Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Chrome Cache Entry: 63
|
ASCII text, with very long lines (3545)
|
downloaded
|
||
Chrome Cache Entry: 64
|
ASCII text, with very long lines (2026)
|
dropped
|
||
Chrome Cache Entry: 65
|
ASCII text, with very long lines (2026)
|
downloaded
|
||
Chrome Cache Entry: 66
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
Chrome Cache Entry: 67
|
ASCII text, with very long lines (65310)
|
dropped
|
||
Chrome Cache Entry: 68
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 69
|
Unicode text, UTF-8 text, with very long lines (13545), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 70
|
ASCII text, with very long lines (3545)
|
dropped
|
||
Chrome Cache Entry: 71
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 72
|
HTML document, ASCII text, with very long lines (2178), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 73
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 74
|
Unicode text, UTF-8 text, with very long lines (13545), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 75
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
Chrome Cache Entry: 76
|
ASCII text, with very long lines (65310)
|
downloaded
|
||
Chrome Cache Entry: 77
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
Chrome Cache Entry: 78
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 79
|
GIF image data, version 89a, 1 x 1
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2536 --field-trial-handle=2464,i,7416979685850918852,11471496941835541218,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://clicks.sharefile.com/f/a/SncqrsfZOz93buaMHHZ1EQ~~/AACuKQA~/RgRo3Qm5P4Q1AWh0dHBzOi8vY2FtcGFpZ25zdHVkaW8uc2hhcmVmaWxlLmNvbS9yL2IxZTJlYWMzYjA5ZGVkZTJjMjgzMmVlYzk_Y3Q9WVRvMU9udHpPalk2SW5OdmRYSmpaU0k3WVRveU9udHBPakE3Y3pveE5Eb2lZMkZ0Y0dGcFoyNHVaWFpsYm5RaU8yazZNVHRwT2pnd08zMXpPalU2SW1WdFlXbHNJanRwT2pJM08zTTZORG9pYzNSaGRDSTdjem95TWpvaU5qWm1ZVGcwWWpjellXWTNNakUzT1RrNE5qa3lOU0k3Y3pvME9pSnNaV0ZrSWp0ek9qYzZJalkwTlRFek1EVWlPM002TnpvaVkyaGhibTVsYkNJN1lUb3hPbnR6T2pVNkltVnRZV2xzSWp0cE9qSTNPMzE5JlcDc3BjQgpm-LmE-mYhmDDJUhdTYXJhaC5BbHRvbkBhc2h1cnN0LmNvbVgEAAAG3w~~"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://clicks.sharefile.com/f/a/SncqrsfZOz93buaMHHZ1EQ~~/AACuKQA~/RgRo3Qm5P4Q1AWh0dHBzOi8vY2FtcGFpZ25zdHVkaW8uc2hhcmVmaWxlLmNvbS9yL2IxZTJlYWMzYjA5ZGVkZTJjMjgzMmVlYzk_Y3Q9WVRvMU9udHpPalk2SW5OdmRYSmpaU0k3WVRveU9udHBPakE3Y3pveE5Eb2lZMkZ0Y0dGcFoyNHVaWFpsYm5RaU8yazZNVHRwT2pnd08zMXpPalU2SW1WdFlXbHNJanRwT2pJM08zTTZORG9pYzNSaGRDSTdjem95TWpvaU5qWm1ZVGcwWWpjellXWTNNakUzT1RrNE5qa3lOU0k3Y3pvME9pSnNaV0ZrSWp0ek9qYzZJalkwTlRFek1EVWlPM002TnpvaVkyaGhibTVsYkNJN1lUb3hPbnR6T2pVNkltVnRZV2xzSWp0cE9qSTNPMzE5JlcDc3BjQgpm-LmE-mYhmDDJUhdTYXJhaC5BbHRvbkBhc2h1cnN0LmNvbVgEAAAG3w~~
|
|||
https://secure.sharefile.com/AuthUI/build/static/js/726.b72a5bb0.chunk.js?v=MQwbgb4Lbb6pR0AtkP0wL-Y4sza8X6QviHy-kTXJvss
|
13.248.193.251
|
||
https://citrix-sharefile-data.customer.pendo.io/data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.248.1_prod&ct=1727754885994&jzb=eJzNkc1vnDAQxf8X97oCljULuzck-qU0SVuSfmxVIQNesGRsYo9JV9H-7xmTLsdcW07w3szjNzO_ngicRk72ZODAyIrURj9abioQA6rrNE7ThGZZssuSFZmEFaBNJVpsqD6_vSluq7vKRdfCUtpn2wcMYE2jnYK5RjkpV8QZieU9wGj3YWh54wwPbM8MPwrJg0YPYe6g5wpEw0BoFX7SnVBvwhKYgW-Cla5u9cCEwvjR6NGS_dOFxb--hiOZ6hzr_IRcVfclOS-Il1ZPieqIQAryxUOpZeAbN1EY7cI4iikGTtxYZEQ5DmKaBesKkVof-xJwx-qPy-jw8kF-TkW81d8Ph4Jv8-M7P8jRsIHPZndfuh86_UL1-8kU_QFNy63_yWzXfz5cy69X7DGX6ma6TWf7wXHVIFuEFzsBx41QujuvlmtKzdpXr5n9X9f0vH8pk22UBdHu8qTpP1rtelntZkPPv58BP_AI1g
|
34.107.204.85
|
||
https://citrix-sharefile-content.customer.pendo.io/guide.-323232.1622565221517.css
|
34.111.138.51
|
||
https://secure.sharefile.com/Authentication/Login?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY2FtcGFpZ24uZXZlbnQiO2k6MTtpOjgwO31zOjU6ImVtYWlsIjtpOjI3O3M6NDoic3RhdCI7czoyMjoiNjZmYTg0YjczYWY3MjE3OTk4NjkyNSI7czo0OiJsZWFkIjtzOjc6IjY0NTEzMDUiO3M6NzoiY2hhbm5lbCI7YToxOntzOjU6ImVtYWlsIjtpOjI3O319
|
13.248.193.251
|
||
https://secure.sharefile.com/Authentication/Login#/StartViaSubdomain
|
|||
https://campaignstudio.sharefile.com/r/b1e2eac3b09dede2c2832eec9?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY2FtcGFpZ24uZXZlbnQiO2k6MTtpOjgwO31zOjU6ImVtYWlsIjtpOjI3O3M6NDoic3RhdCI7czoyMjoiNjZmYTg0YjczYWY3MjE3OTk4NjkyNSI7czo0OiJsZWFkIjtzOjc6IjY0NTEzMDUiO3M6NzoiY2hhbm5lbCI7YToxOntzOjU6ImVtYWlsIjtpOjI3O319&
|
18.213.75.129
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/wotSbq5SNToNGIBxeYKbdsIn35Q
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/js/748.0bde3ed9.chunk.js?v=FQaynjASfZm6cky4DqwdWXbyUpmvAfV65CLsSDqZB1Q
|
13.248.193.251
|
||
https://secure.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=f4uVqL4mHe4wOn7HGYp3uA--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=secure&autoredirect=False&requirev3=False&fix_mie_viewport=False&PromptLoginAfterActivation=False&device_id_supported=True&wcs_auth_login_url=https%3a%2f%2fauth.sharefile.io%2fconnect%2fauthorize%3fclient_id%3dDzi4UPUAg5l8beKdioecdcnmHUTWWln6%26state%3df4uVqL4mHe4wOn7HGYp3uA--%26acr_values%3dtenant%253Asecure%26response_type%3dcode%26redirect_uri%3dhttps%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin%26scope%3dsharefile%253Arestapi%253Av3%2520sharefile%253Arestapi%253Av3-internal%2520offline_access%2520openid
|
13.248.193.251
|
||
https://secure.sharefile.com/AuthUI/build/static/js/124.2e4f676c.chunk.js?v=CID9KQVn9a2YQpRL3fogqsTVNN7uC9-fVaEU1yuHjU0
|
13.248.193.251
|
||
https://secure.sharefile.com/AuthUI/build/static/js/258.141c3426.chunk.js?v=GX7-l4A8TbdDUjtkrqXFGGlNpXtyqvHSbcA-tcun8h4
|
13.248.193.251
|
||
https://secure.sharefile.com/favicon-32x32.png
|
13.248.193.251
|
||
https://secure.sharefile.com/manifest.json
|
13.248.193.251
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ
|
34.111.138.51
|
||
http://secure.sharefile.com/Authentication/Login#
|
unknown
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/moENhVNGkRpdnhKRCzqkG8MUQPk/Mp9uRb2
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/js/270.6be85df0.chunk.js?v=0BVoMzsUMQ521uV-L2dhESZ809Gahn-9nBV3D-3SHaQ
|
13.248.193.251
|
||
https://secure.sharefile.com/AuthUI/build/static/js/619.103cb058.chunk.js?v=t3w-7kgESs6gtUDVhObF9osWSWG3_i_tauIE75EVs8g
|
13.248.193.251
|
||
https://secure.sharefile.com/AuthUI/build/static/media/PublicSans-Medium.f6ebd504e3b19c186177.woff2
|
13.248.193.251
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/WPvkzGkOrfIvp3qkN5N54f_1PEk/YiOA-0Y
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/js/787.670bc603.chunk.js?v=BiFKq3qpMFWIoP7RxxIQPSs0sf02kf6bFGIM-K6ERkA
|
13.248.193.251
|
||
https://citrix-sharefile-data.customer.pendo.io/data/guide.gif/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1727754885998&v=2.248.1_prod
|
34.107.204.85
|
||
https://api-js-log.trustarc.com/error
|
unknown
|
||
https://consent-pref.trustarc.com?type=sharefile_granular&layout=gdpr
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/media/PublicSans-Regular.e86d2642f412b9493b14.woff2
|
13.248.193.251
|
||
https://agent.pendo.io/licenses
|
unknown
|
||
https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
|
34.111.138.51
|
||
https://secure.sharefile.com/AuthUI/build/static/js/636.b86a29b1.chunk.js?v=gZ4giYab1Nf806qu_gNgaRiu9yIYeEF_8fhB3SZsyvw
|
13.248.193.251
|
||
https://consent.trustarc.com/get?name=crossdomain.html&domain=sharefile.com
|
13.225.78.53
|
||
https://consent.trustarc.com/
|
unknown
|
||
http://consent.trustarc.com/noticemsg?
|
unknown
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/mfS2ulYoG7dN1QSakrLPIk6LA7Q/4_xFPLt
|
unknown
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWAD
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/css/main.2803c8fc.css?v=IKRRL9DKIoD5-vhbFOUvewEfMisRbemzVbys8_M9K2o
|
13.248.193.251
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/qgx_AaYBkGN6StQWJLhgBhCmZsY/ZEFqtCH
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/js/757.79916e6d.chunk.js?v=kAfS3hC4IaXWeWjf4ip6vdL-u7p7h4Q0XA1S0eVEGTc
|
13.248.193.251
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/kRiIYerdgZdzqYlUiCx61iLjnBU/vJf7TMD
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/js/516.bb5af45f.chunk.js?v=HkEAqtfibkRGDiEw4UOvO5dc97t7Doq7O21Jm-yGzro
|
13.248.193.251
|
||
https://secure.sharefile.com/AuthUI/build/static/media/PublicSans-SemiBold.1cb825ff043ef7521574.woff2
|
13.248.193.251
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/DGXiXepNeRvpgcvqVVwgerMyl9c/FzHL74W
|
unknown
|
||
https://consent.trustarc.com/bannermsg?
|
unknown
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/njPoQ1-6YEZw5vUbZJ0_GVUQ91Y
|
unknown
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/z6GAMp5KCypHWLnasLOIn0RVcPQ/vzuAMPt
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/js/32.15fb0945.chunk.js?v=haT9MhgAEKklEYeYIFgF1HweAT81fD1jP9iTINJETM8
|
13.248.193.251
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/freMllnYvBAwsP7Q8plLkQuQk9o/iIvmdJJ
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/js/658.ab03e1a4.chunk.js?v=kwL_toi540AiRh-6wuk1c-WPNpO7TPxlPH2OTM1NiC4
|
13.248.193.251
|
||
https://consent.trustarc.com/asset/notice.js/v/v1.7-5097
|
13.225.78.53
|
||
https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52
|
unknown
|
||
https://consent.trustarc.com/notice?domain=sharefile.com&c=teconsent&js=nj¬iceType=bb&text=true>m=1&fade=30000
|
13.225.78.53
|
||
https://citrix-sharefile-content.customer.pendo.io/guide-content/jfhRXEM-T3XDOIl2P_kjewAdeGc/LhZTKWo
|
unknown
|
||
https://secure.sharefile.com/Authentication/Login
|
13.248.193.251
|
||
https://secure.sharefile.com/android-chrome-192x192.png
|
13.248.193.251
|
||
https://consent.trustarc.com/log?domain=sharefile.com&country=us&state=&behavior=implied&session=57ba1ea8-eeed-44e2-8939-92369e59a412&userType=NEW&c=0209&referer=https://secure.sharefile.com&language=en
|
13.225.78.53
|
||
https://consent.trustarc.com/log
|
unknown
|
||
https://secure.sharefile.com/AuthUI/build/static/js/main.b06a57ba.js?v=Pf3ELaUreSOVHwcXIs-4Q-Zg7GPSCrQ0dlGlgrIqaWs
|
13.248.193.251
|
||
https://secure.sharefile.com/login
|
13.248.193.251
|
||
https://secure.sharefile.com/AuthUI/build/static/media/sharefile-logo-with-icon.3aa33bb6fffd83a61c47.svg
|
13.248.193.251
|
There are 47 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
51.138.111.34.bc.googleusercontent.com
|
34.111.138.51
|
||
spgo.io
|
34.208.225.223
|
||
secure.sharefile.com
|
13.248.193.251
|
||
www.google.com
|
172.217.16.196
|
||
sharefile-prod.mautic.net
|
18.213.75.129
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
consent.trustarc.com
|
13.225.78.53
|
||
85.204.107.34.bc.googleusercontent.com
|
34.107.204.85
|
||
clicks.sharefile.com
|
unknown
|
||
citrix-sharefile-data.customer.pendo.io
|
unknown
|
||
citrix-sharefile-content.customer.pendo.io
|
unknown
|
||
campaignstudio.sharefile.com
|
unknown
|
There are 3 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
34.107.204.85
|
85.204.107.34.bc.googleusercontent.com
|
United States
|
||
13.225.78.53
|
consent.trustarc.com
|
United States
|
||
18.213.75.129
|
sharefile-prod.mautic.net
|
United States
|
||
13.225.78.26
|
unknown
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
192.168.2.5
|
unknown
|
unknown
|
||
13.248.193.251
|
secure.sharefile.com
|
United States
|
||
34.111.138.51
|
51.138.111.34.bc.googleusercontent.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
34.208.225.223
|
spgo.io
|
United States
|
||
172.217.16.196
|
www.google.com
|
United States
|
||
172.217.18.100
|
unknown
|
United States
|
There are 2 hidden IPs, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://secure.sharefile.com/Authentication/Login#/StartViaSubdomain
|
||
https://secure.sharefile.com/Authentication/Login#/StartViaSubdomain
|
||
https://secure.sharefile.com/Authentication/Login#/StartViaSubdomain
|