Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
VoicePlayback for Olivier.grizel Tessi-solutions.htm
|
HTML document, ASCII text, with very long lines (65536), with no line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:53:32 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:53:32 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:53:32 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:53:32 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:53:32 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
HTML document, ASCII text, with very long lines (6677), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 103
|
very short file (no magic)
|
dropped
|
||
|
Chrome Cache Entry: 104
|
PNG image data, 48 x 31, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 105
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 91
|
ASCII text, with very long lines (48316), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 92
|
ASCII text, with very long lines (47459)
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
PNG image data, 48 x 31, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
ASCII text, with very long lines (48316), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
ASCII text, with very long lines (65447)
|
dropped
|
||
|
Chrome Cache Entry: 97
|
ASCII text, with very long lines (47459)
|
dropped
|
||
|
Chrome Cache Entry: 98
|
very short file (no magic)
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
HTML document, Unicode text, UTF-8 text, with very long lines (21837)
|
downloaded
|
There are 12 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\VoicePlayback for Olivier.grizel
Tessi-solutions.htm"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=2040,i,16708676323518611011,14229465584643898694,262144
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://code.jquery.com/jquery-3.6.0.min.js
|
151.101.2.137
|
|
|
|
file:///C:/Users/user/Desktop/VoicePlayback%20for%20Olivier.grizel%20Tessi-solutions.htm
|
|
||
|
https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff2
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c3u5q/0x4AAAAAAAkPZClHH719bfaU/auto/fbE/normal/auto/
|
104.18.94.41
|
||
|
https://assets.targetimg1.com/ssx/ssx.mod.js?async
|
unknown
|
||
|
https://securepubads.g.doubleclick.net/tag/js/gpt.js
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_54b809c9-06f1-43b9-9e01-40adc80f9546?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_d364a254-407f-4ac2-a5b8-6976c009215f?wid=668&qlt
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/1-30-CBBOB-Shop-all--328x328-210113-1610568363444-210223-1
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_1bf4989a-d01a-4152-ac0f-c7310a7fe649?fmt=webp&ql
|
unknown
|
||
|
https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js
|
104.18.94.41
|
||
|
https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_ab6a69c6-e16b-4849-aac8-51c5b67abd67
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_28274087-14dc-47c5-8401-e44a526e7312?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_b063de20-7742-4676-bb86-c6d444b277d1?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_399402ad-83ef-48c9-9d88-ec812a25d750?wid=668&qlt
|
unknown
|
||
|
https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_eb5017bf-412b-49eb-ae04-d23e94291932?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_b4e5810a-048b-40b1-99ac-b47d82f65711?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_48693c23-8a05-4e9b-a612-9bd2505aa888
|
unknown
|
||
|
https://bspiiq.nemone2.ru/IVlQ0/
|
172.67.136.206
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8d06c1291ecc7cf9/1728564821751/24d90be4dd74ab98212661be212d392fcf9506c1dbff84eefb4e308c4a7cab65/ORKmtA_6W2SXbDU
|
104.18.94.41
|
||
|
https://target.scene7.com/is/image/Target/GUEST_26c636c6-bf8d-4965-89a3-77908b96543e
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.18.94.41
|
||
|
https://target.scene7.com/is/image/Target/GUEST_0ab7f64e-fb05-479d-b005-7c5c609e5508?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_da55f880-b2d7-4180-8fa3-4902e5e784ec?fmt=webp&ql
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d06c1291ecc7cf9&lang=auto
|
104.18.94.41
|
||
|
https://target.scene7.com/is/image/Target/GUEST_c243c8a3-b201-4e84-99d9-4d58f31bd16d?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_d1358429-ae8f-4609-8129-959c9108300d?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_7052957f-a59b-431e-859c-264e55885e3a?wid=992&qlt
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_bd394175-0546-450e-8299-0b155e8f630d?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_df58ef99-1e6b-41cc-80fd-0fb5beb3a21f?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_8881f46f-6234-45e7-bd60-f59706abf17b?wid=1200&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_7052957f-a59b-431e-859c-264e55885e3a?wid=2160&ql
|
unknown
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
|
104.17.24.14
|
||
|
https://target.scene7.com/is/image/Target/GUEST_d5a547ea-9126-4f1f-9842-6b5b38941b0f?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_20365f3f-8593-4a23-a7f7-2d13f51ab93f?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_7ad8d7c4-e880-4513-9818-c21c22457ef4?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_7052957f-a59b-431e-859c-264e55885e3a?wid=1200&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_e2687f6a-f61a-4344-bbfd-1e22c8ca975a?fmt=webp&ql
|
unknown
|
||
|
https://www.target.com/
|
151.101.2.187
|
||
|
https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff2
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_2c17068d-7e1f-4b99-bca6-5cb96d9f5811?fmt=webp&ql
|
unknown
|
||
|
https://pub.doubleverify.com/signals/pub.js#ctx=21728514&cmp=DV1026531
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1068818004:1728562492:V1Fg4tV4h_VKN7CXBUHqvsz78HuPxeGulbA5rcwuYps/8d06c1291ecc7cf9/0185e1ca2e050bb
|
104.18.94.41
|
||
|
https://target.scene7.com/is/image/Target/GUEST_a216199a-48c6-4c9f-88b6-fbf33f813bc1?wid=992&qlt
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_7f27d146-8795-4c7b-9d8f-051f37a1fa85?fmt=webp&ql
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8d06c1291ecc7cf9/1728564821746/I_UXn67_B7qHfPv
|
104.18.94.41
|
||
|
https://target.scene7.com/is/image/Target/GUEST_d46e5775-9ccd-4a1e-868f-43e14ed4cdd1?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_4466d6e7-94a2-44bc-8c98-5cc7c0e2bbb0?fmt=webp&ql
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_8881f46f-6234-45e7-bd60-f59706abf17b?wid=2160&ql
|
unknown
|
||
|
https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff
|
unknown
|
||
|
https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff
|
unknown
|
||
|
https://target.scene7.com/is/image/Target/GUEST_dbf4a193-b5ba-452c-a4fb-abae50cc02af
|
unknown
|
There are 44 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
code.jquery.com
|
151.101.2.137
|
|
|
|
west-portal.crabdance.com
|
62.10.50.52
|
|
|
|
sites.target.map.fastly.net
|
151.101.2.187
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
challenges.cloudflare.com
|
104.18.94.41
|
||
|
www.google.com
|
172.217.16.132
|
||
|
nrtfzoxbwxpzcbdhyuxr4kkyxxddori8spffnks1ocgd5sj6k2s.rblenteledo.ru
|
188.114.96.3
|
||
|
bspiiq.nemone2.ru
|
172.67.136.206
|
||
|
www.target.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
151.101.2.137
|
code.jquery.com
|
United States
|
|
|
|
62.10.50.52
|
west-portal.crabdance.com
|
Italy
|
|
|
|
172.67.136.206
|
bspiiq.nemone2.ru
|
United States
|
||
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
104.18.94.41
|
challenges.cloudflare.com
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
188.114.96.3
|
nrtfzoxbwxpzcbdhyuxr4kkyxxddori8spffnks1ocgd5sj6k2s.rblenteledo.ru
|
European Union
|
||
|
151.101.194.137
|
unknown
|
United States
|
||
|
151.101.2.187
|
sites.target.map.fastly.net
|
United States
|
||
|
172.217.16.132
|
www.google.com
|
United States
|
There are 1 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/VoicePlayback%20for%20Olivier.grizel%20Tessi-solutions.htm
|
||
|
file:///C:/Users/user/Desktop/VoicePlayback%20for%20Olivier.grizel%20Tessi-solutions.htm
|
||
|
file:///C:/Users/user/Desktop/VoicePlayback%20for%20Olivier.grizel%20Tessi-solutions.htm
|
||
|
file:///C:/Users/user/Desktop/VoicePlayback%20for%20Olivier.grizel%20Tessi-solutions.htm
|