Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
phish_alert_sp2_2.0.0.0.eml
|
RFC 822 mail, ASCII text, with very long lines (2137), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\IZMN0LFD\Gms-worldwide.com_reff_718221024510_JdPQby1N0i
(002).html:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\IZMN0LFD\Gms-worldwide.com_reff_718221024510_JdPQby1N0i.html
|
HTML document, ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\olkDF7E.tmp
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl
|
data
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 10:48:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 10:48:49 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 10:48:49 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 10:48:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 10:48:49 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 104
|
ASCII text, with very long lines (48316), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 106
|
ASCII text, with very long lines (1002)
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 108
|
PNG image data, 135 x 155, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 109
|
PNG image data, 12 x 17, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 110
|
very short file (no magic)
|
dropped
|
||
|
Chrome Cache Entry: 111
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 113
|
ASCII text, with very long lines (14598)
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
PNG image data, 21 x 20, 8-bit gray+alpha, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 119
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
PNG image data, 70 x 70, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 122
|
PNG image data, 100 x 87, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
ASCII text, with very long lines (65447)
|
dropped
|
||
|
Chrome Cache Entry: 124
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 127
|
PNG image data, 220 x 190, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 130
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
HTML document, ASCII text, with very long lines (6657), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 132
|
PNG image data, 20 x 20, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 133
|
ASCII text, with very long lines (7407), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
PNG image data, 19 x 19, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 136
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 139
|
JPEG image data, baseline, precision 8, 220x279, components 3
|
dropped
|
||
|
Chrome Cache Entry: 140
|
JPEG image data, baseline, precision 8, 250x167, components 3
|
dropped
|
||
|
Chrome Cache Entry: 141
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 145
|
ASCII text, with very long lines (1136)
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
JPEG image data, baseline, precision 8, 16x16, components 3
|
dropped
|
||
|
Chrome Cache Entry: 149
|
JPEG image data, baseline, precision 8, 220x173, components 1
|
dropped
|
||
|
Chrome Cache Entry: 150
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 152
|
JPEG image data, baseline, precision 8, 220x147, components 3
|
dropped
|
||
|
Chrome Cache Entry: 153
|
PNG image data, 16 x 17, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 154
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 220x220, Suserng: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 156
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 220x124,
components 3
|
dropped
|
||
|
Chrome Cache Entry: 157
|
PNG image data, 10 x 10, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 158
|
PNG image data, 75 x 79, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 159
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 161
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 165
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 220x279, Suserng: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 168
|
ASCII text, with very long lines (17570)
|
downloaded
|
||
|
Chrome Cache Entry: 169
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 170
|
ASCII text, with very long lines (4499)
|
dropped
|
||
|
Chrome Cache Entry: 174
|
PNG image data, 40 x 39, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 175
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 176
|
ASCII text, with very long lines (47261)
|
downloaded
|
||
|
Chrome Cache Entry: 177
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, description=stone.tif, xresolution=84, yresolution=92,
resolutionunit=2], baseline, precision 8, 220x261, components 3
|
dropped
|
||
|
Chrome Cache Entry: 178
|
PNG image data, 34 x 41, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 179
|
JPEG image data, baseline, precision 8, 220x220, components 3
|
dropped
|
||
|
Chrome Cache Entry: 180
|
PNG image data, 220 x 211, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 181
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 183
|
HTML document, Unicode text, UTF-8 text, with very long lines (23093)
|
downloaded
|
||
|
Chrome Cache Entry: 184
|
PNG image data, 220 x 147, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 186
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 187
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 220x173, Suserng: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 190
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 192
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 193
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 194
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 220x147, Suserng: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 195
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 197
|
PNG image data, 56 x 51, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 199
|
HTML document, Unicode text, UTF-8 text, with very long lines (4150)
|
downloaded
|
||
|
Chrome Cache Entry: 200
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 202
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 203
|
PNG image data, 19 x 19, 4-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 205
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 206
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 207
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 208
|
Unicode text, UTF-8 text, with very long lines (1417)
|
dropped
|
||
|
Chrome Cache Entry: 209
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 211
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
There are 81 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/IZMN0LFD/Gms-worldwide.com_reff_718221024510_JdPQby1N0i.html
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
fvi5np.tgardtorveni.com
|
104.21.10.69
|
||
|
code.jquery.com
|
151.101.66.137
|
||
|
me-ycpi-cf-www.g06.yahoodns.net
|
87.248.119.252
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
40lzzyxj.banquetesaraucania.cc
|
188.114.97.3
|
||
|
challenges.cloudflare.com
|
104.18.95.41
|
||
|
xmymbshctq0yrufobyi4rhh5pb7rbmlpbry0hnlxy2jafbrmj5sr4upab4a.tubeawelm.ru
|
104.21.34.46
|
||
|
www.google.com
|
172.217.18.4
|
||
|
upload.wikimedia.org
|
185.15.59.240
|
||
|
dyna.wikimedia.org
|
185.15.59.224
|
||
|
yahoo.com
|
98.137.11.164
|
||
|
media-router-brb1.prod.media.g03.yahoodns.net
|
188.125.72.139
|
||
|
login.wikimedia.org
|
unknown
|
||
|
csp.yahoo.com
|
unknown
|
||
|
www.yahoo.com
|
unknown
|
||
|
en.wikipedia.org
|
unknown
|
||
|
meta.wikimedia.org
|
unknown
|
There are 7 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.18.94.41
|
unknown
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
52.182.143.214
|
unknown
|
United States
|
||
|
185.15.59.224
|
dyna.wikimedia.org
|
Netherlands
|
||
|
87.248.119.252
|
me-ycpi-cf-www.g06.yahoodns.net
|
United Kingdom
|
||
|
104.21.34.46
|
xmymbshctq0yrufobyi4rhh5pb7rbmlpbry0hnlxy2jafbrmj5sr4upab4a.tubeawelm.ru
|
United States
|
||
|
185.15.59.240
|
upload.wikimedia.org
|
Netherlands
|
||
|
151.101.66.137
|
code.jquery.com
|
United States
|
||
|
142.250.186.99
|
unknown
|
United States
|
||
|
52.113.194.132
|
unknown
|
United States
|
||
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
172.217.16.202
|
unknown
|
United States
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
74.125.133.84
|
unknown
|
United States
|
||
|
172.217.18.4
|
www.google.com
|
United States
|
||
|
104.18.95.41
|
challenges.cloudflare.com
|
United States
|
||
|
151.101.2.137
|
unknown
|
United States
|
||
|
188.125.72.139
|
media-router-brb1.prod.media.g03.yahoodns.net
|
United Kingdom
|
||
|
104.21.10.69
|
fvi5np.tgardtorveni.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
188.114.97.3
|
40lzzyxj.banquetesaraucania.cc
|
European Union
|
||
|
142.250.186.142
|
unknown
|
United States
|
||
|
142.250.184.238
|
unknown
|
United States
|
||
|
172.217.16.195
|
unknown
|
United States
|
||
|
52.109.76.144
|
unknown
|
United States
|
||
|
104.17.25.14
|
unknown
|
United States
|
||
|
98.137.11.164
|
yahoo.com
|
United States
|
There are 17 hidden IPs, click here to show them.