Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:12:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:12:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:12:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:12:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:12:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 100
|
HTML document, ASCII text, with very long lines (8796), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 101
|
Unicode text, UTF-8 text, with very long lines (40549), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 102
|
ASCII text, with very long lines (65352)
|
downloaded
|
||
Chrome Cache Entry: 103
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 104
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 105
|
Unicode text, UTF-8 text, with very long lines (65456), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 106
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 107
|
HTML document, ASCII text, with very long lines (857)
|
downloaded
|
||
Chrome Cache Entry: 108
|
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 109
|
HTML document, ASCII text
|
dropped
|
||
Chrome Cache Entry: 110
|
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 111
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 112
|
PNG image data, 320 x 132, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 113
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 114
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 115
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 116
|
ASCII text, with very long lines (1601)
|
downloaded
|
||
Chrome Cache Entry: 117
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 83
|
ASCII text, with very long lines (18738)
|
downloaded
|
||
Chrome Cache Entry: 84
|
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 85
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 86
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 87
|
Unicode text, UTF-8 text, with very long lines (54018)
|
downloaded
|
||
Chrome Cache Entry: 88
|
ASCII text, with very long lines (5371)
|
downloaded
|
||
Chrome Cache Entry: 89
|
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 90
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 91
|
ASCII text, with very long lines (49244)
|
downloaded
|
||
Chrome Cache Entry: 92
|
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 93
|
ASCII text, with very long lines (64402)
|
downloaded
|
||
Chrome Cache Entry: 94
|
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 95
|
ASCII text, with very long lines (5412)
|
downloaded
|
||
Chrome Cache Entry: 96
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 97
|
HTML document, ASCII text, with very long lines (65522)
|
downloaded
|
||
Chrome Cache Entry: 98
|
PNG image data, 320 x 132, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 99
|
ASCII text
|
downloaded
|
There are 32 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.jottacloud.com/s/3542495a6cd3d7a4aafad5878d671fdee68
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1288,i,9005195846985915439,14573579907242159260,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.jottacloud.com/s/3542495a6cd3d7a4aafad5878d671fdee68
|
|||
https://www.jottacloud.com/webapp_static/js/vendors.0de7db0d.js
|
185.179.129.37
|
||
https://www.jottacloud.com/webapp_static/css/PublicFiles.6c2dd39d.chunk.css
|
185.179.129.37
|
||
https://api.jotta.cloud/no.jotta.openapi.sharing.v2.PublicSharingService/LookupShare
|
185.179.128.40
|
||
https://a.jottacloud.com/js/container_FDVOG8VX.js
|
185.179.129.39
|
||
https://policy.app.cookieinformation.com/cookiesharingiframe.html
|
|||
https://github.com/salesforce/secure-filters/blob/master/lib/secure-filters.js
|
unknown
|
||
https://sn.jotta.cloud/api/7/envelope/?sentry_key=6b7861b074be4432b07abf1556a435d1&sentry_version=7&sentry_client=sentry.javascript.react%2F7.94.1
|
185.179.129.31
|
||
https://a.jottacloud.com/js/?action_name=Jottacloud&idsite=1&rec=1&r=499272&h=18&m=12&s=48&url=https%3A%2F%2Fwww.jottacloud.com%2Fs%2F3542495a6cd3d7a4aafad5878d671fdee68%2Fthumbs&_id=7d25297dbabf0d06&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=YjXcYM&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22117%22%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22117%22%7D%5D%2C%22platform%22%3A%22Windows%22%7D
|
185.179.129.39
|
||
https://www.jottacloud.com/webapp_static/js/runtime~JOTTACLOUD-index.98f9bd25.js
|
185.179.129.37
|
||
https://opensource.org/licenses/MIT
|
unknown
|
||
https://www.jottacloud.com/webapp_static/js/JOTTACLOUD-index.ffe4e009.js
|
185.179.129.37
|
||
https://piwik.org/free-software/bsd/
|
unknown
|
||
https://www.jottacloud.com/s/3542495a6cd3d7a4aafad5878d671fdee68
|
|||
https://a.jottacloud.com/js/?action_name=Jottacloud&idsite=1&rec=1&r=008840&h=18&m=12&s=46&url=https%3A%2F%2Fwww.jottacloud.com%2Fs%2F3542495a6cd3d7a4aafad5878d671fdee68&_id=7d25297dbabf0d06&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pf_net=693&pf_srv=429&pf_tfr=1&pf_dm1=12&pf_dm2=6205&pf_onl=1&pv_id=gLZtRm&uadata=%7B%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22117%22%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22117%22%7D%5D%2C%22platform%22%3A%22Windows%22%7D
|
185.179.129.39
|
||
https://github.com/matomo-org/tag-manager/blob/master/js/piwik.js
|
unknown
|
||
https://www.jottacloud.com/webapp_static/js/npm-swiper.5e1e53e5.chunk.js
|
185.179.129.37
|
||
https://matomo.org/free-software/bsd/
|
unknown
|
||
https://www.jottacloud.com/webapp_static/js/npm-sentry.c675f161.js
|
185.179.129.37
|
||
https://www.jottacloud.com/webapp_static/js/theme-base.7eb0dc3a.js
|
185.179.129.37
|
||
https://developer.matomo.org/guides/tracking-javascript-guide#multiple-piwik-trackers
|
unknown
|
||
https://connect.facebook.net/en_US/fbevents.js
|
unknown
|
||
https://github.com/matomo-org/matomo/blob/master/js/piwik.js
|
unknown
|
||
https://www.jottacloud.com/webapp_static/js/locale-en.069cdc79.chunk.js
|
185.179.129.37
|
||
https://policy.app.cookieinformation.com/4f0a08/jottacloud.com/en.js
|
152.195.19.97
|
||
https://www.jottacloud.com/s/3542495a6cd3d7a4aafad5878d671fdee68/thumbs
|
|||
https://github.com/salesforce/secure-filters/blob/master/LICENSE.txt
|
unknown
|
||
https://www.jottacloud.com/api/status
|
185.179.129.37
|
||
https://api.jotta.cloud/no.jotta.openapi.config.v2.ConfigService/GetConfig
|
185.179.128.40
|
||
https://10.244.63.148/js/container_FDVOG8VX_preview.js
|
unknown
|
||
https://policy.app.cookieinformation.com/cookie-data/jottacloud.com/cabl.json
|
152.195.19.97
|
||
https://www.jottacloud.com/webapp_static/css/webapp.eaa2773d.css
|
185.179.129.37
|
||
https://developer.matomo.org/api-reference/tracking-javascript
|
unknown
|
||
https://www.jottacloud.com/webapp_static/js/webapp.26b5d2fd.js
|
185.179.129.37
|
||
https://miro.medium.com/v2/resize:fit:640/1*6QnpXsV5n4K5WEgLEga1kQ.png
|
162.159.152.4
|
||
https://www.jottacloud.com/webapp_static/js/PublicFiles.7551f10a.chunk.js
|
185.179.129.37
|
||
https://consent.app.cookieinformation.com/api/consent
|
20.76.133.196
|
||
https://miro.medium.com/max/640/1*6QnpXsV5n4K5WEgLEga1kQ.png
|
162.159.152.4
|
||
https://www.jottacloud.com/webapp_static/jottacloud/favicon.ico
|
185.179.129.37
|
||
https://www.npmjs.com/package/hash-wasm)
|
unknown
|
||
https://www.jottacloud.com/webapp_static/js/jotta-grpc-web.b87f4a9d.js
|
185.179.129.37
|
||
https://piwik.org
|
unknown
|
||
https://www.jottacloud.com/webapp_static/js/2261.61f7fd45.chunk.js
|
185.179.129.37
|
||
https://a.jottacloud.com/js/?action_name=Jottacloud&idsite=1&rec=1&r=622057&h=18&m=12&s=41&url=https%3A%2F%2Fwww.jottacloud.com%2Fs%2F3542495a6cd3d7a4aafad5878d671fdee68&_id=7d25297dbabf0d06&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=XUR0SG&pf_net=693&pf_srv=429&pf_tfr=1&pf_dm1=12&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22117.0.5938.132%22%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22117.0.5938.132%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
|
185.179.129.39
|
||
https://www.jottacloud.com/webapp_static/js/npm-framer-motion.af380232.js
|
185.179.129.37
|
||
https://www.jottacloud.com/webapp_static/js/npm-google-protobuf.c3c5e8c7.js
|
185.179.129.37
|
||
https://api.jotta.cloud
|
unknown
|
||
https://matomo.org
|
unknown
|
||
https://www.jottacloud.com/webapp_static/jottacloud/manifest.webmanifest
|
185.179.129.37
|
||
https://lea.verou.me
|
unknown
|
||
https://tools.google.com/dlpage/gaoptout
|
unknown
|
||
https://policy.app.cookieinformation.com/uc.js
|
152.195.19.97
|
There are 41 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
sn.jotta.cloud
|
185.179.129.31
|
||
www.jottacloud.com
|
185.179.129.37
|
||
api.jotta.cloud
|
185.179.128.40
|
||
sni1gl.wpc.omegacdn.net
|
152.195.19.97
|
||
www.google.com
|
108.177.122.106
|
||
a.jottacloud.com
|
185.179.129.39
|
||
consent.app.cookieinformation.com
|
20.76.133.196
|
||
miro.medium.com
|
162.159.152.4
|
||
policy.app.cookieinformation.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
152.195.19.97
|
sni1gl.wpc.omegacdn.net
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
185.179.129.37
|
www.jottacloud.com
|
Norway
|
||
185.179.129.39
|
a.jottacloud.com
|
Norway
|
||
108.177.122.106
|
www.google.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
162.159.152.4
|
miro.medium.com
|
United States
|
||
185.179.129.31
|
sn.jotta.cloud
|
Norway
|
||
185.179.128.40
|
api.jotta.cloud
|
Norway
|
||
20.76.133.196
|
consent.app.cookieinformation.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://policy.app.cookieinformation.com/cookiesharingiframe.html
|
||
https://www.jottacloud.com/s/3542495a6cd3d7a4aafad5878d671fdee68
|
||
https://www.jottacloud.com/s/3542495a6cd3d7a4aafad5878d671fdee68/thumbs
|