Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 20:37:35 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 20:37:35 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 20:37:35 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 20:37:35 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 20:37:34 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
gzip compressed data, from Unix, original size modulo 2^32 444331
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
gzip compressed data, from Unix, original size modulo 2^32 15721
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 109
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 111
|
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
ASCII text, with very long lines (56412), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
gzip compressed data, from Unix, original size modulo 2^32 2461
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 119
|
gzip compressed data, original size modulo 2^32 3651
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
GIF image data, version 89a, 352 x 3
|
dropped
|
||
|
Chrome Cache Entry: 122
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
ASCII text, with very long lines (597)
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24
with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 127
|
PNG image data, 98 x 90, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 128
|
gzip compressed data, original size modulo 2^32 1864
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
dropped
|
||
|
Chrome Cache Entry: 132
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
dropped
|
||
|
Chrome Cache Entry: 138
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components
3
|
dropped
|
||
|
Chrome Cache Entry: 141
|
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 142
|
gzip compressed data, from Unix, original size modulo 2^32 113084
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
dropped
|
||
|
Chrome Cache Entry: 82
|
gzip compressed data, from Unix, original size modulo 2^32 55037
|
downloaded
|
||
|
Chrome Cache Entry: 83
|
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 84
|
GIF image data, version 89a, 352 x 3
|
dropped
|
||
|
Chrome Cache Entry: 85
|
ASCII text, with very long lines (1222), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
ASCII text, with very long lines (17683)
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
gzip compressed data, from Unix, original size modulo 2^32 223846
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
dropped
|
||
|
Chrome Cache Entry: 91
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
dropped
|
||
|
Chrome Cache Entry: 92
|
gzip compressed data, from Unix, original size modulo 2^32 141269
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
gzip compressed data, from Unix, original size modulo 2^32 2461
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
dropped
|
||
|
Chrome Cache Entry: 95
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components
3
|
dropped
|
||
|
Chrome Cache Entry: 96
|
HTML document, ASCII text
|
dropped
|
There are 39 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://clickme.thryv.com/ls/click?upn=u001.5dsdCa4YiGVzoib36gWoSPyltUaWCsyFq200Ntb2JspVnELOGgvw66FVBJMc1CsMmns0_-2BOVhbrxcsvz9veeoLEglpD8RiEh0AaH1ow0Lk-2FKx9DGH2EA0fWhnrHZ-2FmlnIJ5UhAxXtDoOWXX-2FPyG5rVAl4UI7bgryXtRxONxX47M69Zs408-2BvnAL8-2FwQfC38J0vo-2BNPuXd9ZQRl3mVPkcpfDB8fFzO8k72NDbDigQEVVlq88Cbyd-2FspyzvoVJPR1h-2FbZ7QQ6McqmPE9-2BcpXmxMjtiMnlH5y7my6ciUJ8oawjrr8uTV2VFCUnRz-2BYajHpdlo-2BdijTTWoN6XIqzSzzn9raVdyCv6yrtMzJIVFFK229s6J0zoOHuRdvwd4zEdpENbxbzehqnKQ8Yk3LeuEYUlsDIufaiekHtd-2BWbkmha56OPiK-2BI-3D
|
 |
||
|
https://wildcardservice.crownicastle.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.crownicastle.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.crownicastle.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638495915178333267.YzBhMDY0OTEtNzMyMi00NTFkLTgzZjEtY2JjYjdmYWU0MmFkM2FjNGZmNTgtYzE4ZS00OTdiLWI3YmQtMzYyN2QyYWE3YzQ3&ui_locales=en-US&mkt=en-US&client-request-id=7f6a4a2d-3946-41ec-a768-6c7489204929&state=_8lnvJ63qLjJneAiCy1oZzPSNsgOznxWiF5-Y01jRiR1l4p31sjLky1FEFKWCWumlNFZ4KHXKrekIQePEbG-cjLcrJ5K6y3Nb40-C0vLC64xidX4HGQUITB8Atmn0wIH_eD4eK0GsVF2-EtjS_0XnT4OxTLar-2zXTpZZX8r2EUwGb5YNdL74kkIrBOhaTxkUDlb5FIrgKxLUnKUFeJU8DzjweaF5gKlKQomO8BZFKBGOScVnWusqD1fzuiFdtdd9XB8Adcq08djjwMDwf5n4g&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true
|
|
||
|
https://wildcardservice.crownicastle.com/?safelink=
|
|||
|
https://www.google.com/recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LevwsUpAAAAALD6GN6g0KAlL_FFD8-n3wCvA6Ff
|
|||
|
about:blank
|
|||
|
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevwsUpAAAAALD6GN6g0KAlL_FFD8-n3wCvA6Ff%0A&co=aHR0cHM6Ly93aWxkY2FyZHNlcnZpY2UuY3Jvd25pY2FzdGxlLmNvbTo0NDM.&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&cb=kc16vsxr7d6i
|
|||
|
https://wildcardservice.crownicastle.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.crownicastle.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.crownicastle.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638495915178333267.YzBhMDY0OTEtNzMyMi00NTFkLTgzZjEtY2JjYjdmYWU0MmFkM2FjNGZmNTgtYzE4ZS00OTdiLWI3YmQtMzYyN2QyYWE3YzQ3&ui_locales=en-US&mkt=en-US&client-request-id=7f6a4a2d-3946-41ec-a768-6c7489204929&state=_8lnvJ63qLjJneAiCy1oZzPSNsgOznxWiF5-Y01jRiR1l4p31sjLky1FEFKWCWumlNFZ4KHXKrekIQePEbG-cjLcrJ5K6y3Nb40-C0vLC64xidX4HGQUITB8Atmn0wIH_eD4eK0GsVF2-EtjS_0XnT4OxTLar-2zXTpZZX8r2EUwGb5YNdL74kkIrBOhaTxkUDlb5FIrgKxLUnKUFeJU8DzjweaF5gKlKQomO8BZFKBGOScVnWusqD1fzuiFdtdd9XB8Adcq08djjwMDwf5n4g&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cdc7d173-0ccd67d1.crownicastle.com
|
194.195.252.230
|
||
|
totopurel.com
|
45.85.146.171
|
||
|
google.com
|
142.251.2.113
|
||
|
0ffice.crownicastle.com
|
194.195.252.230
|
||
|
5c7fbd0c-0ccd67d1.crownicastle.com
|
194.195.252.230
|
||
|
ff1b4edf-0ccd67d1.crownicastle.com
|
194.195.252.230
|
||
|
wildcardservice.crownicastle.com
|
194.195.252.230
|
||
|
l1ve.crownicastle.com
|
194.195.252.230
|
||
|
d1rsqi0l6b7evg.cloudfront.net
|
3.163.125.15
|
||
|
www.google.com
|
142.250.101.147
|
||
|
clickme.thryv.com
|
unknown
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
1.1.1.1
|
unknown
|
Australia
|
||
|
142.250.101.147
|
www.google.com
|
United States
|
||
|
45.85.146.171
|
totopurel.com
|
Germany
|
||
|
194.195.252.230
|
cdc7d173-0ccd67d1.crownicastle.com
|
Germany
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
142.251.2.84
|
unknown
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
142.251.2.95
|
unknown
|
United States
|
||
|
142.251.2.94
|
unknown
|
United States
|
||
|
74.125.137.101
|
unknown
|
United States
|
||
|
3.163.125.15
|
d1rsqi0l6b7evg.cloudfront.net
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.101.95
|
unknown
|
United States
|
||
|
142.250.141.106
|
unknown
|
United States
|
||
|
142.250.101.94
|
unknown
|
United States
|
||
|
74.125.137.94
|
unknown
|
United States
|
||
|
142.251.2.101
|
unknown
|
United States
|
There are 7 hidden IPs, click here to show them.