Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 22 13:06:02 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 22 13:06:02 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 22 13:06:02 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 22 13:06:02 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 22 13:06:01 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1980,i,2435764324751911138,18027140512445526587,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-west-2.protection.sophos.com/?d=xfinity.com&u=aHR0cHM6Ly9jbXAuY3dzLnhmaW5pdHkuY29tL3V0aWxpdHkvdHJhY2tpbmcvdHJhY2tpbmcvQ2xpY2tlZFVybD90YXJnZXRJZD1mZTNkZDE3MS1hMDc1LTRjM2MtYWE5NS03OWE1ZGZhODJjYThfbWlwXzEzMiZzZXJ2ZXJJZD1jM3BvJnRlbXBsYXRlSWQ9NzAyOWUzMDctOTMwNC00NWQ5LWJjZDEtNGZlNjk4ZTdlNDQ1JnRhcmdldFVybD1odHRwczovL2J1c2luZXNzLmNvbWNhc3QuY29tL2FjY291bnQvYmlsbD9DSUQ9RU1DLVRSLUJpbGxSZWFkeS1WaWV3U3RhdGVtZW50&i=NTljNTk1ZmQ4Zjg2MGMxNzM4NDBhZGNi&t=NmV1QzV1bkZJbUtHbkJnVjFOenp2L2NyenBsK0NuV3BCbnBNa0hVMGpTYz0=&h=41698bb3f89e4e30953996822e5fff5b&s=AVNPUEhUT0NFTkNSWVBUSVYvIpZHvF0h0chKAgPasAV-CzwOwWHUeJDSnsmZZPBRZ5hzqPY8-K6m2owVEfzReGk"
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
d2t07dpvw9bt1v.cloudfront.net
|
52.222.236.4
|
||
www.google.com
|
172.217.16.132
|
||
us-west-2.protection.sophos.com
|
unknown
|
||
business.comcast.com
|
unknown
|
||
cmp.cws.xfinity.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
52.222.236.4
|
d2t07dpvw9bt1v.cloudfront.net
|
United States
|
||
192.168.2.17
|
unknown
|
unknown
|
||
192.168.2.7
|
unknown
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
172.217.16.132
|
www.google.com
|
United States
|