Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 100
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 101
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
Java source, ASCII text, with very long lines (17610)
|
dropped
|
||
|
Chrome Cache Entry: 103
|
Unicode text, UTF-8 text, with very long lines (56644)
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
ASCII text, with very long lines (34044)
|
downloaded
|
||
|
Chrome Cache Entry: 71
|
ASCII text, with very long lines (15299)
|
downloaded
|
||
|
Chrome Cache Entry: 72
|
ASCII text, with very long lines (16093)
|
dropped
|
||
|
Chrome Cache Entry: 73
|
ASCII text, with very long lines (38722)
|
dropped
|
||
|
Chrome Cache Entry: 74
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 75
|
ASCII text, with very long lines (16093)
|
downloaded
|
||
|
Chrome Cache Entry: 76
|
ASCII text, with very long lines (918)
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 78
|
PNG image data, 490 x 180, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 79
|
MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 80
|
Java source, ASCII text, with very long lines (17610)
|
downloaded
|
||
|
Chrome Cache Entry: 81
|
HTML document, ASCII text, with very long lines (5844), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 82
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 83
|
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 84
|
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
ASCII text, with very long lines (34044)
|
dropped
|
||
|
Chrome Cache Entry: 86
|
ASCII text, with very long lines (38722)
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
ASCII text, with very long lines (918)
|
dropped
|
||
|
Chrome Cache Entry: 88
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
ASCII text, with very long lines (32289)
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 91
|
ASCII text, with very long lines (43627)
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
Unicode text, UTF-8 text, with very long lines (35053), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
Unicode text, UTF-8 text, with very long lines (35053), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 94
|
MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
Unicode text, UTF-8 text, with very long lines (56644)
|
dropped
|
||
|
Chrome Cache Entry: 96
|
PNG image data, 490 x 180, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
ASCII text, with very long lines (15299)
|
dropped
|
||
|
Chrome Cache Entry: 98
|
PNG image data, 2560 x 1440, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
PNG image data, 2560 x 1440, 8-bit/color RGBA, non-interlaced
|
dropped
|
There are 25 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=2020,i,10439999508010067708,1740729500210645652,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forms.office.com/e/qHrQPrc7jb"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://forms.office.com/e/qHrQPrc7jb
|
|||
|
https://endenburg-my.sharepoint.com/personal/slaar_endenburg_nl/_layouts/15/Doc.aspx?sourcedoc=%7B5E
|
unknown
|
||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ext.eca08e1
|
unknown
|
||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_cover.fdc36
|
unknown
|
||
|
https://lists.office.com/Images/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/4ad60603-7a0a-4628-8b94-7f870bb
|
unknown
|
||
|
https://aka.ms/FormsConsumerElite.
|
unknown
|
||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel.c113afa.js
|
unknown
|
||
|
https://forms.office.com/formapi/api/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/users/4ad60603-7a0a-4628-8
|
unknown
|
||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.sw.9c1bfed.js.m
|
unknown
|
||
|
https://forms.office.com/pages/responsepage.aspx?id=sfnCAhX75U64eLYRhd0dyAMG1koKeihGi5R_hwu7qwdUMFhDTjY0Q0lOTkk1MlhSSDNMQVA3UElGUy4u&route=shorturl
|
|||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_post.boot.5
|
unknown
|
||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/sw.js.map/0210047ec9bfc37a469971a7de97d39
|
unknown
|
||
|
https://contentstorage.onenote.office.net/onenoteltir/permanent-static-resources/immersive-reader-ic
|
unknown
|
||
|
https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-256.png
|
unknown
|
||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_saverespons
|
unknown
|
||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/dll-dompurify.min.df1eebc.js.map/099c612d
|
unknown
|
||
|
https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.png
|
unknown
|
||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.1ds.4815435.js.
|
unknown
|
||
|
https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-512.png
|
unknown
|
||
|
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.min.f18b656.js.map/5d
|
unknown
|
There are 9 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
www.google.com
|
142.250.181.228
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
forms.office.com
|
unknown
|
||
|
c.office.com
|
unknown
|
||
|
cdn.forms.office.net
|
unknown
|
||
|
lists.office.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.4
|
unknown
|
unknown
|
||
|
0.0.0.0
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.181.228
|
www.google.com
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://forms.office.com/pages/responsepage.aspx?id=sfnCAhX75U64eLYRhd0dyAMG1koKeihGi5R_hwu7qwdUMFhDTjY0Q0lOTkk1MlhSSDNMQVA3UElGUy4u&route=shorturl
|
||
|
https://forms.office.com/pages/responsepage.aspx?id=sfnCAhX75U64eLYRhd0dyAMG1koKeihGi5R_hwu7qwdUMFhDTjY0Q0lOTkk1MlhSSDNMQVA3UElGUy4u&route=shorturl
|