Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 11:10:33 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 11:10:33 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 11:10:33 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 11:10:33 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 11:10:33 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 101
|
ASCII text, with very long lines (1222), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 109
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 111
|
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
ASCII text, with very long lines (42414)
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 114
|
HTML document, ASCII text, with very long lines (1445), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 116
|
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
Web Open Font Format, TrueType, length 35970, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
ASCII text, with very long lines (23398), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 122
|
ASCII text, with very long lines (1437), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 125
|
ASCII text, with very long lines (45667)
|
downloaded
|
||
|
Chrome Cache Entry: 79
|
ASCII text, with very long lines (631)
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 81
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 82
|
Web Open Font Format, TrueType, length 36696, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 84
|
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
HTML document, ASCII text, with very long lines (59525), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 94
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 95
|
HTML document, ASCII text, with CRLF, LF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
PNG image data, 36 x 63, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
There are 31 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://us-west-2.protection.sophos.com/?d=google.co.za&u=aHR0cHM6Ly9nb29nbGUuY28uemEvYW1wL3Mvd3d3Lmdvb2dsZS5jb20lMkZ1cmwlM0ZzYSUzREQlMjZxJTNEaHR0cHMlM0ElMkYlMkZlbWFpbGluZy5taXJhYmF1ZC1hbS5jb20lMkZ0bC5waHAlMjUzRnAlMjUzRDVwMCUyRnQyJTJGcnMlMkYxZTYlMkZyeSUyRnJzJTJGJTJGaHR0cHMlM0ElMkYlMkZmaXJlYmFzZXN0b3JhZ2UuZ29vZ2xlYXBpcy5jb20lMjUyNTJGdjAlMjUyNTJGYiUyNTI1MkZteS1hd2Vzb21lLXByb2plY3QtaWQtMzU4ODkuYXBwc3BvdC5jb20lMjUyNTJGbyUyNTI1MkZzb3NmcmUuaHRtbCUyNTI1M0ZhbHQlMjUyNTNEbWVkaWElMjUyNTI2dG9rZW4lMjUyNTNENzBmZDlmZWMtZWM4Mi00YjQ1LTkwMmQtMmFhM2Q3NTgwYzNiJTI2dXN0JTNEMTcxNDEyMzE0MDAwMDAwMCUyNnVzZyUzREFPdlZhdzJ5SzhVRkpvWmVuUkRWdUJMLXNmY20lMjZobCUzRGVuJTI2c291cmNlJTNEZ21haWwjYTJ4MVkyRnpRR04wYlhOdmFHbHZMbU52YlE9PQ==&p=m&i=NjFjOWM1NjJmM2YxNmYxMDA2OTJjYWZj&t=THJkcUUxZW9PQzAvNFZ0aWxoalJFOStYQ0dWVXgvYjJ6aS82eTZoUDhJcz0=&h=276fada438bf49c2be0403c28d11d4f4&s=AVNPUEhUT0NFTkNSWVBUSVZ-gOCnEu8L0hbaTxie_PLqb02g0uIV3TDGiGYGiGwGbDIPB11limBksw9z8tTzOiKEbBHGOtpfybJD4FbJxpna6swSu6rycA6MG9n6CTc4aMLN4lGfbapv3cHB_2jaSF4
|
 |
||
|
https://yjg0.eaketury.com/WnXlOu/#Mklucas@ctmsohio.com
|
|
||
|
https://yjg0.eaketury.com/480549295045325RMvhKcExnOQHTGXOZECITFPTMLZCBEXCQPHPQTIAFJQPDSPYSPI?KQJMVQADPADFDLFSGWGKDGpmBBHEWLIDBCJBRFJQEOMUKSXJVGNRSHMCTNATUSRWJEMIIOLRMZYKI
|
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/7sl6k/0x4AAAAAAAXoUC7gmK_gV_CI/auto/normal
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
d2t07dpvw9bt1v.cloudfront.net
|
18.244.202.11
|
||
|
yjg0.eaketury.com
|
104.21.37.247
|
||
|
code.jquery.com
|
151.101.66.137
|
||
|
d2vgu95hoyrpkh.cloudfront.net
|
108.156.152.114
|
||
|
www.google.co.za
|
64.233.185.94
|
||
|
challenges.cloudflare.com
|
104.17.2.184
|
||
|
mirabaud-oempro.cobweb.host
|
83.166.140.224
|
||
|
google.co.za
|
142.251.15.94
|
||
|
www.google.com
|
142.250.9.99
|
||
|
us-west-2.protection.sophos.com
|
unknown
|
||
|
cdn.socket.io
|
unknown
|
||
|
emailing.mirabaud-am.com
|
unknown
|
There are 3 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
108.156.152.114
|
d2vgu95hoyrpkh.cloudfront.net
|
United States
|
||
|
104.21.37.247
|
yjg0.eaketury.com
|
United States
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
74.125.136.138
|
unknown
|
United States
|
||
|
172.217.215.147
|
unknown
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
18.244.202.11
|
d2t07dpvw9bt1v.cloudfront.net
|
United States
|
||
|
104.17.3.184
|
unknown
|
United States
|
||
|
173.194.219.95
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
64.233.185.94
|
www.google.co.za
|
United States
|
||
|
83.166.140.224
|
mirabaud-oempro.cobweb.host
|
Switzerland
|
||
|
151.101.66.137
|
code.jquery.com
|
United States
|
||
|
142.251.15.94
|
google.co.za
|
United States
|
||
|
142.250.9.94
|
unknown
|
United States
|
||
|
74.125.136.100
|
unknown
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
108.177.122.84
|
unknown
|
United States
|
||
|
142.250.9.99
|
www.google.com
|
United States
|
||
|
104.17.2.184
|
challenges.cloudflare.com
|
United States
|
||
|
74.125.138.94
|
unknown
|
United States
|
There are 11 hidden IPs, click here to show them.