Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:22:54 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:22:54 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:22:54 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:22:54 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 15:22:53 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
ASCII text, with very long lines (45667)
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
PNG image data, 1115 x 700, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 103
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 105
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
HTML document, ASCII text, with very long lines (59521), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 109
|
Web Open Font Format, TrueType, length 36696, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
PNG image data, 1115 x 700, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 111
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
ASCII text, with very long lines (1222), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 114
|
PNG image data, 56 x 99, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 119
|
PNG image data, 4096 x 4096, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 120
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 122
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 123
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 124
|
PNG image data, 4096 x 4096, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
ASCII text, with very long lines (1437), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 127
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 128
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
PNG image data, 56 x 99, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 130
|
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 132
|
HTML document, ASCII text, with very long lines (1445), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 133
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
Web Open Font Format, TrueType, length 35970, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 135
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 136
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
ASCII text, with very long lines (23398), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 138
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 139
|
ASCII text, with very long lines (42414)
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 94
|
ASCII text, with very long lines (631)
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 98
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 99
|
SVG Scalable Vector Graphics image
|
downloaded
|
There are 45 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1972,i,5865964949357321470,7222999334076516600,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==
|
 |
||
|
https://efe.q39r.com/efe/#Xmaria.wojciechowski@co.monmouth.nj.us
|
|
||
|
https://web.lehighvalleychamber.org/cwt/external/wcpages/referral.aspx?ReferralType=W&ProfileID=5337&ListingID=4065&CategoryID=74&SubCategoryID=0&url=//sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==
|
104.18.247.141
|
|
|
|
https://efe.q39r.com/web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket
|
172.67.218.12
|
||
|
https://efe.q39r.com/clKkFwlBHiHVSJ8Pe6bssjJAax4UIk5BlbqZlpC0mNq48
|
172.67.218.12
|
||
|
https://efe.q39r.com/efe/?xXmaria.wojciechowski@co.monmouth.nj.us
|
172.67.218.12
|
||
|
https://efe.q39r.com/345AebFBkUb4itsJp2dEx9Nz1WrklGGnhP4AVwQmYV89110
|
172.67.218.12
|
||
|
https://efe.q39r.com/uvxA6m2pQcdHLo4WKfz3QsT75VfK9cbZD4b2TOjfhbMFDRNv8v45kfQyaKb32Svg5rtqF2tTrZgh254
|
172.67.218.12
|
||
|
https://code.jquery.com/jquery-3.6.0.min.js
|
151.101.130.137
|
||
|
https://developers.google.com/recaptcha/docs/faq#localhost_support
|
unknown
|
||
|
https://support.google.com/recaptcha#6262736
|
unknown
|
||
|
https://efe.q39r.com/wxasWsJm1F7lSOv2iLafEmnGnUVfWsJLmbqt2Gkyab175
|
172.67.218.12
|
||
|
https://efe.q39r.com/90XMoG7YJNQ48AE7R9RefBV2W3ZP0TRtab71
|
172.67.218.12
|
||
|
https://efe.q39r.com/favicon.ico
|
172.67.218.12
|
||
|
https://efe.q39r.com/12YCk90LK56Se1ynKqr42
|
172.67.218.12
|
||
|
https://support.google.com/recaptcha/?hl=en#6223828
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879faccbfe8fb06a/1714062180714/7a2eef3f3a2ffe6b8118994333b3f4d3ec1e526af4efd68e8961fa2dd086f191/MGHiH1uFJDsfTgO
|
104.17.2.184
|
||
|
https://efe.q39r.com/pq6n4pZVF34fr6WWmmuv39
|
172.67.218.12
|
||
|
https://cloud.google.com/contact
|
unknown
|
||
|
https://efe.q39r.com/opz2A7ILaAyWzSXkUtICNncurtvkgh8DhYFpMx2Oxlzsq9KrZPNl45140
|
172.67.218.12
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1173002416:1714059007:O_UCrCaeb8fNz4-lYcCa6LDflfcxd0RCynsCpjLLiq4/879faccbfe8fb06a/f892c8713b88792
|
104.17.2.184
|
||
|
https://efe.q39r.com/efIbTPq3F3E9M4tIsfj78N3gmAo2XLQkl100
|
172.67.218.12
|
||
|
https://efe.q39r.com/ij50onkMRoXybYnI2RW73cdrhB5AKLQ1WQTq7e8mc2L3pvwh78164
|
172.67.218.12
|
||
|
https://efe.q39r.com/uvZWUFt0UROOoXt5vmcKSao6QR2TqrxxiF9by3n8nEXUy2s5T34126
|
172.67.218.12
|
||
|
https://efe.q39r.com/mn2YUCVnR8vQa9aF2S75S9IkijyLIGjmjHd6iKoP0ehtuyRPp90150
|
172.67.218.12
|
||
|
https://www.google.com/recaptcha/api.js
|
64.233.177.103
|
||
|
https://support.google.com/recaptcha/#6175971
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.17.2.184
|
||
|
https://efe.q39r.com/56wgt99Sy67foh23sxX40uDyhst60
|
172.67.218.12
|
||
|
https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
|
unknown
|
||
|
https://a.nel.cloudflare.com/report/v4?s=4ozS%2FD%2BlhebByb9jaBaCRWoAEncGPbHpc01bkEyWlR9QzWHR%2FB9s%2F%2F50q%2BwlKuLB0VLH2U6N5aT1m2TFYtnVn1eP3Skjt1q0M%2BCesyWR3U00ru6Y6S3N5kKqF3Fs%2FQ%3D%3D
|
35.190.80.1
|
||
|
https://efe.q39r.com/ghZkYyc0mYIKciokhMyZ3rmnOyD3C9NSbJEMXI7KFs37Tbx9uncef210
|
172.67.218.12
|
||
|
https://efe.q39r.com/opkZKWoBXgK4XlaBoarjPDswkBdr2NIUBC8D3VyslijyXn8FWJLDbkTI32Kpccd196
|
172.67.218.12
|
||
|
https://www.google.com/recaptcha/api2/
|
unknown
|
||
|
https://sanemedia.ca/favicon.ico
|
162.241.120.242
|
||
|
https://efe.q39r.com/8571576472544462333778VmFvuqqgHOSOUIYLXDGJJKMTFCREDTXYXKXYYKGCLIZVNPFMHJGINBHVI?cbGXAgLMlUOzbXZpUQbIQpEphcjVBYMFBGIONZWCNGREHXQKOLNDMQG
|
|||
|
https://efe.q39r.com/23Y1SlAfZUj5ab3gLTPxy70
|
172.67.218.12
|
||
|
https://efe.q39r.com/ajNyX2SU9rhFeYXrhcFSd76xsstnihCYYJkPQp8lDwn8pe
|
172.67.218.12
|
||
|
https://support.google.com/recaptcha
|
unknown
|
||
|
https://ipapi.co/185.152.66.230/json/
|
172.67.69.226
|
||
|
https://efe.q39r.com/wxW67qXyrj6Vx0Tfu5cRa39uRp3UsvPq5ft22uk0KSw6D3TMfkrP5uXt2IKdP788HXJHkiwXCVeDyNaZS41ShN0mtBkm7fjNwOySWbWl1KwtDzywab430
|
172.67.218.12
|
||
|
https://sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==
|
|||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2uyjt/0x4AAAAAAAYIhGTHgfwrnf2u/auto/normal
|
|||
|
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
|
https://recaptcha.net
|
unknown
|
||
|
https://efe.q39r.com/efe/
|
172.67.218.12
|
||
|
https://www.apache.org/licenses/
|
unknown
|
||
|
https://efe.q39r.com/34fI8EabNdid6714
|
172.67.218.12
|
||
|
https://httpbin.org/ip
|
34.196.110.25
|
||
|
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
|
unknown
|
||
|
https://efe.q39r.com/pqlrdvXLDxx8n6V4MJcB2ydokZwphsRQHgstygzowxnkE7IJ6fkdR23LED0BEqORerGVIm4SyEOoIaiiUvfdh4OuMUbyF2Lroiop420
|
172.67.218.12
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://efe.q39r.com/abx86uorshef28
|
172.67.218.12
|
||
|
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
|
unknown
|
||
|
https://cdn.socket.io/4.6.0/socket.io.min.js
|
108.156.152.114
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879faccbfe8fb06a
|
104.17.2.184
|
||
|
https://efe.q39r.com/opDozZ86DfeH93KodasaV6JoKAz0XdnqsnPjlpZlIO7stX2Hqwxgyu5mt9zG3Ft9LdS3Ohi89ehtoHb0ef232
|
172.67.218.12
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879faccbfe8fb06a/1714062180713/RjvXT6k7-qXYQHs
|
104.17.2.184
|
There are 47 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ipapi.co
|
172.67.69.226
|
||
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
code.jquery.com
|
151.101.130.137
|
||
|
d2vgu95hoyrpkh.cloudfront.net
|
108.156.152.114
|
||
|
lehighvalleypacoc.weblinkconnect.com
|
104.18.247.141
|
||
|
efe.q39r.com
|
172.67.218.12
|
||
|
challenges.cloudflare.com
|
104.17.3.184
|
||
|
www.google.com
|
142.250.9.104
|
||
|
sanemedia.ca
|
162.241.120.242
|
||
|
httpbin.org
|
34.196.110.25
|
||
|
web.lehighvalleychamber.org
|
unknown
|
||
|
cdn.socket.io
|
unknown
|
There are 2 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
108.156.152.114
|
d2vgu95hoyrpkh.cloudfront.net
|
United States
|
||
|
3.221.38.252
|
unknown
|
United States
|
||
|
142.250.9.104
|
www.google.com
|
United States
|
||
|
172.67.218.12
|
efe.q39r.com
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
151.101.130.137
|
code.jquery.com
|
United States
|
||
|
104.17.3.184
|
challenges.cloudflare.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
64.233.177.103
|
unknown
|
United States
|
||
|
104.18.247.141
|
lehighvalleypacoc.weblinkconnect.com
|
United States
|
||
|
34.196.110.25
|
httpbin.org
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
162.241.120.242
|
sanemedia.ca
|
United States
|
||
|
104.17.2.184
|
unknown
|
United States
|
||
|
172.67.69.226
|
ipapi.co
|
United States
|
There are 6 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://efe.q39r.com/8571576472544462333778VmFvuqqgHOSOUIYLXDGJJKMTFCREDTXYXKXYYKGCLIZVNPFMHJGINBHVI?cbGXAgLMlUOzbXZpUQbIQpEphcjVBYMFBGIONZWCNGREHXQKOLNDMQG
|
|
|
|
https://efe.q39r.com/8571576472544462333778VmFvuqqgHOSOUIYLXDGJJKMTFCREDTXYXKXYYKGCLIZVNPFMHJGINBHVI?cbGXAgLMlUOzbXZpUQbIQpEphcjVBYMFBGIONZWCNGREHXQKOLNDMQG
|
|
|
|
https://sanemedia.ca/owaow/yjyo8q/bWFyaWEud29qY2llY2hvd3NraUBjby5tb25tb3V0aC5uai51cw==
|
||
|
https://efe.q39r.com/efe/#Xmaria.wojciechowski@co.monmouth.nj.us
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2uyjt/0x4AAAAAAAYIhGTHgfwrnf2u/auto/normal
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2uyjt/0x4AAAAAAAYIhGTHgfwrnf2u/auto/normal
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2uyjt/0x4AAAAAAAYIhGTHgfwrnf2u/auto/normal
|