IOC Report
https://reolink.com/ch/software-and-manual/

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 09:34:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 09:34:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 09:34:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 09:34:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 09:34:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\Downloads\24d5674e-ea51-4aec-bc42-b5c525e55518.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\Downloads\Unconfirmed 801748.crdownload
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
Chrome Cache Entry: 190
ASCII text, with very long lines (4877), with no line terminators
downloaded
Chrome Cache Entry: 191
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 192
ASCII text
downloaded
Chrome Cache Entry: 194
ASCII text, with very long lines (9217)
downloaded
Chrome Cache Entry: 195
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 196
Unicode text, UTF-8 text, with very long lines (3196)
dropped
Chrome Cache Entry: 198
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 199
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 201
ASCII text, with very long lines (4913), with no line terminators
dropped
Chrome Cache Entry: 202
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 206
JSON data
downloaded
Chrome Cache Entry: 207
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 208
ASCII text, with very long lines (1134), with no line terminators
dropped
Chrome Cache Entry: 209
Web Open Font Format (Version 2), TrueType, length 51116, version 1.0
downloaded
Chrome Cache Entry: 210
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 211
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 212
ASCII text, with very long lines (4813), with no line terminators
downloaded
Chrome Cache Entry: 213
C source, ASCII text
downloaded
Chrome Cache Entry: 214
ASCII text, with very long lines (65307)
dropped
Chrome Cache Entry: 216
Unicode text, UTF-8 text, with very long lines (36889), with no line terminators
downloaded
Chrome Cache Entry: 218
ASCII text, with very long lines (4913), with no line terminators
downloaded
Chrome Cache Entry: 219
Unicode text, UTF-8 text, with very long lines (23651), with no line terminators
downloaded
Chrome Cache Entry: 220
ASCII text, with very long lines (3835)
downloaded
Chrome Cache Entry: 221
ASCII text, with very long lines (4813), with no line terminators
dropped
Chrome Cache Entry: 222
ASCII text, with very long lines (3835)
downloaded
Chrome Cache Entry: 223
ASCII text, with very long lines (63235)
downloaded
Chrome Cache Entry: 224
data
downloaded
Chrome Cache Entry: 226
data
downloaded
Chrome Cache Entry: 227
ASCII text, with very long lines (4914), with no line terminators
downloaded
Chrome Cache Entry: 228
ASCII text, with very long lines (16769)
downloaded
Chrome Cache Entry: 229
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 230
HTML document, ASCII text, with very long lines (43190), with no line terminators
downloaded
Chrome Cache Entry: 231
C source, ASCII text, with very long lines (17112), with no line terminators
dropped
Chrome Cache Entry: 234
ASCII text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 235
HTML document, ASCII text, with very long lines (815)
downloaded
Chrome Cache Entry: 236
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x400, components 3
downloaded
Chrome Cache Entry: 237
ASCII text, with very long lines (4815), with no line terminators
downloaded
Chrome Cache Entry: 238
ASCII text, with very long lines (10215), with no line terminators
downloaded
Chrome Cache Entry: 239
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 242
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 245
ASCII text
downloaded
Chrome Cache Entry: 246
ASCII text
downloaded
Chrome Cache Entry: 247
gzip compressed data, from Unix, original size modulo 2^32 43900
dropped
Chrome Cache Entry: 248
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 251
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 254
ASCII text, with very long lines (4878), with no line terminators
downloaded
Chrome Cache Entry: 256
data
downloaded
Chrome Cache Entry: 257
ASCII text, with very long lines (4913), with no line terminators
downloaded
Chrome Cache Entry: 260
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 262
HTML document, ASCII text, with very long lines (64002), with no line terminators
downloaded
Chrome Cache Entry: 263
ASCII text, with very long lines (4877), with no line terminators
downloaded
Chrome Cache Entry: 264
HTML document, ASCII text, with very long lines (43190), with no line terminators
downloaded
Chrome Cache Entry: 266
data
downloaded
Chrome Cache Entry: 267
HTML document, ASCII text, with very long lines (64002), with no line terminators
downloaded
Chrome Cache Entry: 268
ASCII text, with very long lines (1806), with no line terminators
downloaded
Chrome Cache Entry: 269
Web Open Font Format (Version 2), TrueType, length 28388, version 1.0
downloaded
Chrome Cache Entry: 270
data
downloaded
Chrome Cache Entry: 271
Web Open Font Format (Version 2), TrueType, length 106756, version 1.0
downloaded
Chrome Cache Entry: 272
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 273
assembler source, ASCII text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 277
ASCII text
dropped
Chrome Cache Entry: 279
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 280
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 284
ASCII text, with very long lines (18960)
downloaded
Chrome Cache Entry: 286
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 287
ASCII text, with very long lines (4914), with no line terminators
dropped
Chrome Cache Entry: 288
PNG image data, 43 x 43, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 292
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 293
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 295
data
downloaded
Chrome Cache Entry: 296
C source, ASCII text, with very long lines (58208), with no line terminators
downloaded
Chrome Cache Entry: 297
OpenPGP Secret Key
downloaded
Chrome Cache Entry: 302
HTML document, ASCII text, with very long lines (64002), with no line terminators
downloaded
Chrome Cache Entry: 306
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 307
ASCII text, with very long lines (4878), with no line terminators
dropped
Chrome Cache Entry: 308
Web Open Font Format (Version 2), TrueType, length 28616, version 1.0
downloaded
Chrome Cache Entry: 311
PNG image data, 43 x 43, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 313
ASCII text, with very long lines (998)
dropped
Chrome Cache Entry: 314
Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
dropped
Chrome Cache Entry: 315
ASCII text, with very long lines (16769)
dropped
Chrome Cache Entry: 316
data
downloaded
Chrome Cache Entry: 319
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 320
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 321
JSON data
dropped
Chrome Cache Entry: 322
Unicode text, UTF-8 text, with very long lines (65413), with no line terminators
downloaded
Chrome Cache Entry: 323
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 325
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 327
ASCII text, with very long lines (12027)
dropped
Chrome Cache Entry: 328
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 330
OpenPGP Secret Key
downloaded
Chrome Cache Entry: 331
HTML document, ASCII text, with very long lines (723), with no line terminators
downloaded
Chrome Cache Entry: 332
ASCII text, with very long lines (2343)
downloaded
Chrome Cache Entry: 337
Unicode text, UTF-8 text, with very long lines (51384), with no line terminators
dropped
Chrome Cache Entry: 338
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 339
ASCII text, with very long lines (4877), with no line terminators
dropped
Chrome Cache Entry: 340
ASCII text, with very long lines (1136), with no line terminators
downloaded
Chrome Cache Entry: 341
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 342
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 343
JSON data
downloaded
Chrome Cache Entry: 344
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 345
PNG image data, 121 x 24, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 346
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 347
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 349
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 350
HTML document, Unicode text, UTF-8 text, with very long lines (56926), with no line terminators
dropped
Chrome Cache Entry: 353
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 354
PNG image data, 43 x 43, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 355
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 356
ASCII text, with very long lines (4913), with no line terminators
dropped
Chrome Cache Entry: 357
ASCII text, with very long lines (2485)
downloaded
Chrome Cache Entry: 358
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 359
JSON data
dropped
Chrome Cache Entry: 360
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 361
ASCII text, with very long lines (4813), with no line terminators
dropped
Chrome Cache Entry: 362
ASCII text, with very long lines (19863), with no line terminators
downloaded
Chrome Cache Entry: 363
ASCII text, with very long lines (4814), with no line terminators
dropped
Chrome Cache Entry: 366
ASCII text, with very long lines (4877), with no line terminators
dropped
Chrome Cache Entry: 367
ISO Media, MP4 v2 [ISO 14496-14]
downloaded
Chrome Cache Entry: 368
ASCII text
downloaded
Chrome Cache Entry: 369
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 370
ASCII text, with very long lines (3835)
downloaded
Chrome Cache Entry: 373
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 375
PNG image data, 43 x 43, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 376
Unicode text, UTF-8 text, with very long lines (65471)
downloaded
Chrome Cache Entry: 379
ASCII text, with very long lines (4813), with no line terminators
downloaded
Chrome Cache Entry: 380
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 381
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 382
ASCII text, with very long lines (9217)
dropped
Chrome Cache Entry: 383
ASCII text, with very long lines (1223)
downloaded
Chrome Cache Entry: 385
gzip compressed data, truncated
downloaded
Chrome Cache Entry: 387
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 389
Web Open Font Format (Version 2), TrueType, length 27128, version 1.0
downloaded
Chrome Cache Entry: 391
data
downloaded
Chrome Cache Entry: 393
ASCII text, with very long lines (5552)
dropped
Chrome Cache Entry: 394
RIFF (little-endian) data, Web/P image, VP8 encoding, 712x756, Suserng: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 395
Unicode text, UTF-8 text, with very long lines (65441), with CRLF line terminators
downloaded
Chrome Cache Entry: 396
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 397
ASCII text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 398
JSON data
dropped
Chrome Cache Entry: 399
HTML document, ASCII text, with very long lines (43190), with no line terminators
downloaded
Chrome Cache Entry: 401
Unicode text, UTF-8 text, with very long lines (65471)
dropped
There are 140 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://reolink.com/ch/software-and-manual/
https://reolink.com/ch/software-and-manual/

Domains

Name
IP
Malicious
eztech9385.zendesk.com
216.198.53.1
pixel-origin.mathtag.com
216.200.232.253
lantern.roeyecdn.com
108.158.75.27
dovr6box1p763.cloudfront.net
18.165.220.86
s-part-0035.t-0009.t-msedge.net
13.107.246.63
user-data-eu.bidswitch.net
35.214.136.108
reolink-cloud-api-210673271.us-east-1.elb.amazonaws.com
34.195.206.13
spdc-global.pbp.gysm.yahoodns.net
54.171.122.26
stats.g.doubleclick.net
66.102.1.154
scontent.xx.fbcdn.net
157.240.196.15
static.zdassets.com
216.198.54.3
cm.g.doubleclick.net
172.217.17.34
tm.ad-srv.net
213.239.196.120
ekr.zdassets.com
216.198.53.3
www.google.com
142.250.181.68
ban.tangooserver.com
104.21.35.253
d2pbcviywxotf2.cloudfront.net
108.158.75.57
star-mini.c10r.facebook.com
157.240.196.35
a.nel.cloudflare.com
35.190.80.1
us-u.openx.net
34.98.64.218
tm715.ad-srv.net
213.239.196.120
home-cdn.reolink.us
104.21.233.234
ax-0001.ax-msedge.net
150.171.27.10
dmca-images.b-cdn.net
138.199.15.193
reolink.com
34.227.231.154
dualstack.reddit.map.fastly.net
151.101.65.140
www.mainadv.com
104.21.74.145
reddit.map.fastly.net
151.101.129.140
lantern.roeye.com
52.49.241.201
googleads.g.doubleclick.net
172.217.21.34
ad.ad-srv.net
78.46.111.106
analytics.google.com
172.217.17.46
td.doubleclick.net
172.217.17.66
ib.anycast.adnxs.com
37.252.171.21
edge.gycpi.b.yahoodns.net
87.248.114.11
static.affiliatly.com
172.66.43.74
sp.analytics.yahoo.com
unknown
pixel.mathtag.com
unknown
apis.reolink.com
unknown
secure.adnxs.com
unknown
track.adform.net
unknown
pixel-config.reddit.com
unknown
images.dmca.com
unknown
c.clarity.ms
unknown
x.bidswitch.net
unknown
www.facebook.com
unknown
www.redditstatic.com
unknown
www.dwin1.com
unknown
s2.adform.net
unknown
www.clarity.ms
unknown
cdn.reolink.com
unknown
connect.facebook.net
unknown
s.yimg.com
unknown
x.clarity.ms
unknown
There are 44 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
34.227.231.154
reolink.com
United States
172.217.19.227
unknown
United States
172.217.19.226
unknown
United States
172.217.17.67
unknown
United States
172.217.17.66
td.doubleclick.net
United States
108.158.75.27
lantern.roeyecdn.com
United States
142.250.181.136
unknown
United States
66.102.1.154
stats.g.doubleclick.net
United States
151.101.65.140
dualstack.reddit.map.fastly.net
United States
142.250.181.46
unknown
United States
172.66.40.182
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
104.21.74.145
www.mainadv.com
United States
95.101.110.59
unknown
European Union
1.1.1.1
unknown
Australia
172.217.17.34
cm.g.doubleclick.net
United States
172.217.17.78
unknown
United States
20.114.190.119
unknown
United States
54.195.0.234
unknown
United States
172.66.43.74
static.affiliatly.com
United States
131.253.33.237
unknown
United States
54.171.122.26
spdc-global.pbp.gysm.yahoodns.net
United States
239.255.255.250
unknown
Reserved
216.198.54.3
static.zdassets.com
United States
216.198.54.1
unknown
United States
78.46.111.106
ad.ad-srv.net
Germany
54.246.144.89
unknown
United States
138.199.15.193
dmca-images.b-cdn.net
European Union
157.240.196.35
star-mini.c10r.facebook.com
United States
172.217.19.206
unknown
United States
13.107.246.63
s-part-0035.t-0009.t-msedge.net
United States
35.214.136.108
user-data-eu.bidswitch.net
United States
23.23.229.117
unknown
United States
37.157.3.26
unknown
Denmark
172.217.17.46
analytics.google.com
United States
192.168.2.16
unknown
unknown
216.58.208.227
unknown
United States
18.165.220.86
dovr6box1p763.cloudfront.net
United States
216.200.232.253
pixel-origin.mathtag.com
United States
35.244.159.8
unknown
United States
172.217.19.170
unknown
United States
13.74.129.1
unknown
United States
172.217.21.34
googleads.g.doubleclick.net
United States
142.250.181.68
www.google.com
United States
104.21.233.234
home-cdn.reolink.us
United States
172.217.19.238
unknown
United States
34.195.206.13
reolink-cloud-api-210673271.us-east-1.elb.amazonaws.com
United States
74.121.140.211
unknown
United States
213.239.196.120
tm.ad-srv.net
Germany
108.158.75.57
d2pbcviywxotf2.cloudfront.net
United States
151.101.1.140
unknown
United States
150.171.27.10
ax-0001.ax-msedge.net
United States
74.125.205.84
unknown
United States
87.248.114.11
edge.gycpi.b.yahoodns.net
United Kingdom
34.98.64.218
us-u.openx.net
United States
216.198.53.3
ekr.zdassets.com
United States
52.49.241.201
lantern.roeye.com
United States
157.240.196.15
scontent.xx.fbcdn.net
United States
216.198.53.1
eztech9385.zendesk.com
United States
151.101.129.140
reddit.map.fastly.net
United States
104.21.35.253
ban.tangooserver.com
United States
37.252.171.21
ib.anycast.adnxs.com
European Union
There are 52 hidden IPs, click here to show them.