Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:11:19 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:11:19 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:11:19 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:11:19 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue May 7 23:11:19 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 71
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 72
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 73
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 74
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 75
|
PNG image data, 67 x 82, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 76
|
HTML document, ASCII text, with very long lines (4020)
|
downloaded
|
||
Chrome Cache Entry: 77
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 78
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 79
|
ASCII text, with very long lines (32065)
|
downloaded
|
||
Chrome Cache Entry: 80
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 81
|
gzip compressed data, from Unix, original size modulo 2^32 389
|
downloaded
|
||
Chrome Cache Entry: 82
|
ASCII text, with very long lines (42565)
|
downloaded
|
||
Chrome Cache Entry: 83
|
ASCII text, with very long lines (50758)
|
downloaded
|
||
Chrome Cache Entry: 84
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 85
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 86
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 87
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 88
|
PNG image data, 67 x 82, 8-bit/color RGB, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 89
|
ASCII text, with very long lines (7043), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 90
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 91
|
SVG Scalable Vector Graphics image
|
downloaded
|
There are 18 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=2260,i,14552097470459685588,6403106791794376548,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://url.us.m.mimecastprotect.com/s/LOTCCXD9yEtpw99u6JYxu?domain=urldefense.proofpoint.com"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://url.us.m.mimecastprotect.com/s/LOTCCXD9yEtpw99u6JYxu?domain=urldefense.proofpoint.com
|
|||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac355746f6LOG6f5c738436d0a4edb215172e0bb1eabf663ac355746f7
|
|||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/
|
|||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac355746f6LOG6f5c738436d0a4edb215172e0bb1eabf663ac355746f7#
|
|||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oz2za/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
|
|||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/132416316:1715124736:idV2mvT5UDwNnTSZd7zHVwMhRlK9jbwBjp9GmNsm-iE/88053bd69f607609/5f13040b6501e27
|
104.17.2.184
|
||
http://viribusprop.co.za/cbg/
|
41.72.158.10
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/ASSETS/img/sig-op.svg
|
172.67.152.82
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/88053bd69f607609/1715127103036/62e884a97476c708f2906333e4652d8d0afba60f707c323620f23fb8b56d8090/u-kSJ5fxFcfHPv5
|
104.17.2.184
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/js/014a761a2bc4c2a504d2ede10cd9612d663ac356753f2
|
172.67.152.82
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/jq/014a761a2bc4c2a504d2ede10cd9612d663ac356753eb
|
172.67.152.82
|
||
https://url.us.m.mimecastprotect.com/s/LOTCCXD9yEtpw99u6JYxu?domain=urldefense.proofpoint.com
|
205.139.111.12
|
||
https://getbootstrap.com/)
|
unknown
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88053bc5b9e330b2
|
172.67.152.82
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=88053bd69f607609
|
104.17.2.184
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/ASSETS/img/m_.svg
|
172.67.152.82
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/favicon.ico
|
172.67.152.82
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/o/014a761a2bc4c2a504d2ede10cd9612d663ac35926ca9
|
172.67.152.82
|
||
http://viribusprop.co.za/cbg
|
41.72.158.10
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/x/014a761a2bc4c2a504d2ede10cd9612d663ac35926c85
|
172.67.152.82
|
||
https://a.nel.cloudflare.com/report/v4?s=GUfeNIPyeNRuwy6c%2F3VMBa6mO7YnDAeswyiauJd4ybpJt6FQq%2BvfYNBUzRwhNe6wSRhecws9Dcc0xSVYdrcsGEO%2FXo7cstMqFaFXwNUBPbx2clFOUNcKC5YZCW9t5M9UXtlqNEuJ7NYpEHxAY0ksMqLYqYFH
|
35.190.80.1
|
||
https://a.nel.cloudflare.com/report/v4?s=ZpBh0H6DFNj%2BVSMylcdGPnlZQqTrDtRQKESZ%2FmF3jLGJE%2Bb1c5zQTPZraOgxddQxo8mu2iw6K3O%2B4TT3ysdq%2Bywb46sr1iCGwsuYJ8X0XXcFVZEHesMsujkElUo2ZBiiiZgw%2BwLeTjfvQRze1xhdGi%2FndoRQ
|
35.190.80.1
|
||
https://github.com/twbs/bootstrap/graphs/contributors)
|
unknown
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/cdn-cgi/challenge-platform/h/b/flow/ov1/1636294195:1715124522:c1_Lw9tCiD2OlhDe3jXSYBKn9BtmDaUdiUlJyekI2nU/88053bc5b9e330b2/60a11d89e230724
|
172.67.152.82
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/APP-014a761a2bc4c2a504d2ede10cd9612d663ac35926c7d/014a761a2bc4c2a504d2ede10cd9612d663ac35926c7f
|
172.67.152.82
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
|
104.17.2.184
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/1
|
172.67.152.82
|
||
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/88053bd69f607609/1715127103027/VgAQSbM1ouxOlXC
|
104.17.2.184
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/boot/014a761a2bc4c2a504d2ede10cd9612d663ac356753f0
|
172.67.152.82
|
There are 19 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
xdocusigniusmmxnmmxdicu.smumsmd.ws
|
172.67.152.82
|
||
a.nel.cloudflare.com
|
35.190.80.1
|
||
url.us.m.mimecastprotect.com
|
205.139.111.12
|
||
challenges.cloudflare.com
|
104.17.2.184
|
||
www.google.com
|
142.251.33.68
|
||
viribusprop.co.za
|
41.72.158.10
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
172.67.152.82
|
xdocusigniusmmxnmmxdicu.smumsmd.ws
|
United States
|
||
41.72.158.10
|
viribusprop.co.za
|
South Africa
|
||
142.251.33.68
|
www.google.com
|
United States
|
||
192.168.2.5
|
unknown
|
unknown
|
||
104.17.3.184
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
205.139.111.12
|
url.us.m.mimecastprotect.com
|
United States
|
||
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
104.17.2.184
|
challenges.cloudflare.com
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac355746f6LOG6f5c738436d0a4edb215172e0bb1eabf663ac355746f7
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac355746f6LOG6f5c738436d0a4edb215172e0bb1eabf663ac355746f7#
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oz2za/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
|
||
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oz2za/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
|
||
https://xdocusigniusmmxnmmxdicu.smumsmd.ws/6f5c738436d0a4edb215172e0bb1eabf663ac355746f6LOG6f5c738436d0a4edb215172e0bb1eabf663ac355746f7
|