IOC Report
https://7t8ql.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfuMSBF0gGyFwr7N1fdCT8W/FBlgXxf9SI5Z

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 101
ASCII text, with very long lines (567)
downloaded
Chrome Cache Entry: 102
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 103
ASCII text, with very long lines (2051)
dropped
Chrome Cache Entry: 104
ASCII text, with very long lines (1195)
dropped
Chrome Cache Entry: 105
ASCII text, with very long lines (1885)
downloaded
Chrome Cache Entry: 106
PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 107
data
dropped
Chrome Cache Entry: 108
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 109
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
downloaded
Chrome Cache Entry: 110
ASCII text, with very long lines (567)
dropped
Chrome Cache Entry: 111
ASCII text, with very long lines (541)
downloaded
Chrome Cache Entry: 112
data
dropped
Chrome Cache Entry: 113
data
dropped
Chrome Cache Entry: 114
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 115
ASCII text, with very long lines (4666)
dropped
Chrome Cache Entry: 116
Web Open Font Format (Version 2), TrueType, length 34184, version 1.0
downloaded
Chrome Cache Entry: 117
HTML document, ASCII text
downloaded
Chrome Cache Entry: 118
ASCII text, with very long lines (2287)
dropped
Chrome Cache Entry: 119
data
dropped
Chrome Cache Entry: 120
data
dropped
Chrome Cache Entry: 121
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 122
data
dropped
Chrome Cache Entry: 123
ASCII text, with very long lines (4666)
downloaded
Chrome Cache Entry: 124
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
Chrome Cache Entry: 125
data
dropped
Chrome Cache Entry: 126
ASCII text, with very long lines (2051)
downloaded
Chrome Cache Entry: 127
ASCII text, with very long lines (1885)
dropped
Chrome Cache Entry: 128
data
dropped
Chrome Cache Entry: 129
JSON data
downloaded
Chrome Cache Entry: 130
ASCII text, with very long lines (994)
downloaded
Chrome Cache Entry: 131
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 132
RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x900, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 133
data
dropped
Chrome Cache Entry: 134
RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x900, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 135
data
dropped
Chrome Cache Entry: 136
ASCII text, with very long lines (1159)
dropped
Chrome Cache Entry: 137
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 138
data
dropped
Chrome Cache Entry: 139
HTML document, ASCII text
downloaded
Chrome Cache Entry: 140
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (684)
downloaded
Chrome Cache Entry: 142
ASCII text, with very long lines (2287)
downloaded
Chrome Cache Entry: 143
ASCII text, with very long lines (1885)
downloaded
Chrome Cache Entry: 144
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 145
ASCII text, with very long lines (1159)
downloaded
Chrome Cache Entry: 146
data
dropped
Chrome Cache Entry: 147
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 148
data
dropped
Chrome Cache Entry: 149
data
dropped
Chrome Cache Entry: 150
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x288, components 3
downloaded
Chrome Cache Entry: 151
HTML document, ASCII text, with very long lines (512)
downloaded
Chrome Cache Entry: 152
data
dropped
Chrome Cache Entry: 153
ASCII text, with very long lines (994)
dropped
Chrome Cache Entry: 154
data
dropped
Chrome Cache Entry: 155
data
dropped
Chrome Cache Entry: 156
ASCII text, with very long lines (3274), with no line terminators
downloaded
Chrome Cache Entry: 157
data
dropped
Chrome Cache Entry: 158
ASCII text, with very long lines (3817)
downloaded
Chrome Cache Entry: 159
PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 160
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
dropped
Chrome Cache Entry: 161
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 162
ASCII text, with very long lines (3817)
dropped
Chrome Cache Entry: 163
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 164
data
dropped
Chrome Cache Entry: 165
ASCII text
downloaded
Chrome Cache Entry: 166
ASCII text, with very long lines (541)
dropped
Chrome Cache Entry: 167
JSON data
dropped
Chrome Cache Entry: 168
data
dropped
Chrome Cache Entry: 169
ASCII text, with very long lines (542)
dropped
Chrome Cache Entry: 170
ASCII text, with very long lines (542)
downloaded
Chrome Cache Entry: 171
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 172
PNG image data, 77 x 77, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 173
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
dropped
Chrome Cache Entry: 174
ASCII text, with very long lines (684)
dropped
Chrome Cache Entry: 175
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 176
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 177
data
dropped
Chrome Cache Entry: 178
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
downloaded
Chrome Cache Entry: 179
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
downloaded
Chrome Cache Entry: 180
PNG image data, 77 x 77, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 181
data
dropped
Chrome Cache Entry: 182
data
dropped
Chrome Cache Entry: 183
ASCII text, with very long lines (1195)
downloaded
Chrome Cache Entry: 184
data
dropped
Chrome Cache Entry: 185
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 186
data
dropped
Chrome Cache Entry: 187
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x288, components 3
dropped
Chrome Cache Entry: 188
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 189
data
dropped
Chrome Cache Entry: 190
ASCII text, with very long lines (1885)
dropped
There are 81 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=2040,i,13126220536750110149,4832844798176370529,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://7t8ql.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfuMSBF0gGyFwr7N1fdCT8W/FBlgXxf9SI5Z"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6056 --field-trial-handle=2040,i,13126220536750110149,4832844798176370529,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

URLs

Name
IP
Malicious
https://7t8ql.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfuMSBF0gGyFwr7N1fdCT8W/FBlgXxf9SI5Z
https://apis.google.com/js/googleapis.proxy.js?onload=startup
142.250.186.142
https://signaler-staging.sandbox.google.com
unknown
https://feedback.googleusercontent.com/resources/annotator.css
unknown
http://www.broofa.com
unknown
https://apis.google.com/js/client.js
unknown
https://7t8ql.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfuMSBF0gGyFwr7N1fdCT8W/FBlgXxf9SI5Z
https://feedback2-test.corp.googleusercontent.com/tools/feedback/%
unknown
https://support.google.com
unknown
https://apis.google.com/js/googleapis.proxy.js
unknown
http://localhost.proxy.googlers.com/inapp/
unknown
https://stagingqual-feedback-pa-googleapis.sandbox.google.com
unknown
https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
unknown
https://support.google.com/drive/answer/2423485?hl=%s
unknown
https://drive.google.com/get_video_info?docid=1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM&drive_originator_app=303
142.250.184.238
https://help.youtube.com/tools/feedback/
unknown
https://drive.google.com/drive-viewer/AKGpihbsYuRPXht5N3qTymeAiJ0CP1I58g8-Tyx5BFqtshSJE0_PVZ-tk7G6s_SraY6NWh4CqJLgs5B2Ag8zlojzedRc816LtsYMfXQ=w1920-h1080-k-rw-v1-pd
142.250.184.238
https://onepick-autopush.sandbox.google.com/picker/minpick/main
unknown
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
unknown
https://docs.google.com/document/d/1kganm9BHI3TsF8ogVulX2o4DzzO8XA4gu8aIKneTTNU/preview
unknown
https://policies.google.com/terms
unknown
https://www.youtube.com
unknown
https://asx-frontend-staging.corp.google.com/tools/feedback/
unknown
https://www.google.com
unknown
https://support.google.com/drive/answer/2407404?hl=en
unknown
https://pay.google.com/gp/v/widget/save
unknown
https://workspace.google.com
unknown
https://onepick-staging.sandbox.google.com/picker/minpick/main
unknown
https://support.google.com/legal/answer/3110420
unknown
https://in-automate.brevo.com/cm?
unknown
https://support.google.com/docs/answer/49114
unknown
https://support.google.com/drive/answer/2423694
unknown
https://support.google.com/google-workspace-individual/?p=esignature_signer_terms
unknown
https://drive-thirdparty.googleusercontent.com/
unknown
https://www.google.com/shopping/customerreviews/optin?usegapi=1
unknown
https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/
unknown
https://onepick-preprod.sandbox.google.com/picker/minpick/main
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.7LPvRDgzcqA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo9wdgl3D0Cd5pn6O1gZXHwWDc_oTg/cb=gapi.loaded_0
216.58.206.78
https://onepick-staging-drivequal.sandbox.google.com/picker/minpick/main
unknown
https://calendar.google.com/calendar
unknown
https://www.google.com/tools/feedback
unknown
https://drive.google.com/timedtext?id=1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM&vid=0c2811d10ea7c96c&authpayload=ASH5dRmXCHhTODr0jIskuL9KQTx0eokai7Yrt7lwcDsDtjQkQ0mNAz1zGrY231MM7R7RUuGAHc8gph85UnNQO---7HkVk_8c7co8Eq3xNnzgHWUCL2JjV_IJUHgbiiF2_Tz9&hl=en-US&type=list&tlangs=1&v=1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM&vssids=1
142.250.185.78
https://sandbox.google.com/inapp/%
unknown
https://tasks.google.com/
unknown
https://www.google.com/recaptcha/api.js?trustedtypes=true
unknown
https://apis.google.com/js/api.js
unknown
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
172.217.18.4
https://support.google.com/docs?p=vids-stock-content
unknown
https://www.google.com/tools/feedback/
unknown
https://www.youtube.com/subscribe_embed?usegapi=1
unknown
https://feedback2-test.corp.google.com/tools/feedback/%
unknown
https://punctual-dev.corp.google.com
unknown
https://plus.google.com
unknown
https://asx-frontend-autopush.corp.google.de/tools/feedback/
unknown
https://www.youtubeeducation.com
unknown
https://play.google.com/log?format=json&hasfast=true
216.58.206.78
https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/
unknown
https://clients5.google.com/webstore/wall/widget
unknown
https://asx-frontend-autopush.corp.google.com/inapp/
unknown
https://support.google.com/drive?p=gemini_drive_pdf
unknown
https://feedback.googleusercontent.com/resources/render_frame2.html
unknown
https://sandbox.google.com/tools/feedback/%
unknown
https://drive.google.com/drive-viewer/AKGpihbsYuRPXht5N3qTymeAiJ0CP1I58g8-Tyx5BFqtshSJE0_PVZ-tk7G6s_SraY6NWh4CqJLgs5B2Ag8zlojzedRc816LtsYMfXQ=s1600-rw-v1
142.250.184.238
https://in-automate.brevo.com/cm?uuid=2bf2ac4a-59e1-4b80-8d84-c4aa442a3bbc&key=g4casc8t318mm5nhft56zqug&trans=0&user_id=210193
172.64.150.216
https://localhost.corp.google.com/inapp/
unknown
https://support.google.com/drive/answer/7650301
unknown
https://drive.google.com
unknown
https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
unknown
https://policies.google.com/privacy
unknown
https://drive.google.com/requestreview?id=
unknown
https://support.google.com/docs/answer/65129?hl=en
unknown
https://asx-frontend-staging.corp.google.com/inapp/
unknown
https://drive.google.com/drive/my-drive
unknown
https://support.google.com/docs/answer/13447609
unknown
https://fonts.google.com/license/googlerestricted
unknown
https://gemini.google.com/gems/view
unknown
https://clients6.google.com
unknown
http://localhost.corp.google.com/inapp/
unknown
https://lh3.googleusercontent.com/drive-storage/AJQWtBP51xmDayO177Cu2hlTmLgPBm_fdzpys_Wjx3cxmGoJnkQ5Clw0h8bHEzH99AuRaHAcAujFc8xx6IbDxJfjQM-jkya0wb50YqSG=s512
142.250.185.161
https://play.google.com
unknown
https://clients5.google.com
unknown
https://signaler-pa.youtube.com
unknown
https://support.google.com/inapp/%
unknown
https://asx-help-frontend-autopush.corp.youtube.com/inapp/
unknown
https://drivemetadata.clients6.google.com
unknown
https://video.google.com/api/stats/watchtime?ns=gd&el=leaf&cpn=sxKOFrQHdQ0DzukG&ver=2&cmt=14.542&fmt=136&fs=0&rt=29.003&euri=https%3A%2F%2Fdrive.google.com%2F&lact=6959&cl=683840428&state=paused&volume=100&cbr=Chrome&cbrver=117.0.0.0&c=WEB_EMBEDDED_PLAYER&cver=1.20241008.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=en_US&cr=US&len=267.331&rtn=74&afmt=140&idpj=-9&ldpj=-4&rti=29&st=11.328&et=14.542&muted=0&docid=1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM
172.217.18.14
https://support.google.com/docs/answer/148505
unknown
https://support.google.com/
unknown
https://support.google.com/docs/answer/37603
unknown
https://www.google.com/shopping/customerreviews/badge?usegapi=1
unknown
https://support.google.com/contacts/answer/7345608
unknown
https://csp.withgoogle.com/csp/lcreport/
unknown
https://drive.google.com/savetodrivebutton?usegapi=1
unknown
https://support.google.com/docs/answer/2494893?co=GENIE.Platform%3DDesktop#zippy=%2Cprevent-people-f
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.7LPvRDgzcqA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo9wdgl3D0Cd5pn6O1gZXHwWDc_oTg/cb=gapi.loaded_0?le=scs
142.250.186.142
https://sibautomation.com/cm.html?id=4489679
104.18.39.141
https://scone-pa.clients6.google.com
unknown
https://lh3.googleusercontent.com/a/default-user
unknown
https://support.google.com/inapp/
unknown
https://asx-frontend-autopush.corp.google.co.uk/inapp/
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.7LPvRDgzcqA.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo9wdgl3D0Cd5pn6O1gZXHwWDc_oTg/cb=gapi.loaded_1
216.58.206.78
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
blobcomments-pa.clients6.google.com
142.250.185.106
rr2.sn-p5qs7n6d.c.drive.google.com
173.194.7.199
video.l.google.com
172.217.18.14
plus.l.google.com
216.58.206.78
i.ytimg.com
172.217.18.118
peoplestackwebexperiments-pa.clients6.google.com
142.250.185.106
fp2e7a.wpc.phicdn.net
192.229.221.95
bg.microsoft.map.fastly.net
199.232.210.172
r1.mailin.fr
1.179.112.196
in-automate.brevo.com
172.64.150.216
play.google.com
216.58.206.78
rr4.sn-ab5l6nk6.c.drive.google.com
74.125.0.137
drive.google.com
142.250.186.78
www.google.com
172.217.18.4
sibautomation.com
104.18.39.141
googlehosted.l.googleusercontent.com
142.250.185.161
windowsupdatebg.s.llnwi.net
87.248.204.0
video.google.com
unknown
rr2---sn-p5qs7n6d.c.drive.google.com
unknown
rr4---sn-ab5l6nk6.c.drive.google.com
unknown
lh3.googleusercontent.com
unknown
apis.google.com
unknown
7t8ql.r.ag.d.sendibm3.com
unknown
There are 13 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
142.250.186.46
unknown
United States
142.250.185.78
unknown
United States
74.125.0.137
rr4.sn-ab5l6nk6.c.drive.google.com
United States
142.250.186.174
unknown
United States
172.217.18.14
video.l.google.com
United States
216.58.206.78
plus.l.google.com
United States
173.194.7.199
rr2.sn-p5qs7n6d.c.drive.google.com
United States
192.168.2.6
unknown
unknown
172.217.18.118
i.ytimg.com
United States
142.250.185.161
googlehosted.l.googleusercontent.com
United States
104.18.39.141
sibautomation.com
United States
142.250.186.132
unknown
United States
172.64.150.216
in-automate.brevo.com
United States
1.179.112.196
r1.mailin.fr
Australia
172.217.18.4
www.google.com
United States
239.255.255.250
unknown
Reserved
142.250.186.142
unknown
United States
142.250.184.238
unknown
United States
172.217.16.193
unknown
United States
There are 9 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://7t8ql.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfuMSBF0gGyFwr7N1fdCT8W/FBlgXxf9SI5Z
https://7t8ql.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfuMSBF0gGyFwr7N1fdCT8W/FBlgXxf9SI5Z
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
https://drive.google.com/file/d/1VKTnEFNszlUYDDu4ET-UMJhJtRVokxeM/view
There are 4 hidden doms, click here to show them.