Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:38:42 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:38:42 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:38:42 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:38:42 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:38:42 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 104
|
ASCII text, with very long lines (2087)
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
PNG image data, 1684 x 551, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 84
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
HTML document, ASCII text, with very long lines (479), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
ASCII text, with very long lines (65350)
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
GIF image data, version 89a, 452 x 302
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
PNG image data, 1684 x 387, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 94
|
PNG image data, 449 x 361, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 96
|
ASCII text, with very long lines (57919), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
ASCII text, with very long lines (1301)
|
downloaded
|
||
|
Chrome Cache Entry: 98
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
HTML document, ASCII text, with very long lines (328), with CRLF line terminators
|
downloaded
|
There are 12 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://t.co/DnQEiw4qor
|
|||
|
http://www.tl2giutrk.com/326NL2/893G9HD/?sub1=2_1_137982&sub2=328_879_158.51.98.226_21&sub3=1_29q1i9&sub5=29q1i9
|
34.98.114.148
|
||
|
https://ofttimesscrapie.pro/?encoded_value=223GDT1&sub1=c972573f12b442909030f3cfd46aae04&sub2=&sub3=&sub4=&sub5=15608&source_id=20121&ip=8.46.123.33&domain=www.clicknloader.com
|
|||
|
http://abcfiretech.com/file.html?pmnohklhivng=jjiybomjnazj10000010000of002ygu020940l17w80yq0001
|
130.185.239.18
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
push-visit.xyz
|
20.50.64.3
|
 |
|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
t.co
|
172.66.0.227
|
||
|
www.tl2giutrk.com
|
34.98.114.148
|
||
|
www.clicknloader.com
|
188.114.96.3
|
||
|
www.google.com
|
172.217.18.100
|
||
|
ofttimesscrapie.pro
|
188.114.96.3
|
||
|
virtualpushplatform.com
|
104.21.67.146
|
||
|
abcfiretech.com
|
130.185.239.18
|
||
|
www.redirectf4st.com
|
172.67.130.219
|
||
|
use.fontawesome.com
|
unknown
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
20.50.64.3
|
push-visit.xyz
|
United States
|
|
|
|
142.250.184.195
|
unknown
|
United States
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
108.177.15.84
|
unknown
|
United States
|
||
|
172.67.142.245
|
unknown
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
34.98.114.148
|
www.tl2giutrk.com
|
United States
|
||
|
130.185.239.18
|
abcfiretech.com
|
Bulgaria
|
||
|
142.250.185.110
|
unknown
|
United States
|
||
|
172.67.130.219
|
www.redirectf4st.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.142
|
unknown
|
United States
|
||
|
104.21.27.152
|
unknown
|
United States
|
||
|
188.114.96.3
|
www.clicknloader.com
|
European Union
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
172.66.0.227
|
t.co
|
United States
|
||
|
172.217.16.195
|
unknown
|
United States
|
||
|
104.21.67.146
|
virtualpushplatform.com
|
United States
|
||
|
172.217.18.100
|
www.google.com
|
United States
|
There are 9 hidden IPs, click here to show them.