Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 29 07:29:58 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 29 07:29:58 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 29 07:29:58 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 29 07:29:58 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 29 07:29:57 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
gzip compressed data, from Unix, original size modulo 2^32 155764
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
PNG image data, 1302 x 276, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB,
orientation=upper-left, width=1600], progressive, precision 8, 1600x800, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 71
|
assembler source, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 72
|
PNG image data, 1302 x 276, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 73
|
ASCII text, with very long lines (7321)
|
downloaded
|
||
|
Chrome Cache Entry: 74
|
ASCII text, with very long lines (65325)
|
downloaded
|
||
|
Chrome Cache Entry: 75
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB,
orientation=upper-left, width=1600], progressive, precision 8, 1600x800, components 3
|
dropped
|
||
|
Chrome Cache Entry: 76
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 78
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 79
|
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB,
orientation=upper-left, width=1600], progressive, precision 8, 1600x800, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 81
|
Web Open Font Format (Version 2), TrueType, length 80252, version 331.-31327
|
downloaded
|
||
|
Chrome Cache Entry: 82
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 83
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB,
orientation=upper-left, width=1600], progressive, precision 8, 1600x800, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 84
|
gzip compressed data, from Unix, original size modulo 2^32 34773
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
gzip compressed data, from Unix, original size modulo 2^32 4930
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
gzip compressed data, from Unix, original size modulo 2^32 3828
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 91
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
ASCII text, with very long lines (65451)
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
Unicode text, UTF-8 text, with very long lines (874)
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
gzip compressed data, from Unix, original size modulo 2^32 39751
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
HTML document, ASCII text, with very long lines (1238)
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB,
orientation=upper-left, width=1600], progressive, precision 8, 1600x800, components 3
|
dropped
|
||
|
Chrome Cache Entry: 97
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB,
orientation=upper-left, width=1600], progressive, precision 8, 1600x800, components 3
|
dropped
|
||
|
Chrome Cache Entry: 98
|
ASCII text, with very long lines (48664)
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
There are 27 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2028,i,14383046284550637843,4217427290722038496,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sdfsd.s3.bhs.cloud.ovh.net/v1/AUTH_8749f4abd4b14c57a9f85d6e4378c063/dsfdf/gfhfgh#cl/298587_smd/265/3571761/3180/201/26638"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://sdfsd.s3.bhs.cloud.ovh.net/v1/AUTH_8749f4abd4b14c57a9f85d6e4378c063/dsfdf/gfhfgh#cl/298587_smd/265/3571761/3180/201/26638
|
 |
||
|
https://ossiaband.cfd/71f5afdee459cf14a701e297ec4ea370
|
104.21.95.127
|
||
|
https://ossiaband.cfd/assets/js/intl_functions.js?v=6f0cfeb1af067fdd48b2b1e03bf20e6b
|
104.21.95.127
|
||
|
https://trk-amropode.com//scripts/pg/v9e118mez8
|
172.67.205.30
|
||
|
http://185.66.88.174/assets/css/lightbox.css
|
185.66.88.174
|
||
|
https://ossiaband.cfd/assets/js/gbvar.js?v=83
|
104.21.95.127
|
||
|
https://ossiaband.cfd/assets/js/isp/common.js?v=6f0cfeb1af067fdd48b2b1e03bf20e6b
|
104.21.95.127
|
||
|
https://sdfsd.s3.bhs.cloud.ovh.net/v1/AUTH_8749f4abd4b14c57a9f85d6e4378c063/dsfdf/gfhfgh
|
142.44.227.102
|
||
|
https://jantyport.com/0/2/50714/cbaa88a6638a953f4ff32304e1559c27/ltm_265/298587_1/201_26638_3571761_5431315_smd
|
193.163.199.51
|
||
|
https://persistdrum.cfd/?s1=351082&s2=1175653013&s3=6702&s4=ISP&ow=&s10=3079
|
172.67.219.132
|
||
|
https://ossiaband.cfd/assets/js/vendor/jquery-3.4.1.min.js
|
104.21.95.127
|
||
|
http://185.66.88.174/
|
185.66.88.174
|
||
|
https://ossiaband.cfd/service-worker.js
|
104.21.95.127
|
||
|
https://ossiaband.cfd/fim/3079-US/0d24812bb25030e5022cb4746e2d1585.jpg
|
104.21.95.127
|
||
|
https://ossiaband.cfd/fim/3079-US/c55e29793b062a2aa768004df29f785f.jpg
|
104.21.95.127
|
||
|
https://ossiaband.cfd/
|
104.21.95.127
|
||
|
https://ossiaband.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
|
104.21.95.127
|
||
|
https://ossiaband.cfd/assets/js/vendor/bootstrap/js/bootstrap.min.js
|
104.21.95.127
|
||
|
https://fontawesome.com/license/free
|
unknown
|
||
|
http://185.66.88.174#
|
unknown
|
||
|
http://185.66.88.174/assets/images/slide-02.jpg
|
185.66.88.174
|
||
|
https://fontawesome.com
|
unknown
|
||
|
https://ossiaband.cfd/inc/msg.v3.js?662f5a9494fa7
|
104.21.95.127
|
||
|
https://ossiaband.cfd/fim/3079-US/1ded2ac178f6ef5710b31241b6caed70.jpg
|
104.21.95.127
|
||
|
http://185.66.88.174/assets/css/owl-carousel.css
|
185.66.88.174
|
||
|
https://ossiaband.cfd/assets/js/vendor/bootstrap/css/bootstrap.min.css
|
104.21.95.127
|
||
|
https://github.com/twbs/bootstrap/graphs/contributors)
|
unknown
|
||
|
https://ossiaband.cfd/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
|
104.21.95.127
|
||
|
https://getbootstrap.com)
|
unknown
|
||
|
http://185.66.88.174/cl/298587_smd/265/3571761/3180/201/26638
|
185.66.88.174
|
||
|
https://ossiaband.cfd/fim/3079-US/735a271b96cf0cd241ae210c5fe7da15.jpg
|
104.21.95.127
|
||
|
http://185.66.88.174/assets/images/slide-03.jpg
|
185.66.88.174
|
||
|
http://185.66.88.174/assets/images/slide-01.jpg
|
185.66.88.174
|
||
|
https://ossiaband.cfd/assets/vendors/fontawesome/css/all.css
|
104.21.95.127
|
||
|
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
|
https://trk-amropode.com//scripts/sw/v9e118mez8
|
172.67.205.30
|
||
|
https://ossiaband.cfd/assets/css/isp/common.css?v=6f0cfeb1af067fdd48b2b1e03bf20e6b
|
104.21.95.127
|
||
|
https://a.nel.cloudflare.com/report/v4?s=15OAtRSx2uUpKe%2FI9pn1N1P9rHSgxQpfacJRR11z8qM7QIB8FKfTCeCDuBzyUdJjPIPvU5cwz6nWyOy9z1MsBct7hjkf%2F8pOTPy8VzUoNAXhSPiF%2BXvEnT8a8V04yWGF
|
35.190.80.1
|
||
|
http://185.66.88.174/assets/css/templatemo-breezed.css
|
185.66.88.174
|
||
|
http://185.66.88.174/assets/css/font-awesome.css
|
185.66.88.174
|
||
|
https://unisonroad.com
|
unknown
|
||
|
https://ossiaband.cfd/fim/3079-US/4853eea1522e7e5501574b30947d9d88.ico
|
104.21.95.127
|
||
|
https://trk-adulvion.com/scripts/push/v9e118mez8
|
172.67.177.226
|
||
|
https://ossiaband.cfd/uploads/archive/company/175/images/onlinesurvey-color.png
|
104.21.95.127
|
||
|
https://ossiaband.cfd/assets/js/functions.js?v=6f0cfeb1af067fdd48b2b1e03bf20e6b
|
104.21.95.127
|
||
|
http://185.66.88.174/assets/css/bootstrap.min.css
|
185.66.88.174
|
There are 35 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
persistdrum.cfd
|
172.67.219.132
|
||
|
storage.bhs.cloud.ovh.net
|
142.44.227.102
|
||
|
trk-amropode.com
|
172.67.205.30
|
||
|
www.google.com
|
142.250.191.164
|
||
|
trk-adulvion.com
|
172.67.177.226
|
||
|
event.trk-adulvion.com
|
104.21.80.104
|
||
|
ossiaband.cfd
|
104.21.95.127
|
||
|
jantyport.com
|
193.163.199.51
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
|
sdfsd.s3.bhs.cloud.ovh.net
|
unknown
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.44.227.102
|
storage.bhs.cloud.ovh.net
|
Canada
|
||
|
172.67.205.30
|
trk-amropode.com
|
United States
|
||
|
172.67.219.132
|
persistdrum.cfd
|
United States
|
||
|
193.163.199.51
|
jantyport.com
|
Denmark
|
||
|
185.66.88.174
|
unknown
|
Ukraine
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
172.67.177.226
|
trk-adulvion.com
|
United States
|
||
|
142.250.191.164
|
www.google.com
|
United States
|
||
|
104.21.95.127
|
ossiaband.cfd
|
United States
|