|
app.virtualriskmanager.net
|
104.17.75.185
|
||
|
www.google.com
|
142.250.186.132
|
||
|
privacyportal-uk.onetrust.com
|
172.64.155.119
|
||
|
geolocation.onetrust.com
|
104.18.32.137
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.17.76.185
|
unknown
|
United States
|
||
|
104.18.210.38
|
static.vrm-mentor.com
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
172.64.155.119
|
privacyportal-uk.onetrust.com
|
United States
|
||
|
104.17.75.185
|
app.virtualriskmanager.net
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
104.18.32.137
|
cdn-ukwest.onetrust.com
|
United States
|
||
|
142.250.186.132
|
www.google.com
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://app.virtualriskmanager.net/global/manager/login.php?distributor=iamroadsmart
|
||
|
https://app.virtualriskmanager.net/global/manager/login.php?distributor=iamroadsmart
|
||
|
https://app.virtualriskmanager.net/global/manager/login.php?distributor=iamroadsmart
|
||
|
https://app.virtualriskmanager.net/global/manager/login.php?distributor=iamroadsmart
|
||
|
https://privacyportal-uk.onetrust.com/webform/34f432b0-cc28-4e86-851a-125137f7dffd/676e281c-a034-45de-9707-264be08ed1aa
|