Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 04:57:32 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 04:57:32 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 04:57:32 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 04:57:32 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 04:57:31 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 111
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
GIF image data, version 87a, 820 x 350
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
GIF image data, version 87a, 674 x 479
|
dropped
|
||
|
Chrome Cache Entry: 114
|
GIF image data, version 87a, 861 x 616
|
dropped
|
||
|
Chrome Cache Entry: 115
|
HTML document, Unicode text, UTF-8 text, with very long lines (316)
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
PNG image data, 18 x 13, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 117
|
GIF image data, version 87a, 907 x 647
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
GIF image data, version 87a, 542 x 406
|
dropped
|
||
|
Chrome Cache Entry: 119
|
ASCII text, with very long lines (911)
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
GIF image data, version 87a, 491 x 358
|
downloaded
|
||
|
Chrome Cache Entry: 122
|
PNG image data, 18 x 13, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
GIF image data, version 87a, 623 x 445
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
GIF image data, version 87a, 722 x 607
|
dropped
|
||
|
Chrome Cache Entry: 125
|
GIF image data, version 87a, 1080 x 669
|
dropped
|
||
|
Chrome Cache Entry: 126
|
GIF image data, version 87a, 674 x 479
|
dropped
|
||
|
Chrome Cache Entry: 127
|
ASCII text, with very long lines (393), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 128
|
GIF image data, version 87a, 595 x 229
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
GIF image data, version 87a, 752 x 531
|
dropped
|
||
|
Chrome Cache Entry: 130
|
PNG image data, 24 x 24, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
GIF image data, version 87a, 674 x 479
|
downloaded
|
||
|
Chrome Cache Entry: 132
|
Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
|
Chrome Cache Entry: 133
|
GIF image data, version 89a, 18 x 12
|
dropped
|
||
|
Chrome Cache Entry: 134
|
GIF image data, version 87a, 595 x 229
|
dropped
|
||
|
Chrome Cache Entry: 135
|
GIF image data, version 87a, 912 x 632
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
Unicode text, UTF-8 text, with very long lines (24725)
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 138
|
GIF image data, version 87a, 13 x 13
|
dropped
|
||
|
Chrome Cache Entry: 139
|
GIF image data, version 87a, 561 x 442
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
GIF image data, version 87a, 904 x 238
|
dropped
|
||
|
Chrome Cache Entry: 141
|
GIF image data, version 87a, 617 x 223
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
GIF image data, version 87a, 674 x 479
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
PNG image data, 24 x 24, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 144
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 145
|
GIF image data, version 87a, 12 x 12
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
GIF image data, version 87a, 623 x 445
|
dropped
|
||
|
Chrome Cache Entry: 147
|
GIF image data, version 87a, 579 x 470
|
dropped
|
||
|
Chrome Cache Entry: 148
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 149
|
Unicode text, UTF-8 text, with very long lines (2341)
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
GIF image data, version 87a, 909 x 299
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 152
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 153
|
GIF image data, version 87a, 12 x 12
|
dropped
|
||
|
Chrome Cache Entry: 154
|
GIF image data, version 87a, 904 x 238
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
GIF image data, version 87a, 820 x 350
|
dropped
|
||
|
Chrome Cache Entry: 156
|
GIF image data, version 87a, 561 x 442
|
dropped
|
||
|
Chrome Cache Entry: 157
|
GIF image data, version 87a, 861 x 618
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
GIF image data, version 87a, 608 x 155
|
dropped
|
||
|
Chrome Cache Entry: 159
|
GIF image data, version 87a, 13 x 13
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
GIF image data, version 87a, 885 x 514
|
downloaded
|
||
|
Chrome Cache Entry: 161
|
GIF image data, version 87a, 617 x 440
|
downloaded
|
||
|
Chrome Cache Entry: 162
|
GIF image data, version 87a, 608 x 155
|
downloaded
|
||
|
Chrome Cache Entry: 163
|
GIF image data, version 87a, 861 x 618
|
dropped
|
||
|
Chrome Cache Entry: 164
|
HTML document, Unicode text, UTF-8 text, with very long lines (316)
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
GIF image data, version 87a, 542 x 406
|
downloaded
|
||
|
Chrome Cache Entry: 167
|
Unicode text, UTF-8 text, with very long lines (2356)
|
downloaded
|
||
|
Chrome Cache Entry: 168
|
GIF image data, version 87a, 909 x 299
|
dropped
|
||
|
Chrome Cache Entry: 169
|
GIF image data, version 87a, 617 x 440
|
dropped
|
||
|
Chrome Cache Entry: 170
|
GIF image data, version 87a, 614 x 491
|
downloaded
|
||
|
Chrome Cache Entry: 171
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 172
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 173
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 174
|
GIF image data, version 87a, 614 x 491
|
dropped
|
||
|
Chrome Cache Entry: 175
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 176
|
GIF image data, version 87a, 722 x 607
|
downloaded
|
||
|
Chrome Cache Entry: 177
|
GIF image data, version 87a, 885 x 514
|
dropped
|
||
|
Chrome Cache Entry: 178
|
GIF image data, version 87a, 912 x 632
|
dropped
|
||
|
Chrome Cache Entry: 179
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 180
|
GIF image data, version 87a, 752 x 531
|
downloaded
|
||
|
Chrome Cache Entry: 181
|
Unicode text, UTF-8 text, with very long lines (8282)
|
downloaded
|
||
|
Chrome Cache Entry: 182
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 183
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 184
|
GIF image data, version 87a, 907 x 647
|
dropped
|
||
|
Chrome Cache Entry: 185
|
GIF image data, version 87a, 1080 x 669
|
downloaded
|
||
|
Chrome Cache Entry: 186
|
GIF image data, version 89a, 18 x 12
|
downloaded
|
||
|
Chrome Cache Entry: 187
|
GIF image data, version 87a, 579 x 470
|
downloaded
|
||
|
Chrome Cache Entry: 188
|
GIF image data, version 87a, 617 x 223
|
dropped
|
||
|
Chrome Cache Entry: 189
|
Unicode text, UTF-8 (with BOM) text
|
downloaded
|
||
|
Chrome Cache Entry: 190
|
GIF image data, version 87a, 861 x 616
|
downloaded
|
||
|
Chrome Cache Entry: 191
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 192
|
Unicode text, UTF-8 text, with very long lines (32009)
|
downloaded
|
||
|
Chrome Cache Entry: 193
|
GIF image data, version 87a, 491 x 358
|
dropped
|
There are 80 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=2196,i,656788896899336875,1605701470938934340,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/utils.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/loadparentdata.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image118.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image207.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/projectdata.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image206.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/ehlpdhtm.js
|
52.51.239.69
|
||
|
http://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/topic.min.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image117.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image47.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/XmlJsReader.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/protel-bullet_grey.png
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/screendata.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image53.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image120.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image52.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image40.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/thumb_User_Account.png
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image96.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/favicon.ico
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/styles/topic.min.css
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image116.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/money.png
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/common.min.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/rh.min.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/loadprojdata.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/mhlang.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image263.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/mhtopic.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image59.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image114.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/rategroups.htm
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark6
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark5
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image104.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark7
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image51.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/mhver.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image121.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/settings.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image113.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/loadscreen.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark2
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark1
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image262.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark4
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark3
|
|||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/mhutils.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/protel-bullet_red.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image265.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/parentdata.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/scripts/constants.js
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image112.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-help.css
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image44.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/template/styles/widgets.min.css
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image62.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image119.gif
|
52.51.239.69
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/image264.gif
|
52.51.239.69
|
There are 51 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
public-ireland-cloud-ssl-605067142.eu-west-1.elb.amazonaws.com
|
52.51.239.69
|
||
|
www.google.com
|
142.251.15.147
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
|
windowsupdatebg.s.llnwi.net
|
69.164.42.0
|
||
|
connect.protel.net
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.252.110.130
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
52.51.239.69
|
public-ireland-cloud-ssl-605067142.eu-west-1.elb.amazonaws.com
|
United States
|
||
|
142.251.15.147
|
www.google.com
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark1
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark2
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark3
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark4
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark5
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark6
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/bwi-pricing.htm#MiniTOCBookMark7
|
||
|
https://connect.protel.net/files/source/bwihelp/de_DE/rategroups.htm
|
There are 1 hidden doms, click here to show them.