Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 18 15:03:49 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 18 15:03:48 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 18 15:03:48 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 18 15:03:49 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 18 15:03:48 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 73
|
ASCII text, with very long lines (4199)
|
downloaded
|
||
|
Chrome Cache Entry: 74
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 75
|
ASCII text, with very long lines (16331)
|
downloaded
|
||
|
Chrome Cache Entry: 76
|
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
ASCII text, with very long lines (1299)
|
downloaded
|
||
|
Chrome Cache Entry: 78
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 79
|
ASCII text, with very long lines (467)
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
HTML document, ASCII text, with very long lines (682)
|
downloaded
|
||
|
Chrome Cache Entry: 81
|
ASCII text, with very long lines (574)
|
downloaded
|
||
|
Chrome Cache Entry: 82
|
ASCII text, with very long lines (1631)
|
downloaded
|
||
|
Chrome Cache Entry: 83
|
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 84
|
ASCII text, with very long lines (405)
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
ASCII text, with very long lines (2360)
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
ASCII text, with very long lines (777)
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
Web Open Font Format (Version 2), TrueType, length 34108, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
|
dropped
|
||
|
Chrome Cache Entry: 91
|
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
ASCII text, with very long lines (693)
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
ASCII text, with very long lines (826)
|
downloaded
|
There are 19 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://drive.google.com/file/d/1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK/view?usp=drive_web
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1968,i,10306904159934872365,8732775641730289021,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US
--service-sandbox-type=audio --mojo-platform-channel-handle=5860 --field-trial-handle=1968,i,10306904159934872365,8732775641730289021,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService
--lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 --field-trial-handle=1968,i,10306904159934872365,8732775641730289021,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://drive.google.com/file/d/1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK/view?usp=drive_web
|
|||
|
https://play.google/intl/
|
unknown
|
||
|
https://families.google.com/intl/
|
unknown
|
||
|
https://drive.google.com/file/d/1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK/view?usp=drive_web
|
142.251.32.110
|
||
|
https://youtube.com/t/terms?gl=
|
unknown
|
||
|
https://policies.google.com/technologies/location-data
|
unknown
|
||
|
https://www.google.com/intl/
|
unknown
|
||
|
https://apis.google.com/js/api.js
|
unknown
|
||
|
https://policies.google.com/privacy/google-partners
|
unknown
|
||
|
https://play.google.com/work/enroll?identifier=
|
unknown
|
||
|
https://policies.google.com/terms/service-specific
|
unknown
|
||
|
https://g.co/recover
|
unknown
|
||
|
https://policies.google.com/privacy/additional
|
unknown
|
||
|
https://support.google.com/websearch/answer/4358949?hl=ko&ref_topic=3285072
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true&authuser=0
|
142.250.80.78
|
||
|
https://policies.google.com/technologies/cookies
|
unknown
|
||
|
https://www.google.com/favicon.ico
|
142.250.176.196
|
||
|
https://policies.google.com/terms
|
unknown
|
||
|
https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://policies.google.com/privacy/additional/embedded?gl=kr
|
unknown
|
||
|
https://policies.google.com/terms/location/embedded
|
unknown
|
||
|
https://www.youtube.com/t/terms?chromeless=1&hl=
|
unknown
|
||
|
https://support.google.com/accounts?hl=
|
unknown
|
||
|
https://policies.google.com/privacy
|
unknown
|
||
|
https://apis.google.com/js/rpc:shindig_random.js?onload=credentialservice.postMessage
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www3.l.google.com
|
142.251.40.110
|
||
|
play.google.com
|
142.251.40.206
|
||
|
drive.google.com
|
142.251.32.110
|
||
|
www.google.com
|
142.250.176.196
|
||
|
accounts.youtube.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.176.196
|
www.google.com
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
142.250.80.78
|
unknown
|
United States
|
||
|
142.251.40.110
|
www3.l.google.com
|
United States
|
||
|
142.250.65.228
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.251.32.110
|
drive.google.com
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&followup=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&ifkv=ARZ0qKKavMhOQ-HyvuKYYY45Y7S_CarEknIP8iHp3F0CWpAZog1FgautTRErLWzebjyiEouCTGkhSw&osid=1&passive=1209600&service=wise&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1425233530%3A1710777828673440&theme=glif&ddm=0
|
||
|
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&followup=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&ifkv=ARZ0qKKavMhOQ-HyvuKYYY45Y7S_CarEknIP8iHp3F0CWpAZog1FgautTRErLWzebjyiEouCTGkhSw&osid=1&passive=1209600&service=wise&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1425233530%3A1710777828673440&theme=glif&ddm=0
|
||
|
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&followup=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&ifkv=ARZ0qKKavMhOQ-HyvuKYYY45Y7S_CarEknIP8iHp3F0CWpAZog1FgautTRErLWzebjyiEouCTGkhSw&osid=1&passive=1209600&service=wise&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1425233530%3A1710777828673440&theme=glif&ddm=0
|
||
|
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&followup=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&ifkv=ARZ0qKKavMhOQ-HyvuKYYY45Y7S_CarEknIP8iHp3F0CWpAZog1FgautTRErLWzebjyiEouCTGkhSw&osid=1&passive=1209600&service=wise&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1425233530%3A1710777828673440&theme=glif&ddm=0
|
||
|
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&followup=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1EcfofnbJ1aLT-vZLRwSqxzMU8y2WLGHK%2Fview%3Fusp%3Ddrive_web&ifkv=ARZ0qKKavMhOQ-HyvuKYYY45Y7S_CarEknIP8iHp3F0CWpAZog1FgautTRErLWzebjyiEouCTGkhSw&osid=1&passive=1209600&service=wise&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1425233530%3A1710777828673440&theme=glif&ddm=0
|
||
|
https://accounts.google.com/_/bscframe
|
||
|
https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-1330798873×tamp=1710777831580
|