IOC Report
https://wiseguyinfo.com/

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:08:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:08:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:08:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:08:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:08:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
Web Open Font Format (Version 2), TrueType, length 13312, version 1.0
downloaded
Chrome Cache Entry: 101
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 102
RIFF (little-endian) data, Web/P image, VP8 encoding, 800x533, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 103
Unicode text, UTF-8 text, with very long lines (20249)
downloaded
Chrome Cache Entry: 104
RIFF (little-endian) data, Web/P image, VP8 encoding, 2000x1329, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 105
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 106
ASCII text, with very long lines (2456)
downloaded
Chrome Cache Entry: 107
HTML document, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 108
HTML document, ASCII text, with very long lines (44277)
downloaded
Chrome Cache Entry: 109
ASCII text, with very long lines (32214)
downloaded
Chrome Cache Entry: 110
ASCII text, with very long lines (32214)
dropped
Chrome Cache Entry: 111
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 112
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 113
ASCII text, with very long lines (1595)
dropped
Chrome Cache Entry: 114
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 115
Web Open Font Format (Version 2), TrueType, length 13132, version 1.0
downloaded
Chrome Cache Entry: 116
ASCII text, with very long lines (1595)
downloaded
Chrome Cache Entry: 117
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 118
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 79
Unicode text, UTF-8 text, with very long lines (33326)
downloaded
Chrome Cache Entry: 80
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 81
Unicode text, UTF-8 text, with very long lines (33326)
dropped
Chrome Cache Entry: 82
JPEG image data, progressive, precision 8, 2000x1329, components 3
dropped
Chrome Cache Entry: 83
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 84
ASCII text, with very long lines (30963)
downloaded
Chrome Cache Entry: 85
RIFF (little-endian) data, Web/P image, VP8 encoding, 2000x1334, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 86
ASCII text, with very long lines (32047)
dropped
Chrome Cache Entry: 87
Unicode text, UTF-8 text, with very long lines (20249)
dropped
Chrome Cache Entry: 88
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 89
HTML document, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 90
ASCII text, with very long lines (2028)
dropped
Chrome Cache Entry: 91
JPEG image data, progressive, precision 8, 800x533, components 3
dropped
Chrome Cache Entry: 92
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
downloaded
Chrome Cache Entry: 93
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 94
JPEG image data, progressive, precision 8, 2000x1334, components 3
dropped
Chrome Cache Entry: 95
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 96
ASCII text, with very long lines (32047)
downloaded
Chrome Cache Entry: 97
ASCII text, with very long lines (2028)
downloaded
Chrome Cache Entry: 98
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 99
ASCII text, with very long lines (2456)
dropped
There are 37 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1920,i,7750346193004308408,4821878519943605721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://wiseguyinfo.com/"

URLs

Name
IP
Malicious
https://wiseguyinfo.com/
https://analytics.site123.io/versions/2/wizard/statistics/classes/Router.php?action=save&id=Bp1w8v9b40wOtYJV07t3&hn=https%3A%2F%2Fwiseguyinfo.com&pt=%2F&t=Market+Report+Stats&wID=9832963&tm=1729710519559&rf=&mNUM=&dv=Desktop&screenRes=1280X1024&utm_source=&utm_medium=&utm_campaign=&utm_term=&utm_content=&uq=1&nvs=1&ns=1&pid=&sid=st-671949b7d017c&cz_uid=&is_free_user=1
76.223.22.132
http://fontawesome.io
unknown
https://cdn-cms.f-static.net
unknown
https://twitter.com/jacobrossi/status/480596438489890816
unknown
https://github.com/bas2k/jquery.appear/
unknown
https://images.cdn-files-a.com/ready_uploads/media/18286/800_5cdb9e02067c4.jpg
unknown
https://files.cdn-files-a.com
unknown
https://images.cdn-files-a.com
unknown
https://wiseguyinfo.com/js/js-minimize_p4.js
207.244.225.230
https://images.cdn-files-a.com/ready_uploads/media/13346/800_5cdab369a5613.jpg
169.150.236.104
https://www.froala.com/wysiwyg-editor)
unknown
https://670f89d75482e.marketreportstats.com
unknown
https://cdn-cms-s.f-static.net/versions/2/js/js.php?v=n84019&umk=3-167-169
unknown
https://f.vimeocdn.com/js/froogaloop2.min.js
unknown
https://www.youtube.com/iframe_api
unknown
https://cdn-media.f-static.net
unknown
https://wiseguyinfo.com/favicons/Png-Icon_blue.png
207.244.225.230
https://cdn-cms-s.f-static.net/versions/2/css/minimize-bottom.css?v=n84019
169.150.247.39
http://www.jacklmoore.com/zoom
unknown
http://getbootstrap.com)
unknown
https://wiseguyinfo.com/js/js-minimize_scripts.js
207.244.225.230
http://bit.ly/magnific-popup#build=inline
unknown
https://cdn-cms-s.f-static.net/files/font-awesome-4.7/css/font-awesome.min.css?v=n84019
169.150.247.39
https://twitter.com/intent/tweet?source=
unknown
https://cdn-cms-s.f-static.net/versions/2/css/minimize_main.css?v=n84019
169.150.247.39
https://cdn-cms-s.f-static.net/versions/2/css/websiteCSS.css?w=&orderScreen=&websiteID=9832963&onlyContent=&tranW=&v=css_y226_52436362
169.150.247.39
https://wiseguyinfo.com/js/js-minimize_p1.js
207.244.225.230
https://wiseguyinfo.com/js/js-generateStats-min.js
207.244.225.230
https://jqueryvalidation.org/
unknown
https://static.s123-cdn-network-a.com
unknown
http://getbootstrap.com/javascript/
unknown
https://wiseguyinfo.com/css/https:-marketreportstats.com
207.244.225.230
https://images.cdn-files-a.com/ready_uploads/svg/phone.svg?v=2
169.150.236.104
https://images.cdn-files-a.com/ready_uploads/media/5751/2000_5cda5c0bcee62.jpg
169.150.236.104
https://images.cdn-files-a.com/ready_uploads/media/18286/2000_5cdb9e02067c4.jpg
169.150.236.104
https://marketreportstats.com/
unknown
https://cdn-cms-s.f-static.net/versions/2/js/js.php?v=n84019&umk=3-167-169
169.150.247.39
https://wiseguyinfo.com/js/js-minimize_p2.js
207.244.225.230
https://maps-cdn.marketreportstats.com
unknown
http://fontawesome.io/license
unknown
http://gsgd.co.uk/sandbox/jquery/easing/
unknown
https://analytics.site123.io/versions/2/wizard/statistics/classes/Router.php
unknown
http://www.opensource.org/licenses/mit-license.php)
unknown
https://images.cdn-files-a.com/ready_uploads/svg/angle-up.svg?v=2
unknown
https://cdn-cms.f-static.com
unknown
https://images.cdn-files-a.com/ready_uploads/svg/clock-o.svg?v=2
169.150.236.104
https://images.cdn-files-a.com/ready_uploads/svg/envelope-o.svg?v=2
169.150.236.104
http://code.google.com/p/jquery-appear/
unknown
http://bas2k.ru/
unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)
unknown
https://wiseguyinfo.com/js/js-minimize_p3.js
207.244.225.230
https://froala.com/wysiwyg-editor/terms/
unknown
https://cdn-cms-s.f-static.net/files/font-awesome-4.7/fonts/fontawesome-webfont.woff2?v=4.7.0
169.150.247.39
https://wiseguyinfo.com/sw.js
207.244.225.230
http://www.youtube.com/player_api
unknown
https://www.google.com/recaptcha/api.js?render=6Lck3r0ZAAAAAOFc__oZANv72nZ3K29O-qsOIYPp
unknown
https://cdn-cms-s.f-static.net
unknown
https://wiseguyinfo.com/
There are 48 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
analytics.site123.io
76.223.22.132
wiseguyinfo.com
207.244.225.230
s-part-0017.t-0009.t-msedge.net
13.107.246.45
f-static.b-cdn.net
169.150.247.37
www.google.com
142.250.185.196
f-static-interface.b-cdn.net
169.150.247.39
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
84.201.210.19
fp2e7a.wpc.phicdn.net
192.229.221.95
images.cdn-files-a.com
unknown
static.s123-cdn-network-a.com
unknown
cdn-cms.f-static.com
unknown
cdn-cms-s.f-static.net
unknown
cdn-cms.f-static.net
unknown
There are 3 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
169.150.221.147
unknown
United States
169.150.247.39
f-static-interface.b-cdn.net
United States
192.168.2.5
unknown
unknown
169.150.247.37
f-static.b-cdn.net
United States
169.150.236.104
unknown
United States
169.150.236.105
unknown
United States
239.255.255.250
unknown
Reserved
142.250.185.196
www.google.com
United States
207.244.225.230
wiseguyinfo.com
United States
76.223.22.132
analytics.site123.io
United States

DOM / HTML

URL
Malicious
https://wiseguyinfo.com/