Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:08:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:08:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:08:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:08:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:08:44 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 70
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 71
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 72
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 73
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 74
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 75
|
ASCII text, with very long lines (32065)
|
downloaded
|
||
Chrome Cache Entry: 76
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 77
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 78
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 79
|
ASCII text, with very long lines (7043), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 80
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 81
|
gzip compressed data, from Unix, original size modulo 2^32 389
|
downloaded
|
||
Chrome Cache Entry: 82
|
ASCII text, with very long lines (42565)
|
downloaded
|
||
Chrome Cache Entry: 83
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 84
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 85
|
ASCII text, with very long lines (50758)
|
downloaded
|
||
Chrome Cache Entry: 86
|
HTML document, ASCII text, with very long lines (4020)
|
downloaded
|
||
Chrome Cache Entry: 87
|
PNG image data, 69 x 8, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 88
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 89
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 90
|
PNG image data, 69 x 8, 8-bit/color RGB, non-interlaced
|
dropped
|
There are 18 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2512 --field-trial-handle=2032,i,4573197792701812552,12899046821769428031,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://url.us.m.mimecastprotect.com/s/RBIeC68AD5iQ5EOspXJld?domain=urldefense.proofpoint.com"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://url.us.m.mimecastprotect.com/s/RBIeC68AD5iQ5EOspXJld?domain=urldefense.proofpoint.com
|
|||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe7LOG6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe8#
|
|||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/
|
|||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe7LOG6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe8
|
|||
http://viribusprop.co.za/cbg/
|
41.72.158.10
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/jq/77e55199867d7ffbe66f79c58c488f7d663ac2b13fc3d
|
104.21.1.187
|
||
https://a.nel.cloudflare.com/report/v4?s=DdSNM23omUGbIp5mmfvB%2Bznwvoj51ENgtrOBBitLJWFXX1xTIcsDH%2BrfXHl7%2FZD3DE3hsQO5Zftz7Bud5ADaEkaeNXvIqj9Nj4pyBI7nsg5LDe8KZa8ruysHUQgCVR8NN5TGHst%2FpH4wYu6s%2B1fP5%2BH8LXHL
|
35.190.80.1
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/844823957:1715124679:GnQTCjOiNgTJb7mzvvBWZEZczWJ0ZCWR3Y7jiNGLqhM/880537c5bbc19b57/c000d081a527d63
|
104.17.3.184
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/ASSETS/img/sig-op.svg
|
104.21.1.187
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/o/77e55199867d7ffbe66f79c58c488f7d663ac2b3d837e
|
104.21.1.187
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=880537c5bbc19b57
|
104.17.3.184
|
||
https://getbootstrap.com/)
|
unknown
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/ASSETS/img/m_.svg
|
104.21.1.187
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/favicon.ico
|
104.21.1.187
|
||
http://viribusprop.co.za/cbg
|
41.72.158.10
|
||
https://url.us.m.mimecastprotect.com/r/SS4jvcjIJW5OKLhohn858CKuFqQTiGsTF4bMNFkWzSKakJ_Sr0kNph4NNpxoiPK0EAnA15aATkzZxU7gtOfsUbyWTZoMomkSjCmwViKJPV71FvgKKHeJaRJKO5bXkDmjH_U9n9HmasY0v4yj31SrCfyzcg94PS5kNX4jXolAOaPjYqHUCbLuGl2_LLDafJsfHk6TN8mCYPDoT-wQC1U0VHJ1e9sOSrcOxKNKdaMZ8ZcMjbsC2XiEMoa8DrlfrJlxq9pQJ6YUZwKJa6bEvv8LUzoBr9H2DDmZIrlIXJbp7uQgDpbaaOxrpokkdDYwNpuqmCnR3MPjSLoxQuD1oKoXrdDXONFzTtiSDA9w4jh1rA5ZZuI-FmXuV1b8CM5XRaUPAxx-dwjRuubG2MWrwOv32bfvvOYxQMb5yp-HA4obO9evxZmoM5R0wJm6rwO6Q0ZVJCMDX2Qenfn1bCjjUuz7gD2coZBuZ-8MAWFlBv0zSssiKwZnTcC2qIL_eAb7TZJYAGXMTnOFNFGTICZVk6PgM7u-WIRpNKTdCSAynES87t5cMRF-QP8B-IDIhUfZB7V9NfM42L1PWZ_QZLMiZ0NY4opRkAFutfHiGj_grcPqeKPjheMbUbGaatJLhLlH1dnhWluPrL1psfC-rQSJtyiHQqw3ERLlidnPvKkrPtMVPXnSookvPAr-ejhQoCUNiSgoRt4urF-5IvE0v-aGN94OETq-xz6WQqT4WCKeGP7kB3u73mfryKZw6JLHaDzG3n1fjhzkcIgP1XFn7ySD9Zxo90jAe4OhLXhgTV0wFONPGdYyV91DPMnGoa2iX4pPDdBjLGwJq4YHJgUEO1KOzEE-3uYZRD4UL8YBFtI0UzGFqE-6bSxr-dqDsaZGewHDM6KFvyDuZEBDbdBHrA4KUlwgiL25FiVouun7D5pyvw7lVC_6TwPSZkacMkT4amOhP6iBvd0VzppkeglW5BCe_f7_Qn7todNstGo4T9YFcWjzI23HOqYLVvnpoU5tQ480AemcpYNkpeHycDBYc5ozFn3_0hOeSpJdM4DZftIn7VtuG0Y7-tDK0_gz559n5FbHII9DlpRtyFgKONoiRer-N5INHRHiE-TIMVpFVcm6YqvY9qAQwbQIVpD_1mAlo9eTIYKfwZq6Zvfy23BXd_QLSfVLurwlaa4sKQX7pSINd8lyjvZxdS1gHkywwKtPoNRyJu7XnwH3aU7FJs6SaglFap7X6H9q3XKLLVJbd_LViRbyixfT2Ch4DD-RWcHfPIqsR13f0jc6H2KY_uSguk793ma1Ma26o20B28g-gw5bRWw4S-TjjNrhNJwc_789pTWZl6cnvzCsWdPOR5GQFc7NiKMQGo1ZI-1zfP6WF8DzlPfuABan_tvGneMrhN6aC9q_p3BOhQcCLIacQ6pOqgoy9kqex8PLmw2Po034jiJZtrNjVJsDB6WJWdOZpJsw6VEj-aIZojjDsOCyXJVFxvdJZdUqu2hCS7cXQ02e9BDNw51EqCi0NdseDrfCijXBmfHCeAFLNYuZTzuxmaJ6zkMQ89AmsK-vDO8UiqpmyUhA3nINibSxd-qUeLrv8dIc3QV0hWt3BIRWA_FT4wB_S2YmNS5RwUmcfRj6nxb-_W-uRIol8jJRfgsTakFlVnp0ckhuzPNW2Zx7JH4E752ULtzRTSqMdgR7t4100ffrRSfKpJ1b1jK8l8I7oV31AZQQFyiJRoW5Y2RFyHRpvu1fquvRRqMHvVI9oPykmLC-ezDQftCJE26B5wR0lLWhHlX-3ndNnwlDNeWl3lNhZgQsg7Kns8OAmVjKuIAsOtb1lrURWqEx7o9H7Tp3XewiXjak_9_4bZ0nQ7vWj4a3P3RbYZkTxRtUgF8iLljHQiGK2o8bS5cJ9E5Pwp8k0HvTEDojw1ti1lO_nPWR_7bfdABYfN9YMFsj8g
|
205.139.111.12
|
||
https://github.com/twbs/bootstrap/graphs/contributors)
|
unknown
|
||
https://url.us.m.mimecastprotect.com/s/RBIeC68AD5iQ5EOspXJld?domain=urldefense.proofpoint.com
|
205.139.111.12
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/880537c5bbc19b57/1715126937235/12f3ee67ccbdb7fb1acecd3171bf600ac74e8a7846816ab49c39bcd42f6fc303/LNlFykAvnwqRdjI
|
104.17.3.184
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/w3vgi/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
|
|||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/APP-77e55199867d7ffbe66f79c58c488f7d663ac2b3d834f/77e55199867d7ffbe66f79c58c488f7d663ac2b3d8350
|
104.21.1.187
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/boot/77e55199867d7ffbe66f79c58c488f7d663ac2b13fc41
|
104.21.1.187
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/x/77e55199867d7ffbe66f79c58c488f7d663ac2b3d8356
|
104.21.1.187
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.17.3.184
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/1
|
104.21.1.187
|
||
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
https://a.nel.cloudflare.com/report/v4?s=BCOG7BdwPUrsniQmf0ESJwNm0HXhtdk9OxY%2Buo1KlZOwXhc42AyX6efkNjs0%2BWGWf5xoy3gIs%2BV%2BnIlexz5BHAl7OxCWgD5uHy9ajsUNkOVPi7IQr%2BUPKHjYIlMKryCNg9A2upeaDlZaqKS3TTBbRCRRlYJo
|
35.190.80.1
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=880537b31e9d7646
|
104.21.1.187
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/js/77e55199867d7ffbe66f79c58c488f7d663ac2b13fc42
|
104.21.1.187
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/cdn-cgi/challenge-platform/h/b/flow/ov1/527534735:1715124565:uz73uwqss8iV9tiMGAbLwJzSrtIHhXFl__h71txL1oc/880537b31e9d7646/d98eb95fec24563
|
104.21.1.187
|
||
https://a.nel.cloudflare.com/report/v4?s=G%2F6IEmFEVqxJWu%2B2sD6c4kfaPfgynZvJROwIhmeVGzSMx3P%2BkJx8LbJY%2FFZEcMgBL18NprrLWfh1f33KXx4YuyzKLNV2HupXqRhYYcMjEYDvLBbOCWUkm4mv35gvfcSsWVqJJoyA9AXq9KnJzhQY57FB%2BH9g
|
35.190.80.1
|
There are 20 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
xdocusigniusmmxnmmxdicu.smumsmd.ws
|
104.21.1.187
|
||
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
a.nel.cloudflare.com
|
35.190.80.1
|
||
url.us.m.mimecastprotect.com
|
205.139.111.12
|
||
challenges.cloudflare.com
|
104.17.2.184
|
||
www.google.com
|
142.250.217.68
|
||
viribusprop.co.za
|
41.72.158.10
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
104.21.1.187
|
xdocusigniusmmxnmmxdicu.smumsmd.ws
|
United States
|
||
41.72.158.10
|
viribusprop.co.za
|
South Africa
|
||
142.250.217.68
|
www.google.com
|
United States
|
||
192.168.2.5
|
unknown
|
unknown
|
||
172.67.152.82
|
unknown
|
United States
|
||
104.17.3.184
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
205.139.111.12
|
url.us.m.mimecastprotect.com
|
United States
|
||
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
104.17.2.184
|
challenges.cloudflare.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe7LOG6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe8
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe7LOG6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe8#
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/w3vgi/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/w3vgi/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe7LOG6f5c738436d0a4edb215172e0bb1eabf663ac2b03ebe8
|