Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 00:40:20 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 00:40:20 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 00:40:20 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 00:40:20 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 00:40:20 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 66
|
Unicode text, UTF-8 text, with very long lines (64593)
|
dropped
|
||
|
Chrome Cache Entry: 67
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390
|
dropped
|
||
|
Chrome Cache Entry: 68
|
ASCII text, with very long lines (49854)
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 513
|
dropped
|
||
|
Chrome Cache Entry: 71
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
|
dropped
|
||
|
Chrome Cache Entry: 72
|
ASCII text, with very long lines (49854)
|
dropped
|
||
|
Chrome Cache Entry: 73
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250
|
dropped
|
||
|
Chrome Cache Entry: 74
|
MS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel,
-128x-128, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 75
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 76
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 513
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 78
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 79
|
Unicode text, UTF-8 text, with very long lines (64593)
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
|
downloaded
|
||
|
Chrome Cache Entry: 81
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 82
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
|
downloaded
|
||
|
Chrome Cache Entry: 83
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390
|
downloaded
|
||
|
Chrome Cache Entry: 84
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
MS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel,
-128x-128, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
|
dropped
|
||
|
Chrome Cache Entry: 87
|
Unicode text, UTF-8 (with BOM) text
|
downloaded
|
There are 19 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=1896,i,5167075357235610977,1307917269125286,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123N"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123N
|
 |
||
|
https://chiquitzinbb.com/favicon.ico
|
157.230.134.73
|
|
|
|
https://chiquitzinbb.com/o/jsnom.js
|
157.230.134.73
|
|
|
|
https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123N
|
|
||
|
https://cdn.socket.io/4.6.0/socket.io.min.js
|
unknown
|
||
|
https://google.com
|
unknown
|
||
|
https://cdn.socket.io/4.7.5/socket.io.min.js
|
18.245.31.33
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg
|
152.199.21.175
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc
|
unknown
|
||
|
https://www.w3schools.com/w3css/4/w3.css
|
192.229.133.221
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chiquitzinbb.com
|
157.230.134.73
|
|
|
|
d2vgu95hoyrpkh.cloudfront.net
|
18.245.31.33
|
||
|
cs837.wac.edgecastcdn.net
|
192.229.133.221
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
sni1gl.wpc.omegacdn.net
|
152.199.21.175
|
||
|
www.google.com
|
142.250.185.68
|
||
|
s-part-0039.t-0009.t-msedge.net
|
13.107.246.67
|
||
|
aadcdn.msftauth.net
|
unknown
|
||
|
www.w3schools.com
|
unknown
|
||
|
cdn.socket.io
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.16
|
unknown
|
unknown
|
|
|
|
157.230.134.73
|
chiquitzinbb.com
|
United States
|
|
|
|
142.250.185.68
|
www.google.com
|
United States
|
||
|
13.107.246.45
|
s-part-0017.t-0009.t-msedge.net
|
United States
|
||
|
13.107.246.67
|
s-part-0039.t-0009.t-msedge.net
|
United States
|
||
|
18.245.31.78
|
unknown
|
United States
|
||
|
18.245.31.33
|
d2vgu95hoyrpkh.cloudfront.net
|
United States
|
||
|
192.229.133.221
|
cs837.wac.edgecastcdn.net
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
152.199.21.175
|
sni1gl.wpc.omegacdn.net
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123N
|
|
|
|
https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123N
|
|