IOC Report
https://www.phytron.de/agb

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 06:54:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 06:54:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 06:54:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 06:54:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 06:54:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 122
ASCII text, with very long lines (20087)
downloaded
Chrome Cache Entry: 123
Unicode text, UTF-8 text, with CRLF line terminators
dropped
Chrome Cache Entry: 124
ASCII text, with very long lines (7711)
dropped
Chrome Cache Entry: 127
ASCII text, with very long lines (22247)
dropped
Chrome Cache Entry: 128
Java source, ASCII text, with very long lines (5127)
dropped
Chrome Cache Entry: 130
Web Open Font Format (Version 2), TrueType, length 16960, version 1.1311
downloaded
Chrome Cache Entry: 132
PNG image data, 544 x 198, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 133
ASCII text, with very long lines (7711)
dropped
Chrome Cache Entry: 138
ASCII text, with very long lines (4761), with no line terminators
dropped
Chrome Cache Entry: 139
ASCII text, with very long lines (2345)
dropped
Chrome Cache Entry: 140
JSON data
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (8488)
dropped
Chrome Cache Entry: 144
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 147
ASCII text
downloaded
Chrome Cache Entry: 148
Unicode text, UTF-8 text, with CRLF line terminators
downloaded
Chrome Cache Entry: 149
Java source, ASCII text, with very long lines (472)
downloaded
Chrome Cache Entry: 151
Web Open Font Format (Version 2), TrueType, length 61332, version 0.0
downloaded
Chrome Cache Entry: 152
ASCII text, with very long lines (2343)
downloaded
Chrome Cache Entry: 153
Java source, ASCII text, with very long lines (2216)
dropped
Chrome Cache Entry: 154
ASCII text
downloaded
Chrome Cache Entry: 155
ASCII text, with very long lines (328)
dropped
Chrome Cache Entry: 156
C source, ASCII text, with very long lines (1269)
dropped
Chrome Cache Entry: 158
ASCII text, with very long lines (6600), with no line terminators
downloaded
Chrome Cache Entry: 162
ASCII text, with very long lines (30837)
downloaded
Chrome Cache Entry: 164
ASCII text, with very long lines (5128), with no line terminators
dropped
Chrome Cache Entry: 165
ASCII text, with very long lines (7711)
downloaded
Chrome Cache Entry: 166
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 167
Java source, ASCII text, with very long lines (2936)
downloaded
Chrome Cache Entry: 168
ASCII text
downloaded
Chrome Cache Entry: 169
ASCII text, with very long lines (2035), with CRLF line terminators
downloaded
Chrome Cache Entry: 170
GIF image data, version 89a, 33 x 20
dropped
Chrome Cache Entry: 172
ASCII text
downloaded
Chrome Cache Entry: 174
ASCII text, with very long lines (8488)
downloaded
Chrome Cache Entry: 175
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 176
ASCII text, with very long lines (5218), with no line terminators
downloaded
Chrome Cache Entry: 177
PNG image data, 222 x 56, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 178
PNG image data, 28 x 28, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 181
Unicode text, UTF-8 text
downloaded
Chrome Cache Entry: 182
HTML document, Unicode text, UTF-8 text
downloaded
Chrome Cache Entry: 183
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 184
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 185
ASCII text, with very long lines (33953)
downloaded
Chrome Cache Entry: 186
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 189
HTML document, Unicode text, UTF-8 text, with very long lines (3555), with CRLF, CR, LF line terminators
downloaded
Chrome Cache Entry: 190
ASCII text, with very long lines (4740), with no line terminators
downloaded
Chrome Cache Entry: 192
ASCII text, with very long lines (2345)
downloaded
Chrome Cache Entry: 194
ASCII text, with very long lines (7711)
downloaded
Chrome Cache Entry: 195
ASCII text, with very long lines (4345)
downloaded
Chrome Cache Entry: 196
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
downloaded
Chrome Cache Entry: 198
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 199
ASCII text, with very long lines (2345)
dropped
Chrome Cache Entry: 201
Unicode text, UTF-8 text, with very long lines (32001)
dropped
Chrome Cache Entry: 202
ASCII text, with very long lines (65367), with CRLF line terminators
downloaded
Chrome Cache Entry: 204
ASCII text, with very long lines (4345)
dropped
Chrome Cache Entry: 205
ASCII text, with very long lines (4345)
dropped
Chrome Cache Entry: 206
ASCII text, with very long lines (4740), with no line terminators
dropped
Chrome Cache Entry: 207
Java source, ASCII text, with very long lines (1727)
downloaded
Chrome Cache Entry: 208
JSON data
dropped
Chrome Cache Entry: 209
ASCII text, with very long lines (32051)
downloaded
Chrome Cache Entry: 212
HTML document, Unicode text, UTF-8 text
downloaded
Chrome Cache Entry: 214
PNG image data, 1963 x 650, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 216
Java source, ASCII text, with very long lines (1512)
downloaded
Chrome Cache Entry: 217
ASCII text, with very long lines (5086), with no line terminators
dropped
Chrome Cache Entry: 219
ASCII text
downloaded
Chrome Cache Entry: 220
ASCII text, with very long lines (4345)
dropped
Chrome Cache Entry: 221
Java source, ASCII text, with very long lines (5490)
dropped
Chrome Cache Entry: 223
ASCII text, with very long lines (31650)
dropped
Chrome Cache Entry: 225
JSON data
downloaded
Chrome Cache Entry: 226
GIF image data, version 89a, 33 x 20
downloaded
Chrome Cache Entry: 227
ASCII text, with very long lines (4761), with no line terminators
downloaded
Chrome Cache Entry: 229
JSON data
downloaded
Chrome Cache Entry: 230
ASCII text, with very long lines (4345)
downloaded
Chrome Cache Entry: 233
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 234
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 236
ASCII text, with very long lines (2345)
downloaded
Chrome Cache Entry: 237
Java source, ASCII text, with very long lines (4398)
downloaded
Chrome Cache Entry: 238
Java source, ASCII text, with very long lines (984)
dropped
Chrome Cache Entry: 239
ASCII text, with very long lines (4990), with no line terminators
downloaded
Chrome Cache Entry: 242
gzip compressed data, was "tmp5ay73b4h", last modified: Tue Sep 17 11:17:07 2024, max compression, original size modulo 2^32 33954
downloaded
Chrome Cache Entry: 244
ASCII text, with very long lines (5131), with no line terminators
dropped
Chrome Cache Entry: 245
Java source, ASCII text, with very long lines (566)
downloaded
Chrome Cache Entry: 246
ASCII text, with very long lines (32065)
dropped
Chrome Cache Entry: 247
ASCII text, with very long lines (2982), with no line terminators
dropped
Chrome Cache Entry: 253
ASCII text, with very long lines (4345)
downloaded
Chrome Cache Entry: 257
Java source, ASCII text, with very long lines (1739)
downloaded
Chrome Cache Entry: 259
Web Open Font Format (Version 2), TrueType, length 15504, version 1.0
downloaded
There are 83 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://www.phytron.de/agb
https://www.phytron.de/agb/

Domains

Name
IP
Malicious
app.usercentrics.eu
35.190.14.188
uc.e-recht24.de
159.69.24.179
uc-uct.b-cdn.net
169.150.247.36
uc-api.b-cdn.net
169.150.247.39
uc-consent-api-service-consent.b-cdn.net
169.150.247.38
stats.g.doubleclick.net
173.194.76.157
analytics-alv.google.com
216.239.32.181
fast.fonts.net
104.16.40.28
googleads.g.doubleclick.net
142.250.186.34
uc-sdp.b-cdn.net
169.150.247.36
www.google.com
142.250.186.164
td.doubleclick.net
142.250.186.130
uc-config.b-cdn.net
169.150.247.38
www.phytron.de
176.52.243.171
uc-app.b-cdn.net
169.150.247.36
sdp.eu.usercentrics.eu
unknown
uct.eu.usercentrics.eu
unknown
app.eu.usercentrics.eu
unknown
config.eu.usercentrics.eu
unknown
api.eu.usercentrics.eu
unknown
analytics.google.com
unknown
consent-api.service.consent.eu1.usercentrics.eu
unknown
There are 12 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
173.194.76.157
stats.g.doubleclick.net
United States
142.250.186.130
td.doubleclick.net
United States
172.217.18.14
unknown
United States
216.58.206.78
unknown
United States
192.168.2.16
unknown
unknown
169.150.247.38
uc-consent-api-service-consent.b-cdn.net
United States
169.150.247.39
uc-api.b-cdn.net
United States
169.150.247.36
uc-uct.b-cdn.net
United States
169.150.247.37
unknown
United States
176.52.243.171
www.phytron.de
Germany
142.250.186.34
googleads.g.doubleclick.net
United States
172.217.16.202
unknown
United States
1.1.1.1
unknown
Australia
216.239.32.181
analytics-alv.google.com
United States
142.250.184.194
unknown
United States
216.58.206.67
unknown
United States
142.250.185.132
unknown
United States
142.251.173.84
unknown
United States
169.150.236.104
unknown
United States
35.190.14.188
app.usercentrics.eu
United States
239.255.255.250
unknown
Reserved
159.69.24.179
uc.e-recht24.de
Germany
142.250.186.164
www.google.com
United States
142.250.186.40
unknown
United States
142.250.184.238
unknown
United States
172.217.16.194
unknown
United States
142.250.186.168
unknown
United States
104.16.40.28
fast.fonts.net
United States
216.239.34.178
unknown
United States
There are 19 hidden IPs, click here to show them.