Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Chrome Cache Entry: 100
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 101
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 102
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 103
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 104
|
Unicode text, UTF-8 text, with very long lines (65480), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 105
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 106
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 107
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 108
|
ASCII text, with very long lines (4383), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 109
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 110
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 111
|
ASCII text, with very long lines (65465)
|
downloaded
|
||
Chrome Cache Entry: 112
|
TrueType Font data, 14 tables, 1st "FFTM", 17 names, Microsoft, language 0x409, Copyright Dave Gandy 2016. All rights reserved.FontAwesomeRegularFONTLAB:OTFEXPORTFontAwesome
Re
|
downloaded
|
||
Chrome Cache Entry: 113
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 114
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 115
|
PNG image data, 480 x 320, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 116
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 117
|
ASCII text, with very long lines (1243), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 118
|
TrueType Font data, 20 tables, 1st "GDEF", 41 names, Macintosh, \251 2021 Microsoft Corporation. All Rights Reserved. The
"kern" table of this font was develope
|
downloaded
|
||
Chrome Cache Entry: 119
|
PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 120
|
ASCII text, with very long lines (1243), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 121
|
ASCII text, with very long lines (65424), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 122
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 123
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 124
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 125
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 126
|
PNG image data, 160 x 60, 8-bit gray+alpha, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 127
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 128
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 129
|
TrueType Font data, 20 tables, 1st "GDEF", 37 names, Macintosh, \251 2021 Microsoft Corporation. All Rights Reserved. The
"kern" table of this font was develope
|
downloaded
|
||
Chrome Cache Entry: 130
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 131
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 132
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 133
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 134
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 135
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 136
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 137
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 138
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 139
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 140
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 64
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 65
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 66
|
PNG image data, 480 x 320, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 67
|
PNG image data, 160 x 60, 8-bit gray+alpha, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 68
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 69
|
PNG image data, 220 x 80, 8-bit/color RGBA, interlaced
|
dropped
|
||
Chrome Cache Entry: 70
|
TrueType Font data, digitally signed, 22 tables, 1st "DSIG", 36 names, Microsoft, language 0x403, type 2 string, Normaloby
|
downloaded
|
||
Chrome Cache Entry: 71
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 72
|
PNG image data, 112 x 36, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 73
|
ASCII text, with very long lines (65424), with CRLF line terminators
|
dropped
|
||
Chrome Cache Entry: 74
|
PNG image data, 160 x 60, 8-bit gray+alpha, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 75
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 76
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 77
|
PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 78
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 79
|
TrueType Font data, 20 tables, 1st "GDEF", 41 names, Macintosh, \251 2021 Microsoft Corporation. All Rights Reserved. The
"kern" table of this font was develope
|
downloaded
|
||
Chrome Cache Entry: 80
|
PNG image data, 160 x 60, 8-bit gray+alpha, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 81
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 82
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 83
|
PNG image data, 220 x 80, 8-bit/color RGBA, interlaced
|
downloaded
|
||
Chrome Cache Entry: 84
|
ASCII text, with very long lines (65465)
|
dropped
|
||
Chrome Cache Entry: 85
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 86
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 87
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 88
|
PNG image data, 160 x 60, 8-bit gray+alpha, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 89
|
HTML document, ASCII text, with very long lines (640)
|
downloaded
|
||
Chrome Cache Entry: 90
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 91
|
PNG image data, 112 x 36, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 92
|
PNG image data, 160 x 60, 8-bit gray+alpha, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 93
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 94
|
ASCII text, with very long lines (4383), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 95
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 96
|
PNG image data, 200 x 80, 8-bit/color RGBA, interlaced
|
downloaded
|
||
Chrome Cache Entry: 97
|
Unicode text, UTF-8 text, with very long lines (65480), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 98
|
PNG image data, 200 x 80, 8-bit/color RGBA, interlaced
|
dropped
|
||
Chrome Cache Entry: 99
|
JSON data
|
dropped
|
There are 68 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2008,i,8517968984090429785,15401990405586789260,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bW1oiK-2Fg70N9FV1Dojzh5ZJ6gm2282iFGsrZaX-2FqjVmp1sEnvqhOeeCCHf5DhbI384zbSao3Tph9lcoJuvF0MGr5FmUUfNaJWYnOyMwOmbl6_jHo_VAdWm5g1Y0U-2Bo3iUtCCTbabS-2BY8KRKfU-2Fjw6ULpvr7pyaTVMKjBf4EPA3H5RiX72YEplZSfXTnomvJKRsuorYVEKZ5vhLtPXq-2F8pfrfiv7HzFUVVc07VbFX3lJ9KnDp55AdQT0J8PA3Thc8nABXBhiu-2FoDG1-2F4sWT-2B4n2efFW2Ufl3TGYkEBAC7si8HhTbJZjjh5FFRrL0GAhh6-2FWV70JSK12dAYsbjR1vJLW5eQLq28Knfko6dJmGDawyVsVIpUNgluC6OLMZbYJCqKUCz0euGToDSC-2FrEdjjggHdroU09CwOT-2BZmkDed0OvWqieqTxjdqj60SBHCkTNTn6n9m6jA-3D-3D"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=4184 --field-trial-handle=2008,i,8517968984090429785,15401990405586789260,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService
--lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4036 --field-trial-handle=2008,i,8517968984090429785,15401990405586789260,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bW1oiK-2Fg70N9FV1Dojzh5ZJ6gm2282iFGsrZaX-2FqjVmp1sEnvqhOeeCCHf5DhbI384zbSao3Tph9lcoJuvF0MGr5FmUUfNaJWYnOyMwOmbl6_jHo_VAdWm5g1Y0U-2Bo3iUtCCTbabS-2BY8KRKfU-2Fjw6ULpvr7pyaTVMKjBf4EPA3H5RiX72YEplZSfXTnomvJKRsuorYVEKZ5vhLtPXq-2F8pfrfiv7HzFUVVc07VbFX3lJ9KnDp55AdQT0J8PA3Thc8nABXBhiu-2FoDG1-2F4sWT-2B4n2efFW2Ufl3TGYkEBAC7si8HhTbJZjjh5FFRrL0GAhh6-2FWV70JSK12dAYsbjR1vJLW5eQLq28Knfko6dJmGDawyVsVIpUNgluC6OLMZbYJCqKUCz0euGToDSC-2FrEdjjggHdroU09CwOT-2BZmkDed0OvWqieqTxjdqj60SBHCkTNTn6n9m6jA-3D-3D
|
|||
https://gateway.on24.com/wcc/eh/4557503/category/138150/certification-week-for-microsoft-al-cloud-pa
|
unknown
|
||
http://www.imagemagick.org
|
unknown
|
||
https://vshow.on24.com/vshow/FY24_SCWeek?rc=Default
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek
|
unknown
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=rsrc&action=getAllUiResourcesByTradeshowId&f=json&tradeshowId=3852970&displayJobListings=N&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/view/vsplatform/vsdesktop/dist/assets/on24_logo_new.png
|
199.83.44.48
|
||
https://vshow.on24.com/view/vsplatform/vsdesktop/dist/fonts/fonts/fontawesome-webfont.ttf
|
199.83.44.48
|
||
https://vshow.on24.com/clients/elite/fonts/segoe/SegoeUI.ttf
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=booth&action=getBoothsByTradeshowId&f=json¤tTradeshowId=3852970&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=userRole&action=getUserRoles&f=json&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=test&action=getAllTests&f=json&sponsorTests=Y&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=rsrc&action=getResourceCategories&f=json¤tTradeshowId=3852970&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=hotspots&action=getAll&f=json¤tTradeshowId=3852970&viewCode=booth&boothId=4664248&includeOmnipresent=Y&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek?command=util&action=getCookieValue&name=locale3852970&isPreLogin=Y
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=sponsor&action=getAll&f=json&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek?rc
|
unknown
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=navigation&action=getAll&f=json¤tTradeshowId=3852970&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://github.com/andre-fuchs/kerning-pairs/blob/master/LICENSE.md).
|
unknown
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=chat&action=getGroupChatsByTradeshowId&f=json&tradeshowId=3852970&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://event.on24.com/interface/registration/autoreg/index.html?eventid
|
unknown
|
||
https://prext.on24.com
|
unknown
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=trade&action=getCustomFonts&f=json&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=view&action=getAll&f=json¤tTradeshowId=3852970&l=en&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/clients/elite/fonts/49759/Segoe-Sans-Text-Semibold.ttf
|
199.83.44.48
|
||
https://vsstatic.on24.com/event/47/10/32/0/rt/1/resources/Thank_you_CW_Security-78D3.html
|
unknown
|
||
https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bW1oiK-2Fg70N9FV1Dojzh5ZJ6gm2282iFGsrZaX-2FqjVmp1sEnvqhOeeCCHf5DhbI384zbSao3Tph9lcoJuvF0MGr5FmUUfNaJWYnOyMwOmbl6_jHo_VAdWm5g1Y0U-2Bo3iUtCCTbabS-2BY8KRKfU-2Fjw6ULpvr7pyaTVMKjBf4EPA3H5RiX72YEplZSfXTnomvJKRsuorYVEKZ5vhLtPXq-2F8pfrfiv7HzFUVVc07VbFX3lJ9KnDp55AdQT0J8PA3Thc8nABXBhiu-2FoDG1-2F4sWT-2B4n2efFW2Ufl3TGYkEBAC7si8HhTbJZjjh5FFRrL0GAhh6-2FWV70JSK12dAYsbjR1vJLW5eQLq28Knfko6dJmGDawyVsVIpUNgluC6OLMZbYJCqKUCz0euGToDSC-2FrEdjjggHdroU09CwOT-2BZmkDed0OvWqieqTxjdqj60SBHCkTNTn6n9m6jA-3D-3D
|
199.83.44.68
|
||
https://vshow.on24.com/view/vsplatform/vsdesktop/dist/workers/realtime_worker.js
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek?rc=Default#exhibits/SecurityLive
|
|||
https://vshow.on24.com/vshow/FY24_SCWeek?cacheBash=1729694141975&command=time&action=getAllTimezones&f=json
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=rsrc&action=getTrackList&f=json¤tTradeshowId=3852970&tradeshowId=3852970&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?action=getTime&command=time&f=json&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=sponsor&action=getKeywords&f=json&tradeshowId=3852970&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/clients/elite/fonts/49759/Segoe-Sans-Display-Semibold.ttf
|
199.83.44.48
|
||
http://#VSHOW_DOMAIN#/vshow/#SHOW_CODE#/register.jsp?target
|
unknown
|
||
https://vshow.on24.com/clients/elite/fonts/49759/Segoe-Sans-Display.ttf
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=marquee&action=getByTradeshowId&f=json¤tTradeshowId=3852970&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/favicon.ico
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=trade&action=get&f=json&tradeshowId=3852970&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=surveyandpoll&action=getAllSurveys&f=json&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/view/vsplatform/vsdesktop/dist/workers/logging_worker.js
|
199.83.44.48
|
||
https://vshow.on24.com/view/vsplatform/vsdesktop/dist/version.json
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek?command=util&action=getCookieValue&nocache=54417596&name=loginId3852970&isPreLogin=Y
|
199.83.44.48
|
||
https://vshow.on24.com/view/vsplatform/vsdesktop/dist/production-js.js.map
|
unknown
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=navigation&action=getAll&f=json¤tTradeshowId=3852970&l=en&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
https://vshow.on24.com/view/vsplatform/vsdesktop/dist/vbc_templates_data.json
|
199.83.44.48
|
||
https://vshow.on24.com/vshow/FY24_SCWeek/?command=user&action=getAllModuleFields&f=json&l=en&isPreLogin=Y&cacheBash=1729694141975
|
199.83.44.48
|
||
http://fontawesome.iohttp://fontawesome.io/license/Webfont
|
unknown
|
||
https://vshow.on24.com/view/vts/supporteddata/supported-locales.json
|
199.83.44.48
|
There are 38 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
s-part-0044.t-0009.fb-t-msedge.net
|
13.107.253.72
|
||
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
www.google.com
|
142.250.186.164
|
||
r-email.sg.on24event.com
|
199.83.44.68
|
||
r-vshow.on24.com
|
199.83.44.48
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
email.sg.on24event.com
|
unknown
|
||
vshow.on24.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
239.255.255.250
|
unknown
|
Reserved
|
||
142.250.186.164
|
www.google.com
|
United States
|
||
199.83.44.48
|
r-vshow.on24.com
|
United States
|
||
199.83.44.68
|
r-email.sg.on24event.com
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://vshow.on24.com/vshow/FY24_SCWeek?rc=Default#exhibits/SecurityLive
|
||
https://vshow.on24.com/vshow/FY24_SCWeek?rc=Default#exhibits/SecurityLive
|
||
https://vshow.on24.com/vshow/FY24_SCWeek?rc=Default#exhibits/SecurityLive
|
||
https://vshow.on24.com/vshow/FY24_SCWeek?rc=Default#exhibits/SecurityLive
|