Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 59
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 190152
|
downloaded
|
||
|
Chrome Cache Entry: 60
|
HTML document, ASCII text, with very long lines (3450), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 61
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 190152
|
dropped
|
||
|
Chrome Cache Entry: 62
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
|
downloaded
|
||
|
Chrome Cache Entry: 63
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
|
dropped
|
||
|
Chrome Cache Entry: 64
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 65
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 66
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 21785
|
dropped
|
||
|
Chrome Cache Entry: 67
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 68
|
HTML document, ASCII text, with very long lines (65504), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
ASCII text, with very long lines (65451)
|
downloaded
|
||
|
Chrome Cache Entry: 71
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 267744
|
downloaded
|
||
|
Chrome Cache Entry: 72
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
downloaded
|
||
|
Chrome Cache Entry: 73
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
|
downloaded
|
||
|
Chrome Cache Entry: 74
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113424
|
downloaded
|
||
|
Chrome Cache Entry: 75
|
ASCII text, with very long lines (65451)
|
dropped
|
||
|
Chrome Cache Entry: 76
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 21785
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
|
dropped
|
||
|
Chrome Cache Entry: 78
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
dropped
|
||
|
Chrome Cache Entry: 79
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 267744
|
dropped
|
There are 12 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2232,i,3775122873185962186,10663787644327668169,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://m3ins.azurewebsites.net/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://m3ins.azurewebsites.net/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML
|
 |
||
|
https://m3ins.azurewebsites.net/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML
|
|
||
|
https://login.microsoftonline.com/common/oauth2/deviceauth
|
|||
|
https://login.microsoftonline.com
|
unknown
|
||
|
https://login.windows-ppe.net
|
unknown
|
||
|
https://api.allorigins.win/get?url=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fdevicecode%3Fapi-version%3D1.0%26client_id%3Dd3590ed6-52b3-4102-aeff-aad2292ab01c%26resource%3Dhttps%3A%2F%2Fgraph.windows.net
|
188.114.97.3
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
m3ins.azurewebsites.net
|
unknown
|
|
|
|
s-part-0016.t-0009.t-msedge.net
|
13.107.246.44
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
www.google.com
|
142.250.185.132
|
||
|
api.allorigins.win
|
188.114.97.3
|
||
|
aadcdn.msftauth.net
|
unknown
|
||
|
login.microsoftonline.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.132
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
188.114.97.3
|
api.allorigins.win
|
European Union
|
||
|
188.114.96.3
|
unknown
|
European Union
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://m3ins.azurewebsites.net/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML
|
|
|
|
https://m3ins.azurewebsites.net/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML
|
|
|
|
https://login.microsoftonline.com/common/oauth2/deviceauth
|
||
|
https://login.microsoftonline.com/common/oauth2/deviceauth
|