Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 100
|
TrueType Font data, 16 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2015 Google Inc. All Rights Reserved.Roboto
MonoRegularGoogle:Roboto Mono:2015Roboto M
|
downloaded
|
||
Chrome Cache Entry: 101
|
Web Open Font Format (Version 2), TrueType, length 106916, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 102
|
Web Open Font Format (Version 2), TrueType, length 106916, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 103
|
TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright (c) 2010 Google Corporation.CousineRegularAscender
- CousineVersion 1.2
|
downloaded
|
||
Chrome Cache Entry: 104
|
PNG image data, 68 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 105
|
Web Open Font Format (Version 2), TrueType, length 106484, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 106
|
HTML document, Unicode text, UTF-8 text, with very long lines (850)
|
downloaded
|
||
Chrome Cache Entry: 107
|
PNG image data, 68 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 108
|
TrueType Font data, 17 tables, 1st "GDEF", 30 names, Macintosh, Copyright (c) 2010-2013 by tyPoland Lukasz Dziedzic with Reserved
Font Name "Carlito". Licensed
|
downloaded
|
||
Chrome Cache Entry: 109
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 110
|
PNG image data, 482 x 304, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 111
|
ASCII text, with very long lines (551)
|
downloaded
|
||
Chrome Cache Entry: 112
|
TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion
2.001101; 2014Roboto-Regular
|
downloaded
|
||
Chrome Cache Entry: 113
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 114
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 115
|
PNG image data, 482 x 304, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 116
|
Web Open Font Format, TrueType, length 37588, version 1.104
|
downloaded
|
||
Chrome Cache Entry: 117
|
Web Open Font Format (Version 2), TrueType, length 106484, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 118
|
Web Open Font Format (Version 2), TrueType, length 100368, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 119
|
TrueType Font data, 21 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright (c) 2010-2012 Google
Corporation.TinosRegularMonotype Imaging - TinosVe
|
downloaded
|
||
Chrome Cache Entry: 120
|
Web Open Font Format, TrueType, length 24600, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 121
|
ASCII text, with very long lines (324)
|
downloaded
|
||
Chrome Cache Entry: 122
|
Web Open Font Format, TrueType, length 26436, version 4.1
|
downloaded
|
||
Chrome Cache Entry: 123
|
PNG image data, 393 x 120, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 124
|
ASCII text, with very long lines (4030)
|
downloaded
|
||
Chrome Cache Entry: 125
|
Web Open Font Format, TrueType, length 18456, version 1.2
|
downloaded
|
||
Chrome Cache Entry: 83
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 84
|
ASCII text, with very long lines (1930)
|
downloaded
|
||
Chrome Cache Entry: 85
|
TrueType Font data, digitally signed, 16 tables, 1st "DSIG", 32 names, Macintosh
|
downloaded
|
||
Chrome Cache Entry: 86
|
ASCII text, with very long lines (61526)
|
downloaded
|
||
Chrome Cache Entry: 87
|
Web Open Font Format (Version 2), TrueType, length 100368, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 88
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 89
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 90
|
PNG image data, 393 x 120, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 91
|
TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011,
Google Corporation.Open SansRegularAscender - Open Sans
|
downloaded
|
||
Chrome Cache Entry: 92
|
Web Open Font Format, TrueType, length 28512, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 93
|
TrueType Font data, 19 tables, 1st "FFTM", 30 names, Macintosh
|
downloaded
|
||
Chrome Cache Entry: 94
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 95
|
TrueType Font data, 21 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright (c) 2010-2012 Google
Corporation.ArimoRegularMonotype Imaging - ArimoVe
|
downloaded
|
||
Chrome Cache Entry: 96
|
ASCII text, with very long lines (53422)
|
downloaded
|
||
Chrome Cache Entry: 97
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 98
|
ASCII text, with very long lines (2356)
|
downloaded
|
||
Chrome Cache Entry: 99
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
There are 40 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2464 --field-trial-handle=2316,i,17975090354257941386,3941918294337709614,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.auditi.de/responder"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://app.auditi.de/responder
|
|||
http://www.typoland.com/http://www.typoland.com/designers/Lukasz_Dziedzic/Copyright
|
unknown
|
||
http://www.unicode.org/reports/tr35/tr35-31/tr35-dates.html#Date_Format_tokens
|
unknown
|
||
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/Tinos.ttf
|
46.182.150.8
|
||
https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
|
unknown
|
||
https://github.com/select2/select2/blob/master/LICENSE.md
|
unknown
|
||
https://github.com/facebook/flow/issues/1414
|
unknown
|
||
https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
|
unknown
|
||
http://codereview.stackexchange.com/q/13338
|
unknown
|
||
https://stackoverflow.com/questions/49875255
|
unknown
|
||
https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
|
unknown
|
||
http://www.unicode.org/reports/tr35/tr35-31/tr35-dates.html#Date_Format_Patterns
|
unknown
|
||
https://www.auditi.de/imprint/
|
unknown
|
||
https://date-fns.org/docs/setWeekYear
|
unknown
|
||
https://github.com/popperjs/popper-core/issues/837
|
unknown
|
||
https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
|
unknown
|
||
https://reactjs.org/docs/context.html#contextdisplayname
|
unknown
|
||
https://app.auditi.de/aude-favicon.ico?v=xQd7xlkw7F
|
46.182.150.8
|
||
https://bugzilla.mozilla.org/show_bug.cgi?id=687787
|
unknown
|
||
https://bugs.chromium.org/p/chromium/issues/detail?id=470258
|
unknown
|
||
https://www.auditi.de/privacy
|
unknown
|
||
https://app.auditi.de/assets/auditi-84e52db785622fe9811dda94bfecf0cf2b452733fdc939a670c828facb1034b1.png
|
46.182.150.8
|
||
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/OpenSans.ttf
|
46.182.150.8
|
||
http://eev.ee/blog/2015/09/12/dark-corners-of-unicode/).
|
unknown
|
||
https://fengyuanchen.github.io/cropperjs
|
unknown
|
||
https://www.youtube.com/watch?v=cZSjDaGDmX8
|
unknown
|
||
http://momentjs.com/guides/#/warnings/zone/
|
unknown
|
||
https://docs.apryse.com/documentation/web/faq/loading-errors/#not-allowed-to-load-local-resource:-fi
|
unknown
|
||
http://www.ascendercorp.com/
|
unknown
|
||
https://github.com/rails/rails/blob/master/actionview/app/assets/javascripts
|
unknown
|
||
https://vimeo.com/
|
unknown
|
||
https://app.auditi.de/webviewer/ui/index.html
|
46.182.150.8
|
||
https://app.auditi.de/webviewer/ui/assets/fonts/Lato-Regular.woff
|
46.182.150.8
|
||
http://getify.mit-license.org
|
unknown
|
||
https://html.spec.whatwg.org/#nonce-attributes
|
unknown
|
||
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/Cousine.ttf
|
46.182.150.8
|
||
http://jsperf.com/diacritics/18
|
unknown
|
||
https://github.com/date-fns/date-fns/blob/master/docs/upgradeGuide.md#string-arguments
|
unknown
|
||
https://www.pdftron.com/webfonts/v2/
|
unknown
|
||
https://bugs.webkit.org/show_bug.cgi?id=174980#c2
|
unknown
|
||
https://jsperf.com/getall-vs-sizzle/2
|
unknown
|
||
https://github.com/Flet/prettier-bytes/
|
unknown
|
||
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/Roboto.ttf
|
46.182.150.8
|
||
http://underscorejs.org/LICENSE
|
unknown
|
||
https://github.com/popperjs/popper-core/issues/1223
|
unknown
|
||
https://github.com/fengyuanchen/cropper/issues/476
|
unknown
|
||
https://app.auditi.de/assets/inter/Inter-SemiBold-9090abc8aaa4deb330c04ab79cf1eb5f24bc3de76e3f637cc3593d4a1386e3d5.woff2
|
46.182.150.8
|
||
https://jquery.com/
|
unknown
|
||
https://webtiming.github.io/timingobject/
|
unknown
|
||
https://date-fns.org/docs/Locale
|
unknown
|
||
https://docs.apryse.com/documentation/web/faq/content-encoding/
|
unknown
|
||
http://scripts.sil.org/OFL).http://scripts.sil.org/OFL
|
unknown
|
||
https://people.mozilla.org/~jorendorff/es6-draft.html#sec-generatorresume
|
unknown
|
||
https://app.auditi.de/webviewer/core/pdf/PDFNetLean.js
|
46.182.150.8
|
||
https://bugs.jquery.com/ticket/4833
|
unknown
|
||
https://mathiasbynens.be/notes/javascript-unicode).
|
unknown
|
||
https://sizzlejs.com/
|
unknown
|
||
http://momentjs.com/guides/#/warnings/min-max/
|
unknown
|
||
https://push.appsignal.com
|
unknown
|
||
https://npms.io/search?q=ponyfill.
|
unknown
|
||
https://app.auditi.de/webviewer/ui/assets/fonts/Nothing-You-Could-Do.woff
|
46.182.150.8
|
||
https://dev.apryse.com/.
|
unknown
|
||
https://github.com/szimek/signature_pad
|
unknown
|
||
https://html.spec.whatwg.org/multipage/dom.html#embedding-custom-non-visible-data-with-the-data-
|
unknown
|
||
https://www.auditi.de/
|
unknown
|
||
https://bugs.jquery.com/ticket/12359
|
unknown
|
||
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/Getter_only
|
unknown
|
||
https://app.auditi.de/webviewer/ui/assets/fonts/La-Belle-Aurore.woff
|
46.182.150.8
|
||
https://reactjs.org/link/react-polyfills
|
unknown
|
||
https://app.auditi.de/login
|
|||
http://ecma-international.org/ecma-262/7.0/#sec-tolength).
|
unknown
|
||
https://github.com/jquery/jquery/pull/557)
|
unknown
|
||
https://app.auditi.de/assets/inter/Inter-SemiBold.woff2
|
46.182.150.8
|
||
https://blog.izs.me/2013/08/designing-apis-for-asynchrony)
|
unknown
|
||
https://bugs.chromium.org/p/chromium/issues/detail?id=378607
|
unknown
|
||
http://dl.dropboxusercontent.com/u/35146/js/tests/isNumber.html
|
unknown
|
||
http://momentjs.com/guides/#/warnings/define-locale/
|
unknown
|
||
https://github.com/preactjs/preact/issues/3927
|
unknown
|
||
https://developer.mozilla.org/en-US/docs/Web/CSS/Containing_block#identifying_the_containing_block
|
unknown
|
||
https://app.auditi.de/assets/inter/Inter-Medium.woff2
|
46.182.150.8
|
||
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/Carlito.ttf
|
46.182.150.8
|
||
https://app.auditi.de/webviewer/ui/i18n/translation-en.json
|
46.182.150.8
|
||
https://app.auditi.de/assets/responder-ed59852fad92e4a36d049eddcf2b8c441dfb0ee51b7e98542ebb4d2238253738.css
|
46.182.150.8
|
||
http://www.ascendercorp.com/http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.ht
|
unknown
|
||
https://drafts.csswg.org/cssom/#resolved-values
|
unknown
|
||
https://bugs.chromium.org/p/chromium/issues/detail?id=589347
|
unknown
|
||
https://date-fns.org/docs/getISOWeekYear
|
unknown
|
||
https://app.auditi.de/responder
|
|||
https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
|
unknown
|
||
https://promisesaplus.com/#point-59
|
unknown
|
||
https://www.auditi.de/privacy/
|
unknown
|
||
https://promisesaplus.com/#point-57
|
unknown
|
||
https://promisesaplus.com/#point-54
|
unknown
|
||
http://momentjs.com/guides/#/warnings/dst-shifted/
|
unknown
|
||
https://timingsrc.readthedocs.io/en/latest/
|
unknown
|
||
https://github.com/kossnocorp
|
unknown
|
||
https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
|
unknown
|
||
https://github.com/date-fns/date-fns/issues/376
|
unknown
|
||
https://jquery.org/license
|
unknown
|
||
https://select2.github.io
|
unknown
|
||
https://bugs.webkit.org/show_bug.cgi?id=137337
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
app.auditi.de
|
46.182.150.8
|
||
www.google.com
|
142.250.64.132
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
239.255.255.250
|
unknown
|
Reserved
|
||
46.182.150.8
|
app.auditi.de
|
Germany
|
||
142.250.64.132
|
www.google.com
|
United States
|
||
192.168.2.5
|
unknown
|
unknown
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://app.auditi.de/responder
|
||
https://app.auditi.de/login
|
||
https://app.auditi.de/webviewer/ui/index.html#a=1&disabledElements=thumbnailControl%2CtoggleCompareModeButton%2CnoteState%2CtoolbarGroup-Insert%2CtoolbarGroup-Shapes%2CtoolbarGroup-Edit%2CtoolbarGroup-FillAndSign%2CtoolbarGroup-Forms%2CaddReplyAttachmentButton%2CdownloadButton&readonly=1&filepicker=0&pdfnet=0&enableRedaction=0&disableVirtualDisplayMode=0&enableMeasurement=0¬esInLeftPanel=0&autoExpandOutlines=0&enableAnnotationNumbering=0&enableOfficeEditing=0&singleServerMode=false&selectAnnotationOnCreation=0&autoFocusNoteOnAnnotationSelection=1&disableMultiViewerComparison=1&showInvalidBookmarks=1&id=1&basePath=%2Fresponder&webViewerJSVersion=10.6.0
|
||
https://app.auditi.de/webviewer/ui/index.html#a=1&disabledElements=thumbnailControl%2CtoggleCompareModeButton%2CnoteState%2CtoolbarGroup-Insert%2CtoolbarGroup-Shapes%2CtoolbarGroup-Edit%2CtoolbarGroup-FillAndSign%2CtoolbarGroup-Forms%2CaddReplyAttachmentButton%2CdownloadButton&readonly=1&filepicker=0&pdfnet=0&enableRedaction=0&disableVirtualDisplayMode=0&enableMeasurement=0¬esInLeftPanel=0&autoExpandOutlines=0&enableAnnotationNumbering=0&enableOfficeEditing=0&singleServerMode=false&selectAnnotationOnCreation=0&autoFocusNoteOnAnnotationSelection=1&disableMultiViewerComparison=1&showInvalidBookmarks=1&id=1&basePath=%2Fresponder&webViewerJSVersion=10.6.0
|