Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 46
|
gzip compressed data, from Unix, original size modulo 2^32 2456
|
downloaded
|
||
|
Chrome Cache Entry: 47
|
gzip compressed data, from Unix, original size modulo 2^32 55037
|
downloaded
|
||
|
Chrome Cache Entry: 48
|
MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24
with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 49
|
gzip compressed data, from Unix, original size modulo 2^32 444333
|
downloaded
|
||
|
Chrome Cache Entry: 50
|
gzip compressed data, from Unix, original size modulo 2^32 113084
|
downloaded
|
||
|
Chrome Cache Entry: 51
|
gzip compressed data, from Unix, original size modulo 2^32 141272
|
downloaded
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
 |
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2508 --field-trial-handle=2472,i,3685527749275689148,13619911006940924021,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://relevanteduofficelogin.relevantedu.xyz"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://relevanteduofficelogin.relevantedu.xyz
|
|
||
|
https://181eeb1c-862723ea.relevantedu.xyz/shared/1.0/content/js/ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js
|
178.128.58.202
|
||
|
http://relevanteduofficelogin.relevantedu.xyz/
|
178.128.58.202
|
||
|
https://l1ve.relevantedu.xyz/Me.htm?v=3
|
178.128.58.202
|
||
|
https://181eeb1c-862723ea.relevantedu.xyz/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
|
178.128.58.202
|
||
|
https://b5e70507-862723ea.relevantedu.xyz/api/report?catId=GW+estsfd+ams2
|
178.128.58.202
|
||
|
https://relevanteduofficelogin.relevantedu.xyz/
|
|||
|
https://0ffice.relevantedu.xyz/login
|
178.128.58.202
|
||
|
https://b72d03ca-862723ea.relevantedu.xyz/shared/1.0/content/js/BssoInterrupt_Core_Ggyc2EJnCaHFrI6xkBPLcg2.js
|
178.128.58.202
|
||
|
https://relevanteduofficelogin.relevantedu.xyz/favicon.ico
|
178.128.58.202
|
||
|
https://181eeb1c-862723ea.relevantedu.xyz/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
|
178.128.58.202
|
||
|
https://181eeb1c-862723ea.relevantedu.xyz/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
|
178.128.58.202
|
||
|
https://relevanteduofficelogin.relevantedu.xyz/862723eaca4a492d82ff65e2c911b8f7/
|
178.128.58.202
|
||
|
https://181eeb1c-862723ea.relevantedu.xyz/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_0lriinjhzchre9aqecvmpg2.js
|
178.128.58.202
|
There are 3 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
l1ve.relevantedu.xyz
|
178.128.58.202
|
|
|
|
relevanteduofficelogin.relevantedu.xyz
|
178.128.58.202
|
|
|
|
0ffice.relevantedu.xyz
|
178.128.58.202
|
|
|
|
b72d03ca-862723ea.relevantedu.xyz
|
178.128.58.202
|
|
|
|
b5e70507-862723ea.relevantedu.xyz
|
178.128.58.202
|
|
|
|
181eeb1c-862723ea.relevantedu.xyz
|
178.128.58.202
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
www.google.com
|
142.250.217.196
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
178.128.58.202
|
l1ve.relevantedu.xyz
|
Netherlands
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.217.228
|
unknown
|
United States
|
||
|
192.168.2.6
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://relevanteduofficelogin.relevantedu.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.relevantedu.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.relevantedu.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638497434879938985.OTMyZmM3YzEtY2MyMi00ZmU5LTkxMTQtMWMyYmUxMzYyYzk4OTQ3NDFiZTItZTk1Yi00YmUzLTg0NTItYzljYzJmODhkMTg5&ui_locales=en-US&mkt=en-US&client-request-id=a4b512c3-a4a0-416b-b35b-186efbe5fd83&state=z_lP4Q7OlsbDNVLBmi5Sby8cvacKieMrTNK4rEt0GbamdiB8wnIxsYcFX-rFgHWE_Ru2xu_bmjibdV8Ddj3tloQQaAJAjps-zHUvR0J7MIwpLI1Y0mPgnAQw4mD5QWLEl5GuAesYSybJvS4VEOlwn1h8fvgK1g1vCRIePf0_pCHGdDqF5ULOxPc1BylSBOJ3E7LyUlGJCUjO87Y6yncYfdeUHtqs7BjUgu0zRe2oX7FTvRghQR51J1XPJez2jEdriWD-Zask3nenOQMdGQWWVw&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0
|
|
|
|
https://relevanteduofficelogin.relevantedu.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.relevantedu.xyz%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.relevantedu.xyz%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638497434879938985.OTMyZmM3YzEtY2MyMi00ZmU5LTkxMTQtMWMyYmUxMzYyYzk4OTQ3NDFiZTItZTk1Yi00YmUzLTg0NTItYzljYzJmODhkMTg5&ui_locales=en-US&mkt=en-US&client-request-id=a4b512c3-a4a0-416b-b35b-186efbe5fd83&state=z_lP4Q7OlsbDNVLBmi5Sby8cvacKieMrTNK4rEt0GbamdiB8wnIxsYcFX-rFgHWE_Ru2xu_bmjibdV8Ddj3tloQQaAJAjps-zHUvR0J7MIwpLI1Y0mPgnAQw4mD5QWLEl5GuAesYSybJvS4VEOlwn1h8fvgK1g1vCRIePf0_pCHGdDqF5ULOxPc1BylSBOJ3E7LyUlGJCUjO87Y6yncYfdeUHtqs7BjUgu0zRe2oX7FTvRghQR51J1XPJez2jEdriWD-Zask3nenOQMdGQWWVw&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true
|
|
|
|
https://relevanteduofficelogin.relevantedu.xyz/
|
||
|
https://relevanteduofficelogin.relevantedu.xyz/
|