Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Chrome Cache Entry: 46
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 47
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 48
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 49
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 50
|
Unicode text, UTF-8 text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 51
|
ASCII text, with very long lines (6275)
|
downloaded
|
||
Chrome Cache Entry: 52
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 53
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 54
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 55
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 56
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 57
|
ASCII text, with very long lines (1005), with CRLF, LF line terminators
|
downloaded
|
There are 3 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=2208,i,14988252462584480448,9839023817784272560,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.xxfj168.com/"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.xxfj168.com/
|
|||
https://github.com/axios/axios/issues/201)
|
unknown
|
||
https://feross.org
|
unknown
|
||
https://github.com/davidchambers/Base64.js
|
unknown
|
||
https://www.yononess.cyou/click/queryIpClick
|
134.122.205.226
|
||
https://nodejs.org/api/http.html#http_message_headers
|
unknown
|
||
https://www.tfteleknteqd888.com//index.php
|
121.127.245.109
|
||
https://ip.useragentinfo.com/json
|
unknown
|
||
https://www.xxfj168.com/
|
|||
https://www.xxfj168.com/static/js/axios.js
|
103.158.37.203
|
||
https://www.xxfj168.com/static/js/jquery-ui.js
|
103.158.37.203
|
||
http://jqueryui.com
|
unknown
|
||
http://www.google.com)
|
unknown
|
||
https://www.xxfj168.com/favicon.ico
|
103.158.37.203
|
||
http://url.spec.whatwg.org/#urlutils
|
unknown
|
||
https://entry11.bk.mufg.jp/ibg/dfw/APLIN/loginib/login?_TRANID=AG004_001&link_id=kojin_top_direct_lo
|
unknown
|
||
https://www.xxfj168.com/ResourceConfig/urlConfig.json?t=1
|
103.158.37.203
|
||
https://www.yononess.cyou
|
unknown
|
||
https://www.xxfj168.com/static/js/it.js
|
103.158.37.203
|
||
https://www.xxfj168.com/static/css/common.css
|
103.158.37.203
|
||
https://www.yononess.cyou/websocket/2e03a3b3a61971bd375aac43fcf616cd
|
134.122.205.226
|
||
https://www.xxfj168.com/sanling_index/spa_loader.css
|
103.158.37.203
|
||
https://www.xxfj168.com/static/js/ResourceRedConfig.js
|
103.158.37.203
|
There are 12 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
www.xxfj168.com
|
103.158.37.203
|
||
www.tfteleknteqd888.com
|
121.127.245.109
|
||
www.yononess.cyou
|
134.122.205.226
|
||
www.google.com
|
74.125.138.103
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
74.125.138.103
|
www.google.com
|
United States
|
||
103.158.37.203
|
www.xxfj168.com
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
121.127.245.109
|
www.tfteleknteqd888.com
|
Hong Kong
|
||
192.168.2.4
|
unknown
|
unknown
|
||
134.122.205.226
|
www.yononess.cyou
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://www.xxfj168.com/
|