Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Chrome Cache Entry: 56
|
gzip compressed data, from Unix, original size modulo 2^32 223896
|
downloaded
|
||
Chrome Cache Entry: 57
|
gzip compressed data, from Unix, original size modulo 2^32 113084
|
downloaded
|
||
Chrome Cache Entry: 58
|
gzip compressed data, original size modulo 2^32 1864
|
downloaded
|
||
Chrome Cache Entry: 59
|
gzip compressed data, from Unix, original size modulo 2^32 444389
|
downloaded
|
||
Chrome Cache Entry: 60
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 61
|
gzip compressed data, original size modulo 2^32 3651
|
dropped
|
||
Chrome Cache Entry: 62
|
gzip compressed data, from Unix, original size modulo 2^32 190331
|
downloaded
|
||
Chrome Cache Entry: 63
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 64
|
gzip compressed data, original size modulo 2^32 3651
|
downloaded
|
||
Chrome Cache Entry: 65
|
gzip compressed data, from Unix, original size modulo 2^32 2589
|
downloaded
|
||
Chrome Cache Entry: 66
|
gzip compressed data, from Unix, original size modulo 2^32 55037
|
downloaded
|
||
Chrome Cache Entry: 67
|
gzip compressed data, original size modulo 2^32 1592
|
downloaded
|
||
Chrome Cache Entry: 68
|
MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24
with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 69
|
gzip compressed data, original size modulo 2^32 1864
|
dropped
|
||
Chrome Cache Entry: 70
|
gzip compressed data, from Unix, original size modulo 2^32 113717
|
downloaded
|
||
Chrome Cache Entry: 71
|
MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24
with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 72
|
gzip compressed data, from Unix, original size modulo 2^32 141351
|
downloaded
|
||
Chrome Cache Entry: 73
|
gzip compressed data, original size modulo 2^32 1592
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2440 --field-trial-handle=2372,i,3946242831991443377,15559813188679492094,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://snyderinvestigationteam.snyderinvestigationteam.us/?hzAFM=pnZSvi"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://snyderinvestigationteam.snyderinvestigationteam.us/?hzAFM=pnZSvi
|
|||
https://snyderinvestigationteam.snyderinvestigationteam.us/?hzAFM=pnZSvi&sso_reload=true
|
|||
https://snyderinvestigationteam.snyderinvestigationteam.us/?hzAFM=pnZSvi
|
|||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_0lriinjhzchre9aqecvmpg2.js
|
172.233.96.139
|
||
https://062c5918-1260ad3a.snyderinvestigationteam.us/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.6&apikey=b0c252808e614e949086e019ae1cb300-e0c02060-e3b3-4965-bd7c-415e1a7a9fde-6951&upload-time=1713950501293&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true
|
172.233.96.139
|
||
https://l1ve.snyderinvestigationteam.us/oauth20_authorize.srf?scope=openid+profile+email+offline_access&response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&response_mode=form_post&redirect_uri=https%3a%2f%2fsnyderinvestigationteam.snyderinvestigationteam.us%2fcommon%2ffederation%2foauth2msa&state=rQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuASKm6fPE-ha4TV_Wqo914ndL2cxcsbnZJaBVa5iVCZsnP4FRsYXjIy3mAT9i9I9U8KL3VJTUosSSzLz8y6wCLxi4TFgtuLg4BJgkGBQYPjBwriIFWhrnSfjA87QGLce89zUTRsdGU6x6gd6pft5mpm4OhlleiTmR1UVmJZZ-FWUhrq6FhT6ORq7FWvnJWfmlfok5xnYGlgZTmATmsDGdIqN4QMbYwc7wyx2hgOcjBt4GA_wMvzga-y7NONf-8x3Hq_4dSorU9PKyt3MPHKDIr1C8_39svyyUyrSvA3MQ02KIkK9gn0TI3MjfUsiivNtNwgwAAA1&estsfed=1&uaid=9e9783738a104aa89f96653f0ac8bbe9&signup=1&lw=1&fl=easi2&fci=https%3a%2f%2f86c4eb0b-1260ad3a.snyderinvestigationteam.us.orgid.com
|
172.233.96.139
|
||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
|
172.233.96.139
|
||
https://c5f200cd-1260ad3a.snyderinvestigationteam.us/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js
|
172.233.96.139
|
||
https://snyderinvestigationteam.snyderinvestigationteam.us/favicon.ico
|
172.233.96.139
|
||
https://signup.snyderinvestigationteam.us/signup?sru=https://l1ve.snyderinvestigationteam.us/oauth20_authorize.srf%3flc%3d1033%26client_id%3d51483342-085c-4d86-bf88-cf50c7252078%26mkt%3dEN-US%26opid%3dCE8EFFE5F29EE452%26opidt%3d1713950504%26uaid%3d9e9783738a104aa89f96653f0ac8bbe9%26contextid%3dDC53A35435F0F058%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=51483342-085c-4d86-bf88-cf50c7252078&uaid=9e9783738a104aa89f96653f0ac8bbe9&suc=https://ae668cd4-1260ad3a.snyderinvestigationteam.us
|
|||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
|
172.233.96.139
|
||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/shared/1.0/content/js/ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js
|
172.233.96.139
|
||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
|
172.233.96.139
|
||
https://86c4eb0b-1260ad3a.snyderinvestigationteam.us/Prefetch/Prefetch.aspx
|
|||
https://snyderinvestigationteam.snyderinvestigationteam.us/1260ad3a5b3d49ddbff8affbd3065850/
|
172.233.96.139
|
||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
|
172.233.96.139
|
||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
|
172.233.96.139
|
||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
|
172.233.96.139
|
||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
|
172.233.96.139
|
||
https://signup.snyderinvestigationteam.us/favicon.ico
|
172.233.96.139
|
||
https://5b3322f3-1260ad3a.snyderinvestigationteam.us/api/report?catId=GW+estsfd+ams2
|
172.233.96.139
|
||
https://l1ve.snyderinvestigationteam.us/Me.htm?v=3
|
172.233.96.139
|
||
https://d156bbbb-1260ad3a.snyderinvestigationteam.us/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
|
172.233.96.139
|
There are 12 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
l1ve.snyderinvestigationteam.us
|
172.233.96.139
|
||
snyderinvestigationteam.snyderinvestigationteam.us
|
172.233.96.139
|
||
062c5918-1260ad3a.snyderinvestigationteam.us
|
172.233.96.139
|
||
signup.snyderinvestigationteam.us
|
172.233.96.139
|
||
www.google.com
|
142.250.101.103
|
||
86c4eb0b-1260ad3a.snyderinvestigationteam.us
|
172.233.96.139
|
||
c5f200cd-1260ad3a.snyderinvestigationteam.us
|
172.233.96.139
|
||
d156bbbb-1260ad3a.snyderinvestigationteam.us
|
172.233.96.139
|
||
5b3322f3-1260ad3a.snyderinvestigationteam.us
|
172.233.96.139
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
142.250.101.103
|
www.google.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
172.233.96.139
|
l1ve.snyderinvestigationteam.us
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://snyderinvestigationteam.snyderinvestigationteam.us/?hzAFM=pnZSvi
|
||
https://snyderinvestigationteam.snyderinvestigationteam.us/?hzAFM=pnZSvi&sso_reload=true
|
||
https://snyderinvestigationteam.snyderinvestigationteam.us/?hzAFM=pnZSvi&sso_reload=true
|
||
https://snyderinvestigationteam.snyderinvestigationteam.us/?hzAFM=pnZSvi&sso_reload=true
|
||
https://snyderinvestigationteam.snyderinvestigationteam.us/?hzAFM=pnZSvi
|
||
https://86c4eb0b-1260ad3a.snyderinvestigationteam.us/Prefetch/Prefetch.aspx
|
||
https://signup.snyderinvestigationteam.us/signup?sru=https://l1ve.snyderinvestigationteam.us/oauth20_authorize.srf%3flc%3d1033%26client_id%3d51483342-085c-4d86-bf88-cf50c7252078%26mkt%3dEN-US%26opid%3dCE8EFFE5F29EE452%26opidt%3d1713950504%26uaid%3d9e9783738a104aa89f96653f0ac8bbe9%26contextid%3dDC53A35435F0F058%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=51483342-085c-4d86-bf88-cf50c7252078&uaid=9e9783738a104aa89f96653f0ac8bbe9&suc=https://ae668cd4-1260ad3a.snyderinvestigationteam.us
|