IOC Report
https://gthr.uk/e8c3

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 139
Algol 68 source, ASCII text
dropped
Chrome Cache Entry: 140
ASCII text
downloaded
Chrome Cache Entry: 141
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 142
ASCII text, with very long lines (32148)
downloaded
Chrome Cache Entry: 143
Unicode text, UTF-8 text, with very long lines (10953)
downloaded
Chrome Cache Entry: 144
ASCII text
downloaded
Chrome Cache Entry: 145
ASCII text
downloaded
Chrome Cache Entry: 146
ASCII text, with very long lines (2694)
downloaded
Chrome Cache Entry: 147
ASCII text
downloaded
Chrome Cache Entry: 148
ASCII text, with very long lines (2694)
dropped
Chrome Cache Entry: 149
ASCII text
downloaded
Chrome Cache Entry: 150
ASCII text, with very long lines (3507)
dropped
Chrome Cache Entry: 151
Algol 68 source, ASCII text
downloaded
Chrome Cache Entry: 152
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 153
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 154
ASCII text, with very long lines (13331)
downloaded
Chrome Cache Entry: 155
PNG image data, 60 x 13, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 156
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 157
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 158
ASCII text, with very long lines (364), with CRLF line terminators
dropped
Chrome Cache Entry: 159
ASCII text, with very long lines (3507)
downloaded
Chrome Cache Entry: 160
ASCII text, with very long lines (4215)
downloaded
Chrome Cache Entry: 161
ASCII text, with very long lines (32148)
dropped
Chrome Cache Entry: 162
ASCII text
downloaded
Chrome Cache Entry: 163
ASCII text, with very long lines (32077)
downloaded
Chrome Cache Entry: 164
ASCII text
downloaded
Chrome Cache Entry: 165
ASCII text, with very long lines (14909), with no line terminators
downloaded
Chrome Cache Entry: 166
Unicode text, UTF-8 text, with very long lines (10953)
dropped
Chrome Cache Entry: 167
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 168
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 169
ASCII text, with very long lines (11018)
downloaded
Chrome Cache Entry: 170
ASCII text
downloaded
Chrome Cache Entry: 171
ASCII text, with very long lines (28596)
downloaded
Chrome Cache Entry: 172
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
dropped
Chrome Cache Entry: 173
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 174
TrueType Font data, 14 tables, 1st "GDEF", 27 names, Macintosh, Font data copyright Google 2014RobotoRegularGoogle:Roboto:2014Roboto RegularVersion 2.000980; 20
downloaded
Chrome Cache Entry: 175
ASCII text, with very long lines (524)
dropped
Chrome Cache Entry: 176
Unicode text, UTF-8 text, with very long lines (32090)
downloaded
Chrome Cache Entry: 177
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 178
Unicode text, UTF-8 text
dropped
Chrome Cache Entry: 179
ASCII text
dropped
Chrome Cache Entry: 180
ASCII text, with very long lines (364), with CRLF line terminators
downloaded
Chrome Cache Entry: 181
PNG image data, 32 x 32, 4-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 182
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 183
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 184
Unicode text, UTF-8 text
downloaded
Chrome Cache Entry: 185
ASCII text, with very long lines (2932)
downloaded
Chrome Cache Entry: 186
PNG image data, 32 x 32, 4-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 187
ASCII text, with very long lines (9284)
downloaded
Chrome Cache Entry: 188
Web Open Font Format (Version 2), TrueType, length 70728, version 4.393
downloaded
Chrome Cache Entry: 189
Unicode text, UTF-8 text
dropped
Chrome Cache Entry: 190
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 191
HTML document, Unicode text, UTF-8 text, with very long lines (788), with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 192
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 193
ASCII text, with very long lines (32077)
dropped
Chrome Cache Entry: 194
ASCII text, with very long lines (22367), with no line terminators
downloaded
Chrome Cache Entry: 195
ASCII text, with very long lines (524)
downloaded
Chrome Cache Entry: 196
Unicode text, UTF-8 text, with very long lines (32090)
dropped
Chrome Cache Entry: 197
ASCII text, with very long lines (9284)
dropped
Chrome Cache Entry: 198
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 199
PNG image data, 60 x 13, 8-bit/color RGBA, non-interlaced
downloaded
There are 52 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2000,i,18067291500579562211,3919196223148191013,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gthr.uk/e8c3"

URLs

Name
IP
Malicious
https://gthr.uk/e8c3
malicious
https://gthr.uk/e8c3
malicious
https://gthr.uk/js/bootstrap.min.js
51.89.232.103
 malicious
https://gthr.uk/plugins/accessibility/jbility/css/jbility.css
51.89.232.103
 malicious
https://gthr.uk/js/app.min.js
51.89.232.103
 malicious
https://gthr.uk/records
unknown
 malicious
https://gthr.uk/plugins/clockpicker/bootstrap-clockpicker.min.js
51.89.232.103
 malicious
https://gthr.uk/plugins/autosize-master/dist/autosize.min.js
51.89.232.103
 malicious
https://gthr.uk/plugins/iCheck/icheck.min.js
51.89.232.103
 malicious
https://gthr.uk/plugins/select2/select2.min.js
51.89.232.103
 malicious
https://gthr.uk/favicon-32x32.png
51.89.232.103
 malicious
https://gthr.uk/plugins/iCheck/square/blue.css
51.89.232.103
 malicious
https://gthr.uk/img/dhuft.png
unknown
 malicious
https://gthr.uk/plugins/material-datetimepicker/css/bootstrap-material-datetimepicker.css
51.89.232.103
 malicious
https://gthr.uk/plugins/sweetalert-master/dist/sweetalert.min.css
51.89.232.103
 malicious
https://gthr.uk/plugins/clockpicker/bootstrap-clockpicker.min.css
51.89.232.103
 malicious
https://gthr.uk/css/skins/skin-blue.css
51.89.232.103
 malicious
https://gthr.uk/plugins/datepicker/bootstrap-datepicker.js
51.89.232.103
 malicious
https://gthr.uk/plugins/hopscotch-master/dist/css/hopscotch.min.css
51.89.232.103
 malicious
https://gthr.uk/plugins/datatables/datatables.min.css
51.89.232.103
 malicious
https://gthr.uk/plugins/floatingactionbutton/css/index.css
51.89.232.103
 malicious
https://gthr.uk/plugins/iCheck/line/blue.css
51.89.232.103
 malicious
https://gthr.uk/plugins/datepicker/datepicker3.css
51.89.232.103
 malicious
https://gthr.uk/plugins/font-awesome/css/font-awesome.min.css
51.89.232.103
 malicious
https://gthr.uk/css/custom.css?v=1
51.89.232.103
 malicious
https://gthr.uk/fonts/roboto/Roboto-Regular.ttf
51.89.232.103
 malicious
https://gthr.uk/plugins/select2/select2.min.css
51.89.232.103
 malicious
https://gthr.uk/plugins/iCheck/line/line.png
51.89.232.103
 malicious
https://gthr.uk/css/bootstrap.min.css
51.89.232.103
 malicious
https://gthr.uk/genealabs/laravel-caffeine/drip
unknown
 malicious
https://gthr.uk/plugins/material-datetimepicker/js/bootstrap-material-datetimepicker.js
51.89.232.103
 malicious
https://gthr.uk/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.1
51.89.232.103
 malicious
https://gthr.uk/img/dhuft.svg
51.89.232.103
 malicious
https://gthr.uk/plugins/jQuery/jQuery-1.12.4.min.js
51.89.232.103
 malicious
https://gthr.uk/plugins/accessibility/jbility/js/jbility.js
51.89.232.103
 malicious
https://gthr.uk/plugins/momentjs/moment.js
51.89.232.103
 malicious
https://gthr.uk/css/AdminLTE.css
51.89.232.103
 malicious
https://gthr.uk/plugins/image-picker/image-picker.css
51.89.232.103
 malicious
https://gthr.uk
unknown
 malicious
https://github.com/lipis/bootstrap-social
unknown
http://fontawesome.io
unknown
http://www.broofa.com
unknown
https://github.com/moment/moment/issues/1423
unknown
https://www.google.com/images/cleardot.gif
unknown
http://stackoverflow.com/questions/181348/instantiating-a-javascript-object-by-calling-prototype-con
unknown
https://www.google.com/support/translate
unknown
https://oss.maxcdn.com/respond/1.4.2/respond.min.js
unknown
https://github.com/moment/moment/issues/1548
unknown
http://github.danielcardoso.net/load-awesome/)
unknown
http://git.io/arlzeA
unknown
https://github.com/urielcaire/jbility
unknown
http://getbootstrap.com)
unknown
https://github.com/urielcaire/jBility
unknown
http://www.jacklmoore.com/autosize
unknown
https://datatables.net/download/#bs/jszip-2.5.0/pdfmake-0.1.18/dt-1.10.12/b-1.2.2/b-colvis-1.2.2/b-f
unknown
https://datatables.net/download
unknown
https://github.com/weareoutman/clockpicker/blob/gh-pages/LICENSE)
unknown
https://github.com/moment/moment/issues/1779
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
http://bootstrap-datepicker.readthedocs.org/
unknown
https://github.com/eternicode/bootstrap-datepicker/
unknown
https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js
unknown
http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
unknown
https://translate.google.com
unknown
http://opensource.org/licenses/MIT
unknown
https://github.com/moment/moment/issues/2978
unknown
https://github.com/moment/moment/issues/1407
unknown
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.185.110
http://fontawesome.io/license
unknown
https://github.com/moment/moment/pull/1871
unknown
https://play.google.com/log?format=json&hasfast=true
unknown
https://github.com/moment/moment/issues/2166
unknown
http://eternicode.github.io/bootstrap-datepicker/
unknown
http://fronteed.com
unknown
https://github.com/urielcaire/jscookie
unknown
https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
unknown
http://www.apache.org/licenses/LICENSE-2.0Roboto
unknown
http://www.eyecon.ro/bootstrap-datepicker
unknown
http://www.almsaeedstudio.com
unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)
unknown
http://weareoutman.github.io/clockpicker/)
unknown
There are 70 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gthr.uk
51.89.232.103
 malicious
www3.l.google.com
142.250.185.110
www.google.com
142.250.185.228
fp2e7a.wpc.phicdn.net
192.229.221.95
translate.google.com
unknown

IPs

IP
Domain
Country
Malicious
51.89.232.103
gthr.uk
France
malicious
142.250.186.78
unknown
United States
142.250.185.228
www.google.com
United States
142.250.185.110
www3.l.google.com
United States
192.168.2.6
unknown
unknown
239.255.255.250
unknown
Reserved

DOM / HTML

URL
Malicious
https://gthr.uk/e8c3
https://gthr.uk/e8c3
https://gthr.uk/e8c3
https://gthr.uk/e8c3