Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\Downloads\9784c46b-9f8c-4e10-a313-fa651f7d0487.tmp
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
C:\Users\user\Downloads\TG.zip.crdownload
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 01:33:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 01:33:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 01:33:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 01:33:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 01:33:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 100
|
PNG image data, 21 x 120, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 101
|
HTML document, Unicode text, UTF-8 text
|
downloaded
|
||
Chrome Cache Entry: 102
|
GIF image data, version 89a, 512 x 512
|
downloaded
|
||
Chrome Cache Entry: 103
|
PNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 104
|
HTML document, ASCII text, with very long lines (6093), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 105
|
GIF image data, version 89a, 512 x 512
|
downloaded
|
||
Chrome Cache Entry: 106
|
Unicode text, UTF-8 text, with very long lines (12011)
|
downloaded
|
||
Chrome Cache Entry: 107
|
GIF image data, version 89a, 512 x 512
|
downloaded
|
||
Chrome Cache Entry: 108
|
ASCII text, with very long lines (65136)
|
downloaded
|
||
Chrome Cache Entry: 109
|
ASCII text, with very long lines (32065), with CRLF line terminators
|
dropped
|
||
Chrome Cache Entry: 110
|
HTML document, ASCII text, with very long lines (6093), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 111
|
Unicode text, UTF-8 text, with very long lines (1523)
|
dropped
|
||
Chrome Cache Entry: 112
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x156, components
3
|
dropped
|
||
Chrome Cache Entry: 113
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v90), quality = 90", baseline, precision 8, 1000x208, components 3
|
downloaded
|
||
Chrome Cache Entry: 114
|
GIF image data, version 89a, 512 x 512
|
dropped
|
||
Chrome Cache Entry: 115
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian,
direntries=1], baseline, precision 8, 442x270, components 3
|
dropped
|
||
Chrome Cache Entry: 116
|
GIF image data, version 89a, 512 x 512
|
downloaded
|
||
Chrome Cache Entry: 117
|
PNG image data, 300 x 168, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 118
|
GIF image data, version 89a, 512 x 512
|
downloaded
|
||
Chrome Cache Entry: 119
|
ASCII text, with very long lines (32065), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 120
|
GIF image data, version 89a, 512 x 512
|
dropped
|
||
Chrome Cache Entry: 121
|
Unicode text, UTF-8 text, with very long lines (1523)
|
downloaded
|
||
Chrome Cache Entry: 122
|
GIF image data, version 89a, 512 x 512
|
dropped
|
||
Chrome Cache Entry: 123
|
Unicode text, UTF-8 text, with very long lines (44903), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 124
|
GIF image data, version 89a, 512 x 512
|
downloaded
|
||
Chrome Cache Entry: 125
|
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data,
big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop
7.0, datetime=2023:05:26 07:24:20], baseline, precision 8, 510x532, components 3
|
downloaded
|
||
Chrome Cache Entry: 126
|
GIF image data, version 89a, 512 x 512
|
dropped
|
||
Chrome Cache Entry: 127
|
PNG image data, 300 x 168, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 128
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 129
|
PNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 130
|
Unicode text, UTF-8 text, with very long lines (12011)
|
dropped
|
||
Chrome Cache Entry: 131
|
GIF image data, version 89a, 512 x 512
|
downloaded
|
||
Chrome Cache Entry: 132
|
GIF image data, version 89a, 512 x 512
|
dropped
|
||
Chrome Cache Entry: 133
|
PNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 134
|
ASCII text, with very long lines (2432), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 135
|
GIF image data, version 89a, 512 x 512
|
downloaded
|
||
Chrome Cache Entry: 136
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian,
direntries=1], baseline, precision 8, 442x270, components 3
|
downloaded
|
||
Chrome Cache Entry: 137
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v62), quality = 90", baseline, precision 8, 1000x562, components 3
|
downloaded
|
||
Chrome Cache Entry: 138
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x156, components
3
|
downloaded
|
||
Chrome Cache Entry: 139
|
GIF image data, version 89a, 512 x 512
|
dropped
|
||
Chrome Cache Entry: 140
|
PNG image data, 21 x 120, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 141
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 142
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v62), quality = 90", baseline, precision 8, 1000x562, components 3
|
dropped
|
||
Chrome Cache Entry: 143
|
PNG image data, 21 x 17, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 144
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v90), quality = 90", baseline, precision 8, 1000x208, components 3
|
dropped
|
||
Chrome Cache Entry: 96
|
GIF image data, version 89a, 512 x 512
|
dropped
|
||
Chrome Cache Entry: 97
|
ASCII text, with very long lines (65136)
|
dropped
|
||
Chrome Cache Entry: 98
|
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data,
big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop
7.0, datetime=2023:05:26 07:24:20], baseline, precision 8, 510x532, components 3
|
dropped
|
||
Chrome Cache Entry: 99
|
GIF image data, version 89a, 512 x 512
|
dropped
|
There are 48 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1948,i,2777344199241503910,7996615342512389576,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.telegroeem.com/"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://www.telegroeem.com/
|
|||
http://www.telegroeem.com/
|
47.239.219.49
|
||
https://sdk.51.la/js-sdk-pro.min.js
|
148.153.240.75
|
||
https://www.telegroeem.com/static/images/section4i9.gif
|
47.239.219.49
|
||
https://core.telegram.org/api
|
unknown
|
||
https://twitter.com/telegram
|
unknown
|
||
https://www.telegroeem.com/static/images/session2left.jpg
|
47.239.219.49
|
||
https://web.dcobxs.com/matomo.js
|
104.21.72.253
|
||
https://www.telegroeem.com/static/images/section4i4.gif
|
47.239.219.49
|
||
https://www.telegroeem.com/skin/css/style.css
|
47.239.219.49
|
||
https://www.telegroeem.com/skin/js/custom.js
|
47.239.219.49
|
||
https://piwik.org/free-software/bsd/
|
unknown
|
||
https://www.telegroeem.com/static/upload/image/20231216/1702728345765756.png
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/window.jpg
|
47.239.219.49
|
||
https://www.telegroeem.com/
|
|||
https://www.telegroeem.com/static/images/navright1.png
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/logo.png
|
47.239.219.49
|
||
https://piwik.org
|
unknown
|
||
https://www.telegroeem.com/static/images/section4i1.gif
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/section4i5.gif
|
47.239.219.49
|
||
https://www.telegroeem.com/static/upload/image/20231217/1702817607573664.jpg
|
47.239.219.49
|
||
https://core.telegram.org/mtproto
|
unknown
|
||
https://www.telegroeem.com/skin/js/side.js
|
47.239.219.49
|
||
https://collect-v6.51.la/v6/collect?dt=4
|
149.104.74.86
|
||
http://www.SuperSlide2.com/
|
unknown
|
||
https://core.telegram.org/
|
unknown
|
||
https://www.telegroeem.com/static/images/section4i6.gif
|
47.239.219.49
|
||
https://www.telegroeem.com/skin/js/jquery-2.2.4.min.js
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/navright.png
|
47.239.219.49
|
||
https://web.dcobxs.com/matomo.php?action_name=Telegram%E5%AE%98%E7%BD%91-Telegram%E4%B8%AD%E6%96%87%E6%B1%89%E5%8C%96%E7%89%88-Telegram%E4%B8%8B%E8%BD%BD-%E7%BA%B8%E9%A3%9E%E6%9C%BA%E4%B8%AD%E6%96%87%E7%89%88-%E7%BA%B8%E9%A3%9E%E6%9C%BA%E4%B8%8B%E8%BD%BD&idsite=19&rec=1&r=371334&h=22&m=34&s=9&url=https%3A%2F%2Fwww.telegroeem.com%2F&_id=76aedd0f4d6987c6&_idn=1&send_image=0&_refts=0&pv_id=35lc44&pf_net=2288&pf_srv=1421&pf_tfr=1&pf_dm1=21310&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22117.0.5938.132%22%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22117.0.5938.132%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024
|
104.21.72.253
|
||
https://github.com/matomo-org/matomo/blob/master/js/piwik.js
|
unknown
|
||
https://www.telegroeem.com/static/images/section4i2.gif
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/section4i3.gif
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/session2right.jpg
|
47.239.219.49
|
||
https://www.telegroeem.com/Spider/?url=/
|
47.239.219.49
|
||
https://www.telegroeem.com/skin/js/hc-sticky.js
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/section4i8.gif
|
47.239.219.49
|
||
https://www.telegroeem.com/skin/css/skin.css
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/session2i.png
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/section4i7.gif
|
47.239.219.49
|
||
https://www.telegroeem.com/static/images/session3.jpg
|
47.239.219.49
|
||
https://www.telegroeem.com/TG.zip
|
47.239.219.49
|
||
https://web.dcobxs.com/
|
unknown
|
There are 32 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
www.telegroeem.com
|
47.239.219.49
|
||
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
hcdnwsa120.v5.cdnhwczoy106.cn
|
148.153.240.75
|
||
www.google.com
|
142.250.185.132
|
||
web.dcobxs.com
|
104.21.72.253
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
collect-v6.51.la
|
unknown
|
||
sdk.51.la
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
47.239.219.49
|
www.telegroeem.com
|
United States
|
||
90.84.161.25
|
unknown
|
France
|
||
104.21.72.253
|
web.dcobxs.com
|
United States
|
||
149.104.74.86
|
unknown
|
United States
|
||
148.153.240.75
|
hcdnwsa120.v5.cdnhwczoy106.cn
|
United States
|
||
142.250.185.132
|
www.google.com
|
United States
|
||
172.67.156.2
|
unknown
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
192.168.2.5
|
unknown
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://www.telegroeem.com/
|