Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 06:47:46 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 06:47:45 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 06:47:45 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 06:47:46 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 06:47:45 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 75
|
ASCII text, with CRLF, CR line terminators
|
downloaded
|
||
Chrome Cache Entry: 76
|
PNG image data, 720 x 100, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 77
|
ASCII text, with very long lines (58940)
|
downloaded
|
||
Chrome Cache Entry: 78
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 79
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
downloaded
|
||
Chrome Cache Entry: 80
|
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 81
|
Unicode text, UTF-8 text, with very long lines (560)
|
downloaded
|
||
Chrome Cache Entry: 82
|
GIF image data, version 89a, 682 x 597
|
dropped
|
||
Chrome Cache Entry: 83
|
PNG image data, 470 x 459, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 84
|
Web Open Font Format (Version 2), CFF, length 29924, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 85
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x800,
components 3
|
downloaded
|
||
Chrome Cache Entry: 86
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
dropped
|
||
Chrome Cache Entry: 87
|
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 88
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x800,
components 3
|
dropped
|
||
Chrome Cache Entry: 89
|
PNG image data, 720 x 100, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 90
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 6016x4000,
components 3
|
dropped
|
||
Chrome Cache Entry: 91
|
Web Open Font Format (Version 2), CFF, length 29980, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 92
|
ASCII text, with very long lines (18706)
|
downloaded
|
||
Chrome Cache Entry: 93
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 94
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 95
|
PNG image data, 470 x 459, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 96
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 6016x4000,
components 3
|
downloaded
|
||
Chrome Cache Entry: 97
|
GIF image data, version 89a, 682 x 597
|
downloaded
|
There are 20 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://tracking.elastic.iscarcup.com/tracking/click?d=XVOGkKKIFI1BUi5gqgZHAdRPhk99njZvP0qXh2IpArKp9RzCSjeoWkfJDrjbcvw75j380eQ4qSrYjhK4RegFgVWSX5L2beQO2AeFGF72kzLV5bUDHAc9_x1G5mw8AznhlHtuepCFbAQZbboWjeiG8YOae_yZBP5-luynay2YDr9Jmf0rVcJIVEgp8xRayU7B_A2
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1888,i,15382244221078954285,35461981223648432,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://tracking.elastic.iscarcup.com/tracking/click?d=XVOGkKKIFI1BUi5gqgZHAdRPhk99njZvP0qXh2IpArKp9RzCSjeoWkfJDrjbcvw75j380eQ4qSrYjhK4RegFgVWSX5L2beQO2AeFGF72kzLV5bUDHAc9_x1G5mw8AznhlHtuepCFbAQZbboWjeiG8YOae_yZBP5-luynay2YDr9Jmf0rVcJIVEgp8xRayU7B_A2
|
|||
http://tracking.elastic.iscarcup.com/tracking/click?d=XVOGkKKIFI1BUi5gqgZHAdRPhk99njZvP0qXh2IpArKp9RzCSjeoWkfJDrjbcvw75j380eQ4qSrYjhK4RegFgVWSX5L2beQO2AeFGF72kzLV5bUDHAc9_x1G5mw8AznhlHtuepCFbAQZbboWjeiG8YOae_yZBP5-luynay2YDr9Jmf0rVcJIVEgp8xRayU7B_A2
|
46.105.88.234
|
||
https://abcorp-middleeast.com/Via%20Adobe%20Sign/main-share-point/
|
|||
https://cdn.jsdelivr.net/npm/
|
unknown
|
||
https://cdn.jsdelivr.net/npm/bootstrap
|
unknown
|
||
https://abcorp-middleeast.com/Via%20Adobe%20Sign/main-share-point/bootstrap_theme/bootstrap.css
|
81.0.249.226
|
||
https://github.com/twbs/bootstrap/blob/main/LICENSE)
|
unknown
|
||
https://use.typekit.net/af/eaf09c/000000000000000000017703/27/d?subset_id=2&fvd=n7&v=3)
|
unknown
|
||
https://use.typekit.net/af/eaf09c/000000000000000000017703/27/l?subset_id=2&fvd=n7&v=3)
|
unknown
|
||
https://use.typekit.net/af/40207f/0000000000000000000176ff/27/d?subset_id=2&fvd=n3&v=3)
|
unknown
|
||
https://abcorp-middleeast.com/Via%20Adobe%20Sign/main-share-point/main.css
|
81.0.249.226
|
||
https://getbootstrap.com/)
|
unknown
|
||
https://images.unsplash.com/photo-1682685797140-c17807f8f217?ixid=M3wyMDkyMnwxfDF8c2VhcmNofDF8fHdhbG
|
unknown
|
||
https://images.unsplash.com/photo-1682685797140-c17807f8f217?ixid=M3wyMDkyMnwxfDF8c2VhcmNofDF8fHdhbGxwYXBlcnxlbnwwfHx8fDE2ODYzMTQzNDZ8MA&ixlib=rb-4.0.3q=85&fm=jpg&crop=faces&cs=srgb&w=1200&fit=max
|
151.101.130.208
|
||
https://abcorp-middleeast.com/Via%20Adobe%20Sign/main-share-point/invc-signature-approval.gif
|
81.0.249.226
|
||
https://use.typekit.net/af/40207f/0000000000000000000176ff/27/l?subset_id=2&fvd=n3&v=3)
|
unknown
|
||
https://use.typekit.net/af/cb695f/000000000000000000017701/27/l?subset_id=2&fvd=n4&v=3)
|
unknown
|
||
https://github.com/twbs/bootstrap/graphs/contributors)
|
unknown
|
||
https://abcorp-middleeast.com/Via%20Adobe%20Sign/main-share-point/bravo.jpg
|
81.0.249.226
|
||
https://use.typekit.net/af/cb695f/000000000000000000017701/27/d?subset_id=2&fvd=n4&v=3)
|
unknown
|
||
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js
|
151.101.193.229
|
||
https://abcorp-middleeast.com/Via%20Adobe%20Sign/main-share-point/favicon.ico
|
81.0.249.226
|
||
https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js
|
151.101.193.229
|
||
https://use.typekit.net/af/cb695f/000000000000000000017701/27/a?subset_id=2&fvd=n4&v=3)
|
unknown
|
||
https://abcorp-middleeast.com/Via%20Adobe%20Sign/main-share-point/oe-classic-provider.png
|
81.0.249.226
|
||
https://use.typekit.net/af/40207f/0000000000000000000176ff/27/a?subset_id=2&fvd=n3&v=3)
|
unknown
|
||
https://abcorp-middleeast.com/Via%20Adobe%20Sign/main-share-point/dd.png
|
81.0.249.226
|
||
https://use.typekit.net/af/eaf09c/000000000000000000017703/27/a?subset_id=2&fvd=n7&v=3)
|
unknown
|
There are 17 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
jsdelivr.map.fastly.net
|
151.101.193.229
|
||
api.elasticemail.com
|
46.105.88.234
|
||
abcorp-middleeast.com
|
81.0.249.226
|
||
www.google.com
|
64.233.176.104
|
||
dualstack.com.imgix.map.fastly.net
|
151.101.130.208
|
||
use.typekit.net
|
unknown
|
||
tracking.elastic.iscarcup.com
|
unknown
|
||
cdn.jsdelivr.net
|
unknown
|
||
images.unsplash.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
81.0.249.226
|
abcorp-middleeast.com
|
Czech Republic
|
||
46.105.88.234
|
api.elasticemail.com
|
France
|
||
151.101.193.229
|
jsdelivr.map.fastly.net
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
151.101.130.208
|
dualstack.com.imgix.map.fastly.net
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
151.101.194.208
|
unknown
|
United States
|
||
64.233.176.104
|
www.google.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://abcorp-middleeast.com/Via%20Adobe%20Sign/main-share-point/
|