IOC Report
https://vmcsolvo.prismhrperformance.com/Login.aspx?AppraisalId=6724

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 112
JSON data
dropped
Chrome Cache Entry: 113
PNG image data, 163 x 139, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 114
PNG image data, 163 x 139, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 115
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
dropped
Chrome Cache Entry: 116
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 117
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 118
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 119
HTML document, ASCII text, with very long lines (645), with CRLF line terminators
downloaded
Chrome Cache Entry: 120
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 121
ASCII text
downloaded
Chrome Cache Entry: 122
JSON data
downloaded
Chrome Cache Entry: 123
Web Open Font Format (Version 2), TrueType, length 137104, version 331.-31196
downloaded
Chrome Cache Entry: 124
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 125
ASCII text
downloaded
Chrome Cache Entry: 126
ASCII text, with no line terminators
downloaded
There are 6 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2016,i,16681763079191028622,7082791678549408137,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://vmcsolvo.prismhrperformance.com/Login.aspx?AppraisalId=6724"

URLs

Name
IP
Malicious
https://vmcsolvo.prismhrperformance.com/Login.aspx?AppraisalId=6724
malicious
https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=
malicious
https://vmcsolvo.prismhrperformance.com/img/SuiteLogo.png?v2enc=/onzEoIMTPiT7UNpYvRc3BFsIyfFoWumkgGfP3P1ZUM=
20.114.50.7
https://vmcsolvo.prismhrperformance.com/content/vendor/bootstrap/css/bootstrap.min.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/Content/Vendor/fontawesome-pro-5.15.4-web/webfonts/fa-solid-900.woff2
20.114.50.7
http://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=
unknown
https://vmcsolvo.prismhrperformance.com
unknown
http://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=
20.114.50.7
https://vmcsolvo.prismhrperformance.com/assets/css/ColorScheme.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/css/layout.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/Content/Vendor/fontawesome-pro-5.15.4-web/css/solid.min.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/public/api/login/getlogindetails?clientId=7e335664-6102-4ca1-9f6b-83465002445e
20.114.50.7
https://vmcsolvo.prismhrperformance.com/favicon.ico
20.114.50.7
https://vmcsolvo.prismhrperformance.com/img/SuiteLogo.png?v=20240919030343
20.114.50.7
https://vmcsolvo.prismhrperformance.com/assets/css/core.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/css/type.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/css/base-admin.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/content/Vendor/lobibox/css/lobibox.min.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/css/main.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/bundles/core/login?v=x6FMZ575i8TJSGMEwUq8WghBRKfP2BRKOVHU4y1B_hQ1
20.114.50.7
https://vmcsolvo.prismhrperformance.com/Login.aspx?AppraisalId=6724
20.114.50.7
https://vmcsolvo.prismhrperformance.com/css/login.css
20.114.50.7
https://vmcsolvo.prismhrperformance.com/Content/Vendor/fontawesome-pro-5.15.4-web/css/fontawesome.min.css
20.114.50.7
There are 12 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
vmcsolvo.prismhrperformance.com
20.114.50.7
malicious
www.google.com
142.250.186.36
s-part-0039.t-0009.t-msedge.net
13.107.246.67
fp2e7a.wpc.phicdn.net
192.229.221.95
s-part-0032.t-0009.t-msedge.net
13.107.246.60

IPs

IP
Domain
Country
Malicious
20.114.50.7
vmcsolvo.prismhrperformance.com
United States
malicious
142.250.186.36
www.google.com
United States
192.168.2.4
unknown
unknown
239.255.255.250
unknown
Reserved

DOM / HTML

URL
Malicious
https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=
malicious
https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=
malicious
https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=