Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\Downloads\Unconfirmed 127970.crdownload
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
Chrome Cache Entry: 42
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
downloaded
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2200,i,519744183019062955,12355175572773919420,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://lide.omernisar.com/lopsa/66daf6d8ac980_PeakSports.exe"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US
--service-sandbox-type=icon_reader --mojo-platform-channel-handle=5516 --field-trial-handle=2200,i,519744183019062955,12355175572773919420,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://lide.omernisar.com/lopsa/66daf6d8ac980_PeakSports.exe
|
|||
http://www.ssl.com/repository/SSLcom-RootCA-EV-ECC-384-R1.crt0
|
unknown
|
||
http://ocsps.ssl.com0
|
unknown
|
||
http://crls.ssl.com/ssl.com-EVecc-RootCA.crl0
|
unknown
|
||
http://crls.ssl.com/SSLcom-SubCA-EV-codeSigning-ECC-384-R2.crl0
|
unknown
|
||
http://cert.ssl.com/SSLcom-SubCA-EV-codeSigning-ECC-384-R2.cer0_
|
unknown
|
||
http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl0
|
unknown
|
||
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
http://www.ssl.com/repository/SSLcom-RootCA-EV-RSA-4096-R2.crt0
|
unknown
|
||
http://lide.omernisar.com/lopsa/66daf6d8ac980_PeakSports.exe
|
147.45.44.104
|
||
https://www.ssl.com/repository0
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
lide.omernisar.com
|
147.45.44.104
|
||
www.google.com
|
142.250.185.228
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
142.250.185.228
|
www.google.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
192.168.2.7
|
unknown
|
unknown
|
||
147.45.44.104
|
lide.omernisar.com
|
Russian Federation
|
||
192.168.2.4
|
unknown
|
unknown
|
||
192.168.2.6
|
unknown
|
unknown
|