IOC Report
https://www.carsoup.com/api/v1/connections/store?type=web_referrals&dealer_id=18689&redirect=https%3A%2F%2Flyn.bz/bbb

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 5 11:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 5 11:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 5 11:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 5 11:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 5 11:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 155
ASCII text, with very long lines (45805)
downloaded
Chrome Cache Entry: 157
ASCII text, with very long lines (32960)
dropped
Chrome Cache Entry: 164
Unicode text, UTF-8 text, with very long lines (32057)
dropped
Chrome Cache Entry: 165
ASCII text, with very long lines (61177)
downloaded
Chrome Cache Entry: 166
PNG image data, 3 x 94, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 167
ASCII text, with very long lines (63269)
dropped
Chrome Cache Entry: 168
PNG image data, 58 x 61, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 170
HTML document, ASCII text
downloaded
Chrome Cache Entry: 173
ASCII text, with very long lines (64612)
downloaded
Chrome Cache Entry: 174
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 175
ASCII text
downloaded
Chrome Cache Entry: 176
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
dropped
Chrome Cache Entry: 179
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 180
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 181
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 182
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 183
ASCII text, with very long lines (48316), with no line terminators
downloaded
Chrome Cache Entry: 184
SVG Scalable Vector Graphics image
downloaded
There are 15 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://www.carsoup.com/api/v1/connections/store?type=web_referrals&dealer_id=18689&redirect=https%3A%2F%2Flyn.bz/bbb
malicious
https://www.lechato.org/fete-de-la-musique/
malicious
https://69x26piyt36.dcciss.es/?auth=2&sso_reload=true
malicious
https://aeioserv.com/?dxsbslew=4bd9593421a57015640422350e1aa6edaf2842faeebf3471f8cb71ff9a7c0cf72d958210703aeeecaca183efea54034e2ca5b279275b5bc203d01ff4195ec97c
malicious
https://69x26piyt36.dcciss.es/?auth=2

Domains

Name
IP
Malicious
69x26piyt36.dcciss.es
104.243.34.175
malicious
s-part-0014.t-0009.t-msedge.net
13.107.246.42
lyn.bz
185.146.22.239
a.nel.cloudflare.com
35.190.80.1
cdnjs.cloudflare.com
104.17.25.14
carsoup-lb-preprod-new-835104961.us-east-1.elb.amazonaws.com
54.225.16.232
challenges.cloudflare.com
104.18.94.41
sni1gl.wpc.omegacdn.net
152.199.21.175
www.google.com
172.217.18.4
aeioserv.com
104.243.34.175
www.lechato.org
188.114.97.3
portal.microsoftonline.com
unknown
aadcdn.msftauth.net
unknown
www.carsoup.com
unknown
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
104.243.34.175
69x26piyt36.dcciss.es
United States
malicious
13.107.6.156
unknown
United States
104.17.24.14
unknown
United States
172.217.16.202
unknown
United States
34.104.35.123
unknown
United States
1.1.1.1
unknown
Australia
108.177.15.84
unknown
United States
172.217.18.4
www.google.com
United States
104.18.94.41
challenges.cloudflare.com
United States
192.168.2.16
unknown
unknown
104.18.95.41
unknown
United States
142.250.185.238
unknown
United States
239.255.255.250
unknown
Reserved
188.114.97.3
www.lechato.org
European Union
142.250.185.131
unknown
United States
142.250.185.195
unknown
United States
142.250.186.142
unknown
United States
152.199.21.175
sni1gl.wpc.omegacdn.net
United States
35.190.80.1
a.nel.cloudflare.com
United States
2.23.209.183
unknown
European Union
54.225.16.232
carsoup-lb-preprod-new-835104961.us-east-1.elb.amazonaws.com
United States
185.146.22.239
lyn.bz
United States
104.17.25.14
cdnjs.cloudflare.com
United States
There are 13 hidden IPs, click here to show them.