IOC Report
https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 80
ASCII text, with very long lines (59376)
downloaded
Chrome Cache Entry: 81
Unicode text, UTF-8 text, with very long lines (41512)
downloaded
Chrome Cache Entry: 82
JSON data
dropped
Chrome Cache Entry: 83
JSON data
dropped
Chrome Cache Entry: 84
Unicode text, UTF-8 text, with very long lines (41512)
dropped
Chrome Cache Entry: 85
ASCII text, with very long lines (59376)
dropped
Chrome Cache Entry: 86
Java source, ASCII text
downloaded
Chrome Cache Entry: 87
JSON data
downloaded
Chrome Cache Entry: 88
Java source, ASCII text
dropped
Chrome Cache Entry: 89
JSON data
downloaded

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1444 --field-trial-handle=1072,i,8817321110583036791,13478569038220876855,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9"

URLs

Name
IP
Malicious
https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9
malicious
https://srfed-my.sharepoint.com/:f:/p/paul_scace/EtC5e2XquN9Fp0K3Sw7IAUsB1jH11BqdCOET9BKLSlV1Tw?e=jPSkP9
13.107.138.10
 malicious
https://srfed-my.sharepoint.com/personal/paul_scace_srfed_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fpaul%5Fscace%5Fsrfed%5Fcom%2FDocuments%2FAccounts%20Payable%20%28AP%29%2FEra&ga=1
13.107.138.10
http://www.opensource.org/licenses/mit-license.php
unknown
https://srfed-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx
13.107.138.10

Domains

Name
IP
Malicious
dual-spo-0005.spo-msedge.net
13.107.138.10
www.google.com
142.250.186.164
srfed-my.sharepoint.com
unknown
spo.nel.measure.office.net
unknown

IPs

IP
Domain
Country
Malicious
13.107.138.10
dual-spo-0005.spo-msedge.net
United States
13.107.136.10
unknown
United States
239.255.255.250
unknown
Reserved
142.250.186.164
www.google.com
United States