IOC Report
https://www.hyphensolutions.com/MH2Supply/login.asp

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 13:16:11 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 13:16:11 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 09:23:19 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 13:16:11 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 13:16:11 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 13:16:11 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 112
PNG image data, 239 x 82, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 113
HTML document, ISO-8859 text, with very long lines (580), with CRLF line terminators
downloaded
Chrome Cache Entry: 114
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 115
PNG image data, 239 x 82, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 116
ASCII text, with very long lines (14037), with CRLF line terminators
downloaded
Chrome Cache Entry: 117
GIF image data, version 89a, 1692 x 400
dropped
Chrome Cache Entry: 118
PNG image data, 132 x 144, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 119
PNG image data, 132 x 144, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 120
HTML document, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 121
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 122
PNG image data, 139 x 60, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 123
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 124
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 125
ASCII text, with very long lines (32009), with CRLF line terminators
downloaded
Chrome Cache Entry: 126
PNG image data, 1449 x 714, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 127
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 128
GIF image data, version 89a, 17 x 13
dropped
Chrome Cache Entry: 129
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 130
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 131
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 132
HTML document, ISO-8859 text, with very long lines (580), with CRLF line terminators
downloaded
Chrome Cache Entry: 133
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 134
PNG image data, 1449 x 714, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 135
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 136
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 137
GIF image data, version 89a, 1692 x 400
downloaded
Chrome Cache Entry: 138
HTML document, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 139
PNG image data, 139 x 60, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 140
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 141
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 142
GIF image data, version 89a, 17 x 13
downloaded
There are 28 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.hyphensolutions.com/MH2Supply/login.asp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1976,i,3853618088242251895,18221025706536362991,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

URLs

Name
IP
Malicious
https://www.hyphensolutions.com/MH2Supply/login.asp
http://www.it97.de/JavaScript/JS_tutorial/bstat/Browseraol.html
unknown
http://jquery.org/license
unknown
https://www.youtube.com/channel/UC5i1aEzMWoRSw2hgr4g7z9Q
unknown
http://api.jqueryui.com/tooltip/
unknown
http://bugs.jquery.com/ticket/9413)
unknown
http://www.it97.de/JavaScript/JS_tutorial/bstat/navobj.html
unknown
https://www.hyphensolutions.com/MH2Supply/images/instagram-icon_30x30.png
204.75.13.150
http://bugs.jquery.com/ticket/9413
unknown
http://api.jqueryui.com/category/ui-core/
unknown
http://jqueryui.com
unknown
https://www.hyphensolutions.com/MH2Supply/images/follow_us.png
204.75.13.150
http://api.jqueryui.com/position/
unknown
https://twitter.com/hyphensolutions?lang=en
unknown
https://www.linkedin.com/company/hyphen-solutions/
unknown
https://www.hyphensolutions.com/info/support/Supply/SPInspections.PNG
204.75.13.150
https://www.hyphensolutions.com/info/support/BuildPro/hyphen-banner-gif-v2
unknown
http://api.jqueryui.com/jQuery.widget/
unknown
http://jqueryui.com/themeroller/?ffDefault=Arial%2CHelvetica%2Csans-serif&fsDefault=1em&fwDefault=no
unknown
https://www.hyphensolutions.com/MH2Supply//Stylesheet/tooltip.css?
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/images/helpdesk-man.png
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/login.asp
https://www.hyphensolutions.com/info/support/supply/Hyphen_University/Videos/SP_How_to_View_Your_Acc
unknown
https://www.hyphensolutions.com/MH2Supply/xt_login.asp
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/images/SuuplyProFullColor-WhiteBkgrd.png
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/images/twitter-icon_30x30.png
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/stylesheet/
unknown
https://www.hyphensolutions.com/MH2Supply/Script/jquery-1.10.2.min.js?
204.75.13.150
https://www.youtube.com/watch?v=UNvNgS0K6ZY
unknown
https://www.hyphensolutions.com/MH2Supply/Script/jquery-ui-tooltip.js?
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/images/linkedin-icon_30x30.png
204.75.13.150
http://bugs.jquery.com/ticket/8235
unknown
https://www.instagram.com/hyphensolutions/
unknown
http://ns.attribution.com/ads/1.0/
unknown
https://www.hyphensolutions.com/TradeFinder?wa=wsignoutcleanup1.0
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/stylesheet/ns.css
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/Login.asp?errcode=1004&user%5Fname=test&DM1Redir=
https://www.hyphensolutions.com/info/support/BuildPro/hyphen-banner-gif-v2@400.gif
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/library/browserType.js
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/images/facebook-icon_30x30.png
204.75.13.150
https://www.hyphensolutions.com/MH2Supply/images/youtube-icon_30x30.png
204.75.13.150
https://www.hyphensolutions.com/favicon.ico
204.75.13.150
https://www2.hyphensolutions.com/l/987052/2022-09-26/txl6r
unknown
There are 32 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
www.hyphensolutions.com
204.75.13.150
www.google.com
142.251.163.147

IPs

IP
Domain
Country
Malicious
239.255.255.250
unknown
Reserved
204.75.13.150
www.hyphensolutions.com
United States
192.168.2.18
unknown
unknown
142.251.163.147
www.google.com
United States

DOM / HTML

URL
Malicious
https://www.hyphensolutions.com/MH2Supply/login.asp
https://www.hyphensolutions.com/MH2Supply/Login.asp?errcode=1004&user%5Fname=test&DM1Redir=