IOC Report
https://track.enterprisetechsol.com/z.z?l=aHR0cHM6Ly9yZXNvdXJjZS5pdGJ1c2luZXNzdG9kYXkuY29tL3doaXRlcGFwZXJzLzQ0ODAzLU1pY3Jvc29mdC1DUEwtUTItUE1HLUFCTS1HZXItMS1sYW5kaW5nLnBocD9lPWJvbnVjY2VsbGkuZGFyaW9AZGVtZS1ncm91cC5jb20=&r=14547470367&d=12037165&p=1&t=h&h=fb97401a549b1167a78f6002a0aef94d

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 20 09:43:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 20 09:43:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 20 09:43:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 20 09:43:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Apr 20 09:43:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 102
ASCII text, with very long lines (554)
downloaded
Chrome Cache Entry: 103
ASCII text, with very long lines (56398), with no line terminators
downloaded
Chrome Cache Entry: 104
ASCII text, with very long lines (2343)
downloaded
Chrome Cache Entry: 105
PNG image data, 150 x 68, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 106
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 107
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 108
HTML document, ASCII text
dropped
Chrome Cache Entry: 109
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3
dropped
Chrome Cache Entry: 110
ASCII text, with very long lines (4179)
downloaded
Chrome Cache Entry: 111
HTML document, Unicode text, UTF-8 text, with very long lines (357)
downloaded
Chrome Cache Entry: 112
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 113
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
dropped
Chrome Cache Entry: 80
PNG image data, 282 x 60, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 81
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 82
ASCII text, with very long lines (17614)
downloaded
Chrome Cache Entry: 84
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
downloaded
Chrome Cache Entry: 85
ASCII text, with very long lines (5955)
downloaded
Chrome Cache Entry: 87
PNG image data, 412 x 540, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 89
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
downloaded
Chrome Cache Entry: 90
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3
downloaded
Chrome Cache Entry: 91
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0
downloaded
Chrome Cache Entry: 92
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
downloaded
Chrome Cache Entry: 93
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
dropped
Chrome Cache Entry: 95
ASCII text, with very long lines (1532), with no line terminators
downloaded
There are 21 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://track.enterprisetechsol.com/z.z?l=aHR0cHM6Ly9yZXNvdXJjZS5pdGJ1c2luZXNzdG9kYXkuY29tL3doaXRlcGFwZXJzLzQ0ODAzLU1pY3Jvc29mdC1DUEwtUTItUE1HLUFCTS1HZXItMS1sYW5kaW5nLnBocD9lPWJvbnVjY2VsbGkuZGFyaW9AZGVtZS1ncm91cC5jb20=&r=14547470367&d=12037165&p=1&t=h&h=fb97401a549b1167a78f6002a0aef94d
malicious
https://resource.itbusinesstoday.com/whitepapers/44803-Microsoft-CPL-Q2-PMG-ABM-Ger-1-landing.php
malicious
https://recaptcha.net/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LdvpRAUAAAAAJkr4psZnXC4TeOEVPwP_bEQrP24
https://resource.itbusinesstoday.com/whitepapers/44803-Microsoft-CPL-Q2-PMG-ABM-Ger-1-landing.php?e=bonuccelli.dario@deme-group.com
about:blank
https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdvpRAUAAAAAJkr4psZnXC4TeOEVPwP_bEQrP24&co=aHR0cHM6Ly9yZXNvdXJjZS5pdGJ1c2luZXNzdG9kYXkuY29tOjQ0Mw..&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=c1kcp3ltxtdr

Domains

Name
IP
Malicious
admin.bitninja.io
104.26.15.182
a.nel.cloudflare.com
35.190.80.1
jngo.net
104.248.15.35
weblb-1628727853.us-east-1.elb.amazonaws.com
44.217.248.49
resource.itbusinesstoday.com
92.204.129.232
www.google.com
74.125.136.147
analytics.google.com
142.250.105.101
recaptcha.net
142.250.9.94
lead.truepixl.com
50.23.252.98
stats.g.doubleclick.net
64.233.176.156
track.enterprisetechsol.com
unknown
api.anteriad.com
unknown
cdn4me.com
unknown
There are 3 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
92.204.129.232
resource.itbusinesstoday.com
Germany
64.233.176.95
unknown
United States
44.217.248.49
weblb-1628727853.us-east-1.elb.amazonaws.com
United States
192.168.2.16
unknown
unknown
64.233.176.99
unknown
United States
64.233.176.97
unknown
United States
64.233.177.138
unknown
United States
64.233.176.156
stats.g.doubleclick.net
United States
142.251.15.94
unknown
United States
142.250.9.94
recaptcha.net
United States
64.233.185.84
unknown
United States
74.125.136.147
www.google.com
United States
35.190.80.1
a.nel.cloudflare.com
United States
74.125.136.102
unknown
United States
64.233.185.138
unknown
United States
50.23.252.98
lead.truepixl.com
United States
74.125.136.94
unknown
United States
142.250.105.94
unknown
United States
142.250.105.101
analytics.google.com
United States
104.248.15.35
jngo.net
United States
104.26.15.182
admin.bitninja.io
United States
239.255.255.250
unknown
Reserved
64.233.177.103
unknown
United States
64.233.185.94
unknown
United States
172.67.74.40
unknown
United States
108.177.122.94
unknown
United States
74.125.136.154
unknown
United States
142.251.15.138
unknown
United States
There are 18 hidden IPs, click here to show them.