Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Play_NewMessage_17April2024_Audio.htm
|
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2391), with CRLF line terminators
|
initial sample
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:40:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:40:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:40:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:40:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:40:38 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 102
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 104
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 105
|
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
|
downloaded
|
||
Chrome Cache Entry: 107
|
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 108
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 109
|
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 110
|
ASCII text, with very long lines (1437), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 111
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 112
|
PNG image data, 54 x 41, 8-bit/color RGB, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 113
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 114
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 119
|
HTML document, ASCII text, with very long lines (59153), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 120
|
HTML document, ASCII text, with very long lines (1445), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 121
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 81
|
ASCII text, with very long lines (45667)
|
downloaded
|
||
Chrome Cache Entry: 82
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 83
|
Web Open Font Format, TrueType, length 36696, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 84
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 85
|
Web Open Font Format, TrueType, length 35970, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 86
|
ASCII text, with very long lines (42414)
|
downloaded
|
||
Chrome Cache Entry: 88
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 89
|
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
|
downloaded
|
||
Chrome Cache Entry: 90
|
ASCII text, with very long lines (554)
|
downloaded
|
||
Chrome Cache Entry: 91
|
ASCII text, with very long lines (1222), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 93
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 94
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
Chrome Cache Entry: 97
|
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 98
|
ASCII text, with very long lines (23398), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 99
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
downloaded
|
There are 26 hidden files, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
file:///C:/Users/user/Desktop/Play_NewMessage_17April2024_Audio.htm
|
|||
https://p9j0fds.x5kls.com/p9j0fds/#felix.felder@dw.com
|
|||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ur7ir/0x4AAAAAAAXU4aRETj8TpaQY/auto/normal
|
|||
about:blank
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
p9j0fds.x5kls.com
|
104.21.65.219
|
||
a.nel.cloudflare.com
|
35.190.80.1
|
||
code.jquery.com
|
151.101.194.137
|
||
d2vgu95hoyrpkh.cloudfront.net
|
108.156.152.88
|
||
challenges.cloudflare.com
|
104.17.3.184
|
||
www.google.com
|
74.125.136.106
|
||
cdn.socket.io
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
104.21.65.219
|
p9j0fds.x5kls.com
|
United States
|
||
172.253.124.100
|
unknown
|
United States
|
||
108.156.152.88
|
d2vgu95hoyrpkh.cloudfront.net
|
United States
|
||
74.125.136.94
|
unknown
|
United States
|
||
1.1.1.1
|
unknown
|
Australia
|
||
74.125.136.84
|
unknown
|
United States
|
||
74.125.136.106
|
www.google.com
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
142.250.105.105
|
unknown
|
United States
|
||
104.17.3.184
|
challenges.cloudflare.com
|
United States
|
||
64.233.185.100
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.251.15.94
|
unknown
|
United States
|
||
142.250.9.94
|
unknown
|
United States
|
||
151.101.194.137
|
code.jquery.com
|
United States
|
||
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
104.17.2.184
|
unknown
|
United States
|
There are 7 hidden IPs, click here to show them.