Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
phish_alert_sp2_2.0.0.0.eml
|
RFC 822 mail, ASCII text, with very long lines (1985), with CRLF line terminators
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 13:11:03 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 13:11:03 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 13:11:03 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 13:11:03 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 13:11:02 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 101
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 103
|
ASCII text, with very long lines (5796)
|
downloaded
|
||
Chrome Cache Entry: 104
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 106
|
HTML document, ASCII text, with very long lines (754), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 107
|
ASCII text, with very long lines (4201)
|
downloaded
|
||
Chrome Cache Entry: 108
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 109
|
HTML document, ASCII text, with very long lines (1093)
|
downloaded
|
||
Chrome Cache Entry: 111
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 112
|
Web Open Font Format (Version 2), TrueType, length 47828, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 116
|
ASCII text, with no line terminators
|
dropped
|
||
Chrome Cache Entry: 119
|
ASCII text, with very long lines (1490)
|
downloaded
|
||
Chrome Cache Entry: 123
|
HTML document, ASCII text, with very long lines (2592), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 125
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 127
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 128
|
ASCII text, with very long lines (31995)
|
downloaded
|
||
Chrome Cache Entry: 129
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 130
|
ASCII text
|
dropped
|
||
Chrome Cache Entry: 131
|
gzip compressed data, original size modulo 2^32 57055
|
downloaded
|
||
Chrome Cache Entry: 133
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
Chrome Cache Entry: 138
|
ASCII text, with very long lines (1571)
|
downloaded
|
||
Chrome Cache Entry: 140
|
ASCII text, with very long lines (22462)
|
downloaded
|
||
Chrome Cache Entry: 142
|
ASCII text, with very long lines (42611)
|
dropped
|
||
Chrome Cache Entry: 143
|
ASCII text, with very long lines (11231)
|
downloaded
|
||
Chrome Cache Entry: 145
|
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 146
|
ASCII text, with very long lines (8686)
|
downloaded
|
||
Chrome Cache Entry: 147
|
ASCII text, with very long lines (42611)
|
downloaded
|
||
Chrome Cache Entry: 149
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 151
|
ASCII text, with very long lines (9198)
|
downloaded
|
||
Chrome Cache Entry: 152
|
gzip compressed data, was "tmpn38be2p_", last modified: Wed Oct 9 15:23:15 2024, max compression, original size modulo 2^32
291442
|
dropped
|
||
Chrome Cache Entry: 153
|
Unicode text, UTF-8 text, with very long lines (65461)
|
downloaded
|
||
Chrome Cache Entry: 154
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 155
|
ASCII text, with very long lines (902), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 158
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 71723
|
dropped
|
||
Chrome Cache Entry: 159
|
Unicode text, UTF-8 text, with very long lines (18223)
|
downloaded
|
||
Chrome Cache Entry: 160
|
Unicode text, UTF-8 text, with very long lines (50522), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 161
|
ASCII text, with very long lines (4201)
|
dropped
|
||
Chrome Cache Entry: 164
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 165
|
ASCII text, with very long lines (63670)
|
dropped
|
||
Chrome Cache Entry: 166
|
ASCII text, with very long lines (65451)
|
downloaded
|
||
Chrome Cache Entry: 167
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 168
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 169
|
Web Open Font Format (Version 2), TrueType, length 48348, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 170
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 172
|
ASCII text, with very long lines (64749)
|
dropped
|
||
Chrome Cache Entry: 173
|
gzip compressed data, from Unix, original size modulo 2^32 3516
|
dropped
|
||
Chrome Cache Entry: 174
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 175
|
Web Open Font Format (Version 2), TrueType, length 43516, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 176
|
ASCII text, with very long lines (3457)
|
dropped
|
||
Chrome Cache Entry: 177
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 178
|
JSON data
|
dropped
|
There are 49 hidden files, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://app.pandadoc.com/login/?next=/a/#/documents/C2edxovHUsjF2GgqzPKjZ7?requestAccessDisabled=true
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
dart.l.doubleclick.net
|
142.250.186.70
|
||
tag.clearbitscripts.com
|
18.245.46.79
|
||
d31uqz37bvu6i7.cloudfront.net
|
13.32.118.196
|
||
js.hs-analytics.net
|
104.17.175.201
|
||
adservice.google.com
|
172.217.16.130
|
||
d340ru1tcj2c5x.cloudfront.net
|
52.222.214.68
|
||
eur02.safelinks.eop-tm2.outlook.com
|
104.47.11.28
|
||
d296je7bbdd650.cloudfront.net
|
13.249.86.140
|
||
track.hubspot.com
|
104.16.117.116
|
||
global-v4.clearbit.com
|
18.158.205.16
|
||
www.google.com
|
142.250.186.36
|
||
api.segment.io
|
34.223.74.168
|
||
app.clearbit.com
|
18.158.205.16
|
||
js.hs-banner.com
|
172.64.147.16
|
||
d3m3a7p0ze7hmq.cloudfront.net
|
143.204.215.81
|
||
x4whrmz.x.incapdns.net
|
45.223.20.103
|
||
sentry.infrastructure.pandadoc.com
|
54.148.238.104
|
||
ad.doubleclick.net
|
142.250.186.38
|
||
edge.fullstory.com
|
35.201.112.186
|
||
ax-0001.ax-msedge.net
|
150.171.28.10
|
||
bm2ydo9.impervadns.net
|
45.223.20.103
|
||
js-na1.hs-scripts.com
|
104.16.141.209
|
||
td.doubleclick.net
|
172.217.18.2
|
||
cdn.cookielaw.org
|
104.18.87.42
|
||
geolocation.onetrust.com
|
104.18.32.137
|
||
dr79nymq4x8i9.cloudfront.net
|
3.160.156.176
|
||
static.prod.pandadoc-static.com
|
unknown
|
||
x.clearbitjs.com
|
unknown
|
||
cdn.segment.com
|
unknown
|
||
api.pandadoc.com
|
unknown
|
||
app.pandadoc.com
|
unknown
|
||
eur02.safelinks.protection.outlook.com
|
unknown
|
||
12370631.fls.doubleclick.net
|
unknown
|
There are 23 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
35.160.35.184
|
unknown
|
United States
|
||
20.189.173.4
|
unknown
|
United States
|
||
142.250.185.226
|
unknown
|
United States
|
||
13.249.86.140
|
d296je7bbdd650.cloudfront.net
|
United States
|
||
18.158.205.16
|
global-v4.clearbit.com
|
United States
|
||
104.16.118.116
|
unknown
|
United States
|
||
142.251.168.84
|
unknown
|
United States
|
||
104.18.32.137
|
geolocation.onetrust.com
|
United States
|
||
104.47.11.28
|
eur02.safelinks.eop-tm2.outlook.com
|
United States
|
||
142.250.186.70
|
dart.l.doubleclick.net
|
United States
|
||
142.250.184.227
|
unknown
|
United States
|
||
104.16.138.209
|
unknown
|
United States
|
||
143.204.215.75
|
unknown
|
United States
|
||
104.18.87.42
|
cdn.cookielaw.org
|
United States
|
||
1.1.1.1
|
unknown
|
Australia
|
||
142.250.186.36
|
www.google.com
|
United States
|
||
142.250.186.38
|
ad.doubleclick.net
|
United States
|
||
216.58.206.40
|
unknown
|
United States
|
||
13.32.118.196
|
d31uqz37bvu6i7.cloudfront.net
|
United States
|
||
172.217.18.2
|
td.doubleclick.net
|
United States
|
||
172.64.155.119
|
unknown
|
United States
|
||
34.223.74.168
|
api.segment.io
|
United States
|
||
52.222.214.89
|
unknown
|
United States
|
||
104.17.175.201
|
js.hs-analytics.net
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
3.127.196.46
|
unknown
|
United States
|
||
104.16.141.209
|
js-na1.hs-scripts.com
|
United States
|
||
18.245.46.79
|
tag.clearbitscripts.com
|
United States
|
||
142.250.186.142
|
unknown
|
United States
|
||
99.86.8.175
|
unknown
|
United States
|
||
142.250.185.206
|
unknown
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
3.160.156.176
|
dr79nymq4x8i9.cloudfront.net
|
United States
|
||
45.223.20.103
|
x4whrmz.x.incapdns.net
|
United States
|
||
150.171.28.10
|
ax-0001.ax-msedge.net
|
United States
|
||
172.64.147.16
|
js.hs-banner.com
|
United States
|
||
104.16.160.168
|
unknown
|
United States
|
||
142.250.184.200
|
unknown
|
United States
|
||
52.113.194.132
|
unknown
|
United States
|
||
54.148.238.104
|
sentry.infrastructure.pandadoc.com
|
United States
|
||
18.153.4.44
|
unknown
|
United States
|
||
142.250.185.170
|
unknown
|
United States
|
||
35.201.112.186
|
edge.fullstory.com
|
United States
|
||
143.204.215.81
|
d3m3a7p0ze7hmq.cloudfront.net
|
United States
|
||
172.217.16.130
|
adservice.google.com
|
United States
|
||
104.16.117.116
|
track.hubspot.com
|
United States
|
||
52.222.214.68
|
d340ru1tcj2c5x.cloudfront.net
|
United States
|
||
18.245.46.12
|
unknown
|
United States
|
||
172.217.16.131
|
unknown
|
United States
|
There are 39 hidden IPs, click here to show them.