Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 13:52:02 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 13:52:02 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 13:52:02 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 13:52:02 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 13:52:02 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\Downloads\213bd740-3bcf-47f9-a9ca-76fa1b149197.tmp
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
C:\Users\user\Downloads\MetaMask.apk.crdownload (copy)
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
Chrome Cache Entry: 115
|
ASCII text, with very long lines (3251), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 116
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
Chrome Cache Entry: 117
|
ASCII text, with very long lines (7791)
|
dropped
|
||
Chrome Cache Entry: 118
|
PNG image data, 107 x 100, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 119
|
ASCII text, with very long lines (4269)
|
downloaded
|
||
Chrome Cache Entry: 120
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 121
|
ASCII text, with very long lines (592), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 122
|
PNG image data, 800 x 407, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 123
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 124
|
ASCII text, with very long lines (18487), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 125
|
ASCII text, with very long lines (4269)
|
dropped
|
||
Chrome Cache Entry: 126
|
Unicode text, UTF-8 text, with very long lines (65481)
|
dropped
|
||
Chrome Cache Entry: 127
|
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66
|
downloaded
|
||
Chrome Cache Entry: 128
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 129
|
Unicode text, UTF-8 text, with very long lines (54438)
|
dropped
|
||
Chrome Cache Entry: 130
|
Unicode text, UTF-8 text, with very long lines (65300)
|
downloaded
|
||
Chrome Cache Entry: 131
|
ASCII text, with very long lines (1528), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 132
|
ASCII text, with very long lines (65447)
|
dropped
|
||
Chrome Cache Entry: 133
|
ASCII text, with CRLF line terminators
|
dropped
|
||
Chrome Cache Entry: 134
|
PNG image data, 800 x 407, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 135
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x630, components
3
|
downloaded
|
||
Chrome Cache Entry: 136
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
downloaded
|
||
Chrome Cache Entry: 137
|
Unicode text, UTF-8 text, with very long lines (2587)
|
downloaded
|
||
Chrome Cache Entry: 138
|
PNG image data, 44 x 40, 8-bit/color RGB, interlaced
|
dropped
|
||
Chrome Cache Entry: 139
|
PNG image data, 210 x 40, 8-bit/color RGB, interlaced
|
dropped
|
||
Chrome Cache Entry: 140
|
PNG image data, 107 x 100, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 141
|
Unicode text, UTF-8 text, with very long lines (65481)
|
downloaded
|
||
Chrome Cache Entry: 142
|
ASCII text, with very long lines (65451)
|
dropped
|
||
Chrome Cache Entry: 143
|
PNG image data, 44 x 40, 8-bit/color RGB, interlaced
|
downloaded
|
||
Chrome Cache Entry: 144
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 145
|
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 146
|
PNG image data, 800 x 407, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 147
|
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 148
|
HTML document, Unicode text, UTF-8 text, with very long lines (453)
|
downloaded
|
||
Chrome Cache Entry: 149
|
ASCII text, with very long lines (55785)
|
downloaded
|
||
Chrome Cache Entry: 150
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 151
|
Unicode text, UTF-8 text, with very long lines (54438)
|
downloaded
|
||
Chrome Cache Entry: 152
|
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 153
|
PNG image data, 800 x 407, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 154
|
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 155
|
PNG image data, 210 x 40, 8-bit/color RGB, interlaced
|
downloaded
|
||
Chrome Cache Entry: 156
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 157
|
Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
Chrome Cache Entry: 158
|
PNG image data, 800 x 407, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 159
|
ASCII text, with very long lines (592), with CRLF line terminators
|
dropped
|
||
Chrome Cache Entry: 160
|
Web Open Font Format (Version 2), TrueType, length 5000, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 161
|
Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
Chrome Cache Entry: 162
|
ASCII text, with very long lines (65451)
|
downloaded
|
||
Chrome Cache Entry: 163
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 164
|
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 165
|
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 166
|
HTML document, Unicode text, UTF-8 text, with very long lines (423), with CRLF, LF line terminators
|
downloaded
|
||
Chrome Cache Entry: 167
|
ASCII text, with very long lines (7791)
|
downloaded
|
||
Chrome Cache Entry: 168
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x630, components
3
|
dropped
|
||
Chrome Cache Entry: 169
|
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66
|
downloaded
|
||
Chrome Cache Entry: 170
|
ASCII text, with very long lines (8110), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 171
|
Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
Chrome Cache Entry: 172
|
ASCII text, with very long lines (13408), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 173
|
ASCII text, with very long lines (46143), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 174
|
ASCII text
|
dropped
|
||
Chrome Cache Entry: 175
|
PNG image data, 800 x 407, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 176
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 177
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 178
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 179
|
Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
Chrome Cache Entry: 180
|
Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049
|
downloaded
|
There are 65 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2408 --field-trial-handle=2344,i,6607756406516106273,1265259073578629832,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://metamaske.com.cn/"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://metamaske.com.cn/
|
|||
https://cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/bowser.min.js
|
104.17.24.14
|
||
https://cdnjs.cloudflare.com/ajax/libs/placeholders/3.0.2/placeholders.min.js
|
unknown
|
||
https://metamaske.com.cn/template/pc/images/Brave.png
|
103.125.85.169
|
||
https://metamaske.com.cn/bzzx/
|
|||
https://metamaske.com.cn/template/pc/skin2/js/leonhere.js
|
103.125.85.169
|
||
https://github.com/ded/bowser
|
unknown
|
||
https://metamaske.com.cn/template/pc/assets/css/swiper-bundle.min.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/js/webflow.js
|
103.125.85.169
|
||
https://beian.miit.gov.cn
|
unknown
|
||
http://underscorejs.org
|
unknown
|
||
https://metamaske.com.cn/template/pc/images/download-extension-p-800.png
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/skin2/js/jquery-3.7.0.min.js
|
103.125.85.169
|
||
https://www.metamaske.com.cn
|
unknown
|
||
https://metamaske.com.cn/template/pc/assets/css/all.min.css
|
103.125.85.169
|
||
http://www.eyoucms.com/plus/powerby.php
|
unknown
|
||
https://metamaske.com.cn/template/pc/assets/font/flaticon.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/assets/css/bootstrap.min.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/images/Edge.png
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/images/chrome_1chrome.png
|
103.125.85.169
|
||
https://fontawesome.com/license/free
|
unknown
|
||
https://fontawesome.com
|
unknown
|
||
https://www.google.com
|
unknown
|
||
https://metamaske.com.cn/template/pc/skin2/css/prettify.css
|
103.125.85.169
|
||
https://beian.miit.gov.cn/
|
unknown
|
||
https://metamaske.com.cn/template/pc/css/metamask-staging-2.webflow.css
|
103.125.85.169
|
||
http://daneden.me/animate
|
unknown
|
||
https://metamaske.com.cn/#w-tabs-0-data-w-pane-2
|
|||
https://metamaske.com.cn/#w-tabs-0-data-w-pane-1
|
|||
https://metamaske.com.cn/template/pc/fonts/EuclidCircularB-Regular-WebXL.woff2
|
103.125.85.169
|
||
https://metamaske.com.cn/#w-tabs-0-data-w-pane-0
|
|||
https://metamaske.com.cn/uploads/allimg/20231128/1-23112R21922446.png
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/images/download-android-p-800.png
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/assets/css/style.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/js/jquery-3.5.1.min.dc5e7f18c8.js
|
103.125.85.169
|
||
https://github.com/nickpettit/glide
|
unknown
|
||
https://metamaske.com.cn/template/pc/js/jquery.min.js
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/skin2/js/prettify.js
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/skin2/js/wow.js
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/assets/css/venobox.css
|
103.125.85.169
|
||
http://bugs.jquery.com/ticket/11820
|
unknown
|
||
https://github.com/twbs/bootstrap/blob/main/LICENSE)
|
unknown
|
||
https://metamaske.com.cn/template/pc/assets/css/animate.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/images/favicon.png
|
103.125.85.169
|
||
https://app.geqianf98.top/s/dDan
|
unknown
|
||
https://metamaske.com.cn/template/pc/assets/css/odometer.css
|
103.125.85.169
|
||
https://metamaske.com.cn/favicon.ico
|
103.125.85.169
|
||
http://opensource.org/licenses/MIT
|
unknown
|
||
https://getbootstrap.com/)
|
unknown
|
||
https://metamaske.com.cn/template/pc/fonts/EuclidCircularB-Bold-WebXL.woff2
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/skin2/css/fontello.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/assets/webfonts/fa-solid-900.woff2
|
103.125.85.169
|
||
https://cct.google/taggy/agent.js
|
unknown
|
||
https://www.metamaske.com.cn/uploads/ueditor/20240329/1711707684-1-231129150042c2.jpg
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/skin2/font/fontello.woff2?81719577
|
103.125.85.169
|
||
http://www.metamaske.com.cn
|
unknown
|
||
https://metamaske.com.cn/template/pc/images/download-ios-p-800.png
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/images/Firefox_1Firefox.png
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/skin2/css/main.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/skin2/css/animate.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/css/webflow.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/images/mm-logo.svg
|
103.125.85.169
|
||
https://td.doubleclick.net
|
unknown
|
||
https://metamaske.com.cn/template/pc/css/normalize.css
|
103.125.85.169
|
||
https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js
|
unknown
|
||
https://app-store.s3.cn-north-1.jdcloud-oss.com/MetaMask.apk
|
116.196.126.162
|
||
https://metamaske.com.cn/
|
|||
https://github.com/jquery/jquery/blob/3.6.0/src/css.js#L212-L233
|
unknown
|
||
https://metamaske.com.cn/template/pc/assets/css/menu.css
|
103.125.85.169
|
||
https://metamaske.com.cn/template/pc/assets/css/responsive.css
|
103.125.85.169
|
There are 59 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
www.metamaske.com.cn
|
103.125.85.169
|
||
cdnjs.cloudflare.com
|
104.17.24.14
|
||
overseas.cn-north-1.jdcloudcs.com.jcloudlb.com
|
116.196.126.162
|
||
www.google.com
|
142.250.74.196
|
||
metamaske.com.cn
|
103.125.85.169
|
||
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
217.20.57.34
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
windowsupdatebg.s.llnwi.net
|
87.248.204.0
|
||
app-store.s3.cn-north-1.jdcloud-oss.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
116.196.126.162
|
overseas.cn-north-1.jdcloudcs.com.jcloudlb.com
|
China
|
||
103.125.85.169
|
www.metamaske.com.cn
|
Malaysia
|
||
192.168.2.5
|
unknown
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
104.17.25.14
|
unknown
|
United States
|
||
142.250.74.196
|
www.google.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://metamaske.com.cn/
|
||
https://metamaske.com.cn/#w-tabs-0-data-w-pane-1
|
||
https://metamaske.com.cn/#w-tabs-0-data-w-pane-2
|
||
https://metamaske.com.cn/#w-tabs-0-data-w-pane-0
|
||
https://metamaske.com.cn/bzzx/
|