IOC Report
https://formation-moodle.com/

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 144
ASCII text
dropped
Chrome Cache Entry: 145
ASCII text, with very long lines (17535)
dropped
Chrome Cache Entry: 146
ASCII text, with very long lines (1965)
downloaded
Chrome Cache Entry: 147
ASCII text, with very long lines (6014)
dropped
Chrome Cache Entry: 148
HTML document, ASCII text, with very long lines (10498)
downloaded
Chrome Cache Entry: 149
ASCII text, with very long lines (65447)
dropped
Chrome Cache Entry: 150
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 151
JSON data
dropped
Chrome Cache Entry: 152
HTML document, ASCII text, with very long lines (1877)
dropped
Chrome Cache Entry: 153
HTML document, ASCII text, with very long lines (10498)
downloaded
Chrome Cache Entry: 154
JSON data
downloaded
Chrome Cache Entry: 155
Unicode text, UTF-8 text, with very long lines (6073)
dropped
Chrome Cache Entry: 156
HTML document, ASCII text, with very long lines (10498)
downloaded
Chrome Cache Entry: 157
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
Chrome Cache Entry: 158
JSON data
dropped
Chrome Cache Entry: 159
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 160
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 161
JSON data
dropped
Chrome Cache Entry: 162
JSON data
dropped
Chrome Cache Entry: 163
Unicode text, UTF-8 text, with very long lines (6073)
downloaded
Chrome Cache Entry: 164
JSON data
downloaded
Chrome Cache Entry: 165
JSON data
dropped
Chrome Cache Entry: 166
ASCII text, with very long lines (6014)
downloaded
Chrome Cache Entry: 167
ASCII text, with very long lines (17535)
downloaded
Chrome Cache Entry: 168
JSON data
dropped
Chrome Cache Entry: 169
Web Open Font Format (Version 2), TrueType, length 156404, version 773.1280
downloaded
Chrome Cache Entry: 170
ASCII text, with very long lines (62853)
dropped
Chrome Cache Entry: 171
HTML document, Unicode text, UTF-8 text, with very long lines (10498)
downloaded
Chrome Cache Entry: 172
HTML document, ASCII text, with very long lines (1877)
downloaded
Chrome Cache Entry: 173
JSON data
downloaded
Chrome Cache Entry: 174
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 175
JSON data
downloaded
Chrome Cache Entry: 176
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 177
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
dropped
Chrome Cache Entry: 178
ASCII text, with very long lines (62853)
downloaded
Chrome Cache Entry: 179
JSON data
downloaded
Chrome Cache Entry: 180
JSON data
downloaded
Chrome Cache Entry: 181
JSON data
downloaded
Chrome Cache Entry: 182
JSON data
dropped
Chrome Cache Entry: 183
Unicode text, UTF-8 text, with very long lines (36874)
dropped
Chrome Cache Entry: 184
ASCII text
downloaded
Chrome Cache Entry: 185
JSON data
downloaded
Chrome Cache Entry: 186
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 187
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 188
JSON data
dropped
Chrome Cache Entry: 189
Unicode text, UTF-8 text, with very long lines (36874)
downloaded
There are 37 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=1952,i,5050060118051482423,1514282366824728734,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://formation-moodle.com/"

URLs

Name
IP
Malicious
https://formation-moodle.com/
https://www.formation-moodle.com/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1729585385&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
109.234.166.144
https://www.formation-moodle.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1729176478&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
109.234.166.144
https://cdn.jsdelivr.net/npm/mathjax
unknown
https://www.formation-moodle.com/login/index.php?lang=fr
unknown
https://www.formation-moodle.com/lib/javascript.php/1729176478/lib/jquery/jquery-3.7.1.min.js
109.234.166.144
http://gist.github.com/292562
unknown
https://opensource.org/licenses/MIT
unknown
https://www.formation-moodle.com/lib/ajax/service-nologin.php?info=core_get_string&cachekey=1729585385&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22changesmadereallygoaway%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22moodle%22%2C%22lang%22%3A%22en%22%7D%7D%5D
109.234.166.144
https://www.formation-moodle.com/lib/javascript.php/1729176478/lib/javascript-static.js
109.234.166.144
http://lunrjs.com
unknown
https://developer.mozilla.org/en-US/docs/Web/API/Window/sessionStorage
unknown
https://github.com/requirejs/requirejs/blob/master/LICENSE
unknown
http://skodak.org
unknown
https://www.formation-moodle.com/lib/requirejs.php/1729176478/
unknown
https://developer.mozilla.org/en-US/docs/Web/API/WindowEventHandlers/onbeforeunload
unknown
https://fontawesome.com/license/free
unknown
https://moodleassociation.org/
unknown
http://www.upc.edu
unknown
https://fontawesome.com
unknown
https://www.formation-moodle.com/theme/yui_combo.php?rollup/3.18.1/yui-moodlesimple-min.js
109.234.166.144
https://www.formation-moodle.com/lib/ajax/service.php?sesskey=hrPPWDEMpD&info=media_videojs_get_language
109.234.166.144
https://www.formation-moodle.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies&cachekey=1729176478&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
109.234.166.144
https://www.formation-moodle.com/lib/javascript.php/1729176478/lib/requirejs/require.min.js
109.234.166.144
https://www.formation-moodle.com/lib/javascript.php/1729176478/lib/jquery/ui-1.13.2/jquery-ui.min
unknown
https://www.formation-moodle.com/theme/image.php/boost/theme/1729176478/favicon
109.234.166.144
https://www.formation-moodle.com/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1729176478&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D
109.234.166.144
https://www.formation-moodle.com/lib/requirejs.php/1729176478/core/first.js
109.234.166.144
https://www.formation-moodle.com/lib/javascript.php/1729176478/lib/requirejs/jquery-private.js
109.234.166.144
https://www.formation-moodle.com/
https://www.formation-moodle.com/lib/javascript.php/1729176478/lib/requirejs/jquery-private
unknown
https://cdn.tiny.cloud/1/
unknown
https://formation-moodle.com/
109.234.166.144
https://www.formation-moodle.com/lib/javascript.php/1729176478/lib/polyfills/polyfill.js
109.234.166.144
http://www.catalyst-eu.net/
unknown
https://www.formation-moodle.com/login/index.php
http://www.apache.org/licenses/LICENSE-2.0
unknown
https://www.formation-moodle.com/admin/tool/dataprivacy/summary.php
unknown
https://github.com/twbs/bootstrap/blob/main/LICENSE)
unknown
https://www.formation-moodle.com/theme/yui_combo.php?rollup/3.18.1/yui-moodlesimple-min.css
109.234.166.144
https://www.formation-moodle.com/lib/javascript.php/1729176478/lib/jquery/jquery-3.7.1.min
unknown
http://oaa-accessibility.org/example/41/.
unknown
http://oaa-accessibility.org/example/41/
unknown
https://getbootstrap.com/)
unknown
https://www.formation-moodle.com/theme/font.php/boost/core/1729176478/fa-solid-900.woff2
109.234.166.144
https://www.formation-moodle.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1729176478&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
109.234.166.144
https://moodle.com
unknown
https://cdn.jsdelivr.net/npm/mathjax@2.7.9/MathJax.js?delayStartupUntil=configured
151.101.129.229
https://www.formation-moodle.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies&cachekey=1729176478&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
109.234.166.144
https://github.com/pathable/truncate
unknown
https://www.formation-moodle.com/theme/styles.php/boost/1729176478_1/all
109.234.166.144
http://yura.thinkweb2.com/cft/
unknown
http://oaa-accessibility.org/example/26/
unknown
https://www.gnu.org/copyleft/gpl.html
unknown
https://www.paypal.com/sdk/js?client-id=
unknown
http://www.davidmonllao.com
unknown
https://www.formation-moodle.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies&cachekey=1729176478&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22form_input_toggle_sensitive%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
109.234.166.144
https://www.formation-moodle.com/login/forgot_password.php
https://lea.verou.me
unknown
http://www.gnu.org/copyleft/gpl.html
unknown
There are 49 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
jsdelivr.map.fastly.net
151.101.129.229
bg.microsoft.map.fastly.net
199.232.210.172
formation-moodle.com
109.234.166.144
www.google.com
142.250.186.100
cdn.jsdelivr.net
unknown
www.formation-moodle.com
unknown

IPs

IP
Domain
Country
Malicious
151.101.129.229
jsdelivr.map.fastly.net
United States
192.168.2.7
unknown
unknown
192.168.2.10
unknown
unknown
239.255.255.250
unknown
Reserved
109.234.166.144
formation-moodle.com
France
142.250.186.100
www.google.com
United States

DOM / HTML

URL
Malicious
https://www.formation-moodle.com/
https://www.formation-moodle.com/
https://www.formation-moodle.com/login/index.php
https://www.formation-moodle.com/login/index.php
https://www.formation-moodle.com/login/forgot_password.php
https://www.formation-moodle.com/login/forgot_password.php
https://www.formation-moodle.com/login/forgot_password.php
https://www.formation-moodle.com/login/forgot_password.php