IOC Report
https://cccms.page.link/ZJtPxx3NT15exshM7

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:12:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:12:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:12:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:12:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 12:12:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
ASCII text, with very long lines (65310)
downloaded
Chrome Cache Entry: 101
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 102
JSON data
downloaded
Chrome Cache Entry: 103
JSON data
downloaded
Chrome Cache Entry: 104
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 105
JSON data
dropped
Chrome Cache Entry: 106
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
dropped
Chrome Cache Entry: 107
C source, ASCII text, with very long lines (65103)
downloaded
Chrome Cache Entry: 108
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 109
ASCII text, with very long lines (5945)
downloaded
Chrome Cache Entry: 110
JSON data
dropped
Chrome Cache Entry: 111
ASCII text, with very long lines (6677)
downloaded
Chrome Cache Entry: 112
ASCII text, with very long lines (65450)
downloaded
Chrome Cache Entry: 113
ASCII text, with very long lines (56406)
downloaded
Chrome Cache Entry: 114
ASCII text, with very long lines (63958)
downloaded
Chrome Cache Entry: 115
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
downloaded
Chrome Cache Entry: 116
ASCII text, with very long lines (7789)
downloaded
Chrome Cache Entry: 117
WebAssembly (wasm) binary module version 0x1 (MVP)
dropped
Chrome Cache Entry: 118
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 91
Java source, ASCII text, with very long lines (765)
downloaded
Chrome Cache Entry: 92
ASCII text, with very long lines (10220)
downloaded
Chrome Cache Entry: 93
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 94
WebAssembly (wasm) binary module version 0x1 (MVP)
downloaded
Chrome Cache Entry: 95
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 96
ASCII text, with very long lines (65468)
downloaded
Chrome Cache Entry: 97
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 98
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 99
ASCII text, with very long lines (562)
downloaded
There are 25 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1884,i,18376456160294366809,3277924286943858185,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cccms.page.link/ZJtPxx3NT15exshM7"

URLs

Name
IP
Malicious
https://cccms.page.link/ZJtPxx3NT15exshM7
https://developers.google.com/maps/documentation/javascript/vector-map
unknown
https://cdn.pendo.io/agent/static/68d47e37-3432-49f2-7782-667867682480/pendo.js
34.36.213.229
https://github.com/rossturner/HTML5-ImageUploader)
unknown
https://stats.g.doubleclick.net/g/collect
unknown
http://www.broofa.com
unknown
https://unpkg.com/scandit-sdk@5.11.0/build/scandit-engine-sdk.min.js
104.17.247.203
https://sdk-api.scandit.com/v2/eventshttps://sdk-api.scandit.com/v2/subscription/builds/mobile/data-
unknown
http://g.co/dev/maps-no-account
unknown
https://developers.google.com/maps/documentation/javascript/error-messages#
unknown
https://sdk-api.scandit.com/v2/subscriptionA
unknown
https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers
unknown
http://opensource.org/licenses/MIT
unknown
https://adservice.google.com/pagead/regclk
unknown
https://goo.gle/js-open-now.
unknown
about:blank
https://cct.google/taggy/agent.js
unknown
https://fontawesome.com/license/free
unknown
https://daneden.github.io/animate.css/
unknown
https://developers.google.com/maps/documentation/javascript/libraries
unknown
https://cccms.page.link/ZJtPxx3NT15exshM7
142.250.105.132
https://fontawesome.com
unknown
https://www.google.com
unknown
https://www.youtube.com/iframe_api
unknown
https://static.hotjar.com/c/hotjar-2252699.js?sv=6
3.161.188.128
https://unpkg.com/scandit-sdk@5.11.0/build/scandit-engine-sdk.wasm
104.17.247.203
https:///v1/installs/newiiiiiiscandk1.scandit.comscandk2.scandit.comscandk3.scandit.comscandk4.scand
unknown
https://sdk-api.scandit.com/v2/subscription
unknown
https://static.rtccloud.net/websdk/current/
23.22.239.249
https://developers.google.com/maps/documentation/javascript/versions#beta-channel
unknown
https://td.doubleclick.net
unknown
https://fontawesome.com/license
unknown
https://goo.gle/js-open-now
unknown
https://github.com/jonschlinkert/is-plain-object
unknown
https://www.merchant-center-analytics.goog
unknown
https://goo.gle/js-api-loading
unknown
https://smartmobile.cccis.com/smartmobileweb/V1/index.html?ik=4n0SoCyJOljPhmRbgH5T#/desktop/error
https://stats.g.doubleclick.net/g/collect?v=2&
unknown
https://developer.mozilla.org/docs/Web/API/EventTarget/addEventListener
unknown
https://static.rtccloud.net/websdk/current
23.22.239.249
https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling
unknown
https://script.hotjar.com/modules.25f289cf2c430c5f1dfb.js
18.64.236.61
http://kartoteket.as/team/svale.html
unknown
https://agent.pendo.io/licenses
unknown
https://github.com/jonschlinkert/isobject
unknown
https://support.google.com/fusiontables/answer/9185417).
unknown
https://sdk-api.scandit.com/v2/events
unknown
There are 36 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
cccms.page.link
142.250.105.132
bg.microsoft.map.fastly.net
199.232.214.172
cdn.pendo.io
34.36.213.229
script.hotjar.com
18.64.236.61
cdn.rtccloud.net
23.22.239.249
www.google.com
64.233.185.105
unpkg.com
104.17.247.203
fp2e7a.wpc.phicdn.net
192.229.211.108
static-cdn.hotjar.com
3.161.188.128
s.go-mpulse.net
unknown
trial-eum-clienttons-s.akamaihd.net
unknown
173bf105.akstat.io
unknown
static.hotjar.com
unknown
smartmobile.cccis.com
unknown
static.rtccloud.net
unknown
trial-eum-clientnsv4-s.akamaihd.net
unknown
185-152-66-230_s-23-209-188-198_ts-1714050750-clienttons-s.akamaihd.net
unknown
xgmefzqxacx3ezrkk27a-pnvkrd-4800011bc-clientnsv4-s.akamaihd.net
unknown
c.go-mpulse.net
unknown
There are 9 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.8
unknown
unknown
34.36.213.229
cdn.pendo.io
United States
142.250.105.132
cccms.page.link
United States
104.17.249.203
unknown
United States
3.161.188.128
static-cdn.hotjar.com
United States
18.64.236.61
script.hotjar.com
United States
239.255.255.250
unknown
Reserved
23.22.239.249
cdn.rtccloud.net
United States
104.17.247.203
unpkg.com
United States
64.233.185.105
www.google.com
United States

DOM / HTML

URL
Malicious
https://smartmobile.cccis.com/smartmobileweb/V1/index.html?ik=4n0SoCyJOljPhmRbgH5T#/desktop/error
https://smartmobile.cccis.com/smartmobileweb/V1/index.html?ik=4n0SoCyJOljPhmRbgH5T#/desktop/error
https://smartmobile.cccis.com/smartmobileweb/V1/index.html?ik=4n0SoCyJOljPhmRbgH5T#/desktop/error
about:blank