IOC Report
https://hm.hotelfitmess.com/?82MTTg=82MTTg&hhhd4d=YnN1dHRvbkBicmF4dG9uY3JlZWsuY29t

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:17:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:17:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:17:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:17:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:17:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped

URLs

Name
IP
Malicious
https://hm.hotelfitmess.com/?82MTTg=82MTTg&hhhd4d=YnN1dHRvbkBicmF4dG9uY3JlZWsuY29t
http://hotelfitmess.com/
82.180.132.144
https://en.wikipedia.org/wiki/Main_Page
https://hm.hotelfitmess.com/
https://hm.hotelfitmess.com/?82MTTg=82MTTg&hhhd4d=YnN1dHRvbkBicmF4dG9uY3JlZWsuY29t

Domains

Name
IP
Malicious
hm.hotelfitmess.com
82.180.132.144
plus.l.google.com
142.250.185.78
play.google.com
142.250.186.174
www.google.com
142.250.186.36
upload.wikimedia.org
185.15.59.240
dyna.wikimedia.org
185.15.59.224
googlehosted.l.googleusercontent.com
142.250.185.225
hotelfitmess.com
82.180.132.144
en.wikipedia.org
unknown
lh5.googleusercontent.com
unknown
lh6.googleusercontent.com
unknown
meta.wikimedia.org
unknown
login.wikimedia.org
unknown
lh4.googleusercontent.com
unknown
apis.google.com
unknown
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
142.250.186.78
unknown
United States
142.250.185.78
plus.l.google.com
United States
142.250.185.67
unknown
United States
142.250.185.206
unknown
United States
1.1.1.1
unknown
Australia
142.250.186.36
www.google.com
United States
142.250.186.163
unknown
United States
142.250.186.174
play.google.com
United States
192.168.2.17
unknown
unknown
192.168.2.16
unknown
unknown
216.58.206.65
unknown
United States
142.250.185.110
unknown
United States
82.180.132.144
hm.hotelfitmess.com
Denmark
185.15.59.224
dyna.wikimedia.org
Netherlands
142.250.185.225
googlehosted.l.googleusercontent.com
United States
142.250.186.106
unknown
United States
64.233.167.84
unknown
United States
239.255.255.250
unknown
Reserved
185.15.59.240
upload.wikimedia.org
Netherlands
142.250.185.131
unknown
United States
142.250.185.161
unknown
United States
142.250.184.238
unknown
United States
142.250.186.42
unknown
United States
There are 13 hidden IPs, click here to show them.