Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x9a09c10d, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\GO30WR0E\s6[1].pdf
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eieldnfk.kk3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 19:03:50 2025, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 19:03:50 2025, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 19:03:50 2025, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 19:03:50 2025, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 19:03:50 2025, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
Unknown
|
dropped
|
There are 2 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://escooterzone.com/play.html
|
 |
||
|
https://escooterzone.com/play.html
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
e1.foiloverturnarrival.shop
|
172.67.194.161
|
|
|
|
escooterzone.com
|
188.114.97.3
|
|
|
|
agiledeals.shop
|
172.67.151.250
|
|
|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
veilyspen.shop
|
172.67.216.225
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
s-part-t-9999.t-msedge.net
|
13.107.246.254
|
||
|
www.google.com
|
142.250.185.132
|
||
|
arm-9999.arm-msedge.net
|
4.150.240.254
|
||
|
wac-9999.wac-msedge.net
|
52.108.8.254
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.194.161
|
e1.foiloverturnarrival.shop
|
United States
|
|
|
|
188.114.97.3
|
escooterzone.com
|
European Union
|
|
|
|
172.67.151.250
|
agiledeals.shop
|
United States
|
|
|
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
216.58.212.131
|
unknown
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
172.217.18.3
|
unknown
|
United States
|
||
|
142.250.185.132
|
www.google.com
|
United States
|
||
|
64.233.167.84
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.163
|
unknown
|
United States
|
||
|
142.250.185.131
|
unknown
|
United States
|
||
|
142.250.186.142
|
unknown
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
2.23.242.162
|
unknown
|
European Union
|
||
|
172.217.18.110
|
unknown
|
United States
|
||
|
172.67.216.225
|
veilyspen.shop
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 8 hidden IPs, click here to show them.