Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 19:45:20 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 19:45:20 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 19:45:20 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 19:45:20 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 19:45:19 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 63
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 64
|
HTML document, ASCII text, with very long lines (6168)
|
downloaded
|
||
|
Chrome Cache Entry: 65
|
PNG image data, 16 x 71, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 66
|
HTML document, ASCII text, with very long lines (1443), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 67
|
ASCII text, with very long lines (42414)
|
downloaded
|
||
|
Chrome Cache Entry: 68
|
HTML document, ASCII text, with very long lines (1375), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 71
|
PNG image data, 16 x 71, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 72
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 73
|
ASCII text, with very long lines (7855), with no line terminators
|
downloaded
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2004,i,1810114582751248947,4925308050516260128,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://click.pstmrk.it/3s/t.co%2F3lXVfWLG6V/gMTC/8MG0AQ/AQ/f175d876-71c7-4d90-ade1-29d2995a6655/1/Mea-rrcbqe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://click.pstmrk.it/3s/t.co%2F3lXVfWLG6V/gMTC/8MG0AQ/AQ/f175d876-71c7-4d90-ade1-29d2995a6655/1/Mea-rrcbqe
|
|||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/876fbcfe0ff26754/1713559527717/5416f52a1645c3bf5fcc5b5284d36dcdd012c576c3bf5edd65eae67b2e8b3458/XvfycEm0cRtOJZX
|
104.17.2.184
|
||
|
https://a.nel.cloudflare.com/report/v4?s=35e5ckc0LoZT2PUohuwGi1o2C65i0WSM9iZ5t0Cu2VwX73d5QYBOjc3HzpdaMRpPHV4Su4N7lmzDc8vfkW5nafkg0ALutLl%2Fe018LpJtk673aayShmTwbrMqAtu%2F2AgumFlBXmL7wYI%3D
|
35.190.80.1
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1595238390:1713557396:0l73k--Ts5Ec8iH7IHIdNLECRmOKsWGGhlMoyoMjPNE/876fbcfe0ff26754/49d52afbf33f722
|
104.17.2.184
|
||
|
https://t.co/3lXVfWLG6V
|
104.244.42.5
|
||
|
https://allianceimpressed.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
|
172.67.153.74
|
||
|
https://allianceimpressed.com/cdn-cgi/challenge-platform/h/b/jsd/r/876fbd986bd9139a
|
172.67.153.74
|
||
|
https://q2a9nc.fi07.fdske.com/ec/gAAAAABmIWKq_dM96_2BoT4McX52BSyyFAjhguS4bWjfY53J8r0noDqUsDmcAlKqFNXkT4hIFVsWBdwi1w8ED3-RJVWgX48BU4uY8nkls4vwILtPagL5LmNB1UK68SeeQfPg6tnrmGZHc02Wzh7hmv9xaY8ZjHX9qkqPLTzAH-SljTWppuT-yNFW0tXaYNxe66A4dXrk3KYMMoRnJKinAPmkUllsGWHZ-NM5E-9zkwthBYzgi-gs4oCNJuYkqv938Rz5jCwsXNtzsyOq9jSjD99tpPP5nK5z6_gQiMUc3XoJJehSD6_zsyCZtFAifJvQxUVHtAGRTJBUePz35a-LALgHKhMYK-Qli1SiI5Ddz5-uqYiy2xB6ePJT1AQzOroBGG-Fnt5vL_VO
|
13.226.100.37
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876fbcfe0ff26754
|
104.17.2.184
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.17.2.184
|
||
|
https://allianceimpressed.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
|
172.67.153.74
|
||
|
https://click.pstmrk.it/3s/t.co%2F3lXVfWLG6V/gMTC/8MG0AQ/AQ/f175d876-71c7-4d90-ade1-29d2995a6655/1/Mea-rrcbqe
|
3.128.242.51
|
||
|
https://allianceimpressed.com/favicon.ico
|
172.67.153.74
|
||
|
https://t.co/Xgx873JADT
|
104.244.42.5
|
||
|
https://allianceimpressed.com/cdn-cgi/challenge-platform/h/b/jsd/r/876fbd8f3c6512f1
|
172.67.153.74
|
||
|
https://a.nel.cloudflare.com/report/v4?s=nYh8%2F6XrGzr0mnLF5%2BmzHa2nHvE9JMgSBhRlbMtuBS9fHz%2BElkIEtHrIjlW4Sb2XtY8wJlKJN3OnrJ2InUxH%2FabYPpME%2BpRWNAo1DcPvwiiTLM0tExV6iCIdJkrdhlbPePeziBZM8ko%3D
|
35.190.80.1
|
||
|
https://q2a9nc.fi07.fdske.com/ec/gAAAAABmIWKq_dM96_2BoT4McX52BSyyFAjhguS4bWjfY53J8r0noDqUsDmcAlKqFNX
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mwee7/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
|
|||
|
about:blank
|
|||
|
https://allianceimpressed.com/cdn-cgi/challenge-platform/h/b/flow/ov1/194807937:1713557415:t6IB0qA9J_EiNTy1-V6ISSkWXiiQOxdJc-JTwEabuyQ/876fbcf0ddd312e1/65cebf336253f48
|
172.67.153.74
|
||
|
https://a.nel.cloudflare.com/report/v4?s=1jT4fONXf0fXHGNnVvt8OwWydJTNkHd5LzIQV%2FzeukXudhGVNC29CUr3jZxu6ELoc0QAzpAh52tk%2FwWMZD38P70532vfAY7TYA2do3prkRhIC6w5xjl%2BIKvqgnsoW94WYD5LABaAacg%3D
|
35.190.80.1
|
||
|
https://allianceimpressed.com
|
unknown
|
||
|
https://allianceimpressed.com/
|
|||
|
https://allianceimpressed.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=876fbcf0ddd312e1
|
172.67.153.74
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/876fbcfe0ff26754/1713559527724/WLqG-SGRMY1Z_5h
|
104.17.2.184
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
t.co
|
104.244.42.5
|
||
|
allianceimpressed.com
|
172.67.153.74
|
||
|
djwxuafo2dd79.cloudfront.net
|
13.226.100.37
|
||
|
challenges.cloudflare.com
|
104.17.3.184
|
||
|
click.pstmrk.it
|
3.128.242.51
|
||
|
www.google.com
|
142.251.15.106
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
|
q2a9nc.fi07.fdske.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
3.128.242.51
|
click.pstmrk.it
|
United States
|
||
|
172.67.153.74
|
allianceimpressed.com
|
United States
|
||
|
104.244.42.5
|
t.co
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
104.17.3.184
|
challenges.cloudflare.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.251.15.106
|
www.google.com
|
United States
|
||
|
13.226.100.37
|
djwxuafo2dd79.cloudfront.net
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
104.17.2.184
|
unknown
|
United States
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://allianceimpressed.com/
|
||
|
https://allianceimpressed.com/
|
||
|
https://allianceimpressed.com/
|
||
|
https://allianceimpressed.com/
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mwee7/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/mwee7/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
|
||
|
about:blank
|