IOC Report
https://go.microsoft.com/fwlink/?LinkId=521839

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 15:30:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 15:30:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 15:30:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 15:30:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 15:30:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 105
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 106
ASCII text
downloaded
Chrome Cache Entry: 107
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 108
ASCII text, with very long lines (42133)
dropped
Chrome Cache Entry: 109
ISO Media, AVIF Image
downloaded
Chrome Cache Entry: 110
ASCII text, with very long lines (527)
dropped
Chrome Cache Entry: 111
Unicode text, UTF-8 text, with very long lines (64241)
downloaded
Chrome Cache Entry: 112
Web Open Font Format (Version 2), TrueType, length 34052, version 0.0
downloaded
Chrome Cache Entry: 113
ASCII text, with very long lines (42133)
dropped
Chrome Cache Entry: 114
Unicode text, UTF-8 text, with very long lines (64241)
downloaded
Chrome Cache Entry: 115
ASCII text, with very long lines (42133)
downloaded
Chrome Cache Entry: 116
ASCII text, with very long lines (505)
downloaded
Chrome Cache Entry: 117
ASCII text, with very long lines (561)
downloaded
Chrome Cache Entry: 118
Web Open Font Format (Version 2), TrueType, length 32600, version 1.0
downloaded
Chrome Cache Entry: 119
ASCII text, with very long lines (561)
dropped
Chrome Cache Entry: 120
ASCII text, with very long lines (584)
downloaded
Chrome Cache Entry: 121
ASCII text
downloaded
Chrome Cache Entry: 122
ASCII text, with very long lines (3164)
downloaded
Chrome Cache Entry: 123
ASCII text, with very long lines (340)
downloaded
Chrome Cache Entry: 124
Web Open Font Format (Version 2), TrueType, length 30132, version 0.0
downloaded
Chrome Cache Entry: 125
ASCII text, with very long lines (505)
dropped
Chrome Cache Entry: 126
ASCII text, with very long lines (42133)
dropped
Chrome Cache Entry: 127
ASCII text, with very long lines (527)
downloaded
Chrome Cache Entry: 128
ASCII text, with very long lines (514)
downloaded
Chrome Cache Entry: 129
ASCII text, with very long lines (309), with no line terminators
dropped
Chrome Cache Entry: 130
Web Open Font Format (Version 2), TrueType, length 29388, version 0.0
downloaded
Chrome Cache Entry: 131
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
downloaded
Chrome Cache Entry: 132
ASCII text, with very long lines (517)
dropped
Chrome Cache Entry: 133
Unicode text, UTF-8 text, with very long lines (1998)
dropped
Chrome Cache Entry: 134
ASCII text, with very long lines (3164)
dropped
Chrome Cache Entry: 135
Unicode text, UTF-8 text, with very long lines (64241)
downloaded
Chrome Cache Entry: 136
ASCII text, with very long lines (473)
downloaded
Chrome Cache Entry: 137
ASCII text, with very long lines (889)
downloaded
Chrome Cache Entry: 138
ASCII text, with very long lines (309), with no line terminators
downloaded
Chrome Cache Entry: 139
ASCII text
downloaded
Chrome Cache Entry: 140
ASCII text, with very long lines (42133)
downloaded
Chrome Cache Entry: 141
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 142
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
dropped
Chrome Cache Entry: 143
ASCII text, with very long lines (7862)
downloaded
Chrome Cache Entry: 144
RIFF (little-endian) data, Web/P image, VP8 encoding, 38x38, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 145
ASCII text
downloaded
Chrome Cache Entry: 146
ASCII text, with very long lines (584)
dropped
Chrome Cache Entry: 147
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 148
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 149
Web Open Font Format (Version 2), TrueType, length 27168, version 0.0
downloaded
Chrome Cache Entry: 150
ASCII text
downloaded
Chrome Cache Entry: 151
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 152
ASCII text, with very long lines (514)
dropped
Chrome Cache Entry: 153
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 154
ASCII text, with very long lines (889)
dropped
Chrome Cache Entry: 155
ASCII text, with very long lines (517)
downloaded
Chrome Cache Entry: 156
Web Open Font Format, TrueType, length 26288, version 0.0
downloaded
Chrome Cache Entry: 157
Unicode text, UTF-8 text, with very long lines (1998)
downloaded
Chrome Cache Entry: 158
ASCII text, with very long lines (42133)
downloaded
Chrome Cache Entry: 159
Web Open Font Format (Version 2), TrueType, length 28908, version 0.0
downloaded
Chrome Cache Entry: 160
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 161
ASCII text, with very long lines (473)
dropped
Chrome Cache Entry: 162
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 163
Unicode text, UTF-8 text, with very long lines (65298)
downloaded
Chrome Cache Entry: 164
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 165
ASCII text, with very long lines (7862)
dropped
There are 58 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1992,i,8530768926833369009,6162970178255102418,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://go.microsoft.com/fwlink/?LinkId=521839"

URLs

Name
IP
Malicious
https://go.microsoft.com/fwlink/?LinkId=521839
https://github.com/mozilla/rhino/issues/346
unknown
https://login.microsoftonline.com/uxlogout?appid
unknown
https://github.com/zloirock/core-js/blob/v3.26.0/LICENSE
unknown
https://tc39.es/ecma262/#sec-object.prototype.tostring
unknown
https://tc39.es/ecma262/#sec-toobject
unknown
https://tc39.es/ecma262/#sec-arrayspeciescreate
unknown
https://bugzil.la/548397
unknown
https://tc39.es/ecma262/#sec-object.values
unknown
https://github.com/carhartl/jquery-cookie
unknown
https://tc39.es/ecma262/#sec-lengthofarraylike
unknown
https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot-aec
unknown
https://tc39.es/ecma262/#sec-iscallable
unknown
https://tc39.es/ecma262/#sec-object.getownpropertydescriptor
unknown
https://github.com/zloirock/core-js
unknown
https://github.com/zloirock/core-js/issues/1128
unknown
https://login.microsoftonline.com/savedusers?appid
unknown
https://tc39.es/ecma262/#sec-object.prototype.propertyisenumerable
unknown
https://tc39.es/ecma262/#sec-array.prototype.includes
unknown
https://tc39.es/ecma262/#sec-object.defineproperty
unknown
https://tc39.es/ecma262/#sec-array.prototype.push
unknown
https://tc39.es/ecma262/#sec-string.prototype.trim
unknown
https://bugs.chromium.org/p/v8/issues/detail?id=12681
unknown
https://microsoftit.pkgs.visualstudio.com/OneITVSO/_packaging/CSM-SITES-AEMFoundations/npm/registry/
unknown
https://tc39.es/ecma262/#sec-hasownproperty
unknown
https://tc39.es/ecma262/#sec-math.trunc
unknown
https://github.com/tc39/proposal-array-filtering
unknown
https://bugzilla.mozilla.org/show_bug.cgi?id=277178
unknown
https://bugzilla.mozilla.org/show_bug.cgi?id=308064
unknown
https://tc39.es/ecma262/#sec-array.prototype.filter
unknown
https://tc39.es/ecma262/#sec-array.prototype.splice
unknown
https://tc39.es/ecma262/#sec-object.defineproperties
unknown
https://tc39.es/ecma262/#sec-object.entries
unknown
https://tc39.es/ecma262/#sec-array.prototype.find
unknown
https://tc39.es/ecma262/#sec-object.keys
unknown
https://tc39.es/ecma262/#sec-tointegerorinfinity
unknown
https://tc39.es/ecma262/#sec-requireobjectcoercible
unknown
https://tc39.es/ecma262/#sec-string.prototype.trimend
unknown
https://github.com/es-shims/es5-shim/issues/150
unknown
https://github.com/w3c/aria-practices/pull/1757
unknown
http://github.com/requirejs/almond/LICENSE
unknown
https://axios-http.com
unknown
https://github.com/kitcambridge/es5-shim/commit/4f738ac066346
unknown
https://login.microsoftonline.com/forgetuser
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
https://keycode.info/table-of-all-keycodes
unknown
https://tc39.es/ecma262/#sec-array.prototype.every
unknown
https://tc39.es/ecma262/#sec-getmethod
unknown
https://tc39.es/ecma262/#sec-toprimitive
unknown
https://github.com/axios/axios.git
unknown
https://tc39.es/ecma262/#sec-isconstructor
unknown
https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/key/Key_Values
unknown
https://tc39.es/ecma262/#sec-topropertykey
unknown
https://dev.azure.com/mscomdev/Moray/_workitems/edit/4494
unknown
https://github.com/axios/axios/issues
unknown
https://tc39.es/ecma262/#sec-array.prototype.findIndex
unknown
https://elad.medium.com/css-position-sticky-how-it-really-works-54cd01dc2d46
unknown
https://tc39.es/ecma262/#sec-parseint-string-radix
unknown
https://tc39.es/ecma262/#sec-string.prototype.includes
unknown
https://jquery.org/license
unknown
https://bugs.chromium.org/p/v8/issues/detail?id=3334
unknown
https://github.com/zloirock/core-js/issues/1130
unknown
https://jquery.com/
unknown
https://tc39.es/ecma262/#sec-object.getownpropertynames
unknown
https://javascript.info/size-and-scroll-window#width-height-of-the-document
unknown
https://tc39.es/ecma262/#sec-array.prototype.map
unknown
https://tc39.es/ecma262/#sec-array.prototype.indexof
unknown
https://tc39.es/ecma262/#sec-tolength
unknown
https://tc39.es/ecma262/#sec-array.prototype-
unknown
https://tc39.es/ecma262/#sec-object.create
unknown
https://tc39.es/ecma262/#sec-array.prototype.some
unknown
https://tc39.es/ecma262/#sec-isarray
unknown
https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot
unknown
https://tc39.es/ecma262/#sec-array.prototype.foreach
unknown
https://tc39.es/ecma262/#sec-string.prototype.trimstart
unknown
https://github.com/zloirock/core-js/blob/v3.27.2/LICENSE
unknown
https://github.com/zloirock/core-js/issues/86#issuecomment-115759028
unknown
https://github.com/zloirock/core-js/issues/677
unknown
https://sizzlejs.com/
unknown
https://js.foundation/
unknown
https://tc39.es/ecma262/#sec-ordinarytoprimitive
unknown
https://github.com/zloirock/core-js/issues/475
unknown
There are 71 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
publisher.liveperson.net
34.120.154.120
s-part-0017.t-0009.fb-t-msedge.net
13.107.253.45
s-part-0017.t-0009.t-msedge.net
13.107.246.45
www.google.com
216.58.206.68
d.impactradius-event.com
35.186.249.72
d1xbuscas8tetl.cloudfront.net
108.138.7.18
ax-0001.ax-msedge.net
150.171.28.10
s-part-0032.t-0009.t-msedge.net
13.107.246.60
js.monitor.azure.com
unknown
lpcdn.lpsnmedia.net
unknown
c.s-microsoft.com
unknown
accdn.lpsnmedia.net
unknown
www.clarity.ms
unknown
analytics.tiktok.com
unknown
cdnssl.clicktale.net
unknown
lptag.liveperson.net
unknown
mem.gfx.ms
unknown
There are 7 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
13.107.246.45
s-part-0017.t-0009.t-msedge.net
United States
108.138.7.18
d1xbuscas8tetl.cloudfront.net
United States
13.107.246.60
s-part-0032.t-0009.t-msedge.net
United States
192.168.2.6
unknown
unknown
192.168.2.5
unknown
unknown
150.171.28.10
ax-0001.ax-msedge.net
United States
13.107.253.45
s-part-0017.t-0009.fb-t-msedge.net
United States
216.58.206.68
www.google.com
United States
239.255.255.250
unknown
Reserved
35.186.249.72
d.impactradius-event.com
United States

DOM / HTML

URL
Malicious
https://www.microsoft.com/en-us/privacy/privacystatement
https://www.microsoft.com/en-us/privacy/privacystatement
https://www.microsoft.com/en-us/privacy/updates
https://www.microsoft.com/en-us/privacy/updates