Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 47
|
ASCII text, with very long lines (65447)
|
dropped
|
||
|
Chrome Cache Entry: 48
|
PNG image data, 3396 x 1920, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 49
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 50
|
gzip compressed data, from Unix, original size modulo 2^32 11816
|
downloaded
|
||
|
Chrome Cache Entry: 51
|
gzip compressed data, from Unix, original size modulo 2^32 17854
|
downloaded
|
||
|
Chrome Cache Entry: 52
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 53
|
HTML document, ASCII text, with very long lines (31757), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 54
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 55
|
PNG image data, 3396 x 1920, 8-bit/color RGB, non-interlaced
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1964,i,15332587490438412603,18326055542032576859,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://clickme.thryv.com/ls/click?upn=u001.dxrPihnXBHUGsddmpkmwUOT9H2uuoftUJgS1ImyDp5PjZ7uor3Bx5LY8846lufrxOd-2B-2FCl5NSKC1v9uXskdIrA-3D-3DPV4X_Uxfyb-2FV90WCSGuHCd77YDe2QH-2FfxD2e5Op8ULStuWwSYUM08QLuqWk0rbdQO8p2GP5XR1Nwn9dFZi5DaOMyz92mdTvaHywQzrJIxcHTOEjrrUNll1a6cdLHKylkZo7LdScnRC-2F7iC6hnMEdduqsWXASxbd-2BZeaoWZvCDaIudlukgt9S3uZsKQeBP86XSjGCyt8CMjRvxL6j1Dyr0eym46qao7knFO6iIo9LZAeoxbyu5E6pzhyc9-2F2VP-2BlZM3Ea-2B-2FiBNpyPNxcoMEQ2om5Ig-2F7RZ8WTAt-2F5MxtsslPlJve5tzpsISP74pi-2B8USUpl-2BAaEmzHGUoeKWRMyxJH35FiSw-3D-3D"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://clickme.thryv.com/ls/click?upn=u001.dxrPihnXBHUGsddmpkmwUOT9H2uuoftUJgS1ImyDp5PjZ7uor3Bx5LY8846lufrxOd-2B-2FCl5NSKC1v9uXskdIrA-3D-3DPV4X_Uxfyb-2FV90WCSGuHCd77YDe2QH-2FfxD2e5Op8ULStuWwSYUM08QLuqWk0rbdQO8p2GP5XR1Nwn9dFZi5DaOMyz92mdTvaHywQzrJIxcHTOEjrrUNll1a6cdLHKylkZo7LdScnRC-2F7iC6hnMEdduqsWXASxbd-2BZeaoWZvCDaIudlukgt9S3uZsKQeBP86XSjGCyt8CMjRvxL6j1Dyr0eym46qao7knFO6iIo9LZAeoxbyu5E6pzhyc9-2F2VP-2BlZM3Ea-2B-2FiBNpyPNxcoMEQ2om5Ig-2F7RZ8WTAt-2F5MxtsslPlJve5tzpsISP74pi-2B8USUpl-2BAaEmzHGUoeKWRMyxJH35FiSw-3D-3D
|
 |
||
|
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdrhY6zM7txEf61nPO67_Cl7rOyCGsyEb9GaIEqe3M-p-yN2nJeBUGCXkDygK7t8xYVcKwSgu4v0_u6EZF5srUh16p0vNl1K8hBeBV8dg-KcOpt7y8vrkamMOU2HxW0STp0JDEp21FWuCWxDXZX0EtxoLPSBWR6WwhXZglXIvWXbh24ojuyofD6htY8D4/s3396/userinter.png
|
142.250.181.65
|
||
|
http://brazillinkmobility.com/favicon.ico
|
192.185.214.89
|
||
|
https://code.jquery.com/jquery-3.6.0.min.js
|
151.101.2.137
|
||
|
https://clickme.thryv.com/ls/click?upn=u001.dxrPihnXBHUGsddmpkmwUOT9H2uuoftUJgS1ImyDp5PjZ7uor3Bx5LY8846lufrxOd-2B-2FCl5NSKC1v9uXskdIrA-3D-3DPV4X_Uxfyb-2FV90WCSGuHCd77YDe2QH-2FfxD2e5Op8ULStuWwSYUM08QLuqWk0rbdQO8p2GP5XR1Nwn9dFZi5DaOMyz92mdTvaHywQzrJIxcHTOEjrrUNll1a6cdLHKylkZo7LdScnRC-2F7iC6hnMEdduqsWXASxbd-2BZeaoWZvCDaIudlukgt9S3uZsKQeBP86XSjGCyt8CMjRvxL6j1Dyr0eym46qao7knFO6iIo9LZAeoxbyu5E6pzhyc9-2F2VP-2BlZM3Ea-2B-2FiBNpyPNxcoMEQ2om5Ig-2F7RZ8WTAt-2F5MxtsslPlJve5tzpsISP74pi-2B8USUpl-2BAaEmzHGUoeKWRMyxJH35FiSw-3D-3D
|
3.160.188.112
|
||
|
http://brazillinkmobility.com/cgii/index.html
|
|||
|
https://0fkw.rkhanaid.com/AKlVEiS64UXEo05M_nfcas4zNiMt/
|
104.21.55.245
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
brazillinkmobility.com
|
192.185.214.89
|
||
|
code.jquery.com
|
151.101.2.137
|
||
|
0fkw.rkhanaid.com
|
104.21.55.245
|
||
|
d1rsqi0l6b7evg.cloudfront.net
|
3.160.188.112
|
||
|
www.google.com
|
172.217.21.36
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.181.65
|
||
|
clickme.thryv.com
|
unknown
|
||
|
blogger.googleusercontent.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.17
|
unknown
|
unknown
|
||
|
104.21.55.245
|
0fkw.rkhanaid.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
151.101.2.137
|
code.jquery.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.185.214.89
|
brazillinkmobility.com
|
United States
|
||
|
3.160.188.112
|
d1rsqi0l6b7evg.cloudfront.net
|
United States
|
||
|
151.101.66.137
|
unknown
|
United States
|
||
|
172.217.21.36
|
www.google.com
|
United States
|
||
|
142.250.181.65
|
googlehosted.l.googleusercontent.com
|
United States
|
There are 1 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
http://brazillinkmobility.com/cgii/index.html
|
||
|
http://brazillinkmobility.com/cgii/index.html
|
||
|
http://brazillinkmobility.com/cgii/index.html
|