Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 14:11:24 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 14:11:24 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:56:51 2023, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 14:11:23 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 14:11:24 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 14:11:23 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 57
|
ASCII text
|
downloaded
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1952,i,4008020697928877117,10345393398803479346,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://email.servicesend.com/o/eJwEwNFtxCAMANBpjj8QNjY4H8xSUcANUi45EVKp2_e13IARTM-QUDxtEsXsWSBtDdK3xkLNt6ICqh2IsQILsxk5RlXFWgEp8FeMJFxb3Yg8C7QX-fGxkNAGsEEshuie2_ZyL4uuXu_Ps7ob5-rzLId7l3GYmYseZe9z_b3IX3W_zz7dNX_Mb8b_AAAA__8vRjGK"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://email.servicesend.com/o/eJwEwNFtxCAMANBpjj8QNjY4H8xSUcANUi45EVKp2_e13IARTM-QUDxtEsXsWSBtDdK3xkLNt6ICqh2IsQILsxk5RlXFWgEp8FeMJFxb3Yg8C7QX-fGxkNAGsEEshuie2_ZyL4uuXu_Ps7ob5-rzLId7l3GYmYseZe9z_b3IX3W_zz7dNX_Mb8b_AAAA__8vRjGK
|
|||
|
http://email.servicesend.com/favicon.ico
|
34.110.180.34
|
||
|
http://email.servicesend.com/o/eJwEwNFtxCAMANBpjj8QNjY4H8xSUcANUi45EVKp2_e13IARTM-QUDxtEsXsWSBtDdK3xkLNt6ICqh2IsQILsxk5RlXFWgEp8FeMJFxb3Yg8C7QX-fGxkNAGsEEshuie2_ZyL4uuXu_Ps7ob5-rzLId7l3GYmYseZe9z_b3IX3W_zz7dNX_Mb8b_AAAA__8vRjGK
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.google.com
|
142.250.184.196
|
||
|
mailgun.org
|
34.110.180.34
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
email.servicesend.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.110.180.34
|
mailgun.org
|
United States
|
||
|
142.250.184.196
|
www.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
192.168.2.9
|
unknown
|
unknown
|
||
|
192.168.2.4
|
unknown
|
unknown
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
http://email.servicesend.com/o/eJwEwNFtxCAMANBpjj8QNjY4H8xSUcANUi45EVKp2_e13IARTM-QUDxtEsXsWSBtDdK3xkLNt6ICqh2IsQILsxk5RlXFWgEp8FeMJFxb3Yg8C7QX-fGxkNAGsEEshuie2_ZyL4uuXu_Ps7ob5-rzLId7l3GYmYseZe9z_b3IX3W_zz7dNX_Mb8b_AAAA__8vRjGK
|