IOC Report
http://msecompanystore.com

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 126
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 3000x1682, components 3
dropped
Chrome Cache Entry: 127
ASCII text, with very long lines (639), with CRLF line terminators
downloaded
Chrome Cache Entry: 128
ASCII text, with very long lines (1660), with no line terminators
downloaded
Chrome Cache Entry: 129
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262
downloaded
Chrome Cache Entry: 130
HTML document, ASCII text, with very long lines (18324), with no line terminators
dropped
Chrome Cache Entry: 131
ASCII text, with very long lines (639), with CRLF line terminators
dropped
Chrome Cache Entry: 132
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 3000x1682, components 3
downloaded
Chrome Cache Entry: 133
PNG image data, 90 x 19, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 134
PNG image data, 90 x 19, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 135
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
downloaded
Chrome Cache Entry: 136
ASCII text, with very long lines (430), with no line terminators
downloaded
Chrome Cache Entry: 137
C source, ASCII text, with very long lines (36783), with no line terminators
dropped
Chrome Cache Entry: 138
HTML document, ASCII text, with very long lines (18324), with no line terminators
downloaded
Chrome Cache Entry: 139
HTML document, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
dropped
Chrome Cache Entry: 140
JSON data
dropped
Chrome Cache Entry: 141
JSON data
downloaded
Chrome Cache Entry: 142
JSON data
downloaded
Chrome Cache Entry: 143
JSON data
downloaded
Chrome Cache Entry: 144
C source, ASCII text, with very long lines (36783), with no line terminators
downloaded
Chrome Cache Entry: 145
Unicode text, UTF-8 (with BOM) text, with very long lines (1626), with CRLF line terminators
downloaded
Chrome Cache Entry: 146
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 147
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
dropped
Chrome Cache Entry: 148
ASCII text, with very long lines (548), with CRLF, LF line terminators
dropped
Chrome Cache Entry: 149
JSON data
dropped
Chrome Cache Entry: 150
ASCII text, with very long lines (1660), with no line terminators
dropped
Chrome Cache Entry: 151
ASCII text, with very long lines (548), with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 152
HTML document, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
downloaded
Chrome Cache Entry: 153
JSON data
dropped
Chrome Cache Entry: 154
ASCII text, with CRLF line terminators
downloaded
There are 20 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 --field-trial-handle=2192,i,16837381499853809487,15191057067989132337,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://msecompanystore.com"

URLs

Name
IP
Malicious
http://msecompanystore.com
malicious
https://store.ecompanystore.com/microsoft/Shop/Landing/#/
malicious
http://fontawesome.io
unknown
https://store.ecompanystore.com/microsoft/Shop/Landing/
20.69.197.195
https://store.ecompanystore.com/microsoft/Client/LandingLogo
20.69.197.195
http://www.apache.org/licenses/LICENSE-2.0.txt
unknown
https://store.ecompanystore.com/microsoft/bundles/files/modernizr?v=c1ivlke9ly2d5BnQoP-W7l-4lA2BkZB9V5pCwh3NfMs1
20.69.197.195
https://store.ecompanystore.com/microsoft/bundles/files/signalr?v=y_4IpeeDdgoHqAhjqu2f3QsBnP-e4GuBLMt7WpNZnIM1
20.69.197.195
https://api.ecompanystore.com
unknown
http://stackoverflow.com/questions/27384433/ie-display-table-cell-child-ignores-height-100
unknown
https://store.ecompanystore.com/microsoft/User/Info?_=1728895868331
20.69.197.195
http://tech.pro/tutorial/1238/angularjs-and-ie8-gotcha-http-delete
unknown
http://chartjs.org/
unknown
https://chilipublishdocs.atlassian.net/wiki/spaces/CPDOC/pages/1412072/JavaScript
unknown
http://jquerymobile.com/)).
unknown
http://store.ecompanystore.com/ECS_ProductImages/
unknown
https://store.ecompanystore.com/microsoft/Shop/Home
20.69.197.195
https://dev-idsrv.ecompanystore.com/Microsoft/Content/styles/MIC/microsoft.css
unknown
https://store.ecompanystore.com/microsoft/bundles/files/jquery?v=mIu59gTlz1uuS0GQo5zyqXS7_1_mSlFbBdWfb-IiX_U1
20.69.197.195
https://chilipublishdocs.atlassian.net/wiki/spaces/CPDOC/pages/1413908/General
unknown
http://fontawesome.io/license
unknown
http://msecompanystore.com/
96.45.83.84
https://store.ecompanystore.com/microsoft/Content/styles/MIC/microsoft.css
20.69.197.195
https://store.ecompanystore.com/microsoft/Store/Info?_=1728895868330
20.69.197.195
https://store.ecompanystore.com/microsoft/bundles/files/angular?v=Z4hWkwvw3BYJPTLhy16dnDHYjLUjkzNotCEDbK7SB4k1
20.69.197.195
https://github.com/angular/angular.js/issues/16586
unknown
https://hammerjs.github.io/)
unknown
https://github.com/nnnick/Chart.js/blob/master/LICENSE.md
unknown
https://store.ecompanystore.com/microsoft/content/img/favicon/MIC/favicon.ico
20.69.197.195
https://store.ecompanystore.com/Microsoft/Content/img/MIC/email/
unknown
https://store.ecompanystore.com/microsoft/bundles/files/scripts?v=_bka0mJOGMkeo5yuOVPT2ITJqhT8bxQxahB0nwqDwx81
20.69.197.195
https://cic.my.workfront.com/task/view?ID=61ae36d2000f7666968c51a2072d77cc
unknown
https://store.ecompanystore.com/microsoft/Components/componentstyles?v=xzhXxiLz5Bf1F1fFFjepTCAEvlTACHmXeWe3AhkdSHQ1
20.69.197.195
http://angularjs.org
unknown
https://store.ecompanystore.com/ECS_ProductImages/
unknown
http://andrewdupont.net/2009/08/28/deep-extending-objects-in-javascript/
unknown
https://store.ecompanystore.com/microsoft/Content/styles/common/wip-image-zoom.css
20.69.197.195
https://store.ecompanystore.com/microsoft/Content/img/MIC/login_bg_main.jpg
20.69.197.195
http://errors.angularjs.org/1.5.9/
unknown
http://store.ecompanystore.com/ECS_PRODUCTIMAGES/IRM/IRM19000100.jpg
unknown
https://store.ecompanystore.com/microsoft/Content/styles/fonts/fontawesome-webfont.woff2?v=4.5.0
20.69.197.195
http://caniuse.com/#search=transition
unknown
https://store.ecompanystore.com/microsoft/bundles/files/components?v=NAB4GHTE4xxt2pFzWjaS-ySNc_lOBqZljvsRk1H9v-81
20.69.197.195
https://store.ecompanystore.com/Microsoft
20.69.197.195
https://store.ecompanystore.com/microsoft/Authentication/IsAuthenticated
20.69.197.195
http://stackoverflow.com/questions/4474352/send-jquery-json-to-wcf-rest-using-date
unknown
There are 35 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
store.ecompanystore.com
20.69.197.195
 malicious
s-part-0036.t-0009.t-msedge.net
13.107.246.64
s-part-0017.t-0009.t-msedge.net
13.107.246.45
www.google.com
172.217.16.196
fp2e7a.wpc.phicdn.net
192.229.221.95
msecompanystore.com
96.45.83.84

IPs

IP
Domain
Country
Malicious
20.69.197.195
store.ecompanystore.com
United States
malicious
192.168.2.16
unknown
unknown
192.168.2.4
unknown
unknown
239.255.255.250
unknown
Reserved
96.45.83.84
msecompanystore.com
United States
172.217.16.196
www.google.com
United States

DOM / HTML

URL
Malicious
https://store.ecompanystore.com/microsoft/Shop/Landing/#/
 malicious
https://store.ecompanystore.com/microsoft/Shop/Landing/#/
 malicious