IOC Report
http://mkto-ab470148.com/OTI2LUhQWC0wNDQAAAGWgrMsXhKJH4Oyc7XpmV7lFOaNu0pGbHtvco3hSAyMpuL0Y1jb3PdmY1fheDdsDnsue-n8cmU=

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 31 17:48:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 31 17:48:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 31 17:48:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 31 17:48:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 31 17:48:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped

URLs

Name
IP
Malicious
http://mkto-ab470148.com/OTI2LUhQWC0wNDQAAAGWgrMsXhKJH4Oyc7XpmV7lFOaNu0pGbHtvco3hSAyMpuL0Y1jb3PdmY1fheDdsDnsue-n8cmU=
https://relay.amazon.com/?utm_source=marketing&utm_medium=email&utm_campaign=sales-gen-large-em1&mkt_tok=OTI2LUhQWC0wNDQAAAGWgrMsXtt8sB_NMfTGffc-PdV_vG1jz-ci6YuZr0hNyx6PeBoKJ_bxoPj9ITEFAPfywYsZLZOMUPl_NafYYwiPiTQgYhhdROCh_dOhcyd4ST8PHg

Domains

Name
IP
Malicious
d18279jai9mgjk.cloudfront.net
3.160.150.107
plus.l.google.com
142.250.185.110
mkto-ab470148.com
52.184.251.130
i.ytimg.com
142.250.186.182
static.doubleclick.net
142.250.181.230
media.amazon.map.fastly.net
151.101.129.16
relay.amazon.com
44.215.116.208
dfz3xbn3chdu5.cloudfront.net
13.33.158.185
youtube-ui.l.google.com
142.250.186.78
cdn.pendo.io
34.36.213.229
googleads.g.doubleclick.net
142.250.185.162
play.google.com
142.250.185.110
unagi-na.amazon.com
44.199.181.5
data.pendo.io
34.107.204.85
photos-ugc.l.googleusercontent.com
172.217.16.129
www.google.com
142.250.185.164
endpoint.prod.us-east-1.forester.a2z.com
3.219.245.233
yt3.ggpht.com
unknown
m.media-amazon.com
unknown
images-na.ssl-images-amazon.com
unknown
unagi.amazon.com
unknown
fls-na.amazon.com
unknown
www.youtube.com
unknown
apis.google.com
unknown
There are 14 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
142.250.74.202
unknown
United States
142.250.186.67
unknown
United States
44.215.137.172
unknown
United States
172.217.16.219
unknown
United States
192.168.2.7
unknown
unknown
151.101.1.16
unknown
United States
192.168.2.9
unknown
unknown
192.168.2.4
unknown
unknown
52.184.251.130
mkto-ab470148.com
United States
192.168.2.6
unknown
unknown
3.211.90.238
unknown
United States
142.250.185.142
unknown
United States
151.101.129.16
media.amazon.map.fastly.net
United States
142.250.186.78
youtube-ui.l.google.com
United States
44.199.181.5
unagi-na.amazon.com
United States
142.250.185.67
unknown
United States
1.1.1.1
unknown
Australia
142.250.186.182
i.ytimg.com
United States
13.33.158.185
dfz3xbn3chdu5.cloudfront.net
United States
142.250.186.38
unknown
United States
172.217.18.3
unknown
United States
142.250.185.110
plus.l.google.com
United States
216.58.206.86
unknown
United States
13.227.219.121
unknown
United States
3.219.245.233
endpoint.prod.us-east-1.forester.a2z.com
United States
216.58.206.46
unknown
United States
142.250.186.106
unknown
United States
239.255.255.250
unknown
Reserved
142.250.185.78
unknown
United States
142.250.185.206
unknown
United States
216.58.212.164
unknown
United States
3.160.150.91
unknown
United States
13.227.219.113
unknown
United States
192.168.2.16
unknown
unknown
3.160.150.107
d18279jai9mgjk.cloudfront.net
United States
34.36.213.229
cdn.pendo.io
United States
142.250.181.230
static.doubleclick.net
United States
142.250.185.202
unknown
United States
216.58.206.35
unknown
United States
142.250.185.164
www.google.com
United States
142.250.186.91
unknown
United States
142.250.185.162
googleads.g.doubleclick.net
United States
142.250.186.132
unknown
United States
34.107.204.85
data.pendo.io
United States
142.250.186.161
unknown
United States
172.217.16.206
unknown
United States
172.217.16.129
photos-ugc.l.googleusercontent.com
United States
142.250.186.162
unknown
United States
142.250.186.163
unknown
United States
44.199.181.222
unknown
United States
142.250.181.227
unknown
United States
44.215.116.208
relay.amazon.com
United States
64.233.167.84
unknown
United States
54.236.248.219
unknown
United States
There are 44 hidden IPs, click here to show them.