IOC Report
https://marvin-occentus.net/

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 22:31:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 22:31:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 22:31:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 22:31:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 22:31:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 109
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 111
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 112
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 113
JSON data
dropped
Chrome Cache Entry: 115
Unicode text, UTF-8 text, with very long lines (2453)
downloaded
Chrome Cache Entry: 116
Unicode text, UTF-8 text, with very long lines (47147)
downloaded
Chrome Cache Entry: 119
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 120
ASCII text, with very long lines (631)
downloaded
Chrome Cache Entry: 122
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 123
HTML document, ASCII text
downloaded
Chrome Cache Entry: 124
RIFF (little-endian) data, Web/P image, VP8 encoding, 1240x631, Suserng: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 125
ASCII text, with very long lines (3507)
downloaded
Chrome Cache Entry: 126
HTML document, ASCII text, with very long lines (5653)
downloaded
Chrome Cache Entry: 127
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 128
Web Open Font Format (Version 2), TrueType, length 30468, version 2.131
downloaded
Chrome Cache Entry: 129
ASCII text, with very long lines (64347)
downloaded
Chrome Cache Entry: 130
ASCII text, with very long lines (5140)
downloaded
Chrome Cache Entry: 131
ASCII text, with very long lines (17631)
downloaded
Chrome Cache Entry: 134
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 136
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 137
ASCII text, with very long lines (681), with no line terminators
downloaded
Chrome Cache Entry: 140
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 142
HTML document, ASCII text, with very long lines (532)
downloaded
Chrome Cache Entry: 145
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 147
WebM
downloaded
Chrome Cache Entry: 149
ASCII text, with very long lines (11966), with no line terminators
downloaded
Chrome Cache Entry: 150
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 151
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 154
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 155
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 157
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 160
RIFF (little-endian) data, Web/P image, VP8 encoding, 1240x631, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 161
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 162
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 165
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 166
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 167
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 168
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 169
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 170
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 171
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 172
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 174
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 175
ASCII text, with very long lines (56869), with no line terminators
downloaded
Chrome Cache Entry: 176
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 177
Unicode text, UTF-8 text, with very long lines (65472)
downloaded
Chrome Cache Entry: 179
Unicode text, UTF-8 (with BOM) text, with very long lines (551)
downloaded
Chrome Cache Entry: 181
Web Open Font Format (Version 2), TrueType, length 16276, version 1.0
downloaded
Chrome Cache Entry: 182
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 184
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 187
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 188
Unicode text, UTF-8 text, with very long lines (36671)
downloaded
Chrome Cache Entry: 189
Unicode text, UTF-8 text
downloaded
Chrome Cache Entry: 190
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 193
HTML document, Unicode text, UTF-8 text, with very long lines (2765)
downloaded
Chrome Cache Entry: 194
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 197
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0
downloaded
Chrome Cache Entry: 198
JSON data
downloaded
Chrome Cache Entry: 199
Web Open Font Format (Version 2), TrueType, length 29460, version 2.131
downloaded
Chrome Cache Entry: 200
Unicode text, UTF-8 text, with very long lines (33758)
downloaded
Chrome Cache Entry: 204
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 205
JSON data
dropped
Chrome Cache Entry: 208
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 209
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 211
ASCII text
downloaded
Chrome Cache Entry: 212
Unicode text, UTF-8 text, with very long lines (1320)
downloaded
Chrome Cache Entry: 214
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 216
RIFF (little-endian) data, Web/P image, VP8 encoding, 2000x500, Suserng: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 217
ASCII text, with very long lines (9273)
downloaded
Chrome Cache Entry: 218
Web Open Font Format (Version 2), TrueType, length 30480, version 1.0
downloaded
Chrome Cache Entry: 219
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 221
data
downloaded
Chrome Cache Entry: 222
Web Open Font Format (Version 2), TrueType, length 325592, version 772.256
downloaded
Chrome Cache Entry: 223
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 225
ASCII text, with very long lines (1256), with no line terminators
downloaded
Chrome Cache Entry: 226
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 227
HTML document, Unicode text, UTF-8 text, with very long lines (2331)
downloaded
Chrome Cache Entry: 228
ASCII text, with very long lines (56412), with no line terminators
downloaded
There are 76 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://marvin-occentus.net/
malicious
https://marvin-occentus.net/
malicious
https://www.ispmanager.com/?utm_source=ispmanager_panel_blank
http://ispmanager.com/?utm_source=ispmanager_panel_blank
206.189.101.88
https://td.doubleclick.net/td/ga/rul?tid=G-XHSQF40GDM&gacid=1627673544.1715124725&gtm=45je4510v880992875z8857776025za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=887364079
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcx3H8jAAAAAFOUoidsITqgobWxtxwZ2xEDGtyQ&co=aHR0cHM6Ly93d3cuaXNwbWFuYWdlci5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=tq22wicrf80k
about:blank
https://omnidesk.ru/client_widgets/init/14090-b97bp351?btn_hide=0&lang=en
https://chat.chatra.io/?isModern=true#hostId=77TPsNtZ6f7Z9GyiL&mode=widget&groupId=F5t6tr5o5gDSGkN2F&lang=en&currentPage=https%3A%2F%2Fwww.ispmanager.com%2F%3Futm_source%3Dispmanager_panel_blank&currentPageTitle=Hosting%20Control%20Panel%20by%20ispmanager&prevPage=&referrer=&isModern=true

Domains

Name
IP
Malicious
marvin-occentus.net
91.212.166.21
 malicious
star-mini.c10r.facebook.com
157.240.3.35
mc.yandex.ru
87.250.250.119
call.chatra.io
104.22.2.142
www.ispmanager.com
206.189.101.88
chat.chatra.io
104.22.2.142
static.chatra.io
172.67.13.227
d3emzelca6ckig.cloudfront.net
18.65.229.82
region1.analytics.google.com
216.239.34.36
ispmanager.com
206.189.101.88
stats.g.doubleclick.net
74.125.197.157
scontent.xx.fbcdn.net
157.240.3.29
uaas.yandex.ru
213.180.204.98
www.google.co.uk
142.251.33.99
www.google.com
142.251.215.228
s3.yandex.net
93.158.134.158
td.doubleclick.net
142.250.217.66
omnidesk.ru
31.184.209.78
abt.s3.yandex.net
unknown
www.facebook.com
unknown
mc.yandex.com
unknown
connect.facebook.net
unknown
static.ispmanager.com
unknown
There are 13 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.16
unknown
unknown
malicious
91.212.166.21
marvin-occentus.net
United Kingdom
malicious
1.1.1.1
unknown
Australia
malicious
31.184.209.78
omnidesk.ru
Russian Federation
142.250.217.78
unknown
United States
18.65.229.82
d3emzelca6ckig.cloudfront.net
United States
31.184.209.76
unknown
Russian Federation
142.250.217.99
unknown
United States
74.125.197.157
stats.g.doubleclick.net
United States
216.239.34.36
region1.analytics.google.com
United States
87.250.250.119
mc.yandex.ru
Russian Federation
157.240.3.35
star-mini.c10r.facebook.com
United States
142.251.211.232
unknown
United States
93.158.134.158
s3.yandex.net
Russian Federation
142.251.215.228
www.google.com
United States
93.158.134.119
unknown
Russian Federation
213.180.204.98
uaas.yandex.ru
Russian Federation
87.250.251.119
unknown
Russian Federation
172.67.13.227
static.chatra.io
United States
74.125.135.84
unknown
United States
142.250.217.67
unknown
United States
172.217.14.234
unknown
United States
142.250.217.66
td.doubleclick.net
United States
142.251.211.228
unknown
United States
142.251.211.227
unknown
United States
157.240.3.29
scontent.xx.fbcdn.net
United States
142.251.33.78
unknown
United States
142.251.33.106
unknown
United States
239.255.255.250
unknown
Reserved
142.251.33.99
www.google.co.uk
United States
206.189.101.88
www.ispmanager.com
United States
104.22.2.142
call.chatra.io
United States
18.65.229.112
unknown
United States
There are 23 hidden IPs, click here to show them.