IOC Report
https://eu.jotform.com/app/213381340657353

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\Desktop\RMS Customer.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 14:42:36 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\RMS Customer.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 14:42:51 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\42cce12df1d7c5f3.customDestinations-ms (copy)
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\IENVXPTO6ZV511FFEAZQ.temp
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 14:42:26 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 14:42:26 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\RMS Customer.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 14:42:51 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 14:42:26 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 14:42:26 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 14:42:26 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 154
PNG image data, 144 x 144, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 155
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 156
Unicode text, UTF-8 text, with very long lines (54783)
downloaded
Chrome Cache Entry: 157
ASCII text
downloaded
Chrome Cache Entry: 159
ASCII text, with very long lines (48041)
downloaded
Chrome Cache Entry: 160
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 161
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 165
PNG image data, 96 x 96, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 166
Unicode text, UTF-8 text, with very long lines (18756)
downloaded
Chrome Cache Entry: 168
Unicode text, UTF-8 text, with very long lines (9110)
dropped
Chrome Cache Entry: 169
ASCII text
downloaded
Chrome Cache Entry: 170
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 172
ASCII text, with very long lines (12844), with no line terminators
downloaded
Chrome Cache Entry: 173
JSON data
dropped
Chrome Cache Entry: 175
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 177
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 178
ASCII text, with very long lines (8371), with no line terminators
downloaded
Chrome Cache Entry: 181
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 182
ASCII text, with very long lines (11971)
downloaded
Chrome Cache Entry: 183
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 184
HTML document, ASCII text, with very long lines (21703)
downloaded
Chrome Cache Entry: 187
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 189
HTML document, ASCII text, with very long lines (65199)
dropped
Chrome Cache Entry: 190
Unicode text, UTF-8 text, with very long lines (65254)
downloaded
Chrome Cache Entry: 192
ASCII text
downloaded
Chrome Cache Entry: 193
HTML document, ASCII text
downloaded
Chrome Cache Entry: 196
ASCII text, with very long lines (4096), with no line terminators
downloaded
Chrome Cache Entry: 197
Unicode text, UTF-8 text, with very long lines (15296)
dropped
Chrome Cache Entry: 199
ASCII text
downloaded
Chrome Cache Entry: 201
ASCII text, with very long lines (20291)
dropped
Chrome Cache Entry: 203
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 204
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 207
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 208
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 209
Web Open Font Format (Version 2), TrueType, length 69055, version 3.0
downloaded
Chrome Cache Entry: 212
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 213
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 214
ASCII text
downloaded
Chrome Cache Entry: 215
Unicode text, UTF-8 text, with very long lines (41136), with no line terminators
downloaded
Chrome Cache Entry: 216
data
downloaded
Chrome Cache Entry: 217
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 219
Web Open Font Format (Version 2), TrueType, length 74703, version 3.0
downloaded
Chrome Cache Entry: 220
ASCII text, with very long lines (521)
dropped
Chrome Cache Entry: 224
ASCII text, with very long lines (15845)
downloaded
Chrome Cache Entry: 225
Web Open Font Format (Version 2), TrueType, length 71876, version 3.0
downloaded
Chrome Cache Entry: 226
PNG image data, 1115 x 662, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 227
ASCII text, with very long lines (538), with no line terminators
downloaded
Chrome Cache Entry: 229
ASCII text, with very long lines (59987)
downloaded
Chrome Cache Entry: 234
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 236
PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 237
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 238
Unicode text, UTF-8 text, with very long lines (48786)
downloaded
Chrome Cache Entry: 239
HTML document, ASCII text, with CRLF line terminators
dropped
Chrome Cache Entry: 240
ASCII text, with very long lines (65536), with no line terminators
downloaded
There are 56 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://eu.jotform.com/app/213381340657353
https://eu.jotform.com/app/213381340657353
https://eu.jotform.com/app/213381340657353/page/3

Domains

Name
IP
Malicious
cdn01.jotfor.ms
104.22.73.81
portal.activesitecare.com
31.10.40.115
cdn.jotfor.ms
104.22.72.81
eu.jotform.com
104.19.129.105
www.jotform.com
104.19.128.105
js.jotform.com
104.19.128.105
cdn03.jotfor.ms
104.22.73.81
www.google.com
216.58.206.36
cdn02.jotfor.ms
172.67.7.107
o61806.ingest.sentry.io
34.120.195.249
eu-files.jotform.com
34.107.251.125
events.jotform.com
104.19.128.105
widgets.jotform.io
104.26.5.225
There are 3 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
31.10.40.115
portal.activesitecare.com
United Kingdom
1.1.1.1
unknown
Australia
104.19.129.105
eu.jotform.com
United States
108.177.15.84
unknown
United States
216.58.212.142
unknown
United States
104.26.5.225
widgets.jotform.io
United States
192.168.2.16
unknown
unknown
172.67.7.107
cdn02.jotfor.ms
United States
216.58.206.36
www.google.com
United States
34.107.251.125
eu-files.jotform.com
United States
216.58.206.46
unknown
United States
104.19.128.105
www.jotform.com
United States
239.255.255.250
unknown
Reserved
142.250.185.163
unknown
United States
192.168.2.13
unknown
unknown
142.250.185.131
unknown
United States
34.120.195.249
o61806.ingest.sentry.io
United States
104.22.72.81
cdn.jotfor.ms
United States
104.22.73.81
cdn01.jotfor.ms
United States
104.26.4.225
unknown
United States
There are 10 hidden IPs, click here to show them.