IOC Report
http://dispary.com/

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 21:11:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 21:11:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 21:11:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 21:11:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 23 21:11:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
Web Open Font Format (Version 2), TrueType, length 7932, version 1.0
downloaded
Chrome Cache Entry: 101
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 576
downloaded
Chrome Cache Entry: 102
PNG image data, 885 x 60, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 103
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2050x684, components 3
dropped
Chrome Cache Entry: 104
HTML document, ASCII text, with very long lines (365)
downloaded
Chrome Cache Entry: 105
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 707980
downloaded
Chrome Cache Entry: 106
gzip compressed data, max compression, original size modulo 2^32 11211
downloaded
Chrome Cache Entry: 107
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 108
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 24006
downloaded
Chrome Cache Entry: 109
gzip compressed data, max compression, original size modulo 2^32 5356
downloaded
Chrome Cache Entry: 110
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2050x684, components 3
dropped
Chrome Cache Entry: 111
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 131031
downloaded
Chrome Cache Entry: 112
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 490x528, components 3
dropped
Chrome Cache Entry: 113
Web Open Font Format (Version 2), TrueType, length 56780, version 4.197
downloaded
Chrome Cache Entry: 114
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3914
downloaded
Chrome Cache Entry: 115
PNG image data, 885 x 60, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 116
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
downloaded
Chrome Cache Entry: 117
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 314
downloaded
Chrome Cache Entry: 118
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 490x528, components 3
downloaded
Chrome Cache Entry: 119
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0
downloaded
Chrome Cache Entry: 120
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
dropped
Chrome Cache Entry: 121
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 707980
dropped
Chrome Cache Entry: 122
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 132870
downloaded
Chrome Cache Entry: 78
Web Open Font Format (Version 2), TrueType, length 5416, version 1.0
downloaded
Chrome Cache Entry: 79
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5357
downloaded
Chrome Cache Entry: 80
HTML document, ASCII text, with very long lines (365)
downloaded
Chrome Cache Entry: 81
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3914
dropped
Chrome Cache Entry: 82
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2050x684, components 3
downloaded
Chrome Cache Entry: 83
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
downloaded
Chrome Cache Entry: 84
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
downloaded
Chrome Cache Entry: 85
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2050x684, components 3
downloaded
Chrome Cache Entry: 86
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 490x528, components 3
downloaded
Chrome Cache Entry: 87
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 131031
dropped
Chrome Cache Entry: 88
JSON data
dropped
Chrome Cache Entry: 89
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 90
Web Open Font Format (Version 2), TrueType, length 5552, version 1.0
downloaded
Chrome Cache Entry: 91
HTML document, ASCII text, with very long lines (365)
downloaded
Chrome Cache Entry: 92
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
downloaded
Chrome Cache Entry: 93
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2050x684, components 3
dropped
Chrome Cache Entry: 94
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
downloaded
Chrome Cache Entry: 95
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 23811
downloaded
Chrome Cache Entry: 96
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 314
dropped
Chrome Cache Entry: 97
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2050x684, components 3
downloaded
Chrome Cache Entry: 98
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 490x528, components 3
dropped
Chrome Cache Entry: 99
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 223926
downloaded
There are 42 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=2000,i,3330462506019151281,16819352434649935967,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://dispary.com/"

URLs

Name
IP
Malicious
http://dispary.com/
http://www.dispary.com:80/Uploads/Files/MainDocuments/dispary_logo.jpg
unknown
http://www.dispary.com/Uploads/Stoklar/1_1_k.jpg
31.210.157.34
http://www.dispary.com/Tema/B2C_TEMA3/assets/css/style.css
31.210.157.34
http://www.dispary.com/Tema/B2C_TEMA3/assets/css/main.css
31.210.157.34
http://cdn.rawgit.com/stevenschobert/instafeed.js/master/instafeed.min.js
169.150.236.104
https://connect.facebook.net/tr_TR/all.js
157.240.253.1
http://dispary.com/
31.210.157.34
http://www.dispary.com/hata/e404
31.210.157.34
http://www.dispary.com/favicon.ico
31.210.157.34
http://www.dispary.com/Assets/fonts/FontAwesome/fontawesome-webfont.woff2?v=4.3.0
31.210.157.34
https://cdn.jsdelivr.net/gh/stevenschobert/instafeed.js@master/instafeed.min.js
151.101.193.229
https://shop.boyacioglukozmetik.com.tr/Tema/B2C_Ayakkabi/assets/img/banks.png
31.210.157.35
http://www.dispary.com/img/carousel-icons.png
31.210.157.34
http://www.dispary.com/Tema/B2C_TEMA3/assets/css/edit.css
31.210.157.34
http://www.dispary.com/Uploads/Files/MainDocuments/dispary_logo.jpg
31.210.157.34
http://www.dispary.com:80/Tema/YeniTema/assets/img/lang/tr.gif
unknown
http://www.dispary.com/Tema/B2C_TEMA3/assets/js/custom.js
31.210.157.34
http://www.dispary.com/Uploads/Bannerlar/5389-tr.jpg
31.210.157.34
http://www.dispary.com/Uploads/Bannerlar/5390-tr.jpg
31.210.157.34
http://www.dispary.com/Tema/B2C_TEMA3/assets/js/main.js
31.210.157.34
http://www.dispary.com/Uploads/Bannerlar/5388-tr.jpg
31.210.157.34
http://www.dispary.com/Tema/YeniTema/assets/img/lang/en.gif
31.210.157.34
http://www.dispary.com/Assets/Css/font-awesome.min.css
31.210.157.34
http://www.dispary.com/Uploads/Stoklar/7_1_k.jpg
31.210.157.34
http://www.dispary.com/Tema/YeniTema/assets/img/lang/tr.gif
31.210.157.34
http://www.dispary.com/cache/frontjs?v=FyoS5A7Xno6oxTqBUXxwRd9uoTNJs_pqAaFpaFpQAqk1
31.210.157.34
http://www.dispary.com/tr/Servis/GetMenu
31.210.157.34
http://www.dispary.com/
http://www.dispary.com:80/Tema/YeniTema/assets/img/lang/en.gif
unknown
http://www.dispary.com/Tema/B2C_TEMA3/assets/js/site.js
31.210.157.34
http://www.dispary.com/cache/frontcss?v=GibixL5l8jQHBQhDNdWp7TSw0241GIgI4_zeUfOMAPE1
31.210.157.34
There are 21 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
jsdelivr.map.fastly.net
151.101.193.229
star-mini.c10r.facebook.com
157.240.253.35
dispary.com
31.210.157.34
scontent.xx.fbcdn.net
157.240.252.13
plus.l.google.com
142.250.184.238
www.google.com
142.250.186.100
shop.boyacioglukozmetik.com.tr
31.210.157.35
rawgitcdn.b-cdn.net
169.150.236.104
platform.twitter.map.fastly.net
199.232.188.157
s-part-0032.t-0009.t-msedge.net
13.107.246.60
fp2e7a.wpc.phicdn.net
192.229.221.95
windowsupdatebg.s.llnwi.net
87.248.205.0
www.facebook.com
unknown
www.dispary.com
unknown
cdn.jsdelivr.net
unknown
cdn.rawgit.com
unknown
platform.twitter.com
unknown
connect.facebook.net
unknown
apis.google.com
unknown
www.facebook.net
unknown
staticxx.facebook.com
unknown
There are 11 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
151.101.193.229
jsdelivr.map.fastly.net
United States
192.168.2.7
unknown
unknown
192.168.2.4
unknown
unknown
192.168.2.5
unknown
unknown
169.150.236.104
rawgitcdn.b-cdn.net
United States
239.255.255.250
unknown
Reserved
31.210.157.34
dispary.com
Turkey
157.240.253.1
unknown
United States
31.210.157.35
shop.boyacioglukozmetik.com.tr
Turkey
142.250.186.100
www.google.com
United States

DOM / HTML

URL
Malicious
http://www.dispary.com/
http://www.dispary.com/
http://www.dispary.com/
http://www.dispary.com/