IOC Report
https://railrent-railrent.powerappsportals.com/

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 204
ASCII text, with very long lines (48395)
dropped
Chrome Cache Entry: 205
ASCII text, with very long lines (11766), with no line terminators
downloaded
Chrome Cache Entry: 207
ASCII text, with very long lines (61300)
dropped
Chrome Cache Entry: 208
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 209
ASCII text, with very long lines (7625)
dropped
Chrome Cache Entry: 211
PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 212
ASCII text, with very long lines (39862)
downloaded
Chrome Cache Entry: 213
ASCII text, with very long lines (967)
dropped
Chrome Cache Entry: 214
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 216
ASCII text, with very long lines (47531)
downloaded
Chrome Cache Entry: 217
JSON data
dropped
Chrome Cache Entry: 219
ASCII text, with very long lines (31803)
downloaded
Chrome Cache Entry: 220
ASCII text, with very long lines (28287)
downloaded
Chrome Cache Entry: 221
ASCII text, with very long lines (65312), with CRLF line terminators
downloaded
Chrome Cache Entry: 223
ASCII text, with very long lines (8056)
dropped
Chrome Cache Entry: 225
ASCII text, with very long lines (32065)
downloaded
Chrome Cache Entry: 228
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 229
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 231
JSON data
dropped
Chrome Cache Entry: 232
ASCII text, with very long lines (383)
downloaded
Chrome Cache Entry: 236
Unicode text, UTF-8 text, with very long lines (65445)
downloaded
Chrome Cache Entry: 237
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 239
ASCII text, with very long lines (6010), with no line terminators
downloaded
Chrome Cache Entry: 242
ASCII text, with very long lines (871)
downloaded
Chrome Cache Entry: 243
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 245
JSON data
dropped
Chrome Cache Entry: 248
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
downloaded
Chrome Cache Entry: 251
Unicode text, UTF-8 text, with very long lines (65300), with CRLF line terminators
downloaded
Chrome Cache Entry: 253
assembler source, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 256
ASCII text, with very long lines (25293)
dropped
Chrome Cache Entry: 257
ASCII text, with very long lines (50758)
downloaded
Chrome Cache Entry: 258
JSON data
dropped
Chrome Cache Entry: 261
ASCII text, with very long lines (540), with no line terminators
downloaded
Chrome Cache Entry: 263
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 264
JSON data
dropped
Chrome Cache Entry: 267
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
Chrome Cache Entry: 268
ASCII text, with very long lines (1835)
downloaded
Chrome Cache Entry: 269
Unicode text, UTF-8 text, with CRLF line terminators
downloaded
Chrome Cache Entry: 273
PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 275
PNG image data, 47 x 82, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 277
ASCII text, with very long lines (64184)
dropped
Chrome Cache Entry: 279
ASCII text, with very long lines (6203)
dropped
Chrome Cache Entry: 282
HTML document, ASCII text, with very long lines (5094)
downloaded
Chrome Cache Entry: 283
ASCII text, with very long lines (6778), with no line terminators
downloaded
Chrome Cache Entry: 284
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 285
Unicode text, UTF-8 text, with very long lines (61934), with no line terminators
downloaded
Chrome Cache Entry: 287
JSON data
dropped
Chrome Cache Entry: 289
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 290
ASCII text, with very long lines (361), with no line terminators
dropped
Chrome Cache Entry: 292
ASCII text, with very long lines (65294), with CRLF line terminators
downloaded
Chrome Cache Entry: 296
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 297
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 299
ASCII text, with very long lines (54049)
downloaded
Chrome Cache Entry: 300
ASCII text, with very long lines (65393), with CRLF line terminators
downloaded
Chrome Cache Entry: 304
JSON data
downloaded
Chrome Cache Entry: 307
ASCII text, with very long lines (8422)
downloaded
Chrome Cache Entry: 308
ASCII text, with very long lines (42815)
downloaded
Chrome Cache Entry: 311
C++ source, ASCII text, with very long lines (8606)
dropped
Chrome Cache Entry: 312
HTML document, ASCII text
downloaded
Chrome Cache Entry: 313
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 314
ASCII text, with very long lines (64632), with CRLF line terminators
downloaded
Chrome Cache Entry: 315
ASCII text, with very long lines (394), with CRLF line terminators
downloaded
There are 59 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://railrent-railrent.powerappsportals.com/
malicious
https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf
malicious
https://railrent-railrent.powerappsportals.com/
malicious
https://filerailrent-railrent.angebotsecurefile.top/&step=f253efe302d32ab264a76e0ce65be769671a36566016everify&uid=671a36566018d
malicious
https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927
malicious
https://filerailrent-railrent.angebotsecurefile.top/

Domains

Name
IP
Malicious
filerailrent-railrent.angebotsecurefile.top
104.21.81.69
 malicious
a.nel.cloudflare.com
35.190.80.1
png.pngtree.com
104.18.2.157
sni1gl.wpc.upsiloncdn.net
152.199.21.175
challenges.cloudflare.com
104.18.95.41
s-part-0017.t-0009.fb-t-msedge.net
13.107.253.45
s-part-0017.t-0009.t-msedge.net
13.107.246.45
www.google.com
216.58.206.36
aadcdn.msauthimages.net
unknown
content.powerapps.com
unknown
railrent-railrent.powerappsportals.com
unknown
There are 1 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
104.21.81.69
filerailrent-railrent.angebotsecurefile.top
United States
malicious
40.79.141.152
unknown
United States
142.250.110.84
unknown
United States
40.79.141.154
unknown
United States
1.1.1.1
unknown
Australia
34.104.35.123
unknown
United States
20.50.64.25
unknown
United States
13.107.246.45
s-part-0017.t-0009.t-msedge.net
United States
104.18.94.41
unknown
United States
192.168.2.16
unknown
unknown
13.107.253.45
s-part-0017.t-0009.fb-t-msedge.net
United States
142.250.185.110
unknown
United States
104.18.95.41
challenges.cloudflare.com
United States
104.18.2.157
png.pngtree.com
United States
216.58.206.36
www.google.com
United States
142.250.181.227
unknown
United States
142.250.181.238
unknown
United States
239.255.255.250
unknown
Reserved
152.199.21.175
sni1gl.wpc.upsiloncdn.net
United States
172.67.140.116
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
142.250.186.99
unknown
United States
142.250.186.138
unknown
United States
There are 13 hidden IPs, click here to show them.