Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Sep 28 02:30:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Sep 28 02:30:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Sep 28 02:30:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Sep 28 02:30:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Sep 28 02:30:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 100
|
ASCII text, with very long lines (30837)
|
downloaded
|
||
Chrome Cache Entry: 101
|
PNG image data, 512 x 512, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 102
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components
3
|
downloaded
|
||
Chrome Cache Entry: 103
|
PNG image data, 1511 x 901, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 104
|
PNG image data, 722 x 170, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 105
|
PNG image data, 722 x 170, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 106
|
PNG image data, 700 x 774, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 107
|
PNG image data, 800 x 344, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 108
|
PNG image data, 700 x 774, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 109
|
ASCII text, with CRLF line terminators
|
dropped
|
||
Chrome Cache Entry: 110
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 111
|
ASCII text, with very long lines (65371)
|
downloaded
|
||
Chrome Cache Entry: 112
|
PNG image data, 2000 x 609, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 113
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 114
|
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
|
downloaded
|
||
Chrome Cache Entry: 115
|
HTML document, Unicode text, UTF-8 text, with very long lines (370), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 116
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 117
|
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 118
|
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
|
downloaded
|
||
Chrome Cache Entry: 119
|
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 120
|
Web Open Font Format (Version 2), TrueType, length 22220, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 121
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 122
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 123
|
ASCII text
|
dropped
|
||
Chrome Cache Entry: 124
|
ASCII text
|
dropped
|
||
Chrome Cache Entry: 125
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components
3
|
dropped
|
||
Chrome Cache Entry: 126
|
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
|
downloaded
|
||
Chrome Cache Entry: 127
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 128
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 129
|
assembler source, ASCII text, with very long lines (305)
|
downloaded
|
||
Chrome Cache Entry: 130
|
PNG image data, 722 x 170, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 131
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=300, orientation=[*0*], width=1440], baseline,
precision 8, 1440x300, components 3
|
downloaded
|
||
Chrome Cache Entry: 132
|
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
|
downloaded
|
||
Chrome Cache Entry: 133
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 134
|
PNG image data, 700 x 774, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 135
|
PNG image data, 1511 x 901, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 136
|
PNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 137
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1260x2800, components
3
|
downloaded
|
||
Chrome Cache Entry: 138
|
PNG image data, 2000 x 609, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 139
|
ASCII text, with very long lines (32061)
|
downloaded
|
||
Chrome Cache Entry: 140
|
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 141
|
PNG image data, 722 x 170, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 142
|
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 143
|
PNG image data, 700 x 774, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 144
|
PNG image data, 800 x 344, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 145
|
PNG image data, 700 x 774, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 146
|
Web Open Font Format (Version 2), TrueType, length 15044, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 147
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1161, orientation=[*0*], width=1080], baseline,
precision 8, 1080x1161, components 3
|
downloaded
|
||
Chrome Cache Entry: 148
|
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 149
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 150
|
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 151
|
PNG image data, 700 x 774, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 152
|
ASCII text, with very long lines (32061)
|
dropped
|
||
Chrome Cache Entry: 153
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 154
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 155
|
PNG image data, 512 x 512, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 156
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1001, orientation=[*0*], width=880], baseline,
precision 8, 880x1001, components 3
|
dropped
|
||
Chrome Cache Entry: 157
|
PNG image data, 722 x 170, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 158
|
ASCII text
|
dropped
|
||
Chrome Cache Entry: 159
|
PNG image data, 722 x 170, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 160
|
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
|
downloaded
|
||
Chrome Cache Entry: 161
|
ASCII text, with CRLF line terminators
|
dropped
|
||
Chrome Cache Entry: 162
|
PNG image data, 700 x 774, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 163
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 164
|
PNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 165
|
PNG image data, 722 x 170, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 166
|
PNG image data, 700 x 774, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 167
|
PNG image data, 722 x 170, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 168
|
PNG image data, 243 x 249, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 169
|
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 170
|
PNG image data, 243 x 249, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 171
|
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
|
downloaded
|
||
Chrome Cache Entry: 172
|
ASCII text, with very long lines (32180)
|
downloaded
|
||
Chrome Cache Entry: 173
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 174
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=300, orientation=[*0*], width=1440], baseline,
precision 8, 1440x300, components 3
|
dropped
|
||
Chrome Cache Entry: 175
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 176
|
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
|
downloaded
|
||
Chrome Cache Entry: 177
|
ASCII text, with very long lines (32180)
|
dropped
|
||
Chrome Cache Entry: 178
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1001, orientation=[*0*], width=880], baseline,
precision 8, 880x1001, components 3
|
downloaded
|
||
Chrome Cache Entry: 179
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1161, orientation=[*0*], width=1080], baseline,
precision 8, 1080x1161, components 3
|
dropped
|
||
Chrome Cache Entry: 180
|
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 99
|
ASCII text
|
downloaded
|
There are 79 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2016,i,16103745122714947359,4788103846012999014,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://claim.eventsmidasbuys.com/"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=4256 --field-trial-handle=2016,i,16103745122714947359,4788103846012999014,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://claim.eventsmidasbuys.com/
|
|||
https://claim.eventsmidasbuys.com/favicon.ico
|
103.59.95.62
|
||
https://claim.eventsmidasbuys.com/
|
|||
https://www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
|
unknown
|
||
https://sdf.donegabang.com/js/showHide.js
|
103.59.95.62
|
||
http://fontawesome.io
|
unknown
|
||
https://sdf.donegabang.com/img/rewards/8.png
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/nam1.png
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/namekheader.png
|
103.59.95.62
|
||
https://sdf.donegabang.com/css/loader.css
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/nam3.png
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/bgreward.jpg
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/rewards/7.png
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/namtw.png
|
103.59.95.62
|
||
https://daneden.github.io/animate.css/
|
unknown
|
||
https://sdf.donegabang.com/img/rewards/suit/1.jpg
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/rewards/6.png
|
103.59.95.62
|
||
https://a.top4top.io/m_1725zobal2.mp3
|
65.21.235.194
|
||
https://i.postimg.cc/02KwtTc7/footer-bg.jpg)
|
unknown
|
||
https://sdf.donegabang.com/js/selowscript.js
|
103.59.95.62
|
||
http://www.videolan.org/x264.html
|
unknown
|
||
https://sdf.donegabang.com/js/loginall.js
|
103.59.95.62
|
||
http://getbootstrap.com)
|
unknown
|
||
https://sdf.donegabang.com/css/style.css
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/rewards/5.png
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/icon_fb.png
|
103.59.95.62
|
||
https://www.pubgmobile.com/en/images/footer_link_bg_on.png)
|
unknown
|
||
https://sdf.donegabang.com/img/nam10x.png
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/nam2.png
|
103.59.95.62
|
||
https://sdf.donegabang.com/media/open.mp3
|
103.59.95.62
|
||
https://github.com/nickpettit/glide
|
unknown
|
||
https://sdf.donegabang.com/js/myscript.js
|
103.59.95.62
|
||
https://sdf.donegabang.com/js/kinnonscript.js
|
103.59.95.62
|
||
https://sdf.donegabang.com/js/slidernotif.js
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/namfb.png
|
103.59.95.62
|
||
https://www.pubgmobile.com
|
unknown
|
||
https://sdf.donegabang.com/js/click.js
|
103.59.95.62
|
||
https://sdf.donegabang.com/
|
103.59.95.62
|
||
https://sdf.donegabang.com/media/namekwait.webm
|
103.59.95.62
|
||
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-
|
unknown
|
||
https://www.pubgmobile.com/common/images/icon_logo.jpg
|
unknown
|
||
https://sdf.donegabang.com/media/putaran.mp3
|
103.59.95.62
|
||
https://i.ibb.co/PYpHF6b/Twitter-Show-Password.png
|
162.19.58.157
|
||
https://sdf.donegabang.com/css/bukanlog/twitter.css
|
103.59.95.62
|
||
http://opensource.org/licenses/MIT
|
unknown
|
||
https://cdn.jsdelivr.net/gh/penguasa-de/de
|
unknown
|
||
https://i.postimg.cc/jdq9pLMZ/navbar-logo.jpg
|
unknown
|
||
http://fontawesome.io/license
|
unknown
|
||
https://sdf.donegabang.com/css/arpanyet.css
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/nam4.jpg
|
103.59.95.62
|
||
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
|
104.18.11.207
|
||
https://sdf.donegabang.com/css/bukanlog/facebook.css
|
103.59.95.62
|
||
https://sdf.donegabang.com/fonts/selow.woff2
|
103.59.95.62
|
||
https://sdf.donegabang.com/js/sliders.js
|
103.59.95.62
|
||
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
|
104.17.25.14
|
||
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
|
104.18.11.207
|
||
https://www.pubgmobile.com/en/images/footer_link_bg.png)
|
unknown
|
||
https://sdf.donegabang.com/img/nam5.png
|
103.59.95.62
|
||
https://l.top4top.io/m_1725u5z7i1.mp3
|
135.181.63.70
|
||
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
https://sdf.donegabang.com/css/animate.css
|
103.59.95.62
|
||
http://code.jquery.com/jquery-1.10.2.min.js
|
unknown
|
||
https://sdf.donegabang.com/img/nameklogin.png
|
103.59.95.62
|
||
https://i.postimg.cc/3wBVgZTz/login-Method1.png
|
46.105.222.161
|
||
https://sdf.donegabang.com/img/popup-close2.png
|
103.59.95.62
|
||
https://sdf.donegabang.com/img/namfot.jpg
|
103.59.95.62
|
||
https://sdf.donegabang.com/media/close.mp3
|
103.59.95.62
|
||
https://i.ibb.co/pZDr8sd/Twitter-Hide-Password.png
|
162.19.58.157
|
||
https://pubgmobile.com/
|
unknown
|
There are 58 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
stackpath.bootstrapcdn.com
|
104.18.11.207
|
||
sdf.donegabang.com
|
103.59.95.62
|
||
cdnjs.cloudflare.com
|
104.17.25.14
|
||
l.top4top.io
|
135.181.63.70
|
||
i.postimg.cc
|
46.105.222.161
|
||
www.google.com
|
142.250.185.164
|
||
claim.eventsmidasbuys.com
|
103.59.95.62
|
||
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
217.20.57.34
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
i.ibb.co
|
162.19.58.157
|
||
a.top4top.io
|
65.21.235.194
|
||
www.pubgmobile.com
|
unknown
|
||
cdn.jsdelivr.net
|
unknown
|
There are 3 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
162.19.58.160
|
unknown
|
United States
|
||
192.168.2.6
|
unknown
|
unknown
|
||
192.168.2.5
|
unknown
|
unknown
|
||
103.59.95.62
|
sdf.donegabang.com
|
Korea Republic of
|
||
142.250.185.164
|
www.google.com
|
United States
|
||
46.105.222.81
|
unknown
|
France
|
||
46.105.222.161
|
i.postimg.cc
|
France
|
||
162.19.58.157
|
i.ibb.co
|
United States
|
||
104.18.11.207
|
stackpath.bootstrapcdn.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
135.181.63.70
|
l.top4top.io
|
Germany
|
||
65.21.235.194
|
a.top4top.io
|
United States
|
||
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
There are 3 hidden IPs, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://claim.eventsmidasbuys.com/
|
||
https://claim.eventsmidasbuys.com/
|