Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 13:30:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 13:30:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 13:30:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 13:30:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 16 13:30:49 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://we.tl/t-xPaSCZOP5P
|
|||
|
https://backgrounds.wetransfer.net/creator/wepresent/2403-p7/wp1-sq/1_Y9MAVg/index.html?_origin=https://nolan.wetransfer.net&_placement=desktop-web-renderer
|
|||
|
https://backgrounds.wetransfer.net/creator/wepresent/2403-p5/wp1-ver1/1_dQATKn/index.html?_origin=https://nolan.wetransfer.net&_placement=desktop-web-renderer
|
|||
|
https://backgrounds.wetransfer.net/creator/wepresent/2403-p7/wp4-fs/1_fNg34n/index.html?_origin=https://nolan.wetransfer.net&_placement=desktop-web-renderer
|
|||
|
https://nolan.wetransfer.net/apps/desktop-web-renderer/0.5.3/index.html?_origin=https://wetransfer.com&_placement=creative-frame-1714296552255
|
|||
|
https://backgrounds.wetransfer.net/creator/newfold-bluehost/2403/static/3_bwFZUM/index.html?_origin=https://nolan.wetransfer.net&_placement=desktop-web-renderer
|
|||
|
https://nolan.wetransfer.net/apps/desktop-web-renderer/0.5.3/index.html?_origin=https://wetransfer.com&_placement=creative-frame-1714292418712
|
|||
|
https://nolan.wetransfer.net/apps/desktop-web-renderer/0.5.3/index.html?_origin=https://wetransfer.com&_placement=creative-frame-1714297930573
|
|||
|
https://nolan.wetransfer.net/apps/desktop-web-renderer/0.5.3/index.html?_origin=https://wetransfer.com&_placement=creative-frame-1714296623710
|
|||
|
https://wetransfer.com/downloads/3058a4fd0816243f8080e81cee7de5fe20240415133807/07ee69
|
|||
|
https://auth.wetransfer.com/login?state=hKFo2SBsMWZVZzZiZ2g2eXJmN0FZTEJCZmFZeU5xcV8zX2NOTKFupWxvZ2luo3RpZNkgMFBQNlVOM05uUU9nVGdvaEpWZWMyWVpyUEtQazdOMU6jY2lk2SBkWFdGUWppVzFqeFdDRkcwaE9WcHFyazRoOXZHZWFuYw&client=dXWFQjiW1jxWCFG0hOVpqrk4h9vGeanc&protocol=oauth2&audience=aud%3A%2F%2Ftransfer-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fwetransfer.com%2Faccount%2Fcallback%3FfinalizeSSOAuth%3D1%26login%3D1&cache=%5Bobject%20Object%5D&initialScreen=login&lang=en&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=Z1BjMi43OTZLTmtrX0FybU5jQTJndnF2UlhQWi4xNWo5RmZLWUFnM2Uyaw%3D%3D&code_challenge=KYJlqzlTztS2JCu5pc5s2bsNbb8_kTPEiKWVXWas4HU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMyJ9
|
|||
|
https://insight.adsrvr.org/track/up?adv=81c3jgn&ref=https%3A%2F%2Fauth.wetransfer.com%2Flogin%3Fstate%3DhKFo2SBsMWZVZzZiZ2g2eXJmN0FZTEJCZmFZeU5xcV8zX2NOTKFupWxvZ2luo3RpZNkgMFBQNlVOM05uUU9nVGdvaEpWZWMyWVpyUEtQazdOMU6jY2lk2SBkWFdGUWppVzFqeFdDRkcwaE9WcHFyazRoOXZHZWFuYw%26client%3DdXWFQjiW1jxWCFG0hOVpqrk4h9vGeanc%26protocol%3Doauth2%26audience%3Daud%253A%252F%252Ftransfer-api-prod.wetransfer%252F%26redirect_uri%3Dhttps%253A%252F%252Fwetransfer.com%252Faccount%252Fcallback%253FfinalizeSSOAuth%253D1%2526login%253D1%26cache%3D%255Bobject%2520Object%255D%26initialScreen%3Dlogin%26lang%3Den%26scope%3Dopenid%2520profile%2520email%2520offline_access%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DZ1BjMi43OTZLTmtrX0FybU5jQTJndnF2UlhQWi4xNWo5RmZLWUFnM2Uyaw%253D%253D%26code_challenge%3DKYJlqzlTztS2JCu5pc5s2bsNbb8_kTPEiKWVXWas4HU%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMyJ9&upid=re36kbe&upv=1.1.0
|
|||
|
https://insight.adsrvr.org/track/up?adv=81c3jgn&ref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2F3058a4fd0816243f8080e81cee7de5fe20240415133807%2F07ee69&upid=re36kbe&upv=1.1.0&gdpr=1&gdpr_consent=CP9KXsAP9KXsAPnACAENAxCAAEIAEEJAEAABGcQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM4AAAAAAAA.JGcQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM4AAA
|
|||
|
https://insight.adsrvr.org/track/up?adv=81c3jgn&ref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2F3058a4fd0816243f8080e81cee7de5fe20240415133807%2F07ee69&upid=re36kbe&upv=1.1.0
|
There are 3 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
eu01.in.treasuredata.com
|
35.157.106.103
|
||
|
sp-20200324121949090600000008-54648268.eu-west-1.elb.amazonaws.com
|
52.51.122.210
|
||
|
auth.wetransfer.com
|
3.163.115.41
|
||
|
measure.lamp.avct.cloud
|
34.240.239.1
|
||
|
dg2iu7dxxehbo.cloudfront.net
|
13.32.206.122
|
||
|
adservice.google.com
|
64.233.185.156
|
||
|
backgrounds.wetransfer.net
|
3.162.112.124
|
||
|
auth-cdn.wetransfer.com
|
3.161.163.33
|
||
|
stats.g.doubleclick.net
|
64.233.177.156
|
||
|
insight.adsrvr.org
|
35.71.131.137
|
||
|
scontent.xx.fbcdn.net
|
31.13.65.7
|
||
|
cdnjs.cloudflare.com
|
104.17.25.14
|
||
|
www.google.com
|
64.233.177.147
|
||
|
ara.paa-reporting-advertising.amazon
|
108.138.85.112
|
||
|
amplitude.map.fastly.net
|
151.101.2.132
|
||
|
cdn.brandmetrics.com
|
104.26.0.90
|
||
|
dp0wn1kjwhg75.cloudfront.net
|
18.160.32.50
|
||
|
star-mini.c10r.facebook.com
|
31.13.67.35
|
||
|
lebowski.wetransfer.com
|
52.212.176.246
|
||
|
we.tl
|
99.86.229.33
|
||
|
s.amazon-adsystem.com
|
52.46.130.91
|
||
|
ad.doubleclick.net
|
173.194.219.149
|
||
|
e-prod-alb-s105-us-east-1-01.adzerk.net
|
18.204.80.181
|
||
|
cdn.treasuredata.com
|
13.249.39.27
|
||
|
dna8twue3dlxq.cloudfront.net
|
18.165.98.32
|
||
|
prod-cdn.wetransfer.net
|
54.230.253.37
|
||
|
d1ykf07e75w7ss.cloudfront.net
|
3.163.118.227
|
||
|
cdn.lamp.avct.cloud
|
18.64.155.60
|
||
|
dualstack.reddit.map.fastly.net
|
151.101.1.140
|
||
|
prod.pinterest.global.map.fastly.net
|
151.101.0.84
|
||
|
di.rlcdn.com
|
34.49.212.111
|
||
|
reddit.map.fastly.net
|
151.101.65.140
|
||
|
googleads.g.doubleclick.net
|
172.217.215.156
|
||
|
api.amplitude.com
|
34.218.167.212
|
||
|
donny.wetransfer.com
|
52.212.176.246
|
||
|
dualstack.pinterest.map.fastly.net
|
151.101.12.84
|
||
|
www.datadoghq-browser-agent.com
|
13.32.206.192
|
||
|
cdn.wetransfer.com
|
18.160.78.78
|
||
|
wetransfer.com
|
18.160.78.78
|
||
|
auth-session-caching.wetransfer.net
|
54.76.94.58
|
||
|
tagging.wetransfer.com
|
13.226.100.21
|
||
|
nolan.wetransfer.net
|
3.161.188.71
|
||
|
alb.reddit.com
|
unknown
|
||
|
snowplow.wetransfer.com
|
unknown
|
||
|
w3-reporting-nel.reddit.com
|
unknown
|
||
|
ct.pinterest.com
|
unknown
|
||
|
z.moatads.com
|
unknown
|
||
|
www.facebook.com
|
unknown
|
||
|
www.redditstatic.com
|
unknown
|
||
|
js.adsrvr.org
|
unknown
|
||
|
c.amazon-adsystem.com
|
unknown
|
||
|
connect.facebook.net
|
unknown
|
||
|
public.profitwell.com
|
unknown
|
||
|
collector.brandmetrics.com
|
unknown
|
||
|
px.moatads.com
|
unknown
|
||
|
api.lab.amplitude.com
|
unknown
|
||
|
s.pinimg.com
|
unknown
|
||
|
e-10220.adzerk.net
|
unknown
|
||
|
cdn.auth0.com
|
unknown
|
There are 49 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
31.13.67.35
|
star-mini.c10r.facebook.com
|
Ireland
|
||
|
54.68.149.127
|
unknown
|
United States
|
||
|
13.249.39.27
|
cdn.treasuredata.com
|
United States
|
||
|
151.101.0.84
|
prod.pinterest.global.map.fastly.net
|
United States
|
||
|
54.230.253.37
|
prod-cdn.wetransfer.net
|
United States
|
||
|
151.101.130.132
|
unknown
|
United States
|
||
|
18.64.155.60
|
cdn.lamp.avct.cloud
|
United States
|
||
|
172.217.215.105
|
unknown
|
United States
|
||
|
173.194.219.157
|
unknown
|
United States
|
||
|
151.101.128.84
|
unknown
|
United States
|
||
|
151.101.193.140
|
unknown
|
United States
|
||
|
52.210.6.56
|
unknown
|
United States
|
||
|
151.101.65.140
|
reddit.map.fastly.net
|
United States
|
||
|
13.33.17.51
|
unknown
|
United States
|
||
|
31.13.88.13
|
unknown
|
Ireland
|
||
|
108.138.85.9
|
unknown
|
United States
|
||
|
35.71.131.137
|
insight.adsrvr.org
|
United States
|
||
|
204.79.197.237
|
unknown
|
United States
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
13.226.100.80
|
unknown
|
United States
|
||
|
173.194.219.149
|
ad.doubleclick.net
|
United States
|
||
|
3.161.188.71
|
nolan.wetransfer.net
|
United States
|
||
|
3.162.112.21
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
108.177.122.101
|
unknown
|
United States
|
||
|
108.177.122.100
|
unknown
|
United States
|
||
|
151.101.192.84
|
unknown
|
United States
|
||
|
54.164.141.9
|
unknown
|
United States
|
||
|
142.250.9.149
|
unknown
|
United States
|
||
|
142.250.9.148
|
unknown
|
United States
|
||
|
34.218.167.212
|
api.amplitude.com
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
142.250.105.154
|
unknown
|
United States
|
||
|
13.32.206.122
|
dg2iu7dxxehbo.cloudfront.net
|
United States
|
||
|
34.253.35.38
|
unknown
|
United States
|
||
|
3.163.115.41
|
auth.wetransfer.com
|
United States
|
||
|
18.160.78.124
|
unknown
|
United States
|
||
|
64.233.177.157
|
unknown
|
United States
|
||
|
64.233.177.156
|
stats.g.doubleclick.net
|
United States
|
||
|
64.233.176.113
|
unknown
|
United States
|
||
|
108.177.122.113
|
unknown
|
United States
|
||
|
54.74.216.13
|
unknown
|
United States
|
||
|
142.250.9.138
|
unknown
|
United States
|
||
|
13.32.206.192
|
www.datadoghq-browser-agent.com
|
United States
|
||
|
34.240.239.1
|
measure.lamp.avct.cloud
|
United States
|
||
|
31.13.66.35
|
unknown
|
Ireland
|
||
|
3.161.188.92
|
unknown
|
United States
|
||
|
151.101.1.140
|
dualstack.reddit.map.fastly.net
|
United States
|
||
|
31.13.65.7
|
scontent.xx.fbcdn.net
|
Ireland
|
||
|
142.250.105.148
|
unknown
|
United States
|
||
|
3.163.115.125
|
unknown
|
United States
|
||
|
64.233.177.148
|
unknown
|
United States
|
||
|
64.233.177.149
|
unknown
|
United States
|
||
|
34.199.223.244
|
unknown
|
United States
|
||
|
3.163.80.95
|
unknown
|
United States
|
||
|
64.233.177.147
|
www.google.com
|
United States
|
||
|
52.46.130.91
|
s.amazon-adsystem.com
|
United States
|
||
|
13.32.208.32
|
unknown
|
United States
|
||
|
3.162.112.124
|
backgrounds.wetransfer.net
|
United States
|
||
|
151.101.129.140
|
unknown
|
United States
|
||
|
3.163.80.80
|
unknown
|
United States
|
||
|
108.138.85.112
|
ara.paa-reporting-advertising.amazon
|
United States
|
||
|
142.251.15.95
|
unknown
|
United States
|
||
|
18.160.78.78
|
cdn.wetransfer.com
|
United States
|
||
|
3.163.118.227
|
d1ykf07e75w7ss.cloudfront.net
|
United States
|
||
|
3.161.163.33
|
auth-cdn.wetransfer.com
|
United States
|
||
|
104.26.0.90
|
cdn.brandmetrics.com
|
United States
|
||
|
3.163.80.106
|
unknown
|
United States
|
||
|
13.107.21.237
|
unknown
|
United States
|
||
|
64.233.185.100
|
unknown
|
United States
|
||
|
151.101.12.84
|
dualstack.pinterest.map.fastly.net
|
United States
|
||
|
99.86.229.33
|
we.tl
|
United States
|
||
|
74.125.136.157
|
unknown
|
United States
|
||
|
184.31.62.25
|
unknown
|
United States
|
||
|
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
142.250.105.84
|
unknown
|
United States
|
||
|
31.13.65.36
|
unknown
|
Ireland
|
||
|
52.29.244.174
|
unknown
|
United States
|
||
|
18.204.80.181
|
e-prod-alb-s105-us-east-1-01.adzerk.net
|
United States
|
||
|
20.40.202.2
|
unknown
|
United States
|
||
|
54.76.94.58
|
auth-session-caching.wetransfer.net
|
United States
|
||
|
64.233.185.156
|
adservice.google.com
|
United States
|
||
|
142.250.9.94
|
unknown
|
United States
|
||
|
52.51.122.210
|
sp-20200324121949090600000008-54648268.eu-west-1.elb.amazonaws.com
|
United States
|
||
|
13.226.100.21
|
tagging.wetransfer.com
|
United States
|
||
|
52.212.176.246
|
lebowski.wetransfer.com
|
United States
|
||
|
3.161.163.37
|
unknown
|
United States
|
||
|
18.160.32.50
|
dp0wn1kjwhg75.cloudfront.net
|
United States
|
||
|
18.160.78.7
|
unknown
|
United States
|
||
|
172.217.215.156
|
googleads.g.doubleclick.net
|
United States
|
||
|
142.250.105.94
|
unknown
|
United States
|
||
|
34.49.212.111
|
di.rlcdn.com
|
United States
|
||
|
142.250.105.105
|
unknown
|
United States
|
||
|
172.253.124.157
|
unknown
|
United States
|
||
|
52.88.13.83
|
unknown
|
United States
|
||
|
18.165.98.32
|
dna8twue3dlxq.cloudfront.net
|
United States
|
||
|
52.46.151.131
|
unknown
|
United States
|
||
|
52.30.32.26
|
unknown
|
United States
|
||
|
151.101.2.132
|
amplitude.map.fastly.net
|
United States
|
||
|
52.33.170.77
|
unknown
|
United States
|
There are 90 hidden IPs, click here to show them.