Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
POattach.html
|
HTML document, Unicode text, UTF-8 text, with very long lines (17659), with CRLF line terminators
|
initial sample
|
||
Chrome Cache Entry: 80
|
ASCII text, with very long lines (771)
|
downloaded
|
||
Chrome Cache Entry: 81
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 1280x656,
components 3
|
dropped
|
||
Chrome Cache Entry: 82
|
ASCII text, with very long lines (50758)
|
downloaded
|
||
Chrome Cache Entry: 83
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 1280x656,
components 3
|
downloaded
|
||
Chrome Cache Entry: 84
|
ASCII text, with very long lines (32065)
|
downloaded
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\POattach.html"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1992,i,4275330503968366977,14474711898625079558,262144
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://739759078368945019535231516431401126273227452560306561161109/
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2016,i,10206737139113049155,15613713108784648929,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
file:///C:/Users/user/Desktop/POattach.html
|
|||
https://github.com/twbs/bootstrap/graphs/contributors)
|
unknown
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.64.196
|
||
https://i.postimg.cc/4nk1H1rD/invoce-background.jpg
|
162.249.168.129
|
||
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRmgZjcGJe2rrEGIjBAC3Sl0nJ4h2THKc6MXQJMPjcvZ2b6sbOMlO_dlr_YCxyCxMotFFGEecXYoVCzog4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.250.64.196
|
||
https://mail.nifty.com/mailer/2nd/images/login/btn_01_on.gif
|
unknown
|
||
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
https://innertempleretreats.com/aredirect/next.php
|
unknown
|
||
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
|
104.18.11.207
|
||
https://www.google.com/async/newtab_promos
|
142.250.64.196
|
||
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
|
142.250.64.196
|
||
https://getbootstrap.com/)
|
unknown
|
||
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRmgZjcGJe2rrEGIjBIUzmP8MjS68jsU5n7lalH86H45ODGAtFoirmRa8CbfH9TSmM6tQA67w0nt09hXd8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.250.64.196
|
There are 3 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
stackpath.bootstrapcdn.com
|
104.18.11.207
|
||
i.postimg.cc
|
162.249.168.129
|
||
www.google.com
|
142.250.64.196
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
192.168.2.6
|
unknown
|
unknown
|
||
162.249.168.129
|
i.postimg.cc
|
United States
|
||
104.18.11.207
|
stackpath.bootstrapcdn.com
|
United States
|
||
142.250.64.196
|
www.google.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
file:///C:/Users/user/Desktop/POattach.html
|