Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 17:26:36 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 17:26:36 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 17:26:36 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 17:26:36 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed May 8 17:26:36 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 101
|
ASCII text, with very long lines (64616)
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
ASCII text, with very long lines (64612)
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
JPEG image data, baseline, precision 8, 1920x1080, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
Unicode text, UTF-8 (with BOM) text, with very long lines (59783), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
ASCII text, with very long lines (61177)
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
ASCII text, with very long lines (994), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
Unicode text, UTF-8 text, with very long lines (32097)
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 98
|
JSON data
|
dropped
|
There are 12 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://outlook.office365.com/owa/?viewmodel=ReadMessageItem&InternetMessageID=%3cSA1PR13MB4829DA31B32981E27A9F8EB4FC1A2%40SA1PR13MB4829.namprd13.prod.outlook.com%3e
|
|||
|
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=bdb495df-981f-b808-e5d6-840934e3fbc7&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638507895954364493.f4d8c851-df80-458c-8309-0fad13704180&state=VY1NDoIwEIVBz4I7SstMYbogBvxJXJgYPUFDB2MUahD1Ch7bbly4-N7i5Xt5cRRF88AsEMsQUVkAaVmS0UYjFIgGRIeOWtIqdR3JFDW1KYE0qeysU1BKVCTjsP3EmX_bbPm68Lv3jm_Vka3b8-Nhz7ybuF_shonHgadft64SaE-1OhwV7Buk3KxrUA3khtQmL2uzpU2D25Wq8wTlnygG29_H8C_uo3fCP6eb91fR-j4B_gI
|
|||
|
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=bdb495df-981f-b808-e5d6-840934e3fbc7&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638507895954364493.f4d8c851-df80-458c-8309-0fad13704180&state=VY1NDoIwEIVBz4I7SstMYbogBvxJXJgYPUFDB2MUahD1Ch7bbly4-N7i5Xt5cRRF88AsEMsQUVkAaVmS0UYjFIgGRIeOWtIqdR3JFDW1KYE0qeysU1BKVCTjsP3EmX_bbPm68Lv3jm_Vka3b8-Nhz7ybuF_shonHgadft64SaE-1OhwV7Buk3KxrUA3khtQmL2uzpU2D25Wq8wTlnygG29_H8C_uo3fCP6eb91fR-j4B_gI&sso_reload=true
|
|||
|
https://outlook.office365.com/owa/prefetch.aspx
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
EAT-efz.ms-acdc.office.com
|
52.96.119.98
|
||
|
cs1100.wpc.omegacdn.net
|
152.199.4.44
|
||
|
www.google.com
|
142.251.215.228
|
||
|
part-0042.t-0009.t-msedge.net
|
13.107.246.70
|
||
|
identity.nel.measure.office.net
|
unknown
|
||
|
r4.res.office365.com
|
unknown
|
||
|
aadcdn.msftauth.net
|
unknown
|
||
|
login.microsoftonline.com
|
unknown
|
||
|
outlook.office365.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.99.84
|
unknown
|
United States
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
142.251.33.110
|
unknown
|
United States
|
||
|
142.250.217.67
|
unknown
|
United States
|
||
|
142.250.217.99
|
unknown
|
United States
|
||
|
172.217.14.202
|
unknown
|
United States
|
||
|
20.190.190.193
|
unknown
|
United States
|
||
|
20.42.65.91
|
unknown
|
United States
|
||
|
142.251.211.238
|
unknown
|
United States
|
||
|
152.199.4.44
|
cs1100.wpc.omegacdn.net
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
52.96.121.34
|
unknown
|
United States
|
||
|
23.53.122.211
|
unknown
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
13.107.246.70
|
part-0042.t-0009.t-msedge.net
|
United States
|
||
|
13.78.111.199
|
unknown
|
United States
|
||
|
142.251.215.228
|
www.google.com
|
United States
|
||
|
23.216.145.6
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
23.55.168.8
|
unknown
|
United States
|
||
|
20.190.151.134
|
unknown
|
United States
|
||
|
20.190.151.132
|
unknown
|
United States
|
||
|
52.96.119.98
|
EAT-efz.ms-acdc.office.com
|
United States
|
There are 13 hidden IPs, click here to show them.