IOC Report
https://autode.sk/4bb5BeV

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 109
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 111
HTML document, ASCII text
downloaded
Chrome Cache Entry: 112
ASCII text, with very long lines (523)
downloaded
Chrome Cache Entry: 113
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 114
JSON data
downloaded
Chrome Cache Entry: 115
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 117
ASCII text, with very long lines (19969)
downloaded
Chrome Cache Entry: 119
ASCII text, with very long lines (4199)
downloaded
Chrome Cache Entry: 120
PDF document, version 1.7, 1 pages
downloaded
Chrome Cache Entry: 121
ASCII text, with very long lines (7043), with no line terminators
downloaded
Chrome Cache Entry: 122
ASCII text, with very long lines (5357)
downloaded
Chrome Cache Entry: 123
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 125
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 126
Unicode text, UTF-8 text, with very long lines (64466)
downloaded
Chrome Cache Entry: 127
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 128
JSON data
dropped
Chrome Cache Entry: 129
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 131
ASCII text, with very long lines (8035)
downloaded
Chrome Cache Entry: 132
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 133
ASCII text, with very long lines (5945)
downloaded
Chrome Cache Entry: 137
ASCII text, with very long lines (32065)
downloaded
Chrome Cache Entry: 138
ASCII text, with very long lines (50758)
downloaded
Chrome Cache Entry: 139
ASCII text, with very long lines (1048)
downloaded
Chrome Cache Entry: 140
JSON data
downloaded
Chrome Cache Entry: 143
ASCII text, with very long lines (65377)
downloaded
Chrome Cache Entry: 145
HTML document, ASCII text
downloaded
Chrome Cache Entry: 146
HTML document, ASCII text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 147
Unicode text, UTF-8 text, with very long lines (12156)
downloaded
Chrome Cache Entry: 149
ASCII text, with very long lines (49440)
downloaded
Chrome Cache Entry: 150
ASCII text, with very long lines (31983)
downloaded
Chrome Cache Entry: 151
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 152
ASCII text, with very long lines (5945)
downloaded
Chrome Cache Entry: 154
ASCII text, with very long lines (1634)
downloaded
Chrome Cache Entry: 155
ASCII text, with very long lines (65425)
downloaded
Chrome Cache Entry: 156
ASCII text, with very long lines (2343)
downloaded
Chrome Cache Entry: 157
ASCII text, with very long lines (35315)
downloaded
Chrome Cache Entry: 159
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 160
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 162
ASCII text, with very long lines (3331)
downloaded
Chrome Cache Entry: 163
ASCII text, with very long lines (42414)
downloaded
Chrome Cache Entry: 165
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 166
ASCII text, with very long lines (34872)
downloaded
Chrome Cache Entry: 168
JSON data
downloaded
Chrome Cache Entry: 169
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 170
HTML document, ASCII text, with very long lines (4020)
downloaded
Chrome Cache Entry: 171
HTML document, ASCII text, with very long lines (494)
downloaded
Chrome Cache Entry: 172
Web Open Font Format (Version 2), TrueType, length 43968, version 2.13107
downloaded
Chrome Cache Entry: 174
ASCII text, with very long lines (4192)
downloaded
Chrome Cache Entry: 175
JSON data
downloaded
Chrome Cache Entry: 176
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 177
ASCII text, with very long lines (64780)
downloaded
Chrome Cache Entry: 178
ASCII text, with very long lines (7711)
downloaded
Chrome Cache Entry: 179
JSON data
downloaded
Chrome Cache Entry: 180
ASCII text, with very long lines (995)
downloaded
Chrome Cache Entry: 181
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 182
ASCII text
downloaded
Chrome Cache Entry: 183
ASCII text, with very long lines (794)
downloaded
Chrome Cache Entry: 184
PNG image data, 50 x 45, 8-bit/color RGB, non-interlaced
downloaded
There are 55 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://autode.sk/4bb5BeV
malicious
https://langevinonline.net/7d719490e0f1a74c929a6fbc76695143662ab9bac6cd3LOG7d719490e0f1a74c929a6fbc76695143662ab9bac6cd4
malicious
https://damassets.autodesk.com/content/dam/autodesk/privacy/wads.html
https://drive.autodesk.com/oauth.html?error_description=The+client+specified+not+to+prompt%2C+but+the+user+is+not+logged+in.&state=UFpKdTgtMjNuTkdQSWRQZWI3V0F3LldLZlg2bDZtUGNETGJyWWtfYmhXRA%3D%3D&error=access_denied#.
https://drive.autodesk.com/de28a5d6a/shares/SH512d4QTec90decfa6ec8e4ac0e0a569c38
https://langevinonline.net/
about:blank
https://www.google.com/url?q=https%3A%2F%2Flangevinonline.net&sa=D&sntz=1&usg=AOvVaw2j6LtxkQmCInx3-r3q909k
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0nuo4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Domains

Name
IP
Malicious
developerx.api.autodesk.com
34.160.78.217
a.nel.cloudflare.com
35.190.80.1
widget.uservoice.com
104.17.29.92
d386d2qs7rw7pa.cloudfront.net
18.238.49.79
events.launchdarkly.com
18.210.197.67
langevinonline.net
172.67.166.154
cdn.us.oss.api.autodesk.com
54.230.31.28
stats.g.doubleclick.net
172.217.215.155
drive.autodesk.com
18.238.80.7
dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com
52.206.37.105
engine-11-3.authz-p-ue1-pf.cloudos.autodesk.com
54.161.33.86
autode.sk
67.199.248.12
challenges.cloudflare.com
104.17.2.184
www-env.dropbox-dns.com
162.125.9.18
autodesk.com.ssl.sc.omtrdc.net
63.140.38.210
www.google.com
172.217.215.147
analytics.google.com
64.233.176.139
epsilon.6sense.com
13.248.142.121
by2.uservoice.com
104.17.27.92
ib.anycast.adnxs.com
68.67.161.208
epsilon-cloudfront.6sense.com
18.160.78.89
dsprod-snowplow-ava-ecs-elb-1521947359.us-east-1.elb.amazonaws.com
34.204.115.252
dzfq4ouujrxm8.cloudfront.net
3.161.163.65
d327j5wh71069m.cloudfront.net
18.154.227.62
accounts.autodesk.com
unknown
auth.autodesk.com
unknown
damassets.autodesk.net
unknown
a.wa.autodesk.com
unknown
akamai.tiqcdn.com
unknown
siteintercept.qualtrics.com
unknown
secure.adnxs.com
unknown
znb2b6wn008pbgkwn-autodeskfeedback.siteintercept.qualtrics.com
unknown
b.6sc.co
unknown
www.dropbox.com
unknown
j.6sc.co
unknown
dpm.demdex.net
unknown
developer.api.autodesk.com
unknown
app.launchdarkly.com
unknown
smetrics.autodesk.com
unknown
c.6sc.co
unknown
damassets.autodesk.com
unknown
c.wa.autodesk.com
unknown
tags.tiqcdn.com
unknown
ipv6.6sc.co
unknown
There are 34 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
52.2.102.39
unknown
United States
172.217.215.147
www.google.com
United States
34.204.115.252
dsprod-snowplow-ava-ecs-elb-1521947359.us-east-1.elb.amazonaws.com
United States
54.161.33.86
engine-11-3.authz-p-ue1-pf.cloudos.autodesk.com
United States
18.238.49.79
d386d2qs7rw7pa.cloudfront.net
United States
13.248.142.121
epsilon.6sense.com
United States
34.198.16.133
unknown
United States
18.210.197.67
events.launchdarkly.com
United States
162.125.9.18
www-env.dropbox-dns.com
United States
68.67.179.155
unknown
United States
173.222.249.17
unknown
United States
63.140.39.72
unknown
United States
142.251.15.99
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
108.177.122.138
unknown
United States
64.233.176.139
analytics.google.com
United States
54.230.31.28
cdn.us.oss.api.autodesk.com
United States
23.2.23.61
unknown
United States
74.125.138.99
unknown
United States
74.125.138.147
unknown
United States
23.1.33.13
unknown
United States
23.1.33.12
unknown
United States
172.253.124.138
unknown
United States
18.160.18.7
unknown
United States
18.238.80.7
drive.autodesk.com
United States
104.17.29.92
widget.uservoice.com
United States
239.255.255.250
unknown
Reserved
18.160.78.89
epsilon-cloudfront.6sense.com
United States
108.177.122.94
unknown
United States
173.222.249.89
unknown
United States
3.161.163.65
dzfq4ouujrxm8.cloudfront.net
United States
108.177.122.105
unknown
United States
104.17.2.184
challenges.cloudflare.com
United States
104.17.208.240
unknown
United States
74.125.138.100
unknown
United States
74.125.138.138
unknown
United States
64.233.176.94
unknown
United States
104.17.209.240
unknown
United States
192.168.2.16
unknown
unknown
68.67.161.208
ib.anycast.adnxs.com
United States
52.206.37.105
dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com
United States
23.79.183.31
unknown
United States
104.17.3.184
unknown
United States
18.154.227.62
d327j5wh71069m.cloudfront.net
United States
64.233.177.156
unknown
United States
172.67.166.154
langevinonline.net
United States
67.199.248.12
autode.sk
United States
172.217.215.155
stats.g.doubleclick.net
United States
74.125.136.97
unknown
United States
142.250.105.95
unknown
United States
23.214.187.157
unknown
United States
142.250.105.97
unknown
United States
54.209.244.119
unknown
United States
63.140.38.210
autodesk.com.ssl.sc.omtrdc.net
United States
104.17.27.92
by2.uservoice.com
United States
18.160.18.96
unknown
United States
151.101.2.217
unknown
United States
34.160.78.217
developerx.api.autodesk.com
United States
142.251.15.84
unknown
United States
There are 49 hidden IPs, click here to show them.