IOC Report
https://sites.google.com/view/busch-vacuum/home

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 101
PNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced
dropped
Chrome Cache Entry: 102
Web Open Font Format (Version 2), TrueType, length 47048, version 1.0
downloaded
Chrome Cache Entry: 103
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 104
ASCII text, with very long lines (580)
downloaded
Chrome Cache Entry: 105
PNG image data, 93 x 72, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 106
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Mockup image of male hands using a laptop computer and holing a smart phone both with blank white screens. Focus on the index f, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=141, yresolution=149, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:07:25 12:37:24], baseline, precision 8, 5472x3648, components 3
downloaded
Chrome Cache Entry: 107
ASCII text
downloaded
Chrome Cache Entry: 108
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 109
Web Open Font Format (Version 2), TrueType, length 34108, version 1.0
downloaded
Chrome Cache Entry: 110
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 111
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
dropped
Chrome Cache Entry: 112
ASCII text, with very long lines (1505)
downloaded
Chrome Cache Entry: 113
ASCII text, with very long lines (2265)
downloaded
Chrome Cache Entry: 114
ASCII text, with very long lines (2056)
downloaded
Chrome Cache Entry: 115
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
downloaded
Chrome Cache Entry: 116
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 117
Web Open Font Format (Version 2), TrueType, length 20028, version 1.0
downloaded
Chrome Cache Entry: 118
ASCII text, with very long lines (383)
downloaded
Chrome Cache Entry: 119
ASCII text, with very long lines (1283)
downloaded
Chrome Cache Entry: 120
ASCII text, with very long lines (1851)
downloaded
Chrome Cache Entry: 121
ASCII text, with very long lines (32065)
downloaded
Chrome Cache Entry: 74
PNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced
downloaded
Chrome Cache Entry: 75
Web Open Font Format (Version 2), TrueType, length 45300, version 1.0
downloaded
Chrome Cache Entry: 76
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 77
PNG image data, 93 x 72, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 78
ASCII text, with very long lines (38991)
downloaded
Chrome Cache Entry: 79
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 80
ASCII text, with very long lines (1163)
downloaded
Chrome Cache Entry: 81
HTML document, ASCII text
downloaded
Chrome Cache Entry: 82
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 83
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 84
HTML document, ASCII text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 85
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
dropped
Chrome Cache Entry: 86
ASCII text
downloaded
Chrome Cache Entry: 87
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Mockup image of male hands using a laptop computer and holing a smart phone both with blank white screens. Focus on the index f, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=141, yresolution=149, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:07:25 12:37:24], baseline, precision 8, 5472x3648, components 3
dropped
Chrome Cache Entry: 88
PNG image data, 72 x 39, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 89
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 90
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 91
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 92
ASCII text, with very long lines (50758)
downloaded
Chrome Cache Entry: 93
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 94
ASCII text, with very long lines (546)
downloaded
Chrome Cache Entry: 95
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 96
PNG image data, 72 x 39, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 97
HTML document, ASCII text, with very long lines (4020)
downloaded
Chrome Cache Entry: 98
ASCII text, with very long lines (7043), with no line terminators
downloaded
Chrome Cache Entry: 99
ASCII text, with very long lines (65536), with no line terminators
downloaded
There are 39 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1984,i,8483475906506789809,10319773719344864098,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sites.google.com/view/busch-vacuum/home

URLs

Name
IP
Malicious
https://sites.google.com/view/busch-vacuum/home
malicious
https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786#
malicious
https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786
malicious
https://allmysonscom.top/
malicious
https://scriptz.corp.google.com/
unknown
https://apis.google.com/js/client.js
unknown
https://allmysonscom.top/1
104.21.51.145
https://allmysonscom.top/jq/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c1
104.21.51.145
https://nowlifestyle.com/redir.php?k
unknown
https://accounts.google.com/o/oauth2/iframe
unknown
https://www.google.com/log?format=json&hasfast=true
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85474485de6744e2
104.17.3.184
https://console.developers.google.com/
unknown
https://accounts.google.com/o/oauth2/postmessageRelay
unknown
https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
unknown
https://nowlifestyle.com/redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://allmysonscom.top
199.116.250.99
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/854744532923b0b1/1707766445864/145450f9f29a437153a4db87001c50914e532129640eb0e34670b650d28dc54a/9uVA9OYt25Qd1Gt
104.17.3.184
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=854744532923b0b1
104.17.3.184