Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Mar 29 14:03:29 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Mar 29 14:03:29 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Mar 29 14:03:29 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Mar 29 14:03:29 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Mar 29 14:03:29 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 128
|
PNG image data, 397 x 365, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 130
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 132
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 133
|
Unicode text, UTF-8 text, with very long lines (54451)
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 135
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 1500x200, components 3
|
dropped
|
||
|
Chrome Cache Entry: 136
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 138
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 139
|
PNG image data, 397 x 365, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 140
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
PNG image data, 2320 x 2319, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 145
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 147
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 148
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 149
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 152
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 153
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 154
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 1500x200, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 156
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 157
|
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 159
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 160
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 161
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using
IJG JPEG v80), quality = 100", baseline, precision 8, 256x256, components 3
|
dropped
|
||
|
Chrome Cache Entry: 162
|
ASCII text, with very long lines (65475)
|
downloaded
|
||
|
Chrome Cache Entry: 163
|
ASCII text, with very long lines (54234)
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
ASCII text, with very long lines (1601)
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
PNG image data, 2320 x 2319, 8-bit/color RGBA, non-interlaced
|
dropped
|
There are 36 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://links.vagaro.com/ls/click?upn=u001.Kon-2ByeGREPRt-2FMHBJEr-2BNftLQy37C85yyf9YxxAIy-2FJq3PLzYEADzsJOjZJmWPCXrGiBymbDgWNCdEvfm1BNH0-2FZnhE2Fqy-2FSsIOtx7LQpxNX7P-2FfVHKEr1u26UKQFb3D3YG4ki00REj1E04Z7wOIY-2BcCtVQuUoLdAd9amw5SbnkQFbQc5u3vmE7mtTixB8d9wKb0qFk7cm7sMA9XrFhpA-3D-3DExBw_mIOv0XpXx35YG833h1gVhf-2FA1eNoj0-2BSNCIA490E8poZf9zhuKmLYcYYPyI5RMEJS5PJmUFKooLWtqsOSMpYE2-2BOTAxpdd-2B3KguZQ5K6bz1FjOXir8VRn09fdBmb-2FxeNzUhfawB0fjZZ8FjZxNc2v24ysSJENH-2Be4CR1FtFHHvX2gk7lqc8PIxYbV1NrZdBCENXvDAhbfFN8KAb664q0yOZ8DucGGGo0lIj0MM6HqZV7nosYet2xgGzS6TiC9DpJ-2FNvR2bhWypVWor1hdGEQp4XXvjonXNjLCNFq6PTPYpyElYH-2BdkOjTwd-2FILPpWGgDeAIX0sIj-2FHa7eUNmYuV3parOJAzsD8hiceOi8nX0-2BZ-2BxevuOmOCkWkIawHXnjgLfhy8HCc0O8SjKUU1RQOLrBV9NEIam7y23K9aLJUXs-2BQiMVtZHrseXBDENslnSKEtCtfBe1ltHbrXJx3nqxUXHIzv6Nr-2B9U7T8X0UQvuyOOA4Gj1qPUffc2o-2FcUW4V0zfPWXpyrms6Rjlwh-2FMVG0QGwr-2B0EByi2qLuaOCEcxLTxWurDtohF-2FC-2FlMW23ZmPNJap
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1976,i,15432172165766021247,5987368293969160484,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://links.vagaro.com/ls/click?upn=u001.Kon-2ByeGREPRt-2FMHBJEr-2BNftLQy37C85yyf9YxxAIy-2FJq3PLzYEADzsJOjZJmWPCXrGiBymbDgWNCdEvfm1BNH0-2FZnhE2Fqy-2FSsIOtx7LQpxNX7P-2FfVHKEr1u26UKQFb3D3YG4ki00REj1E04Z7wOIY-2BcCtVQuUoLdAd9amw5SbnkQFbQc5u3vmE7mtTixB8d9wKb0qFk7cm7sMA9XrFhpA-3D-3DExBw_mIOv0XpXx35YG833h1gVhf-2FA1eNoj0-2BSNCIA490E8poZf9zhuKmLYcYYPyI5RMEJS5PJmUFKooLWtqsOSMpYE2-2BOTAxpdd-2B3KguZQ5K6bz1FjOXir8VRn09fdBmb-2FxeNzUhfawB0fjZZ8FjZxNc2v24ysSJENH-2Be4CR1FtFHHvX2gk7lqc8PIxYbV1NrZdBCENXvDAhbfFN8KAb664q0yOZ8DucGGGo0lIj0MM6HqZV7nosYet2xgGzS6TiC9DpJ-2FNvR2bhWypVWor1hdGEQp4XXvjonXNjLCNFq6PTPYpyElYH-2BdkOjTwd-2FILPpWGgDeAIX0sIj-2FHa7eUNmYuV3parOJAzsD8hiceOi8nX0-2BZ-2BxevuOmOCkWkIawHXnjgLfhy8HCc0O8SjKUU1RQOLrBV9NEIam7y23K9aLJUXs-2BQiMVtZHrseXBDENslnSKEtCtfBe1ltHbrXJx3nqxUXHIzv6Nr-2B9U7T8X0UQvuyOOA4Gj1qPUffc2o-2FcUW4V0zfPWXpyrms6Rjlwh-2FMVG0QGwr-2B0EByi2qLuaOCEcxLTxWurDtohF-2FC-2FlMW23ZmPNJap
|
|||
|
https://sites.eventraptor.com/vendor/livewire/livewire.js?id=c69d0f2801c01fcf8166
|
161.35.14.23
|
||
|
https://app.eventraptor.com/storage/media/00/0001/00014953/event-presentation-speaker_profile_avatar-20240309152614.jpg
|
161.35.14.23
|
||
|
https://app-eventraptor.b-cdn.net/storage/media/00/0001/00015373/event-234384203058384890-2024-logo.png
|
37.19.207.34
|
||
|
https://app-eventraptor.b-cdn.net/storage/media/00/0000/00006873/speaker-profile-avatar-20221010195841.jpg
|
37.19.207.34
|
||
|
https://developer.matomo.org/api-reference/tracking-javascript
|
unknown
|
||
|
https://app.eventraptor.com/storage/media/00/0001/00014773/event-presentation-speaker_profile_avatar-20240303170842.jpg
|
161.35.14.23
|
||
|
https://piwik.org/free-software/bsd/
|
unknown
|
||
|
https://app.eventraptor.com/images/favicon.png
|
161.35.14.23
|
||
|
https://busy-lady-health-summit-2404.eventraptor.com/?erclid=4f802863-37bd-48fe-8382-65b6a4d2f259&affiliate=kaitlinrohowetz&ref=kaitlinrohowetz
|
|||
|
https://piwik.org
|
unknown
|
||
|
https://app-eventraptor.b-cdn.net/storage/media/00/0000/00000794/1626616670_WrQFjjMJD5NSQ9zD.png
|
37.19.207.34
|
||
|
https://app-eventraptor.b-cdn.net/storage/media/00/0001/00014568/speaker-profile-avatar-20240217182517.jpg
|
37.19.207.34
|
||
|
https://activity.marketivia.com/activity.js
|
161.35.100.27
|
||
|
https://app.eventraptor.com/storage/media/00/0001/00014965/event-presentation-speaker_profile_avatar-20240310155559.jpg
|
161.35.14.23
|
||
|
https://developer.matomo.org/guides/tracking-javascript-guide#multiple-piwik-trackers
|
unknown
|
||
|
https://app-eventraptor.b-cdn.net/storage/media/00/0000/00009348/speaker-profile-avatar-20230308225915.jpg
|
37.19.207.34
|
||
|
https://github.com/matomo-org/matomo/blob/master/js/piwik.js
|
unknown
|
||
|
https://app.eventraptor.com/storage/media/00/0001/00014964/event-presentation-speaker_profile_avatar-20240310153502.jpg
|
161.35.14.23
|
||
|
https://busy-lady-health-summit-2404.eventraptor.com/js/app.js?id=d3ad6175d28b8e97af07
|
161.35.14.23
|
||
|
https://app-eventraptor.b-cdn.net/storage/media/00/0001/00014314/speaker-profile-avatar-20240201201707.jpg
|
37.19.207.34
|
||
|
https://github.com/jonschlinkert/get-value
|
unknown
|
||
|
https://www.gravatar.com/avatar/3587bc859c65dca23714908494dc7445?s=192&d=404
|
192.0.73.2
|
||
|
https://busy-lady-health-summit-2404.eventraptor.com/css/app.css?id=62b9ba2152dd05a0c8f3
|
161.35.14.23
|
||
|
https://app-eventraptor.b-cdn.net/storage/media/00/0001/00015372/event-234384203058384890-3d-png-2.png
|
37.19.207.34
|
||
|
https://app.eventraptor.com/storage/media/00/0001/00014755/event-presentation-speaker_profile_avatar-20240229210758.jpg
|
161.35.14.23
|
||
|
https://app-eventraptor.b-cdn.net/storage/media/00/0001/00014736/summit-cover-20240228170836.jpg
|
37.19.207.34
|
||
|
https://github.com/jonschlinkert/isobject
|
unknown
|
||
|
https://activity.marketivia.com/activity.php?action_name=busy-lady-health-summit-2404.eventraptor.com%2FBusy%20Woman%20Health%20Summit%3A%20Empowering%20Women%27s%20Wellness&idsite=18&rec=1&r=998004&h=16&m=3&s=38&url=https%3A%2F%2Fbusy-lady-health-summit-2404.eventraptor.com%2F%3Ferclid%3D4f802863-37bd-48fe-8382-65b6a4d2f259%26affiliate%3Dkaitlinrohowetz%26ref%3Dkaitlinrohowetz&_id=37767dd3cf6aa844&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=37ii30&pf_net=439&pf_srv=535&pf_tfr=111&pf_dm1=8600&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22117.0.5938.132%22%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22117.0.5938.132%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
|
161.35.100.27
|
||
|
https://app-eventraptor.b-cdn.net/storage/media/00/0001/00014601/speaker-profile-avatar-20240219223739.jpg
|
37.19.207.34
|
There are 19 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sites.eventraptor.com
|
161.35.14.23
|
||
|
activity.marketivia.com
|
161.35.100.27
|
||
|
www.gravatar.com
|
192.0.73.2
|
||
|
busy-lady-health-summit-2404.eventraptor.com
|
161.35.14.23
|
||
|
www.google.com
|
172.253.63.104
|
||
|
89wb2.x.incapdns.net
|
45.60.86.16
|
||
|
app.eventraptor.com
|
161.35.14.23
|
||
|
app-eventraptor.b-cdn.net
|
37.19.207.34
|
||
|
links.vagaro.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.60.86.16
|
89wb2.x.incapdns.net
|
United States
|
||
|
172.253.63.104
|
www.google.com
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
161.35.14.23
|
sites.eventraptor.com
|
United States
|
||
|
192.0.73.2
|
www.gravatar.com
|
United States
|
||
|
37.19.207.34
|
app-eventraptor.b-cdn.net
|
Ukraine
|
||
|
161.35.100.27
|
activity.marketivia.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://busy-lady-health-summit-2404.eventraptor.com/?erclid=4f802863-37bd-48fe-8382-65b6a4d2f259&affiliate=kaitlinrohowetz&ref=kaitlinrohowetz
|