IOC Report
https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/o76fri/enpmZG9tbF9zdXBlcnZpc29yMXN0X2Fzc2lzdGFudEBmZC5vcmc=

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:02:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:02:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:02:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:02:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:02:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
PNG image data, 99 x 82, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 103
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
downloaded
Chrome Cache Entry: 104
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 106
PNG image data, 4096 x 4096, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 107
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 108
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 109
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
Chrome Cache Entry: 110
ASCII text, with very long lines (1222), with no line terminators
downloaded
Chrome Cache Entry: 111
PNG image data, 1115 x 700, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 112
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 113
HTML document, ASCII text, with very long lines (59569), with CRLF line terminators
downloaded
Chrome Cache Entry: 114
Web Open Font Format, TrueType, length 35970, version 1.0
downloaded
Chrome Cache Entry: 116
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
downloaded
Chrome Cache Entry: 118
ASCII text, with very long lines (23398), with no line terminators
downloaded
Chrome Cache Entry: 122
ASCII text, with very long lines (1437), with CRLF line terminators
downloaded
Chrome Cache Entry: 123
HTML document, ASCII text, with very long lines (1445), with CRLF line terminators
downloaded
Chrome Cache Entry: 124
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 127
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 128
JSON data
dropped
Chrome Cache Entry: 129
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 130
ASCII text, with very long lines (42414)
downloaded
Chrome Cache Entry: 131
HTML document, ASCII text
downloaded
Chrome Cache Entry: 132
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
downloaded
Chrome Cache Entry: 133
Web Open Font Format, TrueType, length 36696, version 1.0
downloaded
Chrome Cache Entry: 87
ASCII text, with very long lines (631)
downloaded
Chrome Cache Entry: 88
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 89
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 90
JSON data
dropped
Chrome Cache Entry: 91
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 92
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 93
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
downloaded
Chrome Cache Entry: 94
ASCII text, with very long lines (45667)
downloaded
Chrome Cache Entry: 96
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
There are 30 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/o76fri/enpmZG9tbF9zdXBlcnZpc29yMXN0X2Fzc2lzdGFudEBmZC5vcmc=
malicious
https://efe.q39r.com/efe/#Xzzfdoml_supervisor1st_assistant@fd.org
malicious
https://efe.q39r.com/vBFrwDlCFyGSZzoGqbIEYKNSlAdRVETLHFOHSQOBAOLLEGURWSIPNWFSNVJTBUFDMUAJBIMAVKNSUQWQZIUW?uoVHeQLIuYWqQmQZQWumqgEYavHSYRACAQZRQSJYVFXTPFFOHUVREWEUTJTRDLHZLYOOCY
https://sanemedia.ca/owaow/o76fri/enpmZG9tbF9zdXBlcnZpc29yMXN0X2Fzc2lzdGFudEBmZC5vcmc=
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/50elk/0x4AAAAAAAYIhGTHgfwrnf2u/auto/normal

Domains

Name
IP
Malicious
ipapi.co
104.26.8.44
a.nel.cloudflare.com
35.190.80.1
code.jquery.com
151.101.66.137
d2vgu95hoyrpkh.cloudfront.net
108.156.152.88
lehighvalleypacoc.weblinkconnect.com
104.18.248.141
efe.q39r.com
172.67.218.12
challenges.cloudflare.com
104.17.3.184
www.google.com
64.233.177.103
sanemedia.ca
162.241.120.242
httpbin.org
174.129.50.9
web.lehighvalleychamber.org
unknown
cdn.socket.io
unknown
There are 2 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
104.26.8.44
ipapi.co
United States
108.156.152.88
d2vgu95hoyrpkh.cloudfront.net
United States
64.233.177.95
unknown
United States
1.1.1.1
unknown
Australia
142.250.105.94
unknown
United States
142.250.105.84
unknown
United States
104.18.248.141
lehighvalleypacoc.weblinkconnect.com
United States
172.217.215.105
unknown
United States
172.67.218.12
efe.q39r.com
United States
192.168.2.16
unknown
unknown
174.129.50.9
httpbin.org
United States
172.253.124.138
unknown
United States
142.250.105.138
unknown
United States
172.253.124.94
unknown
United States
23.23.165.157
unknown
United States
173.194.219.94
unknown
United States
104.17.3.184
challenges.cloudflare.com
United States
239.255.255.250
unknown
Reserved
64.233.177.103
www.google.com
United States
151.101.66.137
code.jquery.com
United States
35.190.80.1
a.nel.cloudflare.com
United States
162.241.120.242
sanemedia.ca
United States
104.17.2.184
unknown
United States
104.21.17.5
unknown
United States
There are 14 hidden IPs, click here to show them.