Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
OneDRIVE (11).pdf
|
PDF document, version 1.7, 1 pages
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\7a334cf2-c970-4db6-9f0d-138f9b587289.tmp
|
Unknown
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
Unknown
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240425194016Z-154.bmp
|
PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6696
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 19
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI8d564.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\A93s865j_fiuwp8_560.tmp
|
PDF document, version 1.6, 0 pages
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-25 21-40-14-570.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\dc50ecc4-b39d-4fa5-9f05-eebe67a2bbf3.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\e14e3fb9-bf89-4da2-a78a-8289025ace9f.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\e9497bb7-d488-4ba6-b2f7-b3f9cc08ae43.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\fd498e35-70e4-473d-870f-4476c4dc7d49.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:40:40 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:40:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:40:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:40:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 18:40:39 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 225
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 226
|
PNG image data, 13 x 60, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 227
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 228
|
HTML document, ASCII text, with very long lines (1445), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 229
|
ASCII text, with very long lines (45667)
|
downloaded
|
||
|
Chrome Cache Entry: 230
|
ASCII text, with very long lines (23398), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 231
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 232
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 233
|
ASCII text, with very long lines (1222), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 234
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 235
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 236
|
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 237
|
ASCII text, with very long lines (631)
|
downloaded
|
||
|
Chrome Cache Entry: 238
|
Web Open Font Format, TrueType, length 35970, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 239
|
Web Open Font Format, TrueType, length 36696, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 240
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 241
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 242
|
ASCII text, with very long lines (1437), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 243
|
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 244
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 245
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 246
|
PNG image data, 13 x 60, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 247
|
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 248
|
ASCII text, with very long lines (42414)
|
downloaded
|
||
|
Chrome Cache Entry: 249
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 250
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 251
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 252
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 253
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 254
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 255
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 256
|
HTML document, ASCII text, with very long lines (59357), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 257
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 258
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 259
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 260
|
PNG image data, 91 x 98, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 261
|
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 262
|
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 263
|
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 264
|
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 265
|
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 266
|
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 267
|
PNG image data, 91 x 98, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 268
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 269
|
SVG Scalable Vector Graphics image
|
downloaded
|
There are 84 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\OneDRIVE (11).pdf"
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log"
--mojo-platform-channel-handle=2112 --field-trial-handle=1520,i,151344184176139882,7264898037148023338,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://tmi.ciatice.com/i3Ht5RuB/"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=2020,i,14502885244554449748,6893491691465949049,262144
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://tmi.ciatice.com/i3Ht5RuB/
|
|
||
|
https://tmi.ciatice.com/89tWQ7f5uxAksCtbh0eXefWId1wPoaBab80
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/qrEHvdn1lma3Z8sOdlltAtMcHG129cMcDgEVOl1ox6FVZXhsfhriLH22SyB2Mcd240
|
104.21.86.28
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a0ce652ceab060/1714074042735/TclTmhlmfHYUtCO
|
104.17.3.184
|
||
|
https://code.jquery.com/jquery-3.6.0.min.js
|
151.101.66.137
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/485275881:1714073401:lmniYLGxWDqdsJ5okxuLFmjYmRsMLlGYhPizTtEMcDY/87a0ce652ceab060/080703b065cf0ad
|
104.17.3.184
|
||
|
https://developers.google.com/recaptcha/docs/faq#localhost_support
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/308692794:1714069518:8CmSfXHx0D0sh0fmLX7aR56F4j5WyUCYSYwCjXQvDhU/87a0d17999216789/c37ff7bddb9e9aa
|
104.17.3.184
|
||
|
https://tmi.ciatice.com/rsevBgN4rjSWu12bFW4Wuv40
|
104.21.86.28
|
||
|
https://support.google.com/recaptcha#6262736
|
unknown
|
||
|
https://tmi.ciatice.com/rs12R7tzjMsHz766mo0vrOXCmGvt4lLwqSFmDylrijEK69QXFvvr1bDeSrHJnef193
|
104.21.86.28
|
||
|
https://a.nel.cloudflare.com/report/v4?s=aESYxDuXb9i2Iu5GXJjE7%2FHNTluuVVk8V%2F95fpAtP30MOp2UIC69eSBUyAKz82R9MGyPuajC1633LnBw2oPDE6CHClcxwLTL60A%2B95HAYVaBjCffdMJ99y11HiuKgg%3D%3D
|
35.190.80.1
|
||
|
https://tmi.ciatice.com/efVOFrsUlNdgxdPMMmToxLijwu7qUkXzfAc4eaDvZHwI4TPi78150
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/34gQ9OML13VpP40ijyknQhFsHXi67105
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/favicon.ico
|
104.21.86.28
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87a0ce652ceab060
|
104.17.3.184
|
||
|
https://support.google.com/recaptcha/?hl=en#6223828
|
unknown
|
||
|
https://cloud.google.com/contact
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87a0d17999216789
|
104.17.3.184
|
||
|
https://tmi.ciatice.com/45oe5GGyclCfDJqFwK4Fab1hU2CU55evw64
|
104.21.86.28
|
||
|
https://www.google.com/recaptcha/api.js
|
108.177.122.147
|
||
|
https://support.google.com/recaptcha/#6175971
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.17.3.184
|
||
|
https://tmi.ciatice.com/ghQn6DPGsCmv8LlA5iPRGIectxyAdavMYbEBM7b6i0eLhQjPF12210
|
104.21.86.28
|
||
|
https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
|
unknown
|
||
|
https://tmi.ciatice.com/abVZaAL16EHOrsxTef30
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/562mpIXi9spBso3A23Uda7l9TDEst54
|
104.21.86.28
|
||
|
https://a.nel.cloudflare.com/report/v4?s=rj8BEw2STVJB9X9Rgbgs5jKVWHw3N6ZMCSs54q%2Bw6VcrkLI5WwMThPdnY%2FylgyRa6BvahMNRvzbB8ko%2FsqkL%2BLObPp2zKjSHfZDx94ft7e%2BKjCAPw1SIr9c2jnnPTQ%3D%3D
|
35.190.80.1
|
||
|
https://www.google.com/recaptcha/api2/
|
unknown
|
||
|
https://tmi.ciatice.com/nzUf1RL7j7c6LhAXjUIHJAmlCf7WzrIsKYl80k0K3srxsAzVUm6Z2otf
|
104.21.86.28
|
||
|
https://support.google.com/recaptcha
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87a0d17999216789/1714074168924/6b8d0a715c08bff724aa5277e8edb16dbc008f47ef8843369e46a42146485fc8/x91Q2-LKrruSnHP
|
104.17.3.184
|
||
|
https://tmi.ciatice.com/uvrd5HJXg8Bzs89A0A6yCMBd4sdc67O9r3mBEKee1XgYzU9ZA5hDAeF3ef260
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/i3Ht5RuB/?g
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/mnm3Jhj4sQzr6btbLUWYh95n56BTPqCTz5MVl07jLsJj9MOFvQv5Swx220
|
104.21.86.28
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a0d17999216789/1714074168927/lOZL0YQ0ACRgEK7
|
104.17.3.184
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ekazd/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal
|
|||
|
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
|
https://tmi.ciatice.com/ijqbZ3VS7sVdvNUHk18PAVRbCcKqrLv71qq2qglMfaiSEZPHZab226
|
104.21.86.28
|
||
|
https://recaptcha.net
|
unknown
|
||
|
https://tmi.ciatice.com/12GTTK1BNx7abjS3Vd8920
|
104.21.86.28
|
||
|
https://www.apache.org/licenses/
|
unknown
|
||
|
https://tmi.ciatice.com/i3Ht5RuB/)
|
unknown
|
||
|
https://tmi.ciatice.com/sdjuloFKSWa9vIkCoGz9NikkCsCBu3o
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/yzJvvt9bQhaS71NCN8aUTeJJKeIqmn4dzdICls2l8Ls4K9mN2PXcsaD90180
|
104.21.86.28
|
||
|
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://tmi.ciatice.com/wxd4W83PPTchmiYvbcVnyPLfvjdrwgqrrYVxk74d1B412123
|
104.21.86.28
|
||
|
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
|
unknown
|
||
|
https://cdn.socket.io/4.6.0/socket.io.min.js
|
99.84.108.67
|
||
|
https://tmi.ciatice.com/yzmQIQrxyGO784lXTqr47
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/eflk5pn1mN1UenqLtiF2g3b7Z78OGUFMDDgyCRDVXmn98
|
104.21.86.28
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87a0ce652ceab060/1714074042738/89393959101cddc3ef012770f3bb47df0f6707a3fbcbddf795a581975e7336d6/tfE_7qgXh1RGQvO
|
104.17.3.184
|
||
|
https://tmi.ciatice.com/ij9bzTCAFN3KPhDhiO4zrwxVgtLIozY2QQCpBa0BBWU56161
|
104.21.86.28
|
||
|
https://tmi.ciatice.com/opDFgVsRZs6HQg8KxBkFghnMnj4FnyzWtXKncmVr67133
|
104.21.86.28
|
There are 46 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
code.jquery.com
|
151.101.66.137
|
||
|
d2vgu95hoyrpkh.cloudfront.net
|
99.84.108.67
|
||
|
challenges.cloudflare.com
|
104.17.2.184
|
||
|
tmi.ciatice.com
|
104.21.86.28
|
||
|
www.google.com
|
172.217.215.147
|
||
|
cdn.socket.io
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.217.215.147
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
104.17.3.184
|
unknown
|
United States
|
||
|
151.101.66.137
|
code.jquery.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
172.67.214.97
|
unknown
|
United States
|
||
|
99.84.108.67
|
d2vgu95hoyrpkh.cloudfront.net
|
United States
|
||
|
23.54.200.159
|
unknown
|
United States
|
||
|
104.21.86.28
|
tmi.ciatice.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
104.17.2.184
|
challenges.cloudflare.com
|
United States
|
||
|
108.177.122.147
|
unknown
|
United States
|
There are 3 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sAssetId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
bisSharedFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uFileSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uPageCount
|
There are 8 hidden registries, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://tmi.ciatice.com/894953345769809431vAbFVwTJXXRBXGQEAMHMFHZIWLECHQTGLTECGIWEQNUXBYI?QLEWTZKIVCWWEJBdnjXqJJWYOMVPPGSVELHHIIKEYQXPMKPYGVKVUBDP
|
|
|
|
https://tmi.ciatice.com/i3Ht5RuB/
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ekazd/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ekazd/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ekazd/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ekazd/0x4AAAAAAAXe9Mq4IC60x-FR/auto/normal
|