Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Downloads\PrivacyGuardBrowser.1.10.78.0.Msix (copy)
|
Zip archive data, at least v4.5 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\Downloads\Unconfirmed 149792.crdownload
|
Zip archive data, at least v4.5 to extract, compression method=store
|
dropped
|
||
|
Chrome Cache Entry: 59
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 60
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 61
|
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 62
|
ASCII text, with very long lines (607)
|
downloaded
|
||
|
Chrome Cache Entry: 63
|
HTML document, ASCII text, with very long lines (532)
|
downloaded
|
||
|
Chrome Cache Entry: 64
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 65
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 66
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 67
|
PNG image data, 396 x 185, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 68
|
PNG image data, 396 x 186, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 69
|
PNG image data, 396 x 185, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 71
|
ISO Media, MP4 v2 [ISO 14496-14]
|
downloaded
|
||
|
Chrome Cache Entry: 72
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 73
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 74
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 75
|
HTML document, Unicode text, UTF-8 text, with very long lines (2013)
|
downloaded
|
||
|
Chrome Cache Entry: 76
|
PNG image data, 1440 x 1024, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 78
|
Unicode text, UTF-8 (with BOM) text, with very long lines (547)
|
downloaded
|
||
|
Chrome Cache Entry: 79
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 81
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 82
|
PNG image data, 1440 x 1024, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 83
|
PNG image data, 396 x 186, 8-bit/color RGBA, non-interlaced
|
downloaded
|
There are 18 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1904,i,16374361133097479990,13026938040437888917,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://remotescripps.org"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c "C:\Users\user\Desktop\"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://remotescripps.org
|
|||
|
https://yandex.com/an/sync_cookie
|
unknown
|
||
|
https://cintlp.zautils.online/?subid=90818130074&cid=8899&tag=dm&dkw=remotescripps.org&rhi=a35e5edf-bf95-4e80-bdb3-bc6efdf294a5
|
|||
|
http://104.154.23.126/data-ingest
|
unknown
|
||
|
https://impr.zautils.online/impression?c=intpgdirect
|
unknown
|
||
|
https://red.zautils.online/downloadproxy/intpgdirect/
|
unknown
|
||
|
https://mc.yandex.
|
unknown
|
||
|
https://s3.mds.yandex.net/internal-metrika-betas
|
unknown
|
||
|
https://yastatic.net/s3/gdpr/v3/gdpr
|
unknown
|
||
|
https://yastatic.net/s3/metrika
|
unknown
|
||
|
https://ymetrica1.com/watch/3/1
|
unknown
|
||
|
https://dtools.zautils.online/geturl/PrivacyGuard/intpgdirect
|
unknown
|
||
|
https://mc.yandex.md/cc
|
unknown
|
||
|
https://yastatic.net/s3/taxi-front/yango-gdpr-popup/
|
unknown
|
There are 3 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.178.50.36
|
unknown
|
United States
|
||
|
142.250.189.131
|
unknown
|
United States
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
35.186.241.51
|
unknown
|
United States
|
||
|
192.178.50.46
|
unknown
|
United States
|
||
|
173.194.212.84
|
unknown
|
United States
|
||
|
130.211.34.183
|
unknown
|
United States
|
||
|
162.254.207.59
|
unknown
|
United States
|
||
|
142.250.189.138
|
unknown
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
130.211.5.208
|
unknown
|
United States
|
||
|
172.67.136.85
|
unknown
|
United States
|
||
|
142.250.217.163
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
206.189.225.178
|
unknown
|
United States
|
||
|
93.158.134.119
|
unknown
|
Russian Federation
|
||
|
3.220.57.224
|
unknown
|
United States
|
||
|
87.250.251.119
|
unknown
|
Russian Federation
|
||
|
142.250.217.195
|
unknown
|
United States
|
||
|
52.20.78.240
|
unknown
|
United States
|
||
|
13.35.116.96
|
unknown
|
United States
|
There are 11 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://cintlp.zautils.online/?subid=90818130074&cid=8899&tag=dm&dkw=remotescripps.org&rhi=a35e5edf-bf95-4e80-bdb3-bc6efdf294a5
|