Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:59:46 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:59:46 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:59:46 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:59:46 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 07:59:46 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 84
|
ASCII text, with very long lines (19261), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
Web Open Font Format (Version 2), TrueType, length 45904, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
ASCII text, with very long lines (2037)
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
ASCII text, with very long lines (7857), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
ASCII text, with very long lines (2343)
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
Web Open Font Format (Version 2), TrueType, length 11040, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 91
|
Web Open Font Format (Version 2), TrueType, length 11028, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
ASCII text, with very long lines (5955)
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
ASCII text, with very long lines (33960)
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
ASCII text, with very long lines (59119)
|
downloaded
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://e.trustifi.com/#/fff3a6/655618/6b960b/eb6fbf/0f1f42/43c464/f0c790/c3ed4c/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/d0892c/c03583/d792ff/b0a902/7344c5/9089ad/a64a03/f70840/3edfe8/f48740/
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2012,i,2597764809865968814,7641956660817323542,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://e.trustifi.com/#/fff3a6/655618/6b960b/eb6fbf/0f1f42/43c464/f0c790/c3ed4c/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/d0892c/c03583/d792ff/b0a902/7344c5/9089ad/a64a03/f70840/3edfe8/f48740/
|
|||
|
https://e.trustifi.com/main.d18ae68a475d55e6.js
|
172.67.72.31
|
||
|
https://e.trustifi.com/fa-solid-900.61c24412d6604f85.woff2
|
172.67.72.31
|
||
|
https://stats.g.doubleclick.net/g/collect
|
unknown
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css
|
104.17.25.14
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
|
104.17.25.14
|
||
|
https://e.trustifi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
|
172.67.72.31
|
||
|
https://e.trustifi.com/styles.8f4ac4793e8484c7.css
|
172.67.72.31
|
||
|
https://e.trustifi.com/assets/images/blockedEmail.png
|
172.67.72.31
|
||
|
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
|
104.16.80.73
|
||
|
https://e.trustifi.com/assets/images/favicon/favicon.ico?=0.19651022570650856
|
172.67.72.31
|
||
|
https://tagassistant.google.com/
|
unknown
|
||
|
https://e.trustifi.com/assets/i18n/us.json
|
172.67.72.31
|
||
|
https://adservice.google.com/pagead/regclk
|
unknown
|
||
|
https://ampcid.google.com/v1/publisher:getClientId
|
unknown
|
||
|
about:blank
|
|||
|
https://cct.google/taggy/agent.js
|
unknown
|
||
|
https://fontawesome.com/license/free
|
unknown
|
||
|
https://e.trustifi.com/
|
172.67.72.31
|
||
|
https://e.trustifi.com/assets/images/favicon/favicon.ico?=0.8111066925131345
|
172.67.72.31
|
||
|
https://fontawesome.com
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://e.trustifi.com/cdn-cgi/rum?
|
172.67.72.31
|
||
|
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
|
unknown
|
||
|
https://be.trustifi.com/api/o/v1/emailAccess/settings
|
104.26.4.170
|
||
|
https://www.google.com/ads/ga-audiences
|
unknown
|
||
|
https://www.google.%/ads/ga-audiences
|
unknown
|
||
|
https://td.doubleclick.net
|
unknown
|
||
|
https://a.nel.cloudflare.com/report/v4?s=J9NoNh9I1%2BhSQQGzaKcg%2F7hFOG3Yok5xvUj1mq6IZZPfQY9OG8NBAWukMDtME6KVaNlUZqTh6hw3XcwFr%2Ft730sh5GYxHBMFjLI4EHRK5GI83%2B9UnR4d5I3LT74ysxn5
|
35.190.80.1
|
||
|
https://www.merchant-center-analytics.goog
|
unknown
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
|
104.17.25.14
|
||
|
https://stats.g.doubleclick.net/g/collect?v=2&
|
unknown
|
||
|
https://stats.g.doubleclick.net/j/collect
|
unknown
|
||
|
https://e.trustifi.com/polyfills.18783eb4e207eb9f.js
|
172.67.72.31
|
||
|
https://be.trustifi.com/api/o/v1/emailAccess/authStatus
|
104.26.4.170
|
||
|
https://e.trustifi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
|
172.67.72.31
|
||
|
https://e.trustifi.com/cdn-cgi/challenge-platform/h/g/jsd/r/876bb34f2fbf4564
|
172.67.72.31
|
||
|
https://e.trustifi.com/runtime.dfef6da15346a2f0.js
|
172.67.72.31
|
||
|
https://e.trustifi.com/#/fff3a6/655618/6b960b/eb6fbf/0f1f42/43c464/f0c790/c3ed4c/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/d0892c/c03583/d792ff/b0a902/7344c5/9089ad/a64a03/f70840/3edfe8/f48740/
|
There are 28 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
be.trustifi.com
|
104.26.4.170
|
||
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
e.trustifi.com
|
172.67.72.31
|
||
|
static.cloudflareinsights.com
|
104.16.80.73
|
||
|
cdnjs.cloudflare.com
|
104.17.25.14
|
||
|
www.google.com
|
74.125.136.106
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.26.5.170
|
unknown
|
United States
|
||
|
74.125.136.106
|
www.google.com
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
104.26.4.170
|
be.trustifi.com
|
United States
|
||
|
104.16.80.73
|
static.cloudflareinsights.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.168.2.23
|
unknown
|
unknown
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
172.67.72.31
|
e.trustifi.com
|
United States
|
||
|
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
about:blank
|
||
|
about:blank
|
||
|
https://e.trustifi.com/#/fff3a6/655618/6b960b/eb6fbf/0f1f42/43c464/f0c790/c3ed4c/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/d0892c/c03583/d792ff/b0a902/7344c5/9089ad/a64a03/f70840/3edfe8/f48740/
|
||
|
https://e.trustifi.com/#/fff3a6/655618/6b960b/eb6fbf/0f1f42/43c464/f0c790/c3ed4c/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/d0892c/c03583/d792ff/b0a902/7344c5/9089ad/a64a03/f70840/3edfe8/f48740/
|
||
|
https://e.trustifi.com/#/fff3a6/655618/6b960b/eb6fbf/0f1f42/43c464/f0c790/c3ed4c/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/d0892c/c03583/d792ff/b0a902/7344c5/9089ad/a64a03/f70840/3edfe8/f48740/
|