Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:55:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:55:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:55:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:55:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:55:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 131
|
ASCII text, with very long lines (425), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 132
|
ASCII text, with very long lines (41381), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 133
|
ASCII text, with very long lines (13383), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 134
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 135
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
ASCII text, with very long lines (54210), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 138
|
ASCII text, with very long lines (12138)
|
downloaded
|
||
|
Chrome Cache Entry: 139
|
Web Open Font Format (Version 2), TrueType, length 77780, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
ASCII text, with very long lines (14361), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
ASCII text, with very long lines (65453)
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
ASCII text, with very long lines (41381), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 145
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 146
|
ASCII text, with very long lines (44561), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
ASCII text, with very long lines (28193), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
ASCII text, with very long lines (8693), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 149
|
ASCII text, with very long lines (65452)
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
ASCII text, with very long lines (28193), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 151
|
ASCII text, with very long lines (12390), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 152
|
ASCII text, with very long lines (11193), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 153
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 154
|
ASCII text, with very long lines (65444)
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
ASCII text, with very long lines (65463)
|
dropped
|
||
|
Chrome Cache Entry: 156
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 157
|
ASCII text, with very long lines (8881), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 158
|
ASCII text, with very long lines (425), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 159
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
ASCII text, with very long lines (23035)
|
downloaded
|
||
|
Chrome Cache Entry: 161
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 162
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 163
|
ASCII text, with very long lines (44621), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 164
|
ASCII text, with very long lines (64532)
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
ASCII text, with very long lines (12196), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
Unicode text, UTF-8 text, with very long lines (38687), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 167
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 168
|
ASCII text, with very long lines (24194)
|
dropped
|
||
|
Chrome Cache Entry: 169
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 170
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 171
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 172
|
ASCII text, with very long lines (65452)
|
dropped
|
||
|
Chrome Cache Entry: 173
|
ASCII text, with very long lines (24194)
|
downloaded
|
||
|
Chrome Cache Entry: 174
|
ASCII text, with very long lines (24757), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 175
|
gzip compressed data, last modified: Sat Nov 10 22:02:29 2018, from Unix, original size modulo 2^32 77542
|
downloaded
|
||
|
Chrome Cache Entry: 176
|
ASCII text, with very long lines (18818), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 177
|
ASCII text, with very long lines (44621), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 178
|
ASCII text, with very long lines (21524), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 179
|
ASCII text, with very long lines (65463)
|
downloaded
|
||
|
Chrome Cache Entry: 180
|
ASCII text, with very long lines (10507), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 181
|
Unicode text, UTF-8 text, with very long lines (43226)
|
downloaded
|
||
|
Chrome Cache Entry: 182
|
ASCII text, with very long lines (65463)
|
downloaded
|
||
|
Chrome Cache Entry: 183
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 184
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 185
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 186
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 187
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 188
|
ASCII text, with very long lines (65463)
|
downloaded
|
||
|
Chrome Cache Entry: 189
|
ASCII text, with very long lines (65463)
|
dropped
|
||
|
Chrome Cache Entry: 190
|
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 191
|
ASCII text, with very long lines (12390), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 192
|
gzip compressed data, last modified: Sat Nov 10 22:02:29 2018, from Unix, original size modulo 2^32 77542
|
dropped
|
||
|
Chrome Cache Entry: 193
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 194
|
ASCII text, with very long lines (65453)
|
dropped
|
||
|
Chrome Cache Entry: 195
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 196
|
Unicode text, UTF-8 text, with very long lines (16974), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 197
|
ASCII text, with very long lines (24757), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 198
|
ASCII text, with very long lines (12138)
|
dropped
|
||
|
Chrome Cache Entry: 199
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 200
|
ASCII text, with very long lines (10507), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 201
|
ASCII text, with very long lines (65456)
|
dropped
|
||
|
Chrome Cache Entry: 202
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 203
|
ASCII text, with very long lines (11729), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 204
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 205
|
ASCII text, with very long lines (65444)
|
dropped
|
||
|
Chrome Cache Entry: 206
|
ASCII text, with very long lines (64147), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 207
|
ASCII text, with very long lines (11729), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 208
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 209
|
ASCII text, with very long lines (65463)
|
dropped
|
||
|
Chrome Cache Entry: 210
|
ASCII text, with very long lines (23081), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 211
|
ASCII text, with very long lines (54210), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 212
|
ASCII text, with very long lines (10053), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 213
|
ASCII text, with very long lines (14361), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 214
|
Web Open Font Format (Version 2), TrueType, length 82120, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 215
|
ASCII text, with very long lines (8693), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 216
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 217
|
ASCII text, with very long lines (59989)
|
downloaded
|
||
|
Chrome Cache Entry: 218
|
ASCII text, with very long lines (21524), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 219
|
Web Open Font Format (Version 2), TrueType, length 84992, version 2.983
|
downloaded
|
||
|
Chrome Cache Entry: 220
|
ASCII text, with very long lines (13383), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 221
|
ASCII text, with very long lines (23035)
|
dropped
|
||
|
Chrome Cache Entry: 222
|
ASCII text, with very long lines (64147), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 223
|
Unicode text, UTF-8 text, with very long lines (43226)
|
dropped
|
||
|
Chrome Cache Entry: 224
|
Web Open Font Format (Version 2), TrueType, length 84396, version 2.983
|
downloaded
|
||
|
Chrome Cache Entry: 225
|
ASCII text, with very long lines (65456)
|
downloaded
|
||
|
Chrome Cache Entry: 226
|
ASCII text, with very long lines (8881), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 227
|
ASCII text, with very long lines (11193), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 228
|
ASCII text, with very long lines (12196), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 229
|
ASCII text, with very long lines (59989)
|
dropped
|
||
|
Chrome Cache Entry: 230
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
downloaded
|
There are 97 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1964,i,11519740772081467594,12038132482264796469,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.box.com/s/r8gf6zpgg0th9kl4z0pfx4tefjsvexvc"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://app.box.com/s/r8gf6zpgg0th9kl4z0pfx4tefjsvexvc
|
|||
|
https://pendo-data-prod.box.com/data/guide.json/123e0628-cb29-41d1-466c-c592c7ddcd06?id=7&jzb=eJxNjsFOwzAQRP_F5zZ23QiV3LiBxA3BtVqSjRtwvZa9jqKg_Hs3lQjc1jOeN_OjxiEPTOmlU42yaqegbakEvr_3BxFK8nJemGNutIYYq0-aqpauOut0cv3DHJ0zfHn89vVsYj_VjP1XHnEaW4mT7z7-KkLxfqeuyNABg2q2_vUU7isEV8ChNGLYv78JYPhd5v97Z_GWbe2avv-TxaJGSBj4afNEkro1aI76YLQ1thbgiCkPFFZ8ZY-nyp5jok6MjL5_pswoSE4Fl-UGkfBgAA&v=2.238.2_prod&ct=1727970933377
|
74.112.186.159
|
||
|
http://blog.stevenlevithan.com/archives/parseuri
|
unknown
|
||
|
https://github.com/derek-watson/jsUri
|
unknown
|
||
|
https://app.box.com/app-api/split-proxy/api/mySegments/-1
|
74.112.186.157
|
||
|
https://app.box.com/app-api/split-proxy/api/mySegments/2
|
74.112.186.157
|
||
|
https://app.box.com/app-api/split-proxy/api/splitChanges?since=-1
|
74.112.186.157
|
||
|
https://app.box.com/gen204
|
74.112.186.157
|
||
|
https://support.box.com
|
unknown
|
||
|
https://app.box.com/index.php?rm=box_gen204_batch_record
|
74.112.186.157
|
||
|
https://app.box.com/app-api/enduserapp/current-user/features/secondary
|
74.112.186.157
|
||
|
https://pendo-data-prod.box.com/data/ptm.gif/123e0628-cb29-41d1-466c-c592c7ddcd06?v=2.238.2_prod&ct=1727970933376&jzb=eJy9UV1vmzAU_S9-pmBsZwl5W6upm1pp0z5eNk3IgWtKZ7BlGxYa5b_3uokQ0rTtqXm7nONz7uHcHwcSJgtkS9oa-tCqiSRk58xvD64MbYdMvmbrYk0LzvmKJ2RsfRuMK9saRQxfy6oyQx9OwFWOyOA0jg8hWL_NMmltujP7tDJd5jO3adSbJ9s0NDwUv7R4olbtRQD16EfYjxXKrTPWk-2BGF2Xy3X9oHXygi53ntD_xjqisXT4j1_l7sMsC6cPcisGeqfs99sJ2Kebm49ooJzs4IVsHj_3RlzD3aAsXL_bxIqmAJiR5_SYzBV2EOQ_6xMXre-8Ko5ocC_7ZpBNzAn91bcv-HLOoJdciRyWdc4V1X9U-HbmEKpliELKs5xmjDKBhiM435o-2qeMb1JWYqoaCQ9avTc-AFoGN8DrXKXgi6toI-Pmv19lddGrxDjnECueY9BXKIAJcfz5DPqkPoM
|
74.112.186.159
|
||
|
https://pendo-data-prod.box.com/data/guide.gif/123e0628-cb29-41d1-466c-c592c7ddcd06?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1727970933378&v=2.238.2_prod
|
74.112.186.159
|
||
|
https://app.box.com/s/r8gf6zpgg0th9kl4z0pfx4tefjsvexvc
|
|||
|
http://www.box.com)
|
unknown
|
||
|
https://app.box.com/app-api/split-proxy/api/mySegments/66febe6f9ce810.68343862
|
74.112.186.157
|
||
|
https://cdn.amplitude.com/libs/amplitude-4.5.2-min.gz.js
|
18.245.86.69
|
||
|
http://jedwatson.github.io/classnames
|
unknown
|
There are 7 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pendo-data-prod.box.com
|
74.112.186.159
|
||
|
cdn.amplitude.com
|
18.245.86.69
|
||
|
www.google.com
|
142.250.184.196
|
||
|
app.box.com
|
74.112.186.157
|
||
|
cdn01.boxcdn.net
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
74.112.186.157
|
app.box.com
|
United States
|
||
|
142.250.184.196
|
www.google.com
|
United States
|
||
|
18.245.86.101
|
unknown
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
74.112.186.159
|
pendo-data-prod.box.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
18.245.86.69
|
cdn.amplitude.com
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://app.box.com/s/r8gf6zpgg0th9kl4z0pfx4tefjsvexvc
|
||
|
https://app.box.com/s/r8gf6zpgg0th9kl4z0pfx4tefjsvexvc
|