IOC Report
https://fromsmash.com/8A4OM5kRFs-et

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:19:00 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:19:00 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:19:00 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:19:00 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 18:19:00 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\Downloads\2copies of document .pdf (copy)
PDF document, version 1.3, 1 pages
dropped
C:\Users\user\Downloads\2copies of document .pdf.crdownload (copy)
PDF document, version 1.3, 1 pages
dropped
C:\Users\user\Downloads\3cf2a78f-b400-4200-9b21-f6cfe7628773.tmp
PDF document, version 1.3, 1 pages
dropped

URLs

Name
IP
Malicious
https://fromsmash.com/8A4OM5kRFs-et
malicious
https://soquero10.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPVdFeHJVM289JnVpZD1VU0VSMTcxMDIwMjRVNTYxMDE3NDg=N0123N
malicious
file:///C:/Users/user/Downloads/2copies%20of%20document%20.pdf
https://fromsmash.com/essential/terms-policies
https://fromsmash.com/8A4OM5kRFs-et

Domains

Name
IP
Malicious
soquero10.com
162.241.62.176
malicious
domain.fromsmash.co
13.227.219.43
cs837.wac.edgecastcdn.net
192.229.133.221
link.fromsmash.co
18.66.102.15
d-sf2dau09ng.execute-api.eu-central-1.amazonaws.com
3.126.123.163
squarespace.map.fastly.net
151.101.0.238
stats.g.doubleclick.net
173.194.76.154
discovery.eu-central-1.fromsmash.co
108.138.233.124
code.jquery.com
151.101.66.137
iam.eu-central-1.fromsmash.co
18.239.83.104
sni1gl.wpc.omegacdn.net
152.199.21.175
www.google.com
142.250.185.132
theme.fromsmash.co
18.239.69.64
prod.squarespace.map.fastly.net
151.101.128.238
download.us-east-1.fromsmash.co
18.65.39.96
squarespace.fromsmash.co
13.249.9.123
performance.squarespace.com
35.186.236.0
fromsmash.com
18.245.86.10
static.squarespace.map.fastly.net
151.101.0.237
s-part-0017.t-0009.fb-t-msedge.net
13.107.253.45
grastoonm3vides.com
188.114.97.3
scitylana.fromsmash.co
18.239.94.16
d2vgu95hoyrpkh.cloudfront.net
18.245.31.89
analytics.google.com
142.250.185.78
td.doubleclick.net
142.250.186.66
transfer.us-east-1.fromsmash.co
18.239.18.34
assets.squarespace.com
unknown
cdn.socket.io
unknown
static1.squarespace.com
unknown
www.w3schools.com
unknown
images.squarespace-cdn.com
unknown
aadcdn.msftauth.net
unknown
discovery.fromsmash.co
unknown
There are 23 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
162.241.62.176
soquero10.com
United States
malicious
173.194.76.154
stats.g.doubleclick.net
United States
18.245.86.61
unknown
United States
142.250.74.206
unknown
United States
18.66.102.15
link.fromsmash.co
United States
18.239.94.16
scitylana.fromsmash.co
United States
192.168.2.4
unknown
unknown
18.239.50.129
unknown
United States
142.250.185.106
unknown
United States
151.101.128.238
prod.squarespace.map.fastly.net
United States
18.245.187.88
unknown
United States
151.101.128.237
unknown
United States
13.227.219.43
domain.fromsmash.co
United States
142.250.185.142
unknown
United States
151.101.66.137
code.jquery.com
United States
142.250.184.227
unknown
United States
142.250.184.195
unknown
United States
142.250.186.35
unknown
United States
18.245.86.10
fromsmash.com
United States
1.1.1.1
unknown
Australia
18.239.69.64
theme.fromsmash.co
United States
108.138.233.124
discovery.eu-central-1.fromsmash.co
United States
18.239.18.34
transfer.us-east-1.fromsmash.co
United States
18.65.39.96
download.us-east-1.fromsmash.co
United States
3.126.123.163
d-sf2dau09ng.execute-api.eu-central-1.amazonaws.com
United States
239.255.255.250
unknown
Reserved
188.114.97.3
grastoonm3vides.com
European Union
152.199.21.175
sni1gl.wpc.omegacdn.net
United States
142.250.186.40
unknown
United States
172.217.16.195
unknown
United States
142.250.185.78
analytics.google.com
United States
18.172.112.6
unknown
United States
18.239.69.73
unknown
United States
151.101.64.238
unknown
United States
18.239.83.104
iam.eu-central-1.fromsmash.co
United States
192.168.2.17
unknown
unknown
172.217.23.106
unknown
United States
151.101.0.237
static.squarespace.map.fastly.net
United States
151.101.0.238
squarespace.map.fastly.net
United States
216.58.206.35
unknown
United States
18.239.18.91
unknown
United States
13.249.9.123
squarespace.fromsmash.co
United States
13.107.253.45
s-part-0017.t-0009.fb-t-msedge.net
United States
142.250.185.132
www.google.com
United States
18.245.31.89
d2vgu95hoyrpkh.cloudfront.net
United States
192.229.133.221
cs837.wac.edgecastcdn.net
United States
142.250.185.136
unknown
United States
64.233.184.84
unknown
United States
142.250.186.66
td.doubleclick.net
United States
35.186.236.0
performance.squarespace.com
United States
There are 40 hidden IPs, click here to show them.