Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Payment_Notification-Sep27.html
|
HTML document, ASCII text, with very long lines (65245), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 12:56:16 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 140
|
ASCII text, with very long lines (19296)
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
ASCII text, with very long lines (560)
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
Unicode text, UTF-8 text, with very long lines (7210), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 147
|
ASCII text, with very long lines (5501), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
ASCII text, with very long lines (6169)
|
dropped
|
||
|
Chrome Cache Entry: 151
|
ASCII text, with very long lines (54456)
|
downloaded
|
||
|
Chrome Cache Entry: 154
|
ASCII text, with very long lines (12214)
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 157
|
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
ASCII text, with very long lines (4970)
|
dropped
|
||
|
Chrome Cache Entry: 159
|
Unicode text, UTF-8 text, with very long lines (8189), with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 162
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 163
|
ASCII text, with very long lines (21759), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 165
|
ASCII text, with very long lines (9272), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 168
|
ASCII text, with very long lines (48664)
|
downloaded
|
||
|
Chrome Cache Entry: 169
|
ASCII text, with very long lines (65446), with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 170
|
ASCII text, with very long lines (24021)
|
downloaded
|
||
|
Chrome Cache Entry: 171
|
Web Open Font Format (Version 2), TrueType, length 18604, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 172
|
ASCII text, with very long lines (41132)
|
downloaded
|
||
|
Chrome Cache Entry: 173
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 174
|
ASCII text, with very long lines (38397)
|
downloaded
|
||
|
Chrome Cache Entry: 176
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 177
|
ASCII text, with very long lines (16214)
|
downloaded
|
||
|
Chrome Cache Entry: 179
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 181
|
ASCII text, with very long lines (15752), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 182
|
ASCII text, with very long lines (60800), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 183
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 184
|
ASCII text, with very long lines (45047)
|
dropped
|
||
|
Chrome Cache Entry: 185
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 187
|
ASCII text, with very long lines (664)
|
downloaded
|
||
|
Chrome Cache Entry: 188
|
ASCII text, with very long lines (13479), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 189
|
Web Open Font Format (Version 2), TrueType, length 35272, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 190
|
ASCII text, with very long lines (32012)
|
downloaded
|
||
|
Chrome Cache Entry: 192
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 193
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 195
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 197
|
Unicode text, UTF-8 text, with very long lines (5142), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 198
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 199
|
PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 200
|
ASCII text, with very long lines (32965)
|
downloaded
|
||
|
Chrome Cache Entry: 204
|
ASCII text, with very long lines (4783)
|
downloaded
|
||
|
Chrome Cache Entry: 207
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 208
|
ASCII text, with very long lines (4272), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 209
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 212
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 213
|
ASCII text, with very long lines (9893), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 214
|
ASCII text, with very long lines (7025), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 215
|
PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 216
|
ASCII text, with very long lines (7993)
|
downloaded
|
||
|
Chrome Cache Entry: 217
|
ASCII text, with very long lines (4957)
|
dropped
|
||
|
Chrome Cache Entry: 219
|
ASCII text, with very long lines (42747)
|
dropped
|
||
|
Chrome Cache Entry: 220
|
ASCII text, with very long lines (17560), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 222
|
data
|
dropped
|
||
|
Chrome Cache Entry: 225
|
ASCII text, with very long lines (65325)
|
downloaded
|
||
|
Chrome Cache Entry: 227
|
ASCII text, with very long lines (1436), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 228
|
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2000x1333,
components 3
|
dropped
|
||
|
Chrome Cache Entry: 229
|
Unicode text, UTF-8 text, with very long lines (26748), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 230
|
ASCII text, with very long lines (11550), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 231
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 233
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 235
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 236
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data,
little-endian, direntries=10, manufacturer=NIKON CORPORATION, model=NIKON D4, xresolution=162, yresolution=170, resolutionunit=2,
software=Adobe Photoshop Camera Raw 16.2.1 (Macintosh), datetime=2024:04:24 12:59:26], baseline, precision 8, 1536x1022, components
3
|
dropped
|
||
|
Chrome Cache Entry: 237
|
PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 239
|
ASCII text, with very long lines (50758)
|
downloaded
|
||
|
Chrome Cache Entry: 240
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 242
|
ASCII text, with very long lines (1320)
|
dropped
|
||
|
Chrome Cache Entry: 244
|
ASCII text, with very long lines (65496)
|
downloaded
|
||
|
Chrome Cache Entry: 245
|
ASCII text, with very long lines (19015)
|
downloaded
|
||
|
Chrome Cache Entry: 248
|
ASCII text, with very long lines (6835)
|
downloaded
|
||
|
Chrome Cache Entry: 249
|
ASCII text, with very long lines (681), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 250
|
Web Open Font Format, TrueType, length 459244, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 251
|
PNG image data, 1005 x 273, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 252
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 253
|
ASCII text, with very long lines (10260), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 254
|
ASCII text, with very long lines (25006)
|
dropped
|
||
|
Chrome Cache Entry: 255
|
ASCII text, with very long lines (30299), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 256
|
ASCII text, with very long lines (18005)
|
downloaded
|
||
|
Chrome Cache Entry: 257
|
Web Open Font Format (Version 2), TrueType, length 51924, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 258
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 260
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 261
|
ASCII text, with very long lines (65279)
|
downloaded
|
||
|
Chrome Cache Entry: 262
|
HTML document, Unicode text, UTF-8 text, with very long lines (8856), with CRLF, LF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 263
|
ASCII text, with very long lines (724)
|
downloaded
|
||
|
Chrome Cache Entry: 264
|
ASCII text, with very long lines (18937), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 266
|
ASCII text, with very long lines (11819)
|
downloaded
|
||
|
Chrome Cache Entry: 267
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 268
|
Web Open Font Format, CFF, length 56108, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 269
|
ASCII text, with very long lines (4358), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 271
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 272
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data,
little-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D4, orientation=upper-left, xresolution=162, yresolution=170,
resolutionunit=2, software=Adobe Photoshop Camera Raw 16.2.1 (Macintosh), datetime=2024:04:30 09:02:25], baseline, precision
8, 1536x1022, components 3
|
dropped
|
||
|
Chrome Cache Entry: 273
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 274
|
ASCII text, with very long lines (32065)
|
downloaded
|
||
|
Chrome Cache Entry: 275
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 276
|
ASCII text, with very long lines (4835)
|
downloaded
|
||
|
Chrome Cache Entry: 277
|
ASCII text, with very long lines (32030)
|
downloaded
|
||
|
Chrome Cache Entry: 278
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 279
|
ASCII text, with very long lines (10058), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 280
|
ASCII text, with very long lines (708)
|
downloaded
|
There are 99 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/Payment_Notification-Sep27.html
|
|
||
|
http://www.hatmed.co.za/
|
41.77.101.238
|
||
|
https://hatmed.co.za/
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
stackpath.bootstrapcdn.com
|
104.18.11.207
|
||
|
code.jquery.com
|
151.101.2.137
|
||
|
hatmed.co.za
|
41.77.101.238
|
||
|
cdnjs.cloudflare.com
|
104.17.25.14
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.11.207
|
||
|
www.google.com
|
216.58.206.36
|
||
|
macfinmail.com
|
23.254.227.214
|
||
|
www.hatmed.co.za
|
41.77.101.238
|
||
|
use.fontawesome.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.186.67
|
unknown
|
United States
|
||
|
104.18.10.207
|
unknown
|
United States
|
||
|
216.58.206.74
|
unknown
|
United States
|
||
|
172.67.142.245
|
unknown
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
142.250.181.234
|
unknown
|
United States
|
||
|
142.250.185.227
|
unknown
|
United States
|
||
|
216.58.206.36
|
www.google.com
|
United States
|
||
|
142.250.185.142
|
unknown
|
United States
|
||
|
142.250.186.131
|
unknown
|
United States
|
||
|
151.101.194.137
|
unknown
|
United States
|
||
|
142.250.184.228
|
unknown
|
United States
|
||
|
142.250.186.138
|
unknown
|
United States
|
||
|
142.250.184.195
|
unknown
|
United States
|
||
|
104.17.24.14
|
unknown
|
United States
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
216.58.212.131
|
unknown
|
United States
|
||
|
74.125.71.84
|
unknown
|
United States
|
||
|
216.58.206.42
|
unknown
|
United States
|
||
|
23.254.227.214
|
macfinmail.com
|
United States
|
||
|
151.101.2.137
|
code.jquery.com
|
United States
|
||
|
104.18.11.207
|
stackpath.bootstrapcdn.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.181.228
|
unknown
|
United States
|
||
|
41.77.101.238
|
hatmed.co.za
|
South Africa
|
||
|
142.250.186.100
|
unknown
|
United States
|
||
|
142.250.184.238
|
unknown
|
United States
|
||
|
142.250.186.42
|
unknown
|
United States
|
||
|
172.217.16.195
|
unknown
|
United States
|
||
|
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
There are 20 hidden IPs, click here to show them.