IOC Report
https://notes.hive.com/?workspaceId=kr3Aqn9Lc8FeMK9ca¬ebookId=9woJR3r4bJz9Thzka&shareToken=6689549e3fef68b37161a764f0513cfa40edcac4d30cd3ab4fdae634125b9152

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 18:18:49 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 18:18:49 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 18:18:49 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 18:18:49 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 18:18:49 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 145
ASCII text, with very long lines (755), with no line terminators
downloaded
Chrome Cache Entry: 146
Web Open Font Format (Version 2), CFF, length 80652, version 1.0
downloaded
Chrome Cache Entry: 147
ASCII text, with very long lines (11450)
dropped
Chrome Cache Entry: 148
ASCII text, with very long lines (6187)
downloaded
Chrome Cache Entry: 149
gzip compressed data, from Unix, original size modulo 2^32 2960
dropped
Chrome Cache Entry: 151
ASCII text, with very long lines (11450)
dropped
Chrome Cache Entry: 152
ASCII text
downloaded
Chrome Cache Entry: 153
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 154
gzip compressed data, from Unix, original size modulo 2^32 4271
downloaded
Chrome Cache Entry: 156
ASCII text
dropped
Chrome Cache Entry: 157
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 158
ASCII text, with very long lines (15802)
downloaded
Chrome Cache Entry: 159
ASCII text, with very long lines (31995)
dropped
Chrome Cache Entry: 161
Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
downloaded
Chrome Cache Entry: 164
ASCII text, with very long lines (64448)
downloaded
Chrome Cache Entry: 165
gzip compressed data, from Unix, original size modulo 2^32 3013
downloaded
Chrome Cache Entry: 166
ASCII text, with very long lines (52592)
downloaded
Chrome Cache Entry: 169
gzip compressed data, from Unix, original size modulo 2^32 622130
downloaded
Chrome Cache Entry: 170
ASCII text, with very long lines (5207), with no line terminators
dropped
Chrome Cache Entry: 172
ASCII text, with very long lines (340)
dropped
Chrome Cache Entry: 174
HTML document, ASCII text, with very long lines (2592), with no line terminators
dropped
Chrome Cache Entry: 175
JSON data
downloaded
Chrome Cache Entry: 176
Unicode text, UTF-8 text, with very long lines (4290), with no line terminators
downloaded
Chrome Cache Entry: 177
ASCII text, with very long lines (1490)
downloaded
Chrome Cache Entry: 178
ASCII text, with very long lines (3024)
dropped
Chrome Cache Entry: 180
JSON data
dropped
Chrome Cache Entry: 181
ASCII text
downloaded
Chrome Cache Entry: 182
ASCII text
dropped
Chrome Cache Entry: 183
ASCII text, with very long lines (5552)
dropped
Chrome Cache Entry: 185
ASCII text, with very long lines (65371)
downloaded
Chrome Cache Entry: 188
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 190
Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
dropped
Chrome Cache Entry: 194
ASCII text, with very long lines (4918), with no line terminators
dropped
Chrome Cache Entry: 196
ASCII text, with very long lines (65393)
downloaded
Chrome Cache Entry: 197
HTML document, ASCII text, with very long lines (598), with CRLF line terminators
downloaded
Chrome Cache Entry: 199
Unicode text, UTF-8 text, with very long lines (7592), with no line terminators
dropped
Chrome Cache Entry: 200
JSON data
downloaded
Chrome Cache Entry: 201
JSON data
dropped
Chrome Cache Entry: 202
XML 1.0 document, ASCII text
downloaded
Chrome Cache Entry: 204
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 205
Unicode text, UTF-8 text, with very long lines (516)
downloaded
Chrome Cache Entry: 208
gzip compressed data, from Unix, original size modulo 2^32 5530
downloaded
Chrome Cache Entry: 209
Unicode text, UTF-8 text, with very long lines (4570)
dropped
Chrome Cache Entry: 211
gzip compressed data, original size modulo 2^32 6631
dropped
Chrome Cache Entry: 212
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 214
ASCII text, with very long lines (354), with CRLF line terminators
dropped
Chrome Cache Entry: 216
gzip compressed data, from Unix, original size modulo 2^32 10441
downloaded
Chrome Cache Entry: 217
ASCII text, with very long lines (1389), with no line terminators
dropped
Chrome Cache Entry: 219
gzip compressed data, was "tmpn38be2p_", last modified: Wed Oct 9 15:23:15 2024, max compression, original size modulo 2^32 291442
dropped
Chrome Cache Entry: 221
JSON data
dropped
Chrome Cache Entry: 222
gzip compressed data, max compression, from Unix, original size modulo 2^32 71723
downloaded
Chrome Cache Entry: 223
gzip compressed data, from Unix, original size modulo 2^32 2712
dropped
Chrome Cache Entry: 224
HTML document, ASCII text, with very long lines (1144), with no line terminators
downloaded
Chrome Cache Entry: 228
ASCII text
dropped
Chrome Cache Entry: 229
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 230
Unicode text, UTF-8 text, with very long lines (4570)
downloaded
Chrome Cache Entry: 232
gzip compressed data, from Unix, original size modulo 2^32 6697
downloaded
Chrome Cache Entry: 237
ASCII text, with very long lines (9198)
dropped
Chrome Cache Entry: 239
gzip compressed data, from Unix, original size modulo 2^32 46438
downloaded
Chrome Cache Entry: 242
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 251
ASCII text, with very long lines (11450)
dropped
Chrome Cache Entry: 256
Unicode text, UTF-8 text, with very long lines (41169)
dropped
Chrome Cache Entry: 257
Unicode text, UTF-8 text, with very long lines (9928), with no line terminators
downloaded
Chrome Cache Entry: 258
ASCII text, with very long lines (4916), with no line terminators
downloaded
Chrome Cache Entry: 259
ASCII text
downloaded
Chrome Cache Entry: 265
Web Open Font Format, CFF, length 86056, version 0.0
downloaded
Chrome Cache Entry: 267
ASCII text, with very long lines (5613), with no line terminators
dropped
Chrome Cache Entry: 268
Unicode text, UTF-8 text, with very long lines (50522), with no line terminators
downloaded
Chrome Cache Entry: 269
ASCII text, with very long lines (5479), with no line terminators
downloaded
Chrome Cache Entry: 270
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 272
ASCII text, with very long lines (11450)
downloaded
Chrome Cache Entry: 273
ASCII text, with very long lines (971), with no line terminators
dropped
Chrome Cache Entry: 278
gzip compressed data, from Unix, original size modulo 2^32 859947
downloaded
Chrome Cache Entry: 279
ASCII text, with very long lines (64952)
downloaded
Chrome Cache Entry: 280
gzip compressed data, from Unix, original size modulo 2^32 3516
dropped
Chrome Cache Entry: 282
ASCII text, with very long lines (9217)
dropped
Chrome Cache Entry: 284
JSON data
dropped
Chrome Cache Entry: 285
gzip compressed data, from Unix, original size modulo 2^32 3759
downloaded
Chrome Cache Entry: 286
gzip compressed data, from Unix, original size modulo 2^32 5144
downloaded
Chrome Cache Entry: 287
ASCII text, with very long lines (11450)
downloaded
Chrome Cache Entry: 288
gzip compressed data, from Unix, original size modulo 2^32 77210
dropped
Chrome Cache Entry: 292
ASCII text, with very long lines (65502)
downloaded
Chrome Cache Entry: 294
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 296
Unicode text, UTF-8 text, with very long lines (38292)
downloaded
Chrome Cache Entry: 297
Unicode text, UTF-8 text, with very long lines (65445)
dropped
Chrome Cache Entry: 299
HTML document, ASCII text, with very long lines (598), with CRLF line terminators
dropped
Chrome Cache Entry: 300
gzip compressed data, from Unix, original size modulo 2^32 3073
downloaded
There are 84 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://notes.hive.com/?workspaceId=kr3Aqn9Lc8FeMK9ca&notebookId=9woJR3r4bJz9Thzka&shareToken=6689549e3fef68b37161a764f0513cfa40edcac4d30cd3ab4fdae634125b9152
https://notes.hive.com/?workspaceId=kr3Aqn9Lc8FeMK9ca&notebookId=9woJR3r4bJz9Thzka&shareToken=6689549e3fef68b37161a764f0513cfa40edcac4d30cd3ab4fdae634125b9152

Domains

Name
IP
Malicious
tag.clearbitscripts.com
18.245.46.79
hiveteams.referralrock.com
20.75.106.146
js.hs-analytics.net
104.17.175.201
a73e323c18fd19b2a.awsglobalaccelerator.com
15.197.190.183
stats.g.doubleclick.net
74.125.133.154
d296je7bbdd650.cloudfront.net
99.86.8.175
scontent.xx.fbcdn.net
157.240.251.9
app.satismeter.com
104.18.3.19
track.hubspot.com
104.16.117.116
cdnjs.cloudflare.com
104.17.25.14
global-v4.clearbit.com
18.153.4.44
dualstack.crozdesk-conversion-web-67362884.eu-west-1.elb.amazonaws.com
34.254.10.88
www.google.com
142.250.185.228
api.segment.io
35.166.226.67
nexus-websocket-a.intercom.io
35.174.127.31
app.clearbit.com
18.153.4.44
js.intercomcdn.com
13.32.110.112
stackpath.bootstrapcdn.com
104.18.11.207
js.hs-banner.com
172.64.147.16
star-mini.c10r.facebook.com
157.240.0.35
cdn.heapanalytics.com
18.239.69.16
s.twitter.com
104.244.42.131
widget.intercom.io
18.239.83.60
js.hsadspixel.net
104.17.223.152
edge.fullstory.com
35.201.112.186
api-iam.intercom.io
52.7.22.181
ax-0001.ax-msedge.net
150.171.28.10
heapanalytics.com
34.232.104.164
rs.fullstory.com
35.186.194.58
js-na1.hs-scripts.com
104.16.137.209
analytics-alv.google.com
216.239.34.181
googleads.g.doubleclick.net
142.250.185.98
api.hubapi.com
104.18.240.108
d1c596oky8ef8u.cloudfront.net
3.161.82.81
td.doubleclick.net
142.250.186.162
x.clearbitjs.com
unknown
cdn.segment.com
unknown
prod-gql.hive.com
unknown
notes.hive.com
unknown
ct.capterra.com
unknown
use.typekit.net
unknown
www.facebook.com
unknown
15.164.165.52.in-addr.arpa
unknown
www.linkedin.com
unknown
trk.crozdesk.com
unknown
pro.fontawesome.com
unknown
connect.facebook.net
unknown
px.ads.linkedin.com
unknown
analytics.twitter.com
unknown
p.typekit.net
unknown
snap.licdn.com
unknown
analytics.google.com
unknown
fast.appcues.com
unknown
There are 43 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
142.250.185.99
unknown
United States
142.250.185.228
www.google.com
United States
172.217.16.136
unknown
United States
15.197.190.183
a73e323c18fd19b2a.awsglobalaccelerator.com
United States
3.160.150.128
unknown
United States
216.239.34.181
analytics-alv.google.com
United States
35.186.194.58
rs.fullstory.com
United States
173.194.76.84
unknown
United States
34.232.104.164
heapanalytics.com
United States
2.19.126.206
unknown
European Union
35.174.127.31
nexus-websocket-a.intercom.io
United States
142.250.185.104
unknown
United States
34.237.73.95
unknown
United States
54.161.217.235
unknown
United States
104.18.240.108
api.hubapi.com
United States
34.254.10.88
dualstack.crozdesk-conversion-web-67362884.eu-west-1.elb.amazonaws.com
United States
172.64.146.215
unknown
United States
104.18.3.19
app.satismeter.com
United States
18.239.69.16
cdn.heapanalytics.com
United States
151.101.194.110
unknown
United States
13.32.110.112
js.intercomcdn.com
United States
88.221.110.136
unknown
European Union
1.1.1.1
unknown
Australia
35.166.226.67
api.segment.io
United States
3.161.82.81
d1c596oky8ef8u.cloudfront.net
United States
157.240.0.35
star-mini.c10r.facebook.com
United States
104.16.137.209
js-na1.hs-scripts.com
United States
104.18.40.158
unknown
United States
104.244.42.131
s.twitter.com
United States
52.12.47.65
unknown
United States
172.217.18.2
unknown
United States
13.107.42.14
unknown
United States
54.69.251.6
unknown
United States
104.17.175.201
js.hs-analytics.net
United States
239.255.255.250
unknown
Reserved
104.18.242.108
unknown
United States
3.127.196.46
unknown
United States
104.16.141.209
unknown
United States
18.245.46.79
tag.clearbitscripts.com
United States
99.86.8.175
d296je7bbdd650.cloudfront.net
United States
151.101.2.110
unknown
United States
104.17.25.14
cdnjs.cloudflare.com
United States
142.250.186.104
unknown
United States
142.250.185.206
unknown
United States
74.125.133.154
stats.g.doubleclick.net
United States
104.18.40.68
unknown
United States
142.250.186.174
unknown
United States
192.168.2.17
unknown
unknown
192.168.2.16
unknown
unknown
18.239.69.116
unknown
United States
18.239.83.60
widget.intercom.io
United States
192.168.2.22
unknown
unknown
142.250.185.163
unknown
United States
150.171.28.10
ax-0001.ax-msedge.net
United States
172.64.147.16
js.hs-banner.com
United States
142.250.185.162
unknown
United States
3.33.142.224
unknown
United States
157.240.252.35
unknown
United States
18.245.46.20
unknown
United States
52.7.22.181
api-iam.intercom.io
United States
142.250.186.162
td.doubleclick.net
United States
18.245.46.19
unknown
United States
104.244.42.195
unknown
United States
18.153.4.44
global-v4.clearbit.com
United States
216.58.206.68
unknown
United States
104.18.11.207
stackpath.bootstrapcdn.com
United States
157.240.251.9
scontent.xx.fbcdn.net
United States
150.171.27.10
unknown
United States
2.19.126.211
unknown
European Union
35.201.112.186
edge.fullstory.com
United States
20.75.106.146
hiveteams.referralrock.com
United States
54.194.208.140
unknown
United States
18.239.83.59
unknown
United States
104.124.11.145
unknown
United States
104.18.2.19
unknown
United States
104.16.117.116
track.hubspot.com
United States
104.17.223.152
js.hsadspixel.net
United States
142.250.185.98
googleads.g.doubleclick.net
United States
There are 68 hidden IPs, click here to show them.