Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
ABvECwUx7cIoZf77BAImyDjWWao.htm
|
HTML document, ASCII text, with very long lines (64676)
|
initial sample
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 20:36:58 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 20:36:58 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 20:36:58 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 20:36:58 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 20:36:58 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
file:///C:/Users/user/Desktop/ABvECwUx7cIoZf77BAImyDjWWao.htm
|
|||
https://s.yimg.com/jk/gtm/gtm_ns.html?id=GTM-NVQTVCX&type=yahoo&cat=ybarcta1
|
|||
https://apis.mail.yahoo.com/ws/v3/mailboxes/@.id==VjN-VIN1UYKhjyOZo9WFPuRwQgeDSgPBkk-eza0YMYG1Ojt5dPKV5_CKjYlIbF_zQK93ThvOwSf3J2bcSTBQuCztSw/messages/@.id==ABvECwUx7cIoZf77BAImyDjWWao/content/parts/@.id==2/refresh?appid=YMailNorrinLaunch&ymreqid=d297ba82-e7b9-3a1f-1c80-cb0000011d00
|
|||
about:blank
|
|||
https://8867627.fls.doubleclick.net/activityi;dc_pre=CPHz-Zb1l4UDFVkydgYd5NgJmA;src=8867627;type=yahoo;cat=ybarcta1;ord=5593558338353;gdpr_consent=tcunavailable;npa=0;ps=1;pcor=341983465;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43r0z8810241813za201;gcs=G1--;gcd=13l3l3l3l5;dma=0;tcfd=10004;epver=2;~oref=https%3A%2F%2Fs.yimg.com%2Fjk%2Fgtm%2Fgtm_ns.html%3Fid%3DGTM-NVQTVCX%26type%3Dyahoo%26cat%3Dybarcta1?
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
dart.l.doubleclick.net
|
172.253.62.148
|
||
alb-ext-ingress-group-95161440.us-east-1.elb.amazonaws.com
|
3.226.230.184
|
||
prod-rotation-v2.guce.aws.oath.cloud
|
52.2.116.152
|
||
ad.doubleclick.net
|
142.251.163.149
|
||
ds-ats.member.g02.yahoodns.net
|
67.195.204.151
|
||
adservice.google.com
|
172.253.62.154
|
||
cs550162656.adn.psicdn.net
|
152.195.55.192
|
||
googleads.g.doubleclick.net
|
142.251.111.155
|
||
me-ycpi-cf-www.g06.yahoodns.net
|
69.147.92.11
|
||
www.google.com
|
142.251.16.147
|
||
prod-ash-beacon-1960876484.us-east-1.elb.amazonaws.com
|
44.218.79.153
|
||
edge.gycpi.b.yahoodns.net
|
69.147.92.12
|
||
cs964199420.wpc.mucdn.net
|
152.199.24.48
|
||
consent.cmp.oath.com
|
unknown
|
||
edge-mcdn.secure.yahoo.com
|
unknown
|
||
opus.analytics.yahoo.com
|
unknown
|
||
s.yimg.com
|
unknown
|
||
www.yahoo.com
|
unknown
|
||
beacon.krxd.net
|
unknown
|
||
jsapi.login.yahoo.com
|
unknown
|
||
guce.yahoo.com
|
unknown
|
||
events.xg4ken.com
|
unknown
|
||
8867627.fls.doubleclick.net
|
unknown
|
||
apis.mail.yahoo.com
|
unknown
|
There are 14 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
172.253.62.154
|
adservice.google.com
|
United States
|
||
142.251.111.155
|
googleads.g.doubleclick.net
|
United States
|
||
172.253.122.148
|
unknown
|
United States
|
||
1.1.1.1
|
unknown
|
Australia
|
||
152.199.24.48
|
cs964199420.wpc.mucdn.net
|
United States
|
||
152.195.55.192
|
cs550162656.adn.psicdn.net
|
United States
|
||
142.251.16.147
|
www.google.com
|
United States
|
||
67.195.204.151
|
ds-ats.member.g02.yahoodns.net
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
142.251.163.155
|
unknown
|
United States
|
||
69.147.92.12
|
edge.gycpi.b.yahoodns.net
|
United States
|
||
69.147.92.11
|
me-ycpi-cf-www.g06.yahoodns.net
|
United States
|
||
172.253.122.147
|
unknown
|
United States
|
||
142.251.163.149
|
ad.doubleclick.net
|
United States
|
||
142.251.16.138
|
unknown
|
United States
|
||
142.251.167.94
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
44.218.79.153
|
prod-ash-beacon-1960876484.us-east-1.elb.amazonaws.com
|
United States
|
||
142.251.16.97
|
unknown
|
United States
|
||
142.251.179.148
|
unknown
|
United States
|
||
52.2.116.152
|
prod-rotation-v2.guce.aws.oath.cloud
|
United States
|
||
3.226.230.184
|
alb-ext-ingress-group-95161440.us-east-1.elb.amazonaws.com
|
United States
|
||
172.253.62.148
|
dart.l.doubleclick.net
|
United States
|
||
172.253.115.84
|
unknown
|
United States
|
There are 14 hidden IPs, click here to show them.