Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:00:37 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:00:37 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:00:37 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:00:37 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:00:36 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 103
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 105
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
Web Open Font Format, TrueType, length 35970, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
HTML document, ASCII text, with very long lines (1445), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 109
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 111
|
ASCII text, with very long lines (1437), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 114
|
ASCII text, with very long lines (42414)
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 117
|
ASCII text, with very long lines (45667)
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 119
|
ASCII text, with very long lines (631)
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 122
|
PNG image data, 74 x 29, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 123
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 124
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 125
|
Web Open Font Format, TrueType, length 36696, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 127
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 128
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 129
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 88
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 91
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 92
|
HTML document, ASCII text, with very long lines (59541), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
ASCII text, with very long lines (1222), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 97
|
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 98
|
ASCII text, with very long lines (23398), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
PNG image data, 74 x 29, 8-bit/color RGB, non-interlaced
|
downloaded
|
There are 41 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://itniy4gbb.cc.rs6.net/tn.jsp?f=001DpCT81a7BIE926OduG6KmKkwKebSAbUZq28C52DoY-FfQJyM_2Gq3l18V1j7KWwJQTfGlQ_HSq0vC8xqJqFST9z0CwmpWgUieBjKckdJcSODJ_3vu5MzvaSoOGbGY9SjpWQtg9-aAXm1e6VV91z84Q2_wlyDMR98&c=i37ZFF5Dy2QSFqOfb2TVpr5vkMFqaR6DdoQbIhzcRV7G2oFwX8NEvA==&ch=2ErEiCYnoykaXa1uoD0AgTD1vOpSqc6zh3ef32Gb4XR_ut8_qvmzHA==&c=&ch=&__=/mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw==
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=2100,i,16413262173689083580,8775777880304841059,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://itniy4gbb.cc.rs6.net/tn.jsp?f=001DpCT81a7BIE926OduG6KmKkwKebSAbUZq28C52DoY-FfQJyM_2Gq3l18V1j7KWwJQTfGlQ_HSq0vC8xqJqFST9z0CwmpWgUieBjKckdJcSODJ_3vu5MzvaSoOGbGY9SjpWQtg9-aAXm1e6VV91z84Q2_wlyDMR98&c=i37ZFF5Dy2QSFqOfb2TVpr5vkMFqaR6DdoQbIhzcRV7G2oFwX8NEvA==&ch=2ErEiCYnoykaXa1uoD0AgTD1vOpSqc6zh3ef32Gb4XR_ut8_qvmzHA==&c=&ch=&__=/mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw==
|
 |
||
|
https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR
|
|
||
|
https://phil.groupavian.com/favicon.ico
|
162.241.120.242
|
||
|
https://n34j4.erproce.com/mnvODWTw9m4xGyLG6K2pAhzijNIlOF9P5RUOEVuFIJ78150
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/favicon.ico
|
172.67.129.155
|
||
|
https://code.jquery.com/jquery-3.6.0.min.js
|
151.101.130.137
|
||
|
https://developers.google.com/recaptcha/docs/faq#localhost_support
|
unknown
|
||
|
https://n34j4.erproce.com/opmKBBmiuWfX4G2RHnZU35mWUmBuvkxdQJej9KlnON9zg0ONlPfwsRukaef193
|
172.67.129.155
|
||
|
https://a.nel.cloudflare.com/report/v4?s=E2N%2BIytw%2BsKZwt%2FnRkDgdsvatbLF7ZuAGGyme%2BniKDFA0Mg5ffWtiEyYebMc7yiXnZ%2BSNa3p%2BBasgwlmspWwwUvjF62RR2vSX2c3bbEXnbcHgYe5GDjioxRmWiKMFA%3D%3D
|
35.190.80.1
|
||
|
https://support.google.com/recaptcha#6262736
|
unknown
|
||
|
https://n34j4.erproce.com/127ZPXExxyWLex4m6720
|
172.67.129.155
|
||
|
https://itniy4gbb.cc.rs6.net/tn.jsp?f=001DpCT81a7BIE926OduG6KmKkwKebSAbUZq28C52DoY-FfQJyM_2Gq3l18V1j7KWwJQTfGlQ_HSq0vC8xqJqFST9z0CwmpWgUieBjKckdJcSODJ_3vu5MzvaSoOGbGY9SjpWQtg9-aAXm1e6VV91z84Q2_wlyDMR98&c=i37ZFF5Dy2QSFqOfb2TVpr5vkMFqaR6DdoQbIhzcRV7G2oFwX8NEvA==&ch=2ErEiCYnoykaXa1uoD0AgTD1vOpSqc6zh3ef32Gb4XR_ut8_qvmzHA==&c=&ch=&__=/mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw==
|
208.75.122.11
|
||
|
https://n34j4.erproce.com/web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/ij8u4gL9HIkKRB4oO4q5sk3cElMCafdq1UbpWklfmpXifaceLpdGMyqef204
|
172.67.129.155
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879d24de2a915083/1714035641521/Xuro9-2i0PAf2DR
|
104.17.2.184
|
||
|
https://support.google.com/recaptcha/?hl=en#6223828
|
unknown
|
||
|
https://n34j4.erproce.com/rstGHrRJjafcGLlhh4yyzjG9rDDeuv40
|
172.67.129.155
|
||
|
https://cloud.google.com/contact
|
unknown
|
||
|
https://n34j4.erproce.com/uviHDnAE0gTkmBMJlvBstdx2UgHYVMjMpYKl2bz34126
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/wrttubYrCHWuw7VKOWPSc6msuKhcDty50czV8ihSwfHPAkn6Lmb2rdNj8
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/1293McY8556cDs8gAqr46
|
172.67.129.155
|
||
|
https://www.google.com/recaptcha/api.js
|
142.250.9.147
|
||
|
https://support.google.com/recaptcha/#6175971
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.17.2.184
|
||
|
https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
|
unknown
|
||
|
https://n34j4.erproce.com/23vKNU3EMnFq9rLrJw5899LRJreqom9vw70
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/ZNj8a/
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/xyPUGRtkYoP6jpqpsXcgh28
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/klS4bgmsjJPiTo0JeLyQPkZwBeRcLaFwW0QevV9uijBiiBDfuXk2RaZpQtBHcljTJmFysqkhDwx213
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/opRDfkOXrsMnYvNNx4dtbnUz3oOQk0WOw2o32kCcuGj6JmwznBuvcfAnenBLKvCVTSCiPgi0dp4AqvRKFZde59YIvef240
|
172.67.129.155
|
||
|
https://www.google.com/recaptcha/api2/
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1105556754:1714033711:osjFWx7TQpWmznMrUyZGcWZBMp9QIoTvmH3MrAjIn9Y/879d24de2a915083/87a48736627fe33
|
104.17.2.184
|
||
|
https://n34j4.erproce.com/efDTqwRZpKsqnr655sK1qTI256HGjJ85PM6HGnHkl100
|
172.67.129.155
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879d24de2a915083/1714035641521/87c31e3198608c0cd83f45520a9ace612bed62f3720df370cd6720e5e1085ff1/xCmJY8c_M25g2Zm
|
104.17.2.184
|
||
|
https://a.nel.cloudflare.com/report/v4?s=iBJtIxjOEg7e0B0Zu3xOJrs10M5lAheO3oMcid2%2FjLKN9dQVVraKFMEgHWZo20cKdymh1Sz%2B9gr43T7OmtNXGfu9uHZFBO%2Fw3ahKa8%2FsChqGB0%2FSMqpcLOZaygE4ZQ%3D%3D
|
35.190.80.1
|
||
|
https://support.google.com/recaptcha
|
unknown
|
||
|
https://n34j4.erproce.com/34h4Inw3HgaWiYYOIRTn0K43x1klShpvCBevJajmKB89110
|
172.67.129.155
|
||
|
https://phil.groupavian.com//mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw==
|
|||
|
https://n34j4.erproce.com/wxiHDnAE0gTkmBMJlvBgKop2UgHYVMjMpYKl2bzp06kYptmsab180
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/ZNj8a/#Dggonzalezsalas@sanitas.es
|
|||
|
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
|
https://recaptcha.net
|
unknown
|
||
|
https://n34j4.erproce.com/90hfGvyT1W88efGLXzh6V0ab73
|
172.67.129.155
|
||
|
https://www.apache.org/licenses/
|
unknown
|
||
|
https://n34j4.erproce.com/78HNvEtZRPUQqWzRTM45xJO2st60
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/ijnfkCVKhwufgzAjGpjTzyiV6EJNVKpAopF2wrlTE5kTFEG1uph1LxSInRarnsY3Y4ab227
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/stKSEEMcBaDAACEnWHScuhHeloVKFflrG54f67TZfPPMiNsoY3axVnsofmeCEHcaGDH2vUAy2yo0ef260
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/ijxExAGLfxHDfLwmDue7C5P4MgxyzylIjUMWuSUeJEZkGq78170
|
172.67.129.155
|
||
|
https://n34j4.erproce.com/ZNj8a/?FDggonzalezsalas@sanitas.es
|
172.67.129.155
|
||
|
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
|
unknown
|
||
|
https://cdn.socket.io/4.6.0/socket.io.min.js
|
108.156.152.88
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normal
|
|||
|
https://n34j4.erproce.com/tvKovpkyYa6RDiv8MbJ9xs0XTY6JwFdPUvIMXsxq
|
172.67.129.155
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879d24de2a915083
|
104.17.2.184
|
There are 45 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
code.jquery.com
|
151.101.130.137
|
||
|
d2vgu95hoyrpkh.cloudfront.net
|
108.156.152.88
|
||
|
itniy4gbb.cc.rs6.net
|
208.75.122.11
|
||
|
challenges.cloudflare.com
|
104.17.3.184
|
||
|
www.google.com
|
64.233.185.105
|
||
|
n34j4.erproce.com
|
172.67.129.155
|
||
|
phil.groupavian.com
|
162.241.120.242
|
||
|
cdn.socket.io
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
108.156.152.88
|
d2vgu95hoyrpkh.cloudfront.net
|
United States
|
||
|
104.21.2.199
|
unknown
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
151.101.130.137
|
code.jquery.com
|
United States
|
||
|
104.17.3.184
|
challenges.cloudflare.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
172.67.129.155
|
n34j4.erproce.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
142.250.9.147
|
unknown
|
United States
|
||
|
208.75.122.11
|
itniy4gbb.cc.rs6.net
|
United States
|
||
|
162.241.120.242
|
phil.groupavian.com
|
United States
|
||
|
104.17.2.184
|
unknown
|
United States
|
||
|
64.233.185.105
|
www.google.com
|
United States
|
There are 3 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR
|
|
|
|
https://phil.groupavian.com//mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw==
|
||
|
https://n34j4.erproce.com/ZNj8a/#Dggonzalezsalas@sanitas.es
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normal
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normal
|