IOC Report
https://links.twiliocdn.com/ls/click?upn=u001.s8B7Bdj-2BO6qOEbA-2BPKse2Z7fYxO9q1PAYKGQzEiFp-2FQBq-2BFpel8VkcfovM37GnWPMnODh7DjfGMugIPNcd8ltt5eAz3eLThOPRhxCnpkpwSoLZsid6F00t-2FjbyOU-2F93X804pv1CgFCLbmObbTHc4xs2oFf5JAweFiVi0KRXNOqc-3DGElV_ZsZNk9I-2BWKUMcOn-2FYMXK2VNILsetvczk0qkDBnt1Q-2Bg8MpLl8s0WAV-2B

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:24 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:24 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:24 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:24 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:23 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
Web Open Font Format, TrueType, length 44624, version 1.0
downloaded
Chrome Cache Entry: 101
ASCII text, with very long lines (8061), with no line terminators
dropped
Chrome Cache Entry: 102
ASCII text, with very long lines (32746)
downloaded
Chrome Cache Entry: 103
Unicode text, UTF-8 text, with very long lines (52402)
downloaded
Chrome Cache Entry: 104
Unicode text, UTF-8 text, with very long lines (9369)
downloaded
Chrome Cache Entry: 105
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 106
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 107
ASCII text, with very long lines (3712), with no line terminators
dropped
Chrome Cache Entry: 108
ASCII text, with very long lines (4638), with no line terminators
downloaded
Chrome Cache Entry: 109
ASCII text, with very long lines (28214)
dropped
Chrome Cache Entry: 110
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
downloaded
Chrome Cache Entry: 111
ASCII text, with very long lines (24274), with no line terminators
downloaded
Chrome Cache Entry: 112
PNG image data, 1026 x 594, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 113
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 119
ASCII text, with very long lines (7997), with no line terminators
downloaded
Chrome Cache Entry: 121
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 122
ASCII text, with very long lines (65435)
dropped
Chrome Cache Entry: 123
ASCII text, with very long lines (64244)
downloaded
Chrome Cache Entry: 124
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 126
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 127
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
dropped
Chrome Cache Entry: 128
HTML document, Unicode text, UTF-8 text, with very long lines (4627)
downloaded
Chrome Cache Entry: 129
Unicode text, UTF-8 text, with very long lines (497)
dropped
Chrome Cache Entry: 133
JSON data
dropped
Chrome Cache Entry: 140
PNG image data, 450 x 278, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (404)
downloaded
Chrome Cache Entry: 142
data
downloaded
Chrome Cache Entry: 145
JSON data
downloaded
Chrome Cache Entry: 146
ASCII text, with very long lines (64729)
downloaded
Chrome Cache Entry: 147
PNG image data, 450 x 248, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 149
ASCII text, with very long lines (16912)
dropped
Chrome Cache Entry: 93
PNG image data, 450 x 178, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 96
ASCII text, with very long lines (633), with no line terminators
downloaded
Chrome Cache Entry: 98
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 99
ASCII text, with very long lines (404)
downloaded
There are 32 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://links.twiliocdn.com/ls/click?upn=u001.s8B7Bdj-2BO6qOEbA-2BPKse2Z7fYxO9q1PAYKGQzEiFp-2FQBq-2BFpel8VkcfovM37GnWPMnODh7DjfGMugIPNcd8ltt5eAz3eLThOPRhxCnpkpwSoLZsid6F00t-2FjbyOU-2F93X804pv1CgFCLbmObbTHc4xs2oFf5JAweFiVi0KRXNOqc-3DGElV_ZsZNk9I-2BWKUMcOn-2FYMXK2VNILsetvczk0qkDBnt1Q-2Bg8MpLl8s0WAV-2BDTdcA1B04hx8sA-2BW0GxVYvh2qVpF6F65Gu9V4sDAY92xxVGKz5-2FPm7g3NnjmMHPLLko1n0yo8zXU96ib-2Fkd2UlSpKM7-2FtLOgBRnY6kYZKdEH0u7WVzj7SB1RusturLTNUo-2Fc2xD3-2Bue1X-2FXpLb7JXVjEC8KMHbkSDIFrk6iWY7B-2FVB2-2FJ2iI-3D
https://support.twilio.com/hc/en-us/articles/360022561474-How-to-Read-the-Twilio-Invoice-CSV-Supplement

Domains

Name
IP
Malicious
cdn.heapanalytics.com
18.172.153.90
a.nel.cloudflare.com
35.190.80.1
twilio.zendesk.com
216.198.54.1
external-svc-dal.swiftype.net
169.63.31.198
cf.zdassets.com
104.18.70.113
links.twiliocdn.com
104.22.59.219
heapanalytics.com
54.204.108.254
static.zdassets.com
104.18.70.113
d3hjue7omxs01q.cloudfront.net
216.137.34.122
s3.amazonaws.com
54.231.192.208
cdnjs.cloudflare.com
104.17.24.14
p5.zdassets.com
104.18.70.113
www.google.com
142.250.185.68
cloud.typography.com
unknown
s.swiftypecdn.com
unknown
assets.zendesk.com
unknown
cc.swiftype.com
unknown
support.twilio.com
unknown
There are 8 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
23.201.250.36
unknown
United States
104.17.24.14
cdnjs.cloudflare.com
United States
142.250.74.202
unknown
United States
142.250.185.68
www.google.com
United States
151.101.1.167
unknown
United States
192.168.2.17
unknown
unknown
13.32.27.35
unknown
United States
74.125.71.84
unknown
United States
44.198.98.199
unknown
United States
142.250.185.238
unknown
United States
104.22.59.219
links.twiliocdn.com
United States
54.204.108.254
heapanalytics.com
United States
54.231.192.208
s3.amazonaws.com
United States
169.63.31.198
external-svc-dal.swiftype.net
United States
239.255.255.250
unknown
Reserved
104.18.70.113
cf.zdassets.com
United States
216.137.34.122
d3hjue7omxs01q.cloudfront.net
United States
216.198.54.1
twilio.zendesk.com
United States
216.198.53.1
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
18.172.153.90
cdn.heapanalytics.com
United States
172.217.16.195
unknown
United States
151.101.129.167
unknown
United States
There are 13 hidden IPs, click here to show them.