Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:13:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:13:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:13:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:13:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 12:13:52 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 100
|
gzip compressed data, from Unix, original size modulo 2^32 5350
|
downloaded
|
||
Chrome Cache Entry: 101
|
gzip compressed data, from Unix, original size modulo 2^32 8238
|
downloaded
|
||
Chrome Cache Entry: 102
|
gzip compressed data, from Unix, original size modulo 2^32 144901
|
downloaded
|
||
Chrome Cache Entry: 103
|
gzip compressed data, from Unix, original size modulo 2^32 107697
|
downloaded
|
||
Chrome Cache Entry: 104
|
gzip compressed data, from Unix, original size modulo 2^32 11015
|
downloaded
|
||
Chrome Cache Entry: 105
|
gzip compressed data, from Unix, original size modulo 2^32 292
|
downloaded
|
||
Chrome Cache Entry: 106
|
gzip compressed data, from Unix, original size modulo 2^32 2409
|
downloaded
|
||
Chrome Cache Entry: 107
|
gzip compressed data, from Unix, original size modulo 2^32 7326
|
downloaded
|
||
Chrome Cache Entry: 108
|
GIF image data, version 89a, 24 x 24
|
dropped
|
||
Chrome Cache Entry: 109
|
PNG image data, 130 x 100, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 110
|
PNG image data, 992 x 1121, 8-bit/color RGB, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 111
|
gzip compressed data, from Unix, original size modulo 2^32 608
|
downloaded
|
||
Chrome Cache Entry: 112
|
gzip compressed data, from Unix, original size modulo 2^32 19353
|
downloaded
|
||
Chrome Cache Entry: 113
|
gzip compressed data, from Unix, original size modulo 2^32 89476
|
downloaded
|
||
Chrome Cache Entry: 114
|
PNG image data, 130 x 100, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 115
|
gzip compressed data, from Unix, original size modulo 2^32 910
|
downloaded
|
||
Chrome Cache Entry: 116
|
gzip compressed data, from Unix, original size modulo 2^32 2230
|
downloaded
|
||
Chrome Cache Entry: 117
|
Unicode text, UTF-8 text, with very long lines (11001)
|
downloaded
|
||
Chrome Cache Entry: 118
|
gzip compressed data, from Unix, original size modulo 2^32 72174
|
downloaded
|
||
Chrome Cache Entry: 119
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 120
|
gzip compressed data, from Unix, original size modulo 2^32 15406
|
dropped
|
||
Chrome Cache Entry: 121
|
Unicode text, UTF-8 text, with very long lines (65466)
|
downloaded
|
||
Chrome Cache Entry: 122
|
gzip compressed data, from Unix, original size modulo 2^32 74074
|
downloaded
|
||
Chrome Cache Entry: 123
|
gzip compressed data, from Unix, original size modulo 2^32 23523
|
downloaded
|
||
Chrome Cache Entry: 124
|
PNG image data, 226 x 80, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 125
|
gzip compressed data, from Unix, original size modulo 2^32 14208
|
downloaded
|
||
Chrome Cache Entry: 126
|
gzip compressed data, from Unix, original size modulo 2^32 10572
|
downloaded
|
||
Chrome Cache Entry: 127
|
gzip compressed data, from Unix, original size modulo 2^32 15406
|
dropped
|
||
Chrome Cache Entry: 128
|
gzip compressed data, from Unix, original size modulo 2^32 18921
|
downloaded
|
||
Chrome Cache Entry: 129
|
gzip compressed data, from Unix, original size modulo 2^32 15406
|
downloaded
|
||
Chrome Cache Entry: 130
|
gzip compressed data, from Unix, original size modulo 2^32 5054
|
downloaded
|
||
Chrome Cache Entry: 131
|
gzip compressed data, from Unix, original size modulo 2^32 1348
|
downloaded
|
||
Chrome Cache Entry: 132
|
gzip compressed data, from Unix, original size modulo 2^32 11054
|
downloaded
|
||
Chrome Cache Entry: 133
|
gzip compressed data, from Unix, original size modulo 2^32 5032
|
downloaded
|
||
Chrome Cache Entry: 134
|
gzip compressed data, from Unix, original size modulo 2^32 15406
|
downloaded
|
||
Chrome Cache Entry: 135
|
PNG image data, 226 x 80, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 136
|
gzip compressed data, from Unix, original size modulo 2^32 1401
|
downloaded
|
||
Chrome Cache Entry: 137
|
GIF image data, version 89a, 24 x 24
|
downloaded
|
||
Chrome Cache Entry: 93
|
gzip compressed data, from Unix, original size modulo 2^32 13808
|
downloaded
|
||
Chrome Cache Entry: 94
|
gzip compressed data, from Unix, original size modulo 2^32 253669
|
downloaded
|
||
Chrome Cache Entry: 95
|
gzip compressed data, from Unix, original size modulo 2^32 22827
|
downloaded
|
||
Chrome Cache Entry: 96
|
gzip compressed data, from Unix, original size modulo 2^32 573743
|
downloaded
|
||
Chrome Cache Entry: 97
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 98
|
Unicode text, UTF-8 text, with very long lines (55300)
|
downloaded
|
||
Chrome Cache Entry: 99
|
PNG image data, 992 x 1121, 8-bit/color RGB, non-interlaced
|
downloaded
|
There are 42 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2360 --field-trial-handle=2312,i,5904013108374987392,6537605645107527373,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://lingos.netdimensions.com/lingos"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://lingos.netdimensions.com/lingos
|
|||
http://lingos.netdimensions.com/lingos/nd/fresco/login/scripts/jquery-1.4.2.min.js
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/styles_core/base.css
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/views/accessibility.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/views/common.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/login/scripts/prettyphoto/js/jquery.prettyPhoto.js
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/alternaterows/jquery.alternaterows.js?22.03.1
|
18.196.219.159
|
||
http://ui.peoplefluent.com/versions/0.10/fluenticons.css
|
18.173.166.51
|
||
http://ui.peoplefluent.com/versions/0.10/peoplefluent-components.css
|
18.173.166.51
|
||
http://lingos.netdimensions.com/lingos/servlet/resetpassword
|
|||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/jQuery/jquery-3.5.1.min.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/styles/LINGOs/main.css
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/hyphenator/Hyphenator.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/jQuery/jquery-migrate-3.3.0.min.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/jQuery/ui/jquery-ui-1.12.1.min.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/styles/LINGOs/images/customize/bg-body-frameless.png
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/messagebar/jquery.messagebar.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/servlet/ekp/login#help
|
|||
http://lingos.netdimensions.com/lingos/servlet/ekp/login
|
|||
http://lingos.netdimensions.com/lingos/nd/fresco/login/scripts/prettyphoto/css/prettyPhoto.css
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/login/scripts/prettyphoto/images/prettyPhoto/light_rounded/loader.gif
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/jsutility.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/views/netd-namespaces.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/conditionizr/conditionizr.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/views/InlineUniversalSearch.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/views/BaseView.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/login/scripts/jquery.innerfade.js
|
18.196.219.159
|
||
http://lingos.netdimensions.com/favicon.ico
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/login/scripts/prettyphoto/images/prettyPhoto/light_rounded/sprite.png
|
18.196.219.159
|
||
http://ui.peoplefluent.com/versions/0.10/peoplefluent-vendors.css
|
18.173.166.51
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/component/netd-component.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/styles_core/base-plugin-custom.css
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/views/DropDownMenus.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/styles/LINGOs/images/customize/logo.png
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/views/base-plugin-custom.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/favicon.ico
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/views/jqueryInit.js?22.03.1
|
18.196.219.159
|
||
http://lingos.netdimensions.com/lingos/nd/fresco/javascript/messagebar/css/jquery.messagebar.css
|
18.196.219.159
|
There are 29 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
d11mswrjgd8r5y.cloudfront.net
|
18.173.166.51
|
||
lingos.netdimensions.com
|
18.196.219.159
|
||
www.google.com
|
192.178.50.36
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
ui.peoplefluent.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
192.178.50.36
|
www.google.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
18.173.166.51
|
d11mswrjgd8r5y.cloudfront.net
|
United States
|
||
18.196.219.159
|
lingos.netdimensions.com
|
United States
|
||
192.168.2.5
|
unknown
|
unknown
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
http://lingos.netdimensions.com/lingos/servlet/ekp/login
|
||
http://lingos.netdimensions.com/lingos/servlet/resetpassword
|
||
http://lingos.netdimensions.com/lingos/servlet/resetpassword
|
||
http://lingos.netdimensions.com/lingos/servlet/ekp/login#help
|