Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 16:20:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 16:20:51 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 16:20:51 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 16:20:51 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 16:20:51 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 100
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 83
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 84
|
ASCII text, with very long lines (48352)
|
downloaded
|
||
Chrome Cache Entry: 85
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 86
|
HTML document, ASCII text, with very long lines (1099)
|
downloaded
|
||
Chrome Cache Entry: 87
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 88
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 89
|
ASCII text, with very long lines (65397)
|
downloaded
|
||
Chrome Cache Entry: 90
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 91
|
HTML document, ASCII text, with very long lines (1099)
|
downloaded
|
||
Chrome Cache Entry: 92
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 93
|
ASCII text, with very long lines (1586)
|
downloaded
|
||
Chrome Cache Entry: 94
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 95
|
HTML document, ASCII text, with very long lines (1099)
|
downloaded
|
||
Chrome Cache Entry: 96
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 97
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 98
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 99
|
ASCII text, with very long lines (534)
|
downloaded
|
There are 15 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2200,i,5783934558795399267,4721298403190009966,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://people.planningcenteronline.com"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://people.planningcenteronline.com
|
|||
https://login.planningcenteronline.com/packs/js/882-821b6997692328fd5b75.js
|
18.155.1.25
|
||
https://login.planningcenteronline.com/packs/js/login-a860e00a8fd55872cfa8.js
|
18.155.1.25
|
||
https://login.planningcenteronline.com/assets/planning_center_1200px-2117eac95c17636782f0621c47c2621
|
unknown
|
||
https://planning.center/terms/
|
unknown
|
||
https://login.planningcenteronline.com/login
|
unknown
|
||
https://login.planningcenteronline.com/assets/session_package-e27311e49866e5050dcf774ae3dd00fd632a56fd9cea5d0ed408497f9576e012.css
|
18.155.1.25
|
||
https://login.planningcenteronline.com/assets/favicon-57-9126e33705cd9c9a32ff5800bead92dbbb182871fd7
|
unknown
|
||
https://login.planningcenteronline.com/assets/favicon-228-607737e94a057cef8ee8eb1843e70fc4b6c2bc32b5
|
unknown
|
||
https://login.planningcenteronline.com/assets/favicon-96-21a56ea72172d8aefb55e0b38fef153fa6b38cfb356
|
unknown
|
||
https://pco-cross-storage.s3.amazonaws.com/hub.html
|
|||
https://login.planningcenteronline.com/assets/favicon-76-898249b7983141caf8c7e8ec324fbdaca4da0c13990
|
unknown
|
||
https://login.planningcenteronline.com/assets/@planningcenter/icons/sprites/general-45fb8eeff447e73ce56b2ccf04643bb3bf4672a4ed64f409e42f456a38874f8a.svg
|
18.155.1.25
|
||
https://login.planningcenteronline.com/assets/favicon-144-f16df30018752c62b40bd115dfe8243b39d03354c0
|
unknown
|
||
https://planning.center/privacy/
|
unknown
|
||
https://login.planningcenteronline.com/packs/js/runtime-461b1b74cc572f890c8f.js
|
18.155.1.25
|
||
https://pco-cross-storage-dev.s3.amazonaws.com/hub.html
|
unknown
|
||
https://login.planningcenteronline.com/assets/session_package-e27311e49866e5050dcf774ae3dd00fd632a56
|
unknown
|
||
https://login.planningcenteronline.com/?return=People%2F
|
18.155.1.25
|
||
https://ab5ddfb19446.edge.sdk.awswaf.com/ab5ddfb19446/33b184b1a0f1/challenge.js
|
18.155.1.14
|
||
https://docs.aws.amazon.com/waf/latest/developerguide/waf-javascript-sdk.html
|
unknown
|
||
https://login.planningcenteronline.com/login/new?return=People%2F
|
|||
https://login.planningcenteronline.com/login/new
|
|||
https://ab5ddfb19446.87d96309.us-east-2.token.awswaf.com/ab5ddfb19446/33b184b1a0f1/challenge.js
|
13.249.39.45
|
||
https://pco-cross-storage-staging.s3.amazonaws.com/hub.html
|
unknown
|
||
https://login.planningcenteronline.com/assets/favicon-16-a3db94c1250254a4ba2b4aad660bf6e021907f98e04
|
unknown
|
||
https://people.planningcenteronline.com/
|
108.139.15.59
|
||
https://login.planningcenteronline.com/assets/favicon-196-01f5c09b64cd6c1b3ce814135f810e5e16466c6707
|
unknown
|
||
https://ab5ddfb19446.87d96309.us-east-2.token.awswaf.com/ab5ddfb19446/33b184b1a0f1/verify
|
13.249.39.45
|
||
https://login.planningcenteronline.com/assets/favicon-180-7cb6934e4aeb93b235f7ad24a74a5954391191914a
|
unknown
|
||
https://login.planningcenteronline.com/assets/favicon-16-a3db94c1250254a4ba2b4aad660bf6e021907f98e04752f25eac8c0d4a33ab05.png
|
18.155.1.25
|
||
https://login.planningcenteronline.com/password_reset/new
|
|||
https://ab5ddfb19446.87d96309.us-east-2.token.awswaf.com/ab5ddfb19446/33b184b1a0f1/telemetry
|
13.249.39.45
|
||
https://login.planningcenteronline.com/assets/favicon-128-862107eee4ccdf92e70a3410da4b3c48b82a256f89
|
unknown
|
There are 23 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
s3-w.us-east-1.amazonaws.com
|
16.182.40.97
|
||
ab5ddfb19446.edge.sdk.awswaf.com
|
18.155.1.14
|
||
ab5ddfb19446.87d96309.us-east-2.token.awswaf.com
|
13.249.39.45
|
||
login.planningcenteronline.com
|
18.155.1.25
|
||
www.google.com
|
108.177.122.147
|
||
people.planningcenteronline.com
|
108.139.15.59
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
pco-cross-storage.s3.amazonaws.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
13.249.39.45
|
ab5ddfb19446.87d96309.us-east-2.token.awswaf.com
|
United States
|
||
13.249.39.67
|
unknown
|
United States
|
||
192.168.2.5
|
unknown
|
unknown
|
||
16.182.40.97
|
s3-w.us-east-1.amazonaws.com
|
United States
|
||
18.155.1.25
|
login.planningcenteronline.com
|
United States
|
||
18.155.1.14
|
ab5ddfb19446.edge.sdk.awswaf.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
18.155.1.13
|
unknown
|
United States
|
||
108.139.15.59
|
people.planningcenteronline.com
|
United States
|
||
108.177.122.147
|
www.google.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://login.planningcenteronline.com/login/new?return=People%2F
|
||
https://login.planningcenteronline.com/login/new
|
||
https://login.planningcenteronline.com/login/new
|
||
https://login.planningcenteronline.com/login/new
|
||
https://login.planningcenteronline.com/login/new
|
||
https://pco-cross-storage.s3.amazonaws.com/hub.html
|
||
https://login.planningcenteronline.com/password_reset/new
|
||
https://login.planningcenteronline.com/password_reset/new
|
||
https://login.planningcenteronline.com/password_reset/new
|
||
https://login.planningcenteronline.com/password_reset/new
|