IOC Report
https://smarts-ef.org/about/

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:02:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:02:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:02:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:02:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:02:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 59
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 60
ASCII text, with very long lines (3835)
downloaded
Chrome Cache Entry: 61
ASCII text
downloaded
Chrome Cache Entry: 62
PNG image data, 225 x 79, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 63
ASCII text, with very long lines (13479)
downloaded
Chrome Cache Entry: 64
ASCII text, with very long lines (36651)
downloaded
Chrome Cache Entry: 65
PNG image data, 233 x 233, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 66
PNG image data, 225 x 79, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 67
PNG image data, 233 x 233, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 68
Unicode text, UTF-8 text, with very long lines (64125)
dropped
Chrome Cache Entry: 69
ASCII text, with very long lines (16384), with no line terminators
downloaded
Chrome Cache Entry: 70
ASCII text, with very long lines (336)
downloaded
Chrome Cache Entry: 71
PNG image data, 233 x 233, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 72
ASCII text, with very long lines (65366)
downloaded
Chrome Cache Entry: 73
ASCII text, with very long lines (655), with no line terminators
downloaded
Chrome Cache Entry: 74
ASCII text, with very long lines (1392)
downloaded
Chrome Cache Entry: 75
ASCII text, with very long lines (3300), with no line terminators
downloaded
Chrome Cache Entry: 76
ASCII text, with very long lines (36651)
dropped
Chrome Cache Entry: 77
ASCII text
dropped
Chrome Cache Entry: 78
ASCII text
downloaded
Chrome Cache Entry: 79
ASCII text, with very long lines (14965)
downloaded
Chrome Cache Entry: 80
Unicode text, UTF-8 text, with very long lines (64125)
downloaded
Chrome Cache Entry: 81
ASCII text, with very long lines (1392)
dropped
Chrome Cache Entry: 82
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 83
ASCII text
dropped
Chrome Cache Entry: 84
ASCII text
downloaded
Chrome Cache Entry: 85
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 86
ASCII text
downloaded
Chrome Cache Entry: 87
ASCII text
downloaded
Chrome Cache Entry: 88
ASCII text
downloaded
Chrome Cache Entry: 89
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 90
ASCII text, with very long lines (11600), with no line terminators
downloaded
Chrome Cache Entry: 91
ASCII text, with very long lines (3300), with no line terminators
dropped
Chrome Cache Entry: 92
ASCII text, with very long lines (11244)
downloaded
Chrome Cache Entry: 93
ASCII text, with very long lines (6358), with no line terminators
downloaded
Chrome Cache Entry: 94
ASCII text, with very long lines (1162), with no line terminators
downloaded
Chrome Cache Entry: 95
ASCII text, with very long lines (13479)
dropped
Chrome Cache Entry: 96
PNG image data, 233 x 233, 8-bit/color RGBA, non-interlaced
downloaded
There are 35 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1960,i,11375310350145268967,14972002184897722069,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://smarts-ef.org/about/"

URLs

Name
IP
Malicious
https://smarts-ef.org/about/
https://smarts-ef.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
188.114.96.3
https://smarts-ef.org/about/
188.114.96.3
https://smarts-ef.org/wp-content/plugins/paid-memberships-pro/css/select2.min.css?ver=4.1.0-beta.0
188.114.96.3
https://stats.g.doubleclick.net/g/collect
unknown
https://smarts-ef.org/wp-content/uploads/2020/12/HowToGetSMARTS.png
188.114.96.3
https://smarts-ef.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
188.114.96.3
https://smarts-ef.org/wp-content/plugins/insert-or-embed-articulate-content-into-wordpress-premium/js/frontend.js?ver=6.6.2
188.114.96.3
https://smarts-ef.org/wp-includes/blocks/social-links/style.min.css?ver=6.6.2
188.114.96.3
https://smarts-ef.org/wp-content/themes/rild-smarts-2024/style.css?ver=2024.09.9
188.114.96.3
https://smarts-ef.org/wp-content/plugins/theme-my-login/assets/styles/theme-my-login.min.css?ver=7.1.9
188.114.96.3
https://smarts-ef.org/wp-content/plugins/pmpro-nav-menus/widgets/block-widget.js?ver=6.6.2
188.114.96.3
https://smarts-ef.org/wp-includes/blocks/navigation/view.min.js?ver=6.6.2
188.114.96.3
https://smarts-ef.org/wp-includes/blocks/navigation/style.min.css?ver=6.6.2
188.114.96.3
http://go.wpbakery.com/licensing
unknown
https://github.com/select2/select2/blob/master/LICENSE.md
unknown
https://cct.google/taggy/agent.js
unknown
https://smarts-ef.org/wp-content/uploads/2020/12/AboutSMARTS.png
188.114.96.3
https://www.google.com
unknown
https://smarts-ef.org/wp-content/plugins/paid-memberships-pro/css/frontend/base.css?ver=3.3
188.114.96.3
https://smarts-ef.org/wp-content/uploads/2024/08/smarts-header-logo-225x79.png
188.114.96.3
https://smarts-ef.org/wp-includes/js/dist/interactivity.min.js?ver=6.6.2
188.114.96.3
https://td.doubleclick.net
unknown
https://smarts-ef.org/wp-content/plugins/insert-or-embed-articulate-content-into-wordpress-premium/css/frontend.css?ver=6.6.2
188.114.96.3
https://smarts-ef.org/wp-content/plugins/user-activity-tracking-and-log-addon/assets/css/activity-et-front.css?ver=4.2.2
188.114.96.3
https://smarts-ef.org/wp-content/plugins/paid-memberships-pro/css/frontend/variation_1.css?ver=3.3
188.114.96.3
https://wpbakery.com)
unknown
http://www.gnu.org/licenses/gpl-2.0.html
unknown
https://smarts-ef.org
unknown
https://www.merchant-center-analytics.goog
unknown
https://smarts-ef.org/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=8.1.0
188.114.96.3
https://smarts-ef.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.7.2
188.114.96.3
https://a.nel.cloudflare.com/report/v4?s=nrjU9vtQKwNODm1EasGEUUENVskieqh7nFMfyRh9YwHpTjq6fI4K%2B1hs13N7Qd%2BNg6AKWlCGPDayypmBkk0xGkq9DNGnyr4PiQ6HYrXs4VMSVOVfWFUqAwAoihKVKe3y
35.190.80.1
https://smarts-ef.org/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=7.2.0
188.114.96.3
https://smarts-ef.org/wp-content/uploads/2024/08/icon-awesome-search.png
188.114.96.3
https://adservice.google.com/pagead/regclk?
unknown
https://smarts-ef.org/wp-content/plugins/content-blocks-builder/build/custom-blocks.css?ver=2.7.0
188.114.96.3
https://smarts-ef.org/wp-content/plugins/paid-memberships-pro/js/select2.min.js?ver=4.1.0-beta.0
188.114.96.3
https://smarts-ef.org/wp-includes/blocks/image/style.min.css?ver=6.6.2
188.114.96.3
There are 28 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
smarts-ef.org
188.114.96.3
bg.microsoft.map.fastly.net
199.232.210.172
a.nel.cloudflare.com
35.190.80.1
s-part-0017.t-0009.fb-t-msedge.net
13.107.253.45
www.google.com
142.250.185.132
fp2e7a.wpc.phicdn.net
192.229.221.95

IPs

IP
Domain
Country
Malicious
239.255.255.250
unknown
Reserved
188.114.97.3
unknown
European Union
188.114.96.3
smarts-ef.org
European Union
35.190.80.1
a.nel.cloudflare.com
United States
142.250.185.132
www.google.com
United States
192.168.2.5
unknown
unknown