IOC Report
https://is.gd/EBALCAO5538GERENCIA9475TRIBUT

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 49
PNG image data, 91 x 82, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 50
PNG image data, 91 x 82, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 51
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 52
ASCII text, with very long lines (47671)
downloaded
Chrome Cache Entry: 53
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 54
ASCII text, with very long lines (47671)
dropped

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2036,i,18434258708143767516,7564406212951221258,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://is.gd/EBALCAO5538GERENCIA9475TRIBUT"

URLs

Name
IP
Malicious
https://is.gd/EBALCAO5538GERENCIA9475TRIBUT
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1533798602:1729843850:4630leE5rKOsViuoc61WaVtpUalXdoez539nF3pWsw4/8d80d038da41a922/oR6HspHWVnANBNLCbzC0kDAQCIRVP0RTjE.HUtzB84k-1729844699-1.1.1.1-.AMCc8QQCp8p4rsqSFxz8_8qqDKiWje9ifrlAtfGpApChf2U694fiLpio23tHbei
104.18.94.41
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/usp3g/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
104.18.94.41
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
104.18.94.41
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8d80d038da41a922/1729844701152/qzqkRAfryQgmO_o
104.18.94.41
https://is.gd/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d80d024a824461a
172.67.83.132
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8d80d038da41a922/1729844701153/74b2c13a9156f641090daf275febe56137e1d28ed3a26605910a106e6bd337c4/ib5Kv--7qoTEGFf
104.18.94.41
https://is.gd/favicon.ico
172.67.83.132
https://is.gd/cdn-cgi/challenge-platform/h/b/flow/ov1/2097170713:1729840392:Y76btH9piHyLAcOQrHrDsb_zdxUWIwyhn43TK7VJGso/8d80d024a824461a/TbkKM1Gewteswe_7Lp.rREDWwNReVkrHWHqomvfrY7A-1729844695-1.2.1.1-MgE1g3MKUX9HxeaJsH5rkxFq1pX1tubFkk.uSc0D3sdNsro65MUWNwT3X.OugGJs
172.67.83.132
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d80d038da41a922&lang=auto
104.18.94.41
https://is.gd/EBALCAO5538GERENCIA9475TRIBUT

Domains

Name
IP
Malicious
challenges.cloudflare.com
104.18.95.41
s-part-0017.t-0009.t-msedge.net
13.107.246.45
www.google.com
142.250.185.164
downloadvps.online
35.181.163.54
is.gd
172.67.83.132
fp2e7a.wpc.phicdn.net
192.229.221.95

IPs

IP
Domain
Country
Malicious
104.18.94.41
unknown
United States
35.181.163.54
downloadvps.online
United States
104.18.95.41
challenges.cloudflare.com
United States
192.168.2.4
unknown
unknown
239.255.255.250
unknown
Reserved
142.250.185.164
www.google.com
United States
172.67.83.132
is.gd
United States
104.25.234.53
unknown
United States

DOM / HTML

URL
Malicious
https://is.gd/EBALCAO5538GERENCIA9475TRIBUT
https://is.gd/EBALCAO5538GERENCIA9475TRIBUT
https://is.gd/EBALCAO5538GERENCIA9475TRIBUT
https://is.gd/EBALCAO5538GERENCIA9475TRIBUT
https://is.gd/EBALCAO5538GERENCIA9475TRIBUT?__cf_chl_tk=1AVjn9zYCcZtYW9fE40Ry_17eg.S7kC8mNBPk1v9xqQ-1729844695-1.0.1.1-eAXoj9ZibVI2gctI2d9nDDG5TV3awNVyXPKVTxw8tMY