Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:13:40 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:13:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:13:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:13:40 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:13:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 114
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
ASCII text, with very long lines (561)
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 119
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 122
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 127
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 128
|
ASCII text, with very long lines (514), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
Unicode text, UTF-8 text
|
downloaded
|
||
|
Chrome Cache Entry: 130
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 132
|
Unicode text, UTF-8 text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 133
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
assembler source, Unicode text, UTF-8 text, with very long lines (304), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 135
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
Unicode text, UTF-8 text
|
downloaded
|
||
|
Chrome Cache Entry: 138
|
ASCII text, with very long lines (814)
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
ASCII text, with very long lines (17536)
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 145
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
ASCII text, with very long lines (32086), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
ASCII text, with very long lines (1203)
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 149
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 152
|
Unicode text, UTF-8 text
|
downloaded
|
||
|
Chrome Cache Entry: 153
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 154
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 156
|
ASCII text, with very long lines (1503)
|
downloaded
|
||
|
Chrome Cache Entry: 157
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 159
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 161
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 162
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 163
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
Unicode text, UTF-8 text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
Unicode text, UTF-8 text
|
downloaded
|
||
|
Chrome Cache Entry: 167
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 168
|
Unicode text, UTF-8 text
|
downloaded
|
||
|
Chrome Cache Entry: 169
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 170
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 171
|
ASCII text, with very long lines (519)
|
downloaded
|
||
|
Chrome Cache Entry: 172
|
HTML document, ASCII text
|
downloaded
|
There are 55 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1924,i,4393261837919263119,9423135023959886547,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://visit.samsungshi.com/visit/HRVO3001.do"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://visit.samsungshi.com/visit/HRVO3001.do
|
|||
|
https://visit.samsungshi.com/visit/resources/js/i18n/phonenumbers/shortnumbermetadata.js
|
112.108.36.225
|
||
|
http://stackoverflow.com/q/150033
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/dom/asserts.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/css/plugin/pickadate.default.date.css
|
112.108.36.225
|
||
|
https://github.com/carhartl/jquery-cookie
|
unknown
|
||
|
https://visit.samsungshi.com/visit/css/common.css
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/dom/tagname.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/dom/htmlelement.js
|
112.108.36.225
|
||
|
https://github.com/WICG/trusted-types
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/i18n/phonenumbers/demo.js
|
112.108.36.225
|
||
|
https://google.github.io/guava/releases/snapshot-jre/api/docs/index.html?com/google/common/base/Func
|
unknown
|
||
|
http://url.spec.whatwg.org/#concept-relative-url
|
unknown
|
||
|
https://goo.gl/PudQ4y
|
unknown
|
||
|
https://visit.samsungshi.com/visit/css/font.css
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/css/default.css
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/i18n/phonenumbers/shortnumberinfo.js
|
112.108.36.225
|
||
|
http://amsul.ca
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/html/trustedresourceurl.js
|
112.108.36.225
|
||
|
https://github.com/Microsoft/ChakraCore/issues/3217.
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/i18n/bidi.js
|
112.108.36.225
|
||
|
http://goo.gl/SdiwZH
|
unknown
|
||
|
http://tinyurl.com/developer-mozilla-org-array-indexof
|
unknown
|
||
|
https://developers.google.com/closure/library/docs/depswriter
|
unknown
|
||
|
http://tinyurl.com/developer-mozilla-org-array-lastindexof
|
unknown
|
||
|
https://tools.ietf.org/html/rfc4648.
|
unknown
|
||
|
http://www.opensource.org/licenses/mit-license.php
|
unknown
|
||
|
http://docs.python.org/library/functions.html#zip
|
unknown
|
||
|
http://my.opera.com/ODIN/blog/2013/07/15/opera-user-agent-strings-opera-15-and-beyond
|
unknown
|
||
|
https://visit.samsungshi.com/visit/css/plugin/pickadate.default.css
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/html/trustedtypes.js
|
112.108.36.225
|
||
|
http://www.gnu.org/licenses/gpl-2.0.html
|
unknown
|
||
|
https://github.com/Microsoft/ChakraCore/issues/1496.
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/string/internal.js
|
112.108.36.225
|
||
|
http://malsup.github.com/gpl-license-v2.txt
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/jquery/jquery-1.11.1.min.js
|
112.108.36.225
|
||
|
https://jsperf.com/innerhtml-vs-removechild/239
|
unknown
|
||
|
http://www.petitfute.com/voyage/225-info-pratiques-reunion
|
unknown
|
||
|
http://blog.stevenlevithan.com/archives/cross-browser-split
|
unknown
|
||
|
https://stackoverflow.com/questions/28741528
|
unknown
|
||
|
http://www.ecma-international.org/ecma-262/5.1/#sec-C
|
unknown
|
||
|
http://dev.jquery.com/ticket/2752)
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/message.i18n.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/proto2/pbliteserializer.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/html/safescript.js
|
112.108.36.225
|
||
|
http://amsul.github.io/pickadate.js
|
unknown
|
||
|
https://lists.w3.org/Archives/Public/public-whatwg-archive/2013Feb/0112.html
|
unknown
|
||
|
https://developer.mozilla.org/en-US/docs/Web/API/Window/self
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/9.0/index.html#sec-global-object
|
unknown
|
||
|
https://html.spec.whatwg.org/multipage/browsers.html#dom-open
|
unknown
|
||
|
http://docs.aws.amazon.com/silk/latest/developerguide/user-agent.html
|
unknown
|
||
|
https://github.com/google/closure-compiler/wiki/Bad-Type-Annotation
|
unknown
|
||
|
http://www.unicode.org/cldr/charts/30/supplemental/territory_information.html
|
unknown
|
||
|
https://w3.org/TR/css3-selectors/#selectors.
|
unknown
|
||
|
http://www.whatismybrowser.com/developers/unknown-user-agent-fragments.
|
unknown
|
||
|
https://mimesniff.spec.whatwg.org/
|
unknown
|
||
|
https://html.spec.whatwg.org/multipage/scripting.html#dom-script-charset
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/labs/useragent/browser.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/proto2/lazydeserializer.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/functions/functions.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/jquery/jquery.form.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/base.js
|
112.108.36.225
|
||
|
http://www.gnu.org/licenses/gpl.html
|
unknown
|
||
|
https://github.com/malsup/form
|
unknown
|
||
|
http://endoflow.com/scratch/corrupted-arrays.html
|
unknown
|
||
|
https://visit.samsungshi.com/visit/css/reset.css
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/fs/url.js
|
112.108.36.225
|
||
|
http://tinyurl.com/developer-mozilla-org-array-foreach
|
unknown
|
||
|
http://goo.gl/Va1hin
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/html/safehtml.js
|
112.108.36.225
|
||
|
https://bugzilla.mozilla.org/show_bug.cgi?id=1477090
|
unknown
|
||
|
http://tinyurl.com/developer-mozilla-org-array-map
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/app.js
|
112.108.36.225
|
||
|
http://wiki.ecmascript.org/doku.php?id=harmony:egal
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/require_2.3.5.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/dom/tags.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/object/object.js
|
112.108.36.225
|
||
|
https://tools.ietf.org/html/rfc2397
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/labs/useragent/util.js
|
112.108.36.225
|
||
|
https://github.com/requirejs/requirejs/blob/master/LICENSE
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/jquery/jqCookie/jquery.cookie.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/i18n/phonenumbers/phonenumberutil.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/dom/nodetype.js
|
112.108.36.225
|
||
|
http://stackoverflow.com/questions/26248599/instanceof-htmlelement-in-iframe-is-not-element-or-objec
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/html/safeurl.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/dom/safe.js
|
112.108.36.225
|
||
|
http://tinyurl.com/developer-mozilla-org-array-every
|
unknown
|
||
|
http://tinyurl.com/developer-mozilla-org-array-reduce
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/i18n/phonenumbers/metadata.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/deps.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/html/safestyle.js
|
112.108.36.225
|
||
|
http://api.jquery.com/jQuery.browser
|
unknown
|
||
|
https://visit.samsungshi.com/visit/HRVO3001.do
|
112.108.36.225
|
||
|
http://tinyurl.com/developer-mozilla-org-array-reduceright
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/plugin/picker.js
|
112.108.36.225
|
||
|
https://visit.samsungshi.com/visit/resources/js/commonUtil.js
|
112.108.36.225
|
||
|
http://dev.w3.org/2006/webapi/FileAPI/#dfn-createObjectURL
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/string/typedstring.js
|
112.108.36.225
|
||
|
http://trirand.com/blog/
|
unknown
|
||
|
https://visit.samsungshi.com/visit/resources/js/closure-library/closure/goog/string/stringbuffer.js
|
112.108.36.225
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
visit.samsungshi.com
|
112.108.36.225
|
||
|
www.google.com
|
108.177.122.103
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
112.108.36.225
|
visit.samsungshi.com
|
Korea Republic of
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.168.2.8
|
unknown
|
unknown
|
||
|
108.177.122.103
|
www.google.com
|
United States
|