Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 05:07:31 2025, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 05:07:31 2025, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 05:07:31 2025, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 05:07:31 2025, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 05:07:31 2025, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\Downloads\05563c64-0243-4066-8d86-9edca18a6295.tmp
|
PDF document, version 1.7, 1 pages
|
dropped
|
||
|
C:\Users\user\Downloads\Invoice 6979.pdf (copy)
|
PDF document, version 1.7, 1 pages
|
dropped
|
||
|
C:\Users\user\Downloads\Invoice 6979.pdf.crdownload (copy)
|
PDF document, version 1.7, 1 pages
|
dropped
|
||
|
C:\Users\user\Downloads\downloaded.htm (copy)
|
HTML document, Unicode text, UTF-8 text, with very long lines (60633)
|
dropped
|
||
|
C:\Users\user\Downloads\downloaded.htm.crdownload
|
HTML document, Unicode text, UTF-8 text, with very long lines (60633)
|
dropped
|
||
|
C:\Users\user\Downloads\f9394ba0-8ca2-4c74-afdc-4c00362893e0.tmp
|
HTML document, ASCII text, with very long lines (12005)
|
dropped
|
||
|
Chrome Cache Entry: 191
|
HTML document, ASCII text, with very long lines (815)
|
downloaded
|
||
|
Chrome Cache Entry: 194
|
ASCII text, with very long lines (26339)
|
downloaded
|
||
|
Chrome Cache Entry: 198
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 199
|
HTML document, ASCII text, with very long lines (31431)
|
dropped
|
||
|
Chrome Cache Entry: 207
|
ASCII text, with very long lines (1258)
|
downloaded
|
||
|
Chrome Cache Entry: 208
|
ASCII text, with very long lines (24167)
|
downloaded
|
||
|
Chrome Cache Entry: 209
|
ASCII text, with very long lines (14978)
|
downloaded
|
||
|
Chrome Cache Entry: 212
|
ASCII text, with very long lines (26245)
|
downloaded
|
||
|
Chrome Cache Entry: 214
|
ASCII text, with very long lines (30545)
|
downloaded
|
||
|
Chrome Cache Entry: 216
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 219
|
ASCII text, with very long lines (1490)
|
dropped
|
||
|
Chrome Cache Entry: 226
|
ASCII text, with very long lines (9198)
|
downloaded
|
||
|
Chrome Cache Entry: 228
|
ASCII text, with very long lines (20968)
|
downloaded
|
||
|
Chrome Cache Entry: 229
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 231
|
ASCII text, with very long lines (26245)
|
dropped
|
||
|
Chrome Cache Entry: 232
|
ASCII text, with very long lines (1239)
|
downloaded
|
||
|
Chrome Cache Entry: 233
|
ASCII text, with very long lines (16854)
|
dropped
|
||
|
Chrome Cache Entry: 234
|
ASCII text, with very long lines (905)
|
dropped
|
||
|
Chrome Cache Entry: 236
|
ASCII text, with very long lines (22114)
|
downloaded
|
||
|
Chrome Cache Entry: 239
|
ASCII text, with very long lines (55155)
|
dropped
|
||
|
Chrome Cache Entry: 242
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 245
|
ASCII text, with very long lines (15508)
|
dropped
|
||
|
Chrome Cache Entry: 254
|
ASCII text, with very long lines (3025), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 257
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 260
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 264
|
ASCII text, with very long lines (923)
|
downloaded
|
||
|
Chrome Cache Entry: 268
|
gzip compressed data, from Unix, original size modulo 2^32 4158
|
downloaded
|
||
|
Chrome Cache Entry: 269
|
ASCII text, with very long lines (21149)
|
downloaded
|
||
|
Chrome Cache Entry: 274
|
ASCII text, with very long lines (5814)
|
dropped
|
||
|
Chrome Cache Entry: 275
|
ASCII text, with very long lines (26245)
|
downloaded
|
||
|
Chrome Cache Entry: 279
|
Web Open Font Format (Version 2), TrueType, length 35236, version 2.19660
|
downloaded
|
||
|
Chrome Cache Entry: 280
|
gzip compressed data, max compression, from Unix, original size modulo 2^32 71723
|
downloaded
|
||
|
Chrome Cache Entry: 282
|
Web Open Font Format (Version 2), TrueType, length 35228, version 2.19660
|
downloaded
|
||
|
Chrome Cache Entry: 284
|
Web Open Font Format (Version 2), TrueType, length 35152, version 2.19660
|
downloaded
|
||
|
Chrome Cache Entry: 286
|
ASCII text, with very long lines (14287)
|
downloaded
|
||
|
Chrome Cache Entry: 287
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 289
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
There are 40 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://links.notification.intuit.com/ls/click?upn=u001.Hu9nToJLxsJSQR8ZHWn8Ib7JikYF6PNXv5VK-2BAfeSpVHPRNy-2BFDtJ-2BhNUfKXTverofrKjvXVKH4ba5KbTX-2BS4SZmfHvFudSR-2BqsRSymbo-2Fbvx34wePPJQQV5K-2BUELuCdFM5-2FD41PB8d-2BtumdYP9i68-2BFxPMyHuXVtJ4JTb02liwXCDgJp5yaJVNJ9Cxnb83xox0u2Elb0Bglw1s5DzAyyLdbsS9A6dtc7I-2BegkB-2BkuX-2BS4j60J3n-2B7cdEhSWnflJt0eob0SbjnQMHLrtf8Q23Q-3D-3Dgljn_8c0yNZNgtaKxfsrsgDSo76ayPAygXeyDUCCatiUGg84fab9AF2zZtOmLrm5Tumj8LqkkqAU5XxW3tIdPLp8j1j86VckTEinFDFXVg6It28bbkt16xtgZ-2BHEIYPjA2Tnoa5QLOvWaEWZR-2BnVrVN6pkBgAEeLBLIDFZlYWFkHYl6M-2B57z2p2FH7XnToXRX-2B5UU2Kl1GeIUrzyhwa1hFi-2FJHFxp1VX9j88JQDKLBiVrYV5GlHLXe3xGsTLWAsYMQrGOMrC85HlOa8DoQNq29qGnVAqAwFkwfmKc6jENMxXuVkN-2BvGOR-2BPpYWFg1KTf6Nx7iPfDFNmtX4VPlE1MU1vqM1P4biK4-2BJAeBaBgCogeuPShlhKZ6xPboD3pW6xkq6G76Be4obhBG8CIcbQ5ZdVx8qSSUjKzQQgduJFQG0HwENSUNIV6nZBbOI2uTup2fARIXMvD0kQL6-2B2R51APpuXh6pe-2FpchKX-2FzukIjPYRRcwSNzWuUGFHjcU1y-2FUDkOtDfMbtU8NZNNfI1Mo3ol4oGK2ngO-2Bgf-2FT-2FEIqdz0thi8NoG3YmmpdsCUnhINNfUMTrm4vegAlQmu8mZkB8MbJjQlccHs5vbQMmyhJ-2FpuwHRk-2Bwc145tddo628lLW88XvVt5xQjDj8lyt8FiLAAJbKzRQ1MWko-2FPF-2BsjAP5-2FCdWqvV8zw38hM-2B-2FWNNQkHj0QmIK-2F21J3BF5zGB4qaT8ZWrwnI24L0U1QduIZo54jp82WB4xthj331VHHPYd8-2BmIJFH1hjqFn96zn4A3vw-2Fz5s0P-2BCmemEWnE0dipHNe0vaALwXnJ3EiKkN5DOs-2B0eZqwLC6bjqxNxcuCLqhsD6sFnGgB34-2FsnksOs3U4NwB-2B6VkoiXcCXh-2BEVnIZUQ1SDGQGIXgna4WQILZ5wzrVkC3jWK8IwpGOEsAXI5nsU-2Bf-2FKwhInUQusSRpsg3CI95omX6futKP0wte9rJCEF0v-2BdZF8FYk5ppvBSwF2pD-2Fc4wYMcWV6Dsk4ZHV-2FDr1euzzw4oyZ3PCqBOfujr10TQypSjx4HZSiZRtpk23qesBvaWs2sXMcUTTKg80lm4oixyfmSgFZAzxIXLZRM-2BEohHwPldYmamIA1jcw7KubB6Ym5cp5fVzPxYoNKJug1SAwZAEH3qkDlSixfaU5tYsYkGtrqtsXyGUDiBIVVfnop14YjzSEbSspcrYkgaU6K7eXovyLDVEozElLo2bken0LGoGVFstZxwe6GVwoe-2F4uA6I2YIYs8lZykKbcSiFkSptFRFHZ5t8SdKeAwgbsA9fESurV6ep12bgFMm0hvjEuwgXN7OZpmkkGsGx9-2BR1QessN4UjAsUvKtfTqFrRP-2FicBG5o1te5TvZBPGOZ37DJJHA0phnHCZcK52btwLIq-2FmY13pRbgcqAtDZxOEK4iXXLj4JKulRzNVL-2FX-2BQ1ZZtyzzOh4oWVhOxkyCBXuDmS3sx7ernIPGVQlUKFFfTfDCBw-2FHsFdljPb2U5GuDA-3D-3D
|
|||
|
https://connect.intuit.com/t/scs-v1-2ab5cd5cd4e3402db0c5a761f4ae4bcf2852cd012d7943b6aeab2470b3f0cb2880e489ebbbcb4d028a58f9c0c065f767?cta=viewinvoicenow&locale=fr_CA
|
|||
|
file:///C:/Users/user/Downloads/downloaded.htm
|
|||
|
file:///C:/Users/user/Downloads/Invoice%206979.pdf
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
d296je7bbdd650.cloudfront.net
|
99.86.8.175
|
||
|
c45-prod.qbomono3prdusw2.iks2.a.intuit.com
|
52.10.99.91
|
||
|
d3tatcadpk4130.cloudfront.net
|
18.245.86.37
|
||
|
edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
217.20.57.18
|
||
|
www.google.com
|
216.58.206.36
|
||
|
eventbus.a.intuit.com
|
54.212.216.207
|
||
|
prd-sb04.apigwsbgprdusw2.iks2.a.intuit.com
|
44.237.71.22
|
||
|
static.cns-icn-prod.a.intuit.com
|
143.204.215.109
|
||
|
platformexps-prd-sentry-io-stable.qbcapitalprdusw2.iks2.a.intuit.com
|
54.188.68.255
|
||
|
connect.intuit.com
|
unknown
|
||
|
cdn.segment.com
|
unknown
|
||
|
prd.sentry-io.a.intuit.com
|
unknown
|
||
|
quickbooks.intuit.com
|
unknown
|
||
|
c45.qbo.intuit.com
|
unknown
|
||
|
links.notification.intuit.com
|
unknown
|
||
|
eventbus.intuit.com
|
unknown
|
There are 6 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
143.204.215.15
|
unknown
|
United States
|
||
|
216.58.212.142
|
unknown
|
United States
|
||
|
44.237.71.22
|
prd-sb04.apigwsbgprdusw2.iks2.a.intuit.com
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
104.102.39.52
|
unknown
|
United States
|
||
|
216.58.206.36
|
www.google.com
|
United States
|
||
|
74.125.206.84
|
unknown
|
United States
|
||
|
143.204.215.109
|
static.cns-icn-prod.a.intuit.com
|
United States
|
||
|
54.203.158.98
|
unknown
|
United States
|
||
|
143.204.215.105
|
unknown
|
United States
|
||
|
54.212.216.207
|
eventbus.a.intuit.com
|
United States
|
||
|
142.250.184.200
|
unknown
|
United States
|
||
|
142.250.74.195
|
unknown
|
United States
|
||
|
18.245.86.49
|
unknown
|
United States
|
||
|
172.217.16.200
|
unknown
|
United States
|
||
|
142.250.185.67
|
unknown
|
United States
|
||
|
142.250.185.68
|
unknown
|
United States
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
142.250.185.132
|
unknown
|
United States
|
||
|
142.250.185.232
|
unknown
|
United States
|
||
|
52.10.179.17
|
unknown
|
United States
|
||
|
142.250.185.136
|
unknown
|
United States
|
||
|
35.81.211.39
|
unknown
|
United States
|
||
|
52.10.125.144
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
52.10.99.91
|
c45-prod.qbomono3prdusw2.iks2.a.intuit.com
|
United States
|
||
|
54.188.68.255
|
platformexps-prd-sentry-io-stable.qbcapitalprdusw2.iks2.a.intuit.com
|
United States
|
||
|
99.86.8.175
|
d296je7bbdd650.cloudfront.net
|
United States
|
||
|
18.245.86.37
|
d3tatcadpk4130.cloudfront.net
|
United States
|
There are 19 hidden IPs, click here to show them.