Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 137
|
ASCII text, with very long lines (21341)
|
downloaded
|
||
|
Chrome Cache Entry: 138
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 139
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
ASCII text, with very long lines (27299)
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
ASCII text, with very long lines (8401), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 142
|
HTML document, Unicode text, UTF-8 text, with very long lines (45662), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 145
|
ASCII text, with very long lines (10367), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
HTML document, Unicode text, UTF-8 text, with very long lines (45662), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 148
|
ASCII text, with very long lines (21341)
|
dropped
|
||
|
Chrome Cache Entry: 149
|
ASCII text, with very long lines (43818), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
Unicode text, UTF-8 text, with very long lines (18247), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 152
|
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 153
|
ASCII text, with very long lines (10367), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 154
|
ASCII text, with very long lines (8401), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 156
|
WebAssembly (wasm) binary module version 0x1 (MVP)
|
dropped
|
||
|
Chrome Cache Entry: 157
|
Unicode text, UTF-8 text, with very long lines (18247), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 158
|
MS Windows icon resource - 3 icons, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48
with PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 159
|
ASCII text, with very long lines (43818), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 160
|
ASCII text, with very long lines (27299)
|
dropped
|
||
|
Chrome Cache Entry: 161
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 162
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 163
|
ASCII text, with very long lines (2502), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
Unicode text, UTF-8 text, with very long lines (10022), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 167
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 168
|
WebAssembly (wasm) binary module version 0x1 (MVP)
|
downloaded
|
||
|
Chrome Cache Entry: 169
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 170
|
HTML document, ASCII text, with very long lines (413)
|
downloaded
|
||
|
Chrome Cache Entry: 171
|
HTML document, ASCII text, with very long lines (3035), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 172
|
ASCII text, with very long lines (2502), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 173
|
MS Windows icon resource - 3 icons, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48
with PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 174
|
HTML document, ASCII text, with very long lines (413)
|
dropped
|
There are 29 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2136,i,373504701825141358,12353475851925403573,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://2qud.ejtrading.net/"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=5984 --field-trial-handle=2136,i,373504701825141358,12353475851925403573,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://2qud.ejtrading.net/
|
|||
|
https://web.telegram.org/a
|
unknown
|
||
|
https://t.me/
|
unknown
|
||
|
https://web.telegram.org/
|
unknown
|
||
|
https://2qud.ejtrading.net/api/rcd
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/5284.7277a1f1667fee359077.js
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/compatTest.js
|
104.21.56.249
|
||
|
https://t.me/_websync_?authed=0&version=10.9.9+A
|
149.154.167.99
|
||
|
https://2qud.ejtrading.net/8074.274f30e4e4daca7d391c.js
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/
|
|||
|
https://2qud.ejtrading.net/4486.9e0ff3ce0a0c5de4a575.js
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/7283.cf7f8932e13cf852ff81.js
|
104.21.56.249
|
||
|
https://a.nel.cloudflare.com/report/v4?s=mPLBPoLI4hSTgzUz%2FME9Tc61rAa5jHV6IxkPmgx%2FCVEjGcmkqILmjTdHRX6IZmqCFEH7EA%2FGfZXQhmoKEKUp0fkp7sqkoRx9a6LAkzBVp1RzbjvZquZjhUubII%2FU6qGidvVzOZ8%3D
|
35.190.80.1
|
||
|
https://2qud.ejtrading.net/5193.006d97f0ae392264beae.js
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/9357.a36365e0d807a0987518.js
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/icon-192x192.png
|
104.21.56.249
|
||
|
http://telegram.org/dl
|
unknown
|
||
|
https://2qud.ejtrading.net/5985.e8d9d0762c377bb07b03.js
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/rlottie-wasm.f013598f1b2ba719f25e.js
|
104.21.56.249
|
||
|
https://web.telegram.org/a/
|
unknown
|
||
|
https://2qud.ejtrading.net/rlottie-wasm.wasm
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/1112.ed47151a49708b83c7b9.js
|
104.21.56.249
|
||
|
https://ss3.4sqi.net/img/categories_v2/
|
unknown
|
||
|
https://a.nel.cloudflare.com/report/v4?s=JJP31FKUwRQmdB93TfWh3pYTytbI4u0awhZ%2FKbZ5rBy96vUDtgO2SXYSi4fm%2B5wkzTE0155FACxLBg%2FcazGBK0ZdpF5uurJsmlGQJSf%2Bp8yep5xjhn83QY%2FAB%2BA7cU8cJ2nnTdk%3D
|
35.190.80.1
|
||
|
https://2qud.ejtrading.net/favicon.ico
|
104.21.56.249
|
||
|
https://t.me/_websync_
|
unknown
|
||
|
https://2qud.ejtrading.net/site.webmanifest
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/5905.7740c1743540df2d6991.js
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/redirect.js?v=1
|
104.21.56.249
|
||
|
https://telam.jiwhek.xyz/telegram.html
|
unknown
|
||
|
https://2qud.ejtrading.net/main.d170792e946b7ff7d822.js
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/apis/guest/submit
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/notification.mp3
|
104.21.56.249
|
||
|
https://telegram.me/_websync_?authed=0&version=10.9.9+A
|
149.154.167.99
|
||
|
https://2qud.ejtrading.net/7784.ec5164938531ffe545a2.js
|
104.21.56.249
|
||
|
https://telegram.me/_websync_;
|
unknown
|
||
|
https://2qud.ejtrading.net/6708.05075ec696cf1bca34b2.js
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/main.b563a1b1790456b66383.css
|
104.21.56.249
|
||
|
https://2qud.ejtrading.net/8287.cbb61367338b7a7d4a32.js
|
104.21.56.249
|
There are 28 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
telegram.me
|
149.154.167.99
|
||
|
t.me
|
149.154.167.99
|
||
|
www.google.com
|
142.250.185.132
|
||
|
2qud.ejtrading.net
|
104.21.56.249
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
||
|
windowsupdatebg.s.llnwi.net
|
87.248.204.0
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.132
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
149.154.167.99
|
telegram.me
|
United Kingdom
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.168.2.13
|
unknown
|
unknown
|
||
|
192.168.2.15
|
unknown
|
unknown
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
104.21.56.249
|
2qud.ejtrading.net
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://2qud.ejtrading.net/
|
||
|
https://2qud.ejtrading.net/
|