Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 15:16:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 15:16:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 15:16:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 15:16:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 15:16:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
Unicode text, UTF-8 text
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
ASCII text, with very long lines (530)
|
downloaded
|
||
|
Chrome Cache Entry: 103
|
Unicode text, UTF-8 text, with very long lines (1040)
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
ASCII text, with very long lines (540)
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
Web Open Font Format (Version 2), TrueType, length 41796, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
ASCII text, with very long lines (33392)
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
ASCII text, with very long lines (997)
|
downloaded
|
||
|
Chrome Cache Entry: 109
|
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
ASCII text, with very long lines (4179)
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
assembler source, Unicode text, UTF-8 text
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
ASCII text, with very long lines (32034)
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
ASCII text, with very long lines (32065)
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
ASCII text, with very long lines (10685)
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
ASCII text, with very long lines (2343)
|
downloaded
|
||
|
Chrome Cache Entry: 91
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
ASCII text, with very long lines (28596)
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
Unicode text, UTF-8 text
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
ASCII text, with very long lines (1165)
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
Web Open Font Format (Version 2), TrueType, length 70728, version 4.393
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 98
|
ASCII text, with very long lines (4179)
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
Web Open Font Format (Version 2), TrueType, length 40188, version 1.0
|
downloaded
|
There are 23 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1956,i,7160089607047078356,21755619593161457,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://research-polls.com/fLKO/T774676"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://research-polls.com/fLKO/T774676
|
|||
|
http://fontawesome.io
|
unknown
|
||
|
http://mg-crea.com/)
|
unknown
|
||
|
http://phpjs.org/functions/stripos
|
unknown
|
||
|
https://stats.g.doubleclick.net/g/collect
|
unknown
|
||
|
http://pear.php.net/user/jausions)
|
unknown
|
||
|
http://http/my.opera.com/fearphage/)
|
unknown
|
||
|
https://github.com/MikeMcl/decimal.js/LICENCE
|
unknown
|
||
|
http://www.myipdf.com/)
|
unknown
|
||
|
http://snippets.dzone.com/user/AlexanderErmolaev)
|
unknown
|
||
|
https://insight-polls.com/scripts/survey_runtime.js
|
3.208.204.145
|
||
|
http://www.debuggable.com/felix)
|
unknown
|
||
|
http://jqueryui.com
|
unknown
|
||
|
https://github.com/MikeMcl/decimal.js
|
unknown
|
||
|
http://amatiasq.com)
|
unknown
|
||
|
http://web2.bitbaro.hu/)
|
unknown
|
||
|
https://ampcid.google.com/v1/publisher:getClientId
|
unknown
|
||
|
https://insight-polls.com/tmp/assets/96a1b66f/jquery.ui.touch-punch.min.js
|
3.208.204.145
|
||
|
https://insight-polls.com/tmp/assets/f05851e/scripts/template.js
|
3.208.204.145
|
||
|
https://www.google.com
|
unknown
|
||
|
https://insight-polls.com/templates/blue/favicon.ico
|
3.208.204.145
|
||
|
http://www.phpvrouwen.nl)
|
unknown
|
||
|
http://www.letorbi.de/)
|
unknown
|
||
|
http://www.winternet.no)
|
unknown
|
||
|
http://www.3rd-Eden.com)
|
unknown
|
||
|
http://yass.meetcweb.com)
|
unknown
|
||
|
http://webdevhobo.blogspot.com/)
|
unknown
|
||
|
http://getbootstrap.com)
|
unknown
|
||
|
http://github.com/plepe)
|
unknown
|
||
|
http://phpjs.org/functions/substr
|
unknown
|
||
|
https://stats.g.doubleclick.net/j/collect
|
unknown
|
||
|
http://thiagomata.blog.com)
|
unknown
|
||
|
http://www.premasolutions.com/)
|
unknown
|
||
|
https://insight-polls.com/tmp/assets/f05851e/css/template.css
|
3.208.204.145
|
||
|
https://insight-polls.com/tmp/assets/8b70dfe9/decimal.js
|
3.208.204.145
|
||
|
http://www.kingsquare.nl)
|
unknown
|
||
|
http://www.james-bell.co.uk/)
|
unknown
|
||
|
http://benblume.co.uk/)
|
unknown
|
||
|
http://stackoverflow.com/questions/57803/how-to-convert-decimal-to-hex-in-javascript
|
unknown
|
||
|
https://research-polls.com/fLKO/T774676
|
3.211.52.151
|
||
|
http://blog.kukawski.pl/)
|
unknown
|
||
|
http://phpjs.org/functions/quoted_printable_decode
|
unknown
|
||
|
http://www.distantia.ca/)
|
unknown
|
||
|
http://carrot.org/)
|
unknown
|
||
|
http://phpjs.org/authors)
|
unknown
|
||
|
http://phpjs.org/functions/htmlentities:425#comment_134018)
|
unknown
|
||
|
http://www.nbill.co.uk/)
|
unknown
|
||
|
http://phpjs.org/functions/strrev
|
unknown
|
||
|
http://ryan.10e.us)
|
unknown
|
||
|
https://insight-polls.com/tmp/assets/f05851e/fonts/Exo2-SemiBold.woff2
|
3.208.204.145
|
||
|
http://www.weedem.fr/)
|
unknown
|
||
|
http://magnetiq.com)
|
unknown
|
||
|
http://phpjs.org/functions/ucwords
|
unknown
|
||
|
http://bootswatch.com
|
unknown
|
||
|
http://www.webtoolkit.info/)
|
unknown
|
||
|
https://insight-polls.com/tmp/assets/2947cd54/js/bootstrap.min.js
|
3.208.204.145
|
||
|
http://simonwillison.net)
|
unknown
|
||
|
https://adservice.google.com/pagead/regclk
|
unknown
|
||
|
http://www.xorax.info)
|
unknown
|
||
|
http://jqueryui.com/themeroller/?ffDefault=Arial%2CHelvetica%2Csans-serif&fsDefault=1em&fwDefault=no
|
unknown
|
||
|
https://cct.google/taggy/agent.js
|
unknown
|
||
|
https://insight-polls.com/scripts/deactivatedebug.js
|
3.208.204.145
|
||
|
http://phpjs.org/functions/rtrim
|
unknown
|
||
|
http://phpjs.org/functions/gmdate
|
unknown
|
||
|
http://phpjs.org/functions/sprintf
|
unknown
|
||
|
http://phpjs.org/functions/quotemeta
|
unknown
|
||
|
http://phpjs.org/functions/stristr
|
unknown
|
||
|
http://developer.yahoo.com/yui/docs/YAHOO.util.DateLocale.html
|
unknown
|
||
|
http://getsprink.com)
|
unknown
|
||
|
https://insight-polls.com/tmp/assets/f05851e/css/jquery-ui-custom.css
|
3.208.204.145
|
||
|
http://onlineaspect.com/2007/06/08/auto-detect-a-time-zone-with-javascript/)
|
unknown
|
||
|
https://www.google.%/ads/ga-audiences
|
unknown
|
||
|
http://phpjs.org/functions/trim
|
unknown
|
||
|
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
|
https://stats.g.doubleclick.net/g/collect?v=2&
|
unknown
|
||
|
http://phpjs.org/functions/mktime
|
unknown
|
||
|
http://doubleaw.com/)
|
unknown
|
||
|
http://innerdom.sourceforge.net/)
|
unknown
|
||
|
http://www.json.org/json2.js)
|
unknown
|
||
|
http://www.svest.org/)
|
unknown
|
||
|
http://www.jd-tech.net)
|
unknown
|
||
|
http://stackoverflow.com/questions/10454518/javascript-how-to-retrieve-the-number-of-decimals-of-a-s
|
unknown
|
||
|
http://difane.com/)
|
unknown
|
||
|
http://hexmen.com/blog/)
|
unknown
|
||
|
http://phpjs.org/functions/strip_tags
|
unknown
|
||
|
http://www.alfonsojimenez.com)
|
unknown
|
||
|
http://www.pedrotainha.com)
|
unknown
|
||
|
http://kvz.io)
|
unknown
|
||
|
http://www.ws3.es/)
|
unknown
|
||
|
http://phpjs.org/functions/get_html_translation_table
|
unknown
|
||
|
http://unicode.org/reports/tr44/#Property_Table
|
unknown
|
||
|
http://www.quirksmode.org/js/beat.html)
|
unknown
|
||
|
https://insight-polls.com/tmp/assets/f05851e/css/bootstrap-slider.css
|
3.208.204.145
|
||
|
http://aidanlister.com/)
|
unknown
|
||
|
http://www.frontierwebdev.com/)
|
unknown
|
||
|
http://phpjs.org/functions/htmlspecialchars
|
unknown
|
||
|
http://stackoverflow.com/questions/846221/logarithmic-slider
|
unknown
|
||
|
http://rumkin.com)
|
unknown
|
||
|
http://phpjs.org/functions/is_numeric/
|
unknown
|
||
|
https://insight-polls.com/tmp/assets/f05851e/css/custom.css
|
3.208.204.145
|
||
|
http://phpjs.org/functions/html_entity_decode
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
research-polls.com
|
3.211.52.151
|
||
|
www.google.com
|
142.250.105.103
|
||
|
insight-polls.com
|
3.208.204.145
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.8
|
unknown
|
unknown
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
142.250.105.103
|
www.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
3.208.204.145
|
insight-polls.com
|
United States
|
||
|
3.211.52.151
|
research-polls.com
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://insight-polls.com/index.php/survey/index/sid/954791/newtest/Y/lang/en/?token=T774676
|