Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
municipal-parking-ticket9092495.pdf
|
PDF document, version 1.6, 0 pages
|
initial sample
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\53b22a07-24f0-4fe1-8ff8-423ad9c64674.tmp
|
JSON data
|
modified
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240329085927Z-188.bmp
|
PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4,
UTF-8, version-valid-for 15
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 25
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache64.bin
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\MSI40f2c.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-03-29 09-59-24-712.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrocef_low\043bc7ae-1fff-4f94-b886-a47b89f539ae.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 647360
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrocef_low\3e6fe24f-af9c-45ec-9c89-0bb7f332abf4.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrocef_low\8631bdf7-1ff4-46cc-bff7-48cb6718d1a9.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrocef_low\89b6f98d-2e68-4308-a56d-ea59b5ee526c.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
Chrome Cache Entry: 178
|
Web Open Font Format (Version 2), TrueType, length 9344, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 179
|
PNG image data, 250 x 35, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 180
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 181
|
ASCII text, with very long lines (1572)
|
downloaded
|
||
Chrome Cache Entry: 182
|
HTML document, ASCII text, with very long lines (18403), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 183
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 184
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 185
|
Web Open Font Format (Version 2), TrueType, length 17576, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 186
|
Web Open Font Format (Version 2), TrueType, length 7728, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 187
|
ASCII text, with very long lines (65371)
|
downloaded
|
||
Chrome Cache Entry: 188
|
Web Open Font Format (Version 2), TrueType, length 8572, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 189
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 190
|
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 191
|
Web Open Font Format (Version 2), TrueType, length 15368, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 192
|
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 193
|
Web Open Font Format (Version 2), TrueType, length 18668, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 194
|
HTML document, Unicode text, UTF-8 text, with very long lines (2164)
|
downloaded
|
||
Chrome Cache Entry: 195
|
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 196
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 197
|
Web Open Font Format (Version 2), TrueType, length 11116, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 198
|
PNG image data, 250 x 35, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 199
|
HTML document, ASCII text, with very long lines (459)
|
downloaded
|
||
Chrome Cache Entry: 200
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 201
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 202
|
Unicode text, UTF-8 text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 203
|
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
|
downloaded
|
There are 58 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\municipal-parking-ticket9092495.pdf"
|
||
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log"
--mojo-platform-channel-handle=2100 --field-trial-handle=1352,i,17440810105437182178,13092006359344771328,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://spamchallenge.msftemail.com/XdUlMRDdER0g2RlVSZXdZRUU5Qk5JQ0ZQZ1J4UW9PR0FFRjZ2OGFiMkVNUnlGa2RMRlFIa3lhYUtQTmNPMEhISzhVSFl3b0FaMWVOMGdad1dHZitpR0JzbnhYN3Fuak8reXk5bEZaZ1BBaEFIVjlOaEcxUDNTc1VDaWlkLzk5Rkk5NGEyUzlDOTlOVjFBanNZQ3lyUW1oZzBjM3h0TjNKVTYvY1ltMERQOWNJQ3lEVUU4OHFjYUV4U1V3TWpTS2ZHZ2U4YUNBSStRZStEVFFxcG5Hbz0tLStFMXRmYjViQTV3UVhMMEktLURoTlc0R21HWGNEMVg5c09BbGt1VHc9PQ==?cid=1972121800"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=1908,i,5920951951954005384,6651277585814174029,262144
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://jqueryui.com/menu/
|
unknown
|
||
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
|
104.17.24.14
|
||
https://www.ecma-international.org/news/TC45_current_work/Office%20Open%20XML%20Part%204%20-%20Marku
|
unknown
|
||
http://api.jqueryui.com/slide-effect/
|
unknown
|
||
https://github.com/moment/moment/issues/1423
|
unknown
|
||
http://jqueryui.com/accordion/
|
unknown
|
||
http://api.jqueryui.com/data-selector/
|
unknown
|
||
https://secured-login.net/assets/sei-tooltip-1ae0d1e9729436272a0cdfaf2325f9aacea7d6f89787d08056eda54a1910752d.css
|
44.196.126.127
|
||
https://chmln.github.io/flatpickr/examples/#flatpickr-external-elements
|
unknown
|
||
http://stackoverflow.com/a/32954565/96342
|
unknown
|
||
https://code.google.com/p/chromium/issues/detail?id=378607
|
unknown
|
||
http://stackoverflow.com/a/26707753
|
unknown
|
||
https://github.com/jquery/jquery-color
|
unknown
|
||
http://jqueryui.com/position/
|
unknown
|
||
http://api.jqueryui.com/jQuery.widget/
|
unknown
|
||
http://blog.jquery.com/2012/08/09/jquery-1-8-released/
|
unknown
|
||
http://api.jqueryui.com/focusable-selector/
|
unknown
|
||
http://pdfmake.org
|
unknown
|
||
https://bugzilla.mozilla.org/show_bug.cgi?id=561664
|
unknown
|
||
http://dev.w3.org/csswg/cssom/#resolved-values
|
unknown
|
||
https://bugs.webkit.org/show_bug.cgi?id=107380
|
unknown
|
||
https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
|
unknown
|
||
http://www.apache.org/licenses/LICENSE-2.0)
|
unknown
|
||
https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
|
unknown
|
||
http://api.jqueryui.com/button/
|
unknown
|
||
http://getbootstrap.com)
|
unknown
|
||
https://bugzilla.mozilla.org/show_bug.cgi?id=687787
|
unknown
|
||
https://blog.alexmaccaw.com/css-transitions
|
unknown
|
||
http://www.datatables.net
|
unknown
|
||
https://github.com/bassjobsen/Bootstrap-3-Typeahead
|
unknown
|
||
https://getbootstrap.com/docs/3.4/javascript/#transitions
|
unknown
|
||
http://api.jqueryui.com/size-effect/
|
unknown
|
||
https://secured-login.net/assets/application-b8fb25919f68be551e6730684a8ed34bc7dd2dac142e7cc51ebf7b09c48546d5.js
|
44.196.126.127
|
||
http://momentjs.com/guides/#/warnings/zone/
|
unknown
|
||
http://bugs.jquery.com/ticket/12359
|
unknown
|
||
http://api.jqueryui.com/uniqueId/
|
unknown
|
||
http://creativecommons.org/licenses/by/3.0/)
|
unknown
|
||
http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
|
unknown
|
||
http://api.jqueryui.com/checkboxradio/
|
unknown
|
||
https://bugzilla.mozilla.org/show_bug.cgi?id=649285
|
unknown
|
||
https://getbootstrap.com/docs/3.4/javascript/#tooltip
|
unknown
|
||
https://github.com/twbs/bootstrap/issues/20280
|
unknown
|
||
http://jqueryui.com/slider/
|
unknown
|
||
https://getbootstrap.com/docs/3.4/javascript/#modals
|
unknown
|
||
http://api.jqueryui.com/disableSelection/
|
unknown
|
||
https://code.google.com/p/chromium/issues/detail?id=313082
|
unknown
|
||
http://jqueryui.com/controlgroup/
|
unknown
|
||
https://stackoverflow.com/q/181348
|
unknown
|
||
https://getbootstrap.com/docs/3.4/javascript/#collapse
|
unknown
|
||
http://www.macromedia.com/go/getflashplayer
|
unknown
|
||
https://getbootstrap.com/docs/3.4/javascript/#scrollspy
|
unknown
|
||
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
http://flightschool.acylt.com/devnotes/caret-position-woes/
|
unknown
|
||
http://api.jqueryui.com/transfer-effect/
|
unknown
|
||
https://github.com/rails/jquery-ujs
|
unknown
|
||
https://secured-login.net/assets/sei-modal-298c1edd0166bef9cbaf6b85083b95d5819753f027d6a841658c738f21e84e49.css
|
44.196.126.127
|
||
https://bugzilla.mozilla.org/show_bug.cgi?id=491668
|
unknown
|
||
http://www.robertpenner.com/easing)
|
unknown
|
||
http://momentjs.com/guides/#/warnings/min-max/
|
unknown
|
||
http://jqueryui.com/datepicker/
|
unknown
|
||
Http://bugs.jqueryui.com/ticket/9446
|
unknown
|
||
https://code.google.com/p/chromium/issues/detail?id=470258
|
unknown
|
||
https://npms.io/search?q=ponyfill.
|
unknown
|
||
http://api.jqueryui.com/drop-effect/
|
unknown
|
||
https://spamchallenge.msftemail.com/XaXR2aElpOEEyS3ROQ3o0YmZoZEFhcXEycXB1eWJXTHNHSVhwcGlCN3ZNQVJwbzR
|
unknown
|
||
https://secured-login.net/favicon.ico
|
44.196.126.127
|
||
http://datatables.net/license
|
unknown
|
||
http://jsperf.com/getall-vs-sizzle/2
|
unknown
|
||
https://github.com/jquery/jquery/blob/e539bac79e666bba95bba86d690b4e609dca2286/src/selector/escapeSe
|
unknown
|
||
https://getbootstrap.com/docs/3.4/javascript/#buttons
|
unknown
|
||
https://github.com/jquery/jquery/pull/557)
|
unknown
|
||
http://api.jqueryui.com/menu/
|
unknown
|
||
http://jqueryui.com/checkboxradio/
|
unknown
|
||
https://getbootstrap.com/docs/3.4/javascript/#alerts
|
unknown
|
||
http://api.jqueryui.com/controlgroup/
|
unknown
|
||
http://jqueryui.com/widget/
|
unknown
|
||
http://momentjs.com/guides/#/warnings/define-locale/
|
unknown
|
||
http://api.jqueryui.com/category/effects-core/
|
unknown
|
||
https://secured-login.net/assets/modernizr-654222debe8018b12f1993ceddff30dc163a7d5008d79869c399d6d167321f97.js
|
44.196.126.127
|
||
http://api.jqueryui.com/dialog/
|
unknown
|
||
http://jqueryui.com/tooltip/
|
unknown
|
||
http://api.jqueryui.com/selectmenu/
|
unknown
|
||
https://secured-login.net/pages/0f69d9d6917891c88b56d51c66748acb/XdUlMRDdER0g2RlVSZXdZRUU5Qk5JQ0ZQZ1J4UW9PR0FFRjZ2OGFiMkVNUnlGa2RMRlFIa3lhYUtQTmNPMEhISzhVSFl3b0FaMWVOMGdad1dHZitpR0JzbnhYN3Fuak8reXk5bEZaZ1BBaEFIVjlOaEcxUDNTc1VDaWlkLzk5Rkk5NGEyUzlDOTlOVjFBanNZQ3lyUW1oZzBjM3h0TjNKVTYvY1ltMERQOWNJQ3lEVUU4OHFjYUV4U1V3TWpTS2ZHZ2U4YUNBSStRZStEVFFxcG5Hbz0tLStFMXRmYjViQTV3UVhMMEktLURoTlc0R21HWGNEMVg5c09BbGt1VHc9PQ==
|
|||
http://api.jqueryui.com/shake-effect/
|
unknown
|
||
https://github.com/Microsoft/tslib/blob/v1.6.0/tslib.js
|
unknown
|
||
http://api.jqueryui.com/jQuery.ui.keyCode/
|
unknown
|
||
https://getbootstrap.com/)
|
unknown
|
||
https://modernizr.com/)
|
unknown
|
||
http://momentjs.com/guides/#/warnings/dst-shifted/
|
unknown
|
||
https://tools.ietf.org/html/rfc2822#section-3.3
|
unknown
|
||
https://i.imgur.com/QRF01zv.png
|
146.75.28.193
|
||
http://api.jqueryui.com/bounce-effect/
|
unknown
|
||
http://api.jquery.com/jQuery.ajax/)
|
unknown
|
||
https://github.com/moment/moment/blob/2.18.1/src/lib/moment/format.js#L22
|
unknown
|
||
http://bugs.jquery.com/ticket/13378
|
unknown
|
||
https://spamchallenge.msftemail.com/XdUlMRDdER0g2RlVSZXdZRUU5Qk5JQ0ZQZ1J4UW9PR0FFRjZ2OGFiMkVNUnlGa2R
|
unknown
|
||
http://jsperf.com/thor-indexof-vs-for/5
|
unknown
|
||
https://github.com/jashkenas/underscore/blob/1.6.0/underscore.js#L714
|
unknown
|
||
https://github.com/jdewit/bootstrap-timepicker/graphs/contributors
|
unknown
|
||
https://getbootstrap.com/docs/3.4/javascript/#tabs
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
s3.amazonaws.com
|
52.216.93.13
|
||
static.knowbe4.com
|
99.84.208.62
|
||
cdnjs.cloudflare.com
|
104.17.24.14
|
||
www.google.com
|
142.251.167.105
|
||
secured-login.net
|
44.196.126.127
|
||
landing.training.knowbe4.com
|
44.196.126.127
|
||
ipv4.imgur.map.fastly.net
|
146.75.28.193
|
||
i.imgur.com
|
unknown
|
||
spamchallenge.msftemail.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
44.196.126.127
|
secured-login.net
|
United States
|
||
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
99.84.208.62
|
static.knowbe4.com
|
United States
|
||
52.216.93.13
|
s3.amazonaws.com
|
United States
|
||
54.237.54.171
|
unknown
|
United States
|
||
142.251.167.105
|
www.google.com
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
23.45.148.189
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
146.75.28.193
|
ipv4.imgur.map.fastly.net
|
Sweden
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sAssetId
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
bisSharedFile
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uFileSize
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uPageCount
|
There are 8 hidden registries, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://secured-login.net/pages/0f69d9d6917891c88b56d51c66748acb/XdUlMRDdER0g2RlVSZXdZRUU5Qk5JQ0ZQZ1J4UW9PR0FFRjZ2OGFiMkVNUnlGa2RMRlFIa3lhYUtQTmNPMEhISzhVSFl3b0FaMWVOMGdad1dHZitpR0JzbnhYN3Fuak8reXk5bEZaZ1BBaEFIVjlOaEcxUDNTc1VDaWlkLzk5Rkk5NGEyUzlDOTlOVjFBanNZQ3lyUW1oZzBjM3h0TjNKVTYvY1ltMERQOWNJQ3lEVUU4OHFjYUV4U1V3TWpTS2ZHZ2U4YUNBSStRZStEVFFxcG5Hbz0tLStFMXRmYjViQTV3UVhMMEktLURoTlc0R21HWGNEMVg5c09BbGt1VHc9PQ==
|