IOC Report
https://teams.microsoft.com/l/chat/0/0?users=carsten.deussing@onlyfy.com

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 56
ASCII text, with very long lines (4212)
downloaded
Chrome Cache Entry: 57
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 58
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 59
JSON data
dropped
Chrome Cache Entry: 60
ASCII text, with very long lines (65449)
downloaded
Chrome Cache Entry: 61
JSON data
dropped
Chrome Cache Entry: 62
ASCII text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 63
MS Windows icon resource - 8 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
dropped
Chrome Cache Entry: 64
HTML document, Unicode text, UTF-8 text, with very long lines (17406), with no line terminators
downloaded
Chrome Cache Entry: 65
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 66
JSON data
dropped
Chrome Cache Entry: 67
MS Windows icon resource - 8 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
downloaded
Chrome Cache Entry: 68
MS Windows icon resource - 8 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
dropped
Chrome Cache Entry: 69
MS Windows icon resource - 8 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
downloaded
Chrome Cache Entry: 70
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 71
JSON data
dropped
There are 7 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2544 --field-trial-handle=2520,i,11192264535299303106,5018731688277403197,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://teams.microsoft.com/l/chat/0/0?users=carsten.deussing@onlyfy.com"

URLs

Name
IP
Malicious
https://teams.microsoft.com/l/chat/0/0?users=carsten.deussing@onlyfy.com
http://creativecommons.org/publicdomain/zero/1.0/
unknown
http://underscorejs.org/
unknown
https://js.foundation/
unknown
https://github.com/lodash/lodash
unknown

Domains

Name
IP
Malicious
www.google.com
142.251.16.104
s-0005.dual-s-msedge.net
52.123.128.14

IPs

IP
Domain
Country
Malicious
142.251.16.104
www.google.com
United States
192.168.2.7
unknown
unknown
192.168.2.4
unknown
unknown
52.123.129.14
unknown
United States
52.123.128.14
s-0005.dual-s-msedge.net
United States
239.255.255.250
unknown
Reserved

DOM / HTML

URL
Malicious
https://teams.microsoft.com/dl/launcher/launcher.html?url=%2F_%23%2Fl%2Fchat%2F0%2F0%3Fusers%3Dcarsten.deussing%40onlyfy.com&type=chat&deeplinkId=ad8ab334-1102-4686-8081-cb1a1583c8e4&directDl=true&msLaunch=true&enableMobilePage=true&suppressPrompt=true
https://teams.microsoft.com/dl/launcher/attribution.txt