IOC Report
http://154.61.80.57

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
ASCII text
dropped
Chrome Cache Entry: 101
data
downloaded
Chrome Cache Entry: 56
data
dropped
Chrome Cache Entry: 57
data
downloaded
Chrome Cache Entry: 58
gzip compressed data, from Unix, original size modulo 2^32 3504
downloaded
Chrome Cache Entry: 59
gzip compressed data, from Unix, original size modulo 2^32 7834
dropped
Chrome Cache Entry: 60
Web Open Font Format (Version 2), TrueType, length 11232, version 1.0
downloaded
Chrome Cache Entry: 61
ASCII text
dropped
Chrome Cache Entry: 62
ASCII text
dropped
Chrome Cache Entry: 63
ASCII text
dropped
Chrome Cache Entry: 64
data
downloaded
Chrome Cache Entry: 65
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 66
ASCII text
dropped
Chrome Cache Entry: 67
gzip compressed data, from Unix, original size modulo 2^32 7834
downloaded
Chrome Cache Entry: 68
data
downloaded
Chrome Cache Entry: 69
gzip compressed data, from Unix, original size modulo 2^32 675244
dropped
Chrome Cache Entry: 70
data
downloaded
Chrome Cache Entry: 71
ASCII text
dropped
Chrome Cache Entry: 72
data
downloaded
Chrome Cache Entry: 73
gzip compressed data, from Unix, original size modulo 2^32 3818624
dropped
Chrome Cache Entry: 74
gzip compressed data, from Unix, original size modulo 2^32 7834
downloaded
Chrome Cache Entry: 75
data
downloaded
Chrome Cache Entry: 76
OpenPGP Secret Key
downloaded
Chrome Cache Entry: 77
data
downloaded
Chrome Cache Entry: 78
gzip compressed data, from Unix, original size modulo 2^32 3818624
downloaded
Chrome Cache Entry: 79
ASCII text
dropped
Chrome Cache Entry: 80
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 81
gzip compressed data, from Unix, original size modulo 2^32 101784
downloaded
Chrome Cache Entry: 82
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x720, components 3
dropped
Chrome Cache Entry: 83
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 84
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 85
gzip compressed data, from Unix, original size modulo 2^32 1650
downloaded
Chrome Cache Entry: 86
data
downloaded
Chrome Cache Entry: 87
Minix filesystem, V1 (big endian), 10389 zones
downloaded
Chrome Cache Entry: 88
gzip compressed data, from Unix, original size modulo 2^32 675244
downloaded
Chrome Cache Entry: 89
ASCII text
dropped
Chrome Cache Entry: 90
ASCII text
dropped
Chrome Cache Entry: 91
ASCII text
dropped
Chrome Cache Entry: 92
Web Open Font Format (Version 2), TrueType, length 150472, version 770.256
downloaded
Chrome Cache Entry: 93
gzip compressed data, from Unix, original size modulo 2^32 1385
downloaded
Chrome Cache Entry: 94
ASCII text
dropped
Chrome Cache Entry: 95
data
downloaded
Chrome Cache Entry: 96
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 97
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
downloaded
Chrome Cache Entry: 98
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x720, components 3
downloaded
Chrome Cache Entry: 99
gzip compressed data, from Unix, original size modulo 2^32 80651
downloaded
There are 37 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 --field-trial-handle=2332,i,7269247368579551505,3659595296345597256,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://154.61.80.57"

URLs

Name
IP
Malicious
http://154.61.80.57
http://154.61.80.57/assets/fav/favicon-32x32.png
154.61.80.57
http://154.61.80.57/
http://154.61.80.57/assets/fonts/mulish/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2
154.61.80.57
http://154.61.80.57/images/hook.svg
154.61.80.57
http://154.61.80.57/assets/fontawesome/css/fontawesome.min.css
154.61.80.57
http://154.61.80.57/assets/fonts/icons/style.css
154.61.80.57
https://purecatamphetamine.github.io/country-flag-icons/3x2/US.svg
185.199.108.153
http://154.61.80.57/assets/images/login_poster.jpg
154.61.80.57
http://www.videolan.org/x264.html
unknown
http://154.61.80.57/assets/fonts/mulish/style.css
154.61.80.57
http://154.61.80.57/assets/images/login_sd.mp4
154.61.80.57
http://154.61.80.57/assets/fonts/icons/permissions/style.css
154.61.80.57
http://154.61.80.57/assets/fontawesome/webfonts/fa-solid-900.woff2
154.61.80.57
http://154.61.80.57/static/js/main.63007f25.js
154.61.80.57
http://154.61.80.57/static/css/main.397ec292.css
154.61.80.57
http://154.61.80.57/assets/fontawesome/css/all.min.css
154.61.80.57
There are 6 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.210.172
www.google.com
64.233.185.104
purecatamphetamine.github.io
185.199.108.153
fp2e7a.wpc.phicdn.net
192.229.211.108
windowsupdatebg.s.llnwi.net
69.164.42.0

IPs

IP
Domain
Country
Malicious
154.61.80.57
unknown
United States
185.199.109.153
unknown
Netherlands
192.168.2.6
unknown
unknown
239.255.255.250
unknown
Reserved
185.199.108.153
purecatamphetamine.github.io
Netherlands
64.233.185.104
www.google.com
United States

DOM / HTML

URL
Malicious
http://154.61.80.57/
http://154.61.80.57/