IOC Report
https://info-beamer.com/auth/confirm-email/SWYiL2BjFzdd

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 15:48:48 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 15:48:48 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 15:48:48 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 15:48:48 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 15:48:48 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 101
MS Windows icon resource - 1 icon, 25x30, 32 bits/pixel
dropped
Chrome Cache Entry: 102
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 103
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589
downloaded
Chrome Cache Entry: 83
ASCII text, with very long lines (31554)
downloaded
Chrome Cache Entry: 84
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 85
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 86
ASCII text, with very long lines (4345)
dropped
Chrome Cache Entry: 87
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 88
PNG image data, 25 x 30, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 89
ASCII text, with very long lines (1441)
downloaded
Chrome Cache Entry: 90
MS Windows icon resource - 1 icon, 25x30, 32 bits/pixel
downloaded
Chrome Cache Entry: 91
JSON data
dropped
Chrome Cache Entry: 92
ASCII text, with very long lines (1441)
dropped
Chrome Cache Entry: 93
HTML document, ASCII text
downloaded
Chrome Cache Entry: 94
ASCII text, with very long lines (31554)
dropped
Chrome Cache Entry: 95
PNG image data, 25 x 30, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 96
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 97
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 98
JSON data
dropped
Chrome Cache Entry: 99
ASCII text, with very long lines (4345)
downloaded
There are 18 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1880,i,12074721810641078339,11242622976887715105,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://info-beamer.com/auth/confirm-email/SWYiL2BjFzdd"

URLs

Name
IP
Malicious
https://info-beamer.com/auth/confirm-email/SWYiL2BjFzdd
https://status.infobeamer.com/
unknown
https://info-beamer.com/dashboard
188.166.128.20
https://github.com/dividuum/info-beamer-nodes
unknown
https://info-beamer.com/auth/confirm-email/SWYiL2BjFzdd
https://info-beamer.com/x/auth/mfa/email-code
188.166.128.20
https://github.com/info-beamer
unknown
https://cdn.digitalsignagecontent.net/s/f73afd/img/favicon.ico
172.67.69.226
https://cdn.digitalsignagecontent.net/s/f73afd/js/bundle-auth.js
172.67.69.226
https://cdn.digitalsignagecontent.net/s/f73afd/js/bundle-jq.js
172.67.69.226
https://cdn.digitalsignagecontent.net/s/f73afd/js/bundle-main.js
172.67.69.226
https://cdn.digitalsignagecontent.net/s/f73afd/img/logo-small.png
172.67.69.226
https://github.com/info-beamer/package-sdk
unknown
https://cdn.digitalsignagecontent.net/dynimg/gravatar/8659b0620845a204bb297d713cffcb18:32~7B4W2b1d
172.67.69.226
https://info-beamer.com/auth/login
https://handlebarsjs.com/api-reference/runtime-options.html#options-to-control-prototype-access
unknown
https://www.youtube.com/
unknown
https://mastodon.social/
unknown
https://cdn.digitalsignagecontent.net/s/f73afd/js/bundle-vue.js
172.67.69.226
https://cdn.digitalsignagecontent.net/s/f73afd/css/bundle-all.css
172.67.69.226
https://a.nel.cloudflare.com/report/v4?s=aqcKvucG3mo4H5YCkD2a7ylsihw4UFuonljJBSoA2q%2F%2B8N%2FtpGq5rEjOYCo%2FckwZGNEpvvzHBocVjuDyeb%2B7ln%2B0P%2B%2FVZThGS8yf%2F0McVPKw%2FPCayEJRR6tCwqFNNjpYo352gJXCwuz3LiDD6tUK
35.190.80.1
https://cdn.digitalsignagecontent.net/s/f73afd/fonts/glyphicons-halflings-regular.woff2
172.67.69.226
https://info-beamer.com/x/auth/login
188.166.128.20
There are 12 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
a.nel.cloudflare.com
35.190.80.1
info-beamer.com
188.166.128.20
www.google.com
142.250.74.196
cdn.digitalsignagecontent.net
172.67.69.226

IPs

IP
Domain
Country
Malicious
192.168.2.17
unknown
unknown
188.166.128.20
info-beamer.com
Netherlands
104.26.9.44
unknown
United States
239.255.255.250
unknown
Reserved
35.190.80.1
a.nel.cloudflare.com
United States
172.67.69.226
cdn.digitalsignagecontent.net
United States
142.250.74.196
www.google.com
United States

DOM / HTML

URL
Malicious
https://info-beamer.com/auth/confirm-email/SWYiL2BjFzdd
https://info-beamer.com/auth/login
https://info-beamer.com/auth/login
https://info-beamer.com/auth/login
https://info-beamer.com/auth/login
https://info-beamer.com/auth/login