Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:09:19 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:09:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:09:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:09:19 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:09:18 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 70
|
ASCII text, with very long lines (809)
|
downloaded
|
||
Chrome Cache Entry: 71
|
ASCII text, with very long lines (10208)
|
downloaded
|
||
Chrome Cache Entry: 72
|
HTML document, ASCII text, with very long lines (8006), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 73
|
ASCII text, with very long lines (1222), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 74
|
ASCII text, with very long lines (631)
|
downloaded
|
There are 2 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2012,i,8407640223723030326,17852212348468872010,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://249208506065339175713065343682620339232232032338309340364496680261609853560675097851030655341200131817362917853377759200390001605154889513680026748787630195/
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1996,i,5348041525371635847,14340950988015630701,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.ensp.fiocruz.br/portal-ensp/entrevista/counter.php?content=http://owens-minor.com&contentid=32190&link=https://nabbeton.com/!"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://www.ensp.fiocruz.br/portal-ensp/entrevista/counter.php?content=http://owens-minor.com&contentid=32190&link=https://nabbeton.com/!
|
|||
https://nabbeton.com/!/
|
|||
http://www.ensp.fiocruz.br/portal-ensp/entrevista/counter.php?content=http://owens-minor.com&contentid=32190&link=https://nabbeton.com/!
|
157.86.160.90
|
||
https://developers.google.com/recaptcha/docs/faq#localhost_support
|
unknown
|
||
https://www.google.com/recaptcha/api.js?render=6LeHuMMpAAAAABiEPEEmflNkcOSMpz3Up0FkOmgt
|
142.250.217.164
|
||
https://nabbeton.com/resources/favicon.ico
|
217.144.104.57
|
||
https://www.jsdelivr.com/using-sri-with-dynamic-files
|
unknown
|
||
https://support.google.com/recaptcha#6262736
|
unknown
|
||
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
https://recaptcha.net
|
unknown
|
||
https://www.apache.org/licenses/
|
unknown
|
||
https://www.google.com/async/newtab_promos
|
142.251.35.228
|
||
https://cdn.jsdelivr.net/npm/js-md5@0.8.3/src/md5.min.js
|
151.101.193.229
|
||
https://support.google.com/recaptcha/?hl=en#6223828
|
unknown
|
||
https://cloud.google.com/contact
|
unknown
|
||
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
|
unknown
|
||
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRmgZjcGO-yrrEGIjA3Di4n3jLhf7YYe14eUY5-POAkzsl9dp29LpX0CansmO7MyI_rKsyHGyBKQ-52JUUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.251.35.228
|
||
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
|
unknown
|
||
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRmgZjcGO-yrrEGIjB0usfR5Df6b3J8P-rVLSoVvnY06M_y4O82xJv3_oF7fIYO2jhpCowgSZeUajpdrWcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.251.35.228
|
||
https://support.google.com/recaptcha/#6175971
|
unknown
|
||
https://kt-met-it.com/b11cc541-9bfb-4e51-a5aa-12444985cd29/c9YMDpstwYbAHlgdSi
|
unknown
|
||
https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
|
unknown
|
||
https://cdn.jsdelivr.net/npm/js-md5
|
unknown
|
||
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
|
142.251.35.228
|
||
https://www.google.com/recaptcha/api2/
|
unknown
|
||
https://nabbeton.com/!
|
217.144.104.57
|
||
https://github.com/emn178/js-md5
|
unknown
|
||
https://support.google.com/recaptcha
|
unknown
|
There are 19 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
nabbeton.com
|
217.144.104.57
|
||
jsdelivr.map.fastly.net
|
151.101.193.229
|
||
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
www.ensp.fiocruz.br
|
157.86.160.90
|
||
www.google.com
|
142.251.35.228
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
cdn.jsdelivr.net
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
151.101.193.229
|
jsdelivr.map.fastly.net
|
United States
|
||
192.168.2.5
|
unknown
|
unknown
|
||
142.250.217.164
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.251.35.228
|
www.google.com
|
United States
|
||
157.86.160.90
|
www.ensp.fiocruz.br
|
Brazil
|
||
217.144.104.57
|
nabbeton.com
|
Iran (ISLAMIC Republic Of)
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://nabbeton.com/!/
|
||
https://nabbeton.com/!/
|
||
https://nabbeton.com/!/
|