Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:51:28 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:51:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:51:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:51:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:51:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
PNG image data, 49 x 63, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 101
|
PNG image data, 16 x 15, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 102
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 103
|
ASCII text, with very long lines (47261)
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
PNG image data, 51 x 42, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
ASCII text, with very long lines (8023), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 73
|
PNG image data, 61 x 73, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 74
|
PNG image data, 50 x 58, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 75
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 76
|
PNG image data, 50 x 58, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 78
|
PNG image data, 263 x 31, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 79
|
ASCII text, with very long lines (65447)
|
dropped
|
||
|
Chrome Cache Entry: 80
|
assembler source, ASCII text, with very long lines (496)
|
downloaded
|
||
|
Chrome Cache Entry: 81
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 82
|
ASCII text, with very long lines (47261)
|
dropped
|
||
|
Chrome Cache Entry: 83
|
PNG image data, 13 x 68, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 84
|
ASCII text, with very long lines (47261)
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
PNG image data, 61 x 73, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 87
|
HTML document, ASCII text, with very long lines (6014)
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
ASCII text, with very long lines (47261)
|
dropped
|
||
|
Chrome Cache Entry: 89
|
ASCII text, with very long lines (7968), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
PNG image data, 51 x 42, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 91
|
PNG image data, 263 x 31, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
PNG image data, 52 x 40, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 93
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
PNG image data, 13 x 68, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
PNG image data, 16 x 15, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
PNG image data, 49 x 63, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 98
|
PNG image data, 52 x 40, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
There are 31 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
 |
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2040,i,17352238815284995908,10674998889243760524,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.ccjm.org/highwire_log/share/mendeley?link=https://onpro.info"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.ccjm.org/highwire_log/share/mendeley?link=https://onpro.info
|
|
||
|
https://happykidstec.com/wp-lon/page/images/verify_sms.png
|
213.5.70.137
|
|
|
|
https://onpro.info/
|
|
||
|
https://happykidstec.com/wp-lon/page/images/verify_app.png
|
213.5.70.137
|
|
|
|
https://happykidstec.com/wp-lon/page/images/verify_code.png
|
213.5.70.137
|
|
|
|
https://happykidstec.com/wp-lon/
|
|
||
|
https://onpro.info/cdn-cgi/challenge-platform/h/g/flow/ov1/694538927:1727979974:fwmpA9RUiFuaVbSmuIDNgs5oNFb5SCIPnc8SMW_WBYc/8ccf1fc39f2241c3/9bce03bbb6643a7
|
188.114.97.3
|
|
|
|
https://happykidstec.com/wp-lon/page/images/logo.png
|
213.5.70.137
|
|
|
|
https://onpro.info/favicon.ico
|
188.114.97.3
|
|
|
|
https://onpro.info/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8ccf1fc39f2241c3
|
188.114.97.3
|
|
|
|
https://onpro.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
|
188.114.97.3
|
|
|
|
https://happykidstec.com/wp-lon/page/images/back.png
|
213.5.70.137
|
|
|
|
https://onpro.info/cdn-cgi/challenge-platform/h/g/jsd/r/8ccf2084bb134265
|
188.114.97.3
|
|
|
|
https://happykidstec.com/wp-lon/page/images/appnotif2.png
|
213.5.70.137
|
|
|
|
https://happykidstec.com/wp-lon/page/styles/app.css
|
213.5.70.137
|
|
|
|
https://happykidstec.com/wp-lon/page/images/info.png
|
213.5.70.137
|
|
|
|
https://happykidstec.com/wp-lon/page/images/verify.png
|
213.5.70.137
|
|
|
|
https://onpro.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
|
188.114.97.3
|
|
|
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/602678390:1727980015:mgoKwa6gvDPaPRiEfkBeCKlphJag7kAoGFc6X0l7uRY/8ccf20b13a84236b/908bbbba283031d
|
104.18.94.41
|
||
|
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js
|
104.18.94.41
|
||
|
https://code.jquery.com/jquery-3.6.0.min.js
|
151.101.66.137
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gu35k/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/
|
104.18.94.41
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/744208155:1727980046:62rQFJm3R5GJITipooMIuK43yx5RmnekuH8TUBvwwdg/8ccf1fe0bf4b7d13/1884e28d0165ed9
|
104.18.94.41
|
||
|
https://www.ccjm.org/highwire_log/share/mendeley?link=https://onpro.info
|
104.18.39.115
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8ccf20b13a84236b&lang=auto
|
104.18.94.41
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8ccf1fe0bf4b7d13&lang=auto
|
104.18.94.41
|
||
|
https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
|
104.18.94.41
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8ccf20b13a84236b/1727981531466/2642d7c6bf8ab2d058ea9fc95e134400480fee33dd94e13ea4f73860f6c92875/Bl1HaK4MFE75QJZ
|
104.18.94.41
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8ccf1fe0bf4b7d13/1727981498249/IZzwaYjEje6ZP9e
|
104.18.94.41
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/18bdc/0x4AAAAAAAvkWMwyQmB0qGBB/auto/fbE/normal/auto/
|
104.18.94.41
|
||
|
https://a.nel.cloudflare.com/report/v4?s=CHWpu%2BrOwu75e2sU1em%2BvbfHZS3ujQTZF3kVMHNKApEPpqwz3DoVIs0uGs6POokJAU4tSFqwonMpH9RHy5d3EoCnsAdqfE2DYAXYymsML5aWXAQGyLvzqTm1%2FtV0
|
35.190.80.1
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8ccf20b13a84236b/1727981531463/EhENSLDeHxqAwUC
|
104.18.94.41
|
||
|
https://a.nel.cloudflare.com/report/v4?s=3t8zuPeumhyJo5zjaK2OQfNUZ2osFC4yscRBwoxIoc6FRPFbb%2B%2BpH%2Fgr1kGHM88s%2B6v7kYVcpHGi44aZEsmHhmbqOjJt9vBwvH%2ByLZjiAxx0G5qzvY%2Bw5YncGklZ
|
35.190.80.1
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.18.94.41
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8ccf1fe0bf4b7d13/1727981498245/adfe3b8d2e49617d1aefb932df8db265093e94d7344932b6f166a86a5bc34589/12Hjxn3-M_512Pb
|
104.18.94.41
|
There are 24 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
onpro.info
|
188.114.97.3
|
|
|
|
www.ccjm.org
|
104.18.39.115
|
|
|
|
happykidstec.com
|
213.5.70.137
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
code.jquery.com
|
151.101.66.137
|
||
|
challenges.cloudflare.com
|
104.18.95.41
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
www.google.com
|
216.58.206.36
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
213.5.70.137
|
happykidstec.com
|
Netherlands
|
|
|
|
188.114.97.3
|
onpro.info
|
European Union
|
|
|
|
104.18.39.115
|
www.ccjm.org
|
United States
|
|
|
|
104.18.94.41
|
unknown
|
United States
|
||
|
104.18.95.41
|
challenges.cloudflare.com
|
United States
|
||
|
216.58.206.36
|
www.google.com
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
188.114.96.3
|
unknown
|
European Union
|
||
|
151.101.66.137
|
code.jquery.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
151.101.194.137
|
unknown
|
United States
|
There are 2 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://onpro.info/
|
|
|
|
https://happykidstec.com/wp-lon/Xcglg15K2dF7zufOQJxPeA4k61Kz9vXxadbyRhVpRTjWH4xmaNiMqUPwGoa0ooI9yChTLZvRPss0Ec6tg77G0lweYrvonuQD8EBZTO6b2YEdVptmkwFFW9ktQSC4zJNyCHDqZe8SrIfl3phNXKfucr/verify
|
|
|
|
https://onpro.info/
|
||
|
https://onpro.info/
|
||
|
https://onpro.info/
|
||
|
https://onpro.info/
|
||
|
https://onpro.info/
|
||
|
https://happykidstec.com/wp-lon/
|
||
|
https://happykidstec.com/wp-lon/
|