IOC Report
https://news.claroty.com/e3t/Ctc/OR+113/d2n-4L04/VVPy5P46C_3pW8Pz7_V3LxM13W7TctdS5ltnG0N3hBC6F3lYMRW7Y8-PT6lZ3p8VDPSWB2hkr0xW1jSCJz5Tx0CbW4k0Gdy84cgR5W75xzbh3JYxzyN3dsPjKyk4Y1W4hFjjr44kS1nW2D8hxk5DxH7vW3g6xkn2qrb3vW2SpQp81dtr0GW7r7Q7L2FZ5vJW152Dy06dcx6xVX2VR38JqC9HW7zbbH-4kxdWFW4cdkc03qH46PW6zkfpv6b

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 14:25:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 14:25:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 14:25:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 14:25:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 14:25:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 165
ASCII text, with very long lines (7370), with no line terminators
downloaded
Chrome Cache Entry: 166
ASCII text, with very long lines (4816)
dropped
Chrome Cache Entry: 167
HTML document, ASCII text, with very long lines (877), with no line terminators
downloaded
Chrome Cache Entry: 168
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 173
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1600x900, components 3
downloaded
Chrome Cache Entry: 175
ASCII text, with very long lines (4345)
downloaded
Chrome Cache Entry: 176
ASCII text, with very long lines (1055)
dropped
Chrome Cache Entry: 177
ASCII text, with very long lines (20398)
dropped
Chrome Cache Entry: 178
ASCII text, with very long lines (3557)
downloaded
Chrome Cache Entry: 179
JSON data
dropped
Chrome Cache Entry: 180
ASCII text, with very long lines (670)
downloaded
Chrome Cache Entry: 181
PNG image data, 272 x 90, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 182
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 183
ASCII text, with very long lines (18798)
dropped
Chrome Cache Entry: 184
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1600x900, components 3
downloaded
Chrome Cache Entry: 185
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 728x90, components 3
dropped
Chrome Cache Entry: 186
C++ source, ASCII text, with very long lines (2037)
dropped
Chrome Cache Entry: 187
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 189
ASCII text, with very long lines (4014)
dropped
Chrome Cache Entry: 190
ASCII text, with very long lines (4186), with no line terminators
downloaded
Chrome Cache Entry: 192
ASCII text
downloaded
Chrome Cache Entry: 196
ASCII text, with very long lines (4345)
dropped
Chrome Cache Entry: 198
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x200, components 3
dropped
Chrome Cache Entry: 199
ASCII text, with very long lines (20274)
downloaded
Chrome Cache Entry: 205
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1600x900, components 3
downloaded
Chrome Cache Entry: 206
ASCII text, with very long lines (2353)
dropped
Chrome Cache Entry: 207
GIF image data, version 89a, 6 x 5
downloaded
Chrome Cache Entry: 208
ASCII text, with very long lines (3115)
dropped
Chrome Cache Entry: 209
ASCII text, with very long lines (2946)
dropped
Chrome Cache Entry: 211
ASCII text, with very long lines (2015)
downloaded
Chrome Cache Entry: 212
JSON data
downloaded
Chrome Cache Entry: 214
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1440, components 3
dropped
Chrome Cache Entry: 216
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1600x900, components 3
dropped
Chrome Cache Entry: 217
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 219
ASCII text, with very long lines (13479)
downloaded
Chrome Cache Entry: 220
ASCII text, with very long lines (53605)
dropped
Chrome Cache Entry: 221
HTML document, ASCII text, with very long lines (877), with no line terminators
downloaded
Chrome Cache Entry: 222
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
downloaded
Chrome Cache Entry: 225
ASCII text, with very long lines (37284), with no line terminators
downloaded
Chrome Cache Entry: 226
ASCII text
dropped
Chrome Cache Entry: 227
ASCII text, with very long lines (41787)
downloaded
Chrome Cache Entry: 228
ASCII text, with very long lines (15752)
downloaded
Chrome Cache Entry: 229
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1600x900, components 3
downloaded
Chrome Cache Entry: 230
ASCII text, with very long lines (3916)
downloaded
Chrome Cache Entry: 231
ASCII text
downloaded
Chrome Cache Entry: 232
ASCII text, with very long lines (7945), with no line terminators
downloaded
Chrome Cache Entry: 233
ASCII text
downloaded
Chrome Cache Entry: 235
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
downloaded
Chrome Cache Entry: 236
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1600x900, components 3
downloaded
Chrome Cache Entry: 237
HTML document, ASCII text, with very long lines (8933), with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 242
Web Open Font Format (Version 2), TrueType, length 18588, version 1.0
downloaded
Chrome Cache Entry: 243
Web Open Font Format, TrueType, length 24864, version 0.0
downloaded
Chrome Cache Entry: 245
C++ source, ASCII text, with very long lines (2873)
downloaded
Chrome Cache Entry: 246
ASCII text, with very long lines (65447)
dropped
Chrome Cache Entry: 247
HTML document, Unicode text, UTF-8 text, with very long lines (1183)
downloaded
Chrome Cache Entry: 249
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
dropped
Chrome Cache Entry: 250
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 251
ASCII text, with very long lines (378)
downloaded
Chrome Cache Entry: 255
PNG image data, 940 x 665, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 256
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 257
ASCII text, with very long lines (2079)
dropped
Chrome Cache Entry: 258
HTML document, ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 262
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
downloaded
Chrome Cache Entry: 263
ASCII text, with very long lines (8021), with no line terminators
dropped
Chrome Cache Entry: 264
PNG image data, 300 x 600, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 265
ASCII text, with very long lines (11256), with no line terminators
downloaded
Chrome Cache Entry: 267
ASCII text, with very long lines (786)
dropped
Chrome Cache Entry: 268
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 464x128, components 3
downloaded
Chrome Cache Entry: 269
PNG image data, 272 x 90, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 270
Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
downloaded
Chrome Cache Entry: 273
ASCII text, with very long lines (4014)
downloaded
Chrome Cache Entry: 274
HTML document, ASCII text, with very long lines (829), with no line terminators
downloaded
Chrome Cache Entry: 275
ASCII text, with very long lines (3683), with no line terminators
dropped
Chrome Cache Entry: 277
PNG image data, 928 x 90, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 282
ASCII text, with very long lines (52915)
dropped
Chrome Cache Entry: 283
ASCII text, with very long lines (57765)
downloaded
Chrome Cache Entry: 284
HTML document, ASCII text, with very long lines (877), with no line terminators
downloaded
Chrome Cache Entry: 285
HTML document, ASCII text, with very long lines (2008)
downloaded
Chrome Cache Entry: 286
ASCII text, with very long lines (2090)
dropped
Chrome Cache Entry: 287
ASCII text, with very long lines (832)
downloaded
Chrome Cache Entry: 288
HTML document, ASCII text, with very long lines (877), with no line terminators
downloaded
Chrome Cache Entry: 289
ASCII text, with very long lines (1382)
dropped
Chrome Cache Entry: 290
Web Open Font Format (Version 2), TrueType, length 38268, version 1.0
downloaded
Chrome Cache Entry: 291
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
dropped
Chrome Cache Entry: 292
ASCII text, with very long lines (566)
downloaded
There are 82 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://news.claroty.com/e3t/Ctc/OR+113/d2n-4L04/VVPy5P46C_3pW8Pz7_V3LxM13W7TctdS5ltnG0N3hBC6F3lYMRW7Y8-PT6lZ3p8VDPSWB2hkr0xW1jSCJz5Tx0CbW4k0Gdy84cgR5W75xzbh3JYxzyN3dsPjKyk4Y1W4hFjjr44kS1nW2D8hxk5DxH7vW3g6xkn2qrb3vW2SpQp81dtr0GW7r7Q7L2FZ5vJW152Dy06dcx6xVX2VR38JqC9HW7zbbH-4kxdWFW4cdkc03qH46PW6zkfpv6b7TyqW7xXcWC8200CKW3sff8w94k8jJN2NtC1BKs5HkN9kB4jVFTr3KW2Pl4Gd5kZ-8zW4psP_Z13trc2W5ggw2W7jyjZZW2Sq8vT2lr77MN29f9ChSYrrKW19xDX_1nRws8W8l47FX8MZS30f1xn1dn04
https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/?utm_medium=email&_hsenc=p2ANqtz--0s2iwXs_j3WKEf_wFI8OvSbg2rM5JE4fTna4bv34wCMIytweeTKgWvjexxwO1bb7HGkSPFnpKgTFGMee_wAxBpuwTb9jRMKNrEfPkv3VfyxCr4vs&_hsmi=326603005&utm_content=326603005&utm_source=hs_email

Domains

Name
IP
Malicious
star-mini.c10r.facebook.com
157.240.253.35
stats.wp.com
192.0.76.3
secure.gravatar.com
192.0.73.2
a.nel.cloudflare.com
35.190.80.1
group29.sites.hscoscdn20.net
199.60.103.2
scontent.xx.fbcdn.net
157.240.251.9
cybersecuritynews.com
188.114.96.3
googleads.g.doubleclick.net
142.250.185.162
www3.l.google.com
216.58.206.46
pixel.wp.com
192.0.76.3
cdnjs.cloudflare.com
104.17.24.14
photos-ugc.l.googleusercontent.com
142.250.181.225
www.google.com
142.250.184.196
googlehosted.l.googleusercontent.com
142.250.185.193
www.facebook.com
unknown
fundingchoicesmessages.google.com
unknown
static.xx.fbcdn.net
unknown
news.claroty.com
unknown
1.bp.blogspot.com
unknown
blogger.googleusercontent.com
unknown
There are 10 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
142.250.186.67
unknown
United States
199.60.103.2
group29.sites.hscoscdn20.net
Canada
192.168.2.17
unknown
unknown
216.58.206.34
unknown
United States
216.58.206.78
unknown
United States
192.168.2.4
unknown
unknown
142.250.185.226
unknown
United States
142.250.185.227
unknown
United States
216.58.206.36
unknown
United States
192.168.2.6
unknown
unknown
157.240.0.6
unknown
United States
172.217.23.110
unknown
United States
142.250.185.162
googleads.g.doubleclick.net
United States
142.250.186.131
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
142.250.184.206
unknown
United States
172.217.18.10
unknown
United States
216.58.212.130
unknown
United States
142.250.186.99
unknown
United States
66.102.1.84
unknown
United States
142.250.185.66
unknown
United States
142.250.186.35
unknown
United States
142.250.184.196
www.google.com
United States
104.17.24.14
cdnjs.cloudflare.com
United States
142.250.186.78
unknown
United States
1.1.1.1
unknown
Australia
192.0.76.3
stats.wp.com
United States
142.250.185.232
unknown
United States
142.250.185.138
unknown
United States
192.0.73.2
secure.gravatar.com
United States
172.217.18.1
unknown
United States
216.58.206.46
www3.l.google.com
United States
157.240.251.9
scontent.xx.fbcdn.net
United States
142.250.186.129
unknown
United States
142.250.185.193
googlehosted.l.googleusercontent.com
United States
142.250.181.225
photos-ugc.l.googleusercontent.com
United States
239.255.255.250
unknown
Reserved
188.114.97.3
unknown
European Union
188.114.96.3
cybersecuritynews.com
European Union
157.240.253.35
star-mini.c10r.facebook.com
United States
142.250.186.100
unknown
United States
172.217.16.193
unknown
United States
142.250.185.74
unknown
United States
There are 33 hidden IPs, click here to show them.