Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Play Voicemail Transcription. (387.KB).svg
|
HTML document, ASCII text, with very long lines (3307)
|
initial sample
|
 |
|
|
Chrome Cache Entry: 100
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 102
|
HTML document, ASCII text, with very long lines (52013), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 103
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 105
|
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 106
|
very short file (no magic)
|
dropped
|
||
|
Chrome Cache Entry: 107
|
ASCII text, with very long lines (10450)
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
ASCII text, with very long lines (48316), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 109
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 111
|
ASCII text, with very long lines (51734)
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 114
|
Web Open Font Format, TrueType, length 35970, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 69
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 71
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 72
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 73
|
Web Open Font Format, TrueType, length 36696, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 74
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 75
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 76
|
very short file (no magic)
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
Unicode text, UTF-8 text, with very long lines (21720), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 78
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 79
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 81
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 82
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 83
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 84
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 86
|
ASCII text, with very long lines (48238)
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 88
|
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
ASCII text, with very long lines (26765), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 91
|
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 96
|
HTML document, ASCII text, with very long lines (12005), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 98
|
ASCII text, with very long lines (10017)
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
SVG Scalable Vector Graphics image
|
dropped
|
There are 38 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\PLAYVO~1.SVG
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2044,i,7288536219110086134,15413776007562023016,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
--variations-seed-version --mojo-platform-channel-handle=2216 /prefetch:3
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://grupomarina.brightnexst.ru/pax6lf1/
|
104.21.41.104
|
|
|
|
https://a.nel.cloudflare.com/report/v4?s=Ngks3Q9GYc1VczPH%2FU89s2tX23XbQ6VDkNwsTMolcedPq2KTkxtMBx2%2BBiowShiv5v6twbNe7EnkbIE59tR2kKoFA%2FVAPFXibNy3WFGdlTmCauvXgqhnaVUbnE6A
|
35.190.80.1
|
||
|
https://grupomarina.brightnexst.ru/ijbHPlXv32ebWvACIZbLFotR2xA3cdeNQ7GgeJq4gGCcuhx678168
|
104.21.41.104
|
||
|
https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
|
13.33.187.68
|
||
|
https://grupomarina.brightnexst.ru/yzfSKSVVzwGEVLxY7bOA4NzirtCtF1GaMBQqxop8zPIfBhpW0CdjaQab180
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/yrhv76inSJaBVfGxBEwSxmLj7A0nIUCRosZ3LM0ORxbvHL4JE2FQRwo1v
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/GDSherpa-vf2.woff2
|
104.21.41.104
|
||
|
https://code.jquery.com/jquery-3.6.0.min.js
|
151.101.2.137
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
|
104.17.24.14
|
||
|
https://xoq7.qakaco.ru/tarboz@gicb27
|
172.67.180.46
|
||
|
https://grupomarina.brightnexst.ru/nm6KwyhgTPlcdaTFM6w4Te3A1nGYYINg9w5
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/GDSherpa-regular.woff2
|
104.21.41.104
|
||
|
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
|
13.33.187.68
|
||
|
https://grupomarina.brightnexst.ru/56clAjKv8GzXCyBZTPvhSGijqFC51GKJLn0iz7It89110
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/uv5tOb9SlHnVjDL3WYeZfQoF3Qs83rstFSZ0igTibpOtLLBCKZ34130
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/rqNX84y2LLLeotfXXhDH1k2LmulOVtkFLk3LFLhRu0ew
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/GDSherpa-bold.woff
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/ghBioawVsGsUA117yrJ412EaQY1Skt4YW6RuiH2YzmHxyQfrkxsWCkyew24xOurTOMWC6k8Q012210
|
104.21.41.104
|
||
|
https://5qdxsl77lrspjgndviiqjboedfl99fkwrbe1q8uvc7kmybiei89u.amayaxw.es/qroGHAUDePLpnzyKkQmczDpopPjitYSbVTVKVKMUJVFITSMCWETEESJCFPZDLPJNJXIrsk0agvHzvnbvksSbpV12V8Bcwx40
|
104.21.49.96
|
||
|
https://grupomarina.brightnexst.ru/GDSherpa-vf.woff2
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/rsxdLZylu9sNLs7eTOu0UqzijrscZpLQuuew9C74mWaef200
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/stYI03OBVOCU6PTHp0UgOWjuR6YVCNeMM7jmnsOFLV5NiD0a9CgeCqBu7DmPKxRFjpU0zwRS32gh260
|
104.21.41.104
|
||
|
https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
|
104.18.95.41
|
||
|
https://grupomarina.brightnexst.ru/GDSherpa-regular.woff
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/xyy6BRvgDOSBkrsxogh30
|
104.21.41.104
|
||
|
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
|
13.33.187.68
|
||
|
https://github.com/fent)
|
unknown
|
||
|
https://grupomarina.brightnexst.ru/opxSwtQgKAp3oNRo2XIhbcuyRLwKRd5xRghLW2MjECbAoN6NrGkr67139
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/ijdastoNQHS8csTUxKMnYfLnTzCP891YpfDmPmdwyPnQeykuaxbSULSItkm2fyz222
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/favicon.ico
|
104.21.41.104
|
||
|
https://5qdxsl77lrspjgndviiqjboedfl99fkwrbe1q8uvc7kmybiei89u.amayaxw.es/qroGHAUDePLpnzyKkQmczDpopPjitYSbVTVKVKMUJVFITSMCWETEESJCFPZDLPJNJXIrsjeRFV6JKY12RPztaFwx38
|
104.21.49.96
|
||
|
https://developers.cloudflare.com/favicon.png
|
104.16.6.189
|
||
|
https://challenges.cloudflare.com/turnstile/v0/g/f3b948d8acb8/api.js
|
104.18.95.41
|
||
|
https://a.nel.cloudflare.com/report/v4?s=M38fjdfrZwMhGFgUDmUvPM9bt5QvH3JId4Mx%2BqAaPhycRfw1luQ6fV4eKXgcqlgHJsfyB5s7OV3viqiNx1SobaJGrA1NNUK%2F5ODu%2BVstk%2Ftq9UHQsKR%2BxefYBWT2
|
35.190.80.1
|
||
|
https://grupomarina.brightnexst.ru/GDSherpa-bold.woff2
|
104.21.41.104
|
||
|
https://www.etsy.com
|
unknown
|
||
|
https://get.geojs.io/v1/ip/geo.json
|
172.67.70.233
|
||
|
https://grupomarina.brightnexst.ru/pax6lf1/#Tssalazar%40grupomarina.cl
|
|||
|
https://grupomarina.brightnexst.ru/mnDozZ86DfeH93KodasaV6JijAz0XdnqsnPjlpZlIO7O290148
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/qr8qdLMcV1KyHq9RcCpDL8TGmNXiThRTm9oKUFrvN12Lp0gWgAcpxstwUy42SSCBNeoDKUyLiy7t5j5VJef232
|
104.21.41.104
|
||
|
https://grupomarina.brightnexst.ru/56ACCeVmLlcdPPXc8920
|
104.21.41.104
|
There are 31 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
5qdxsl77lrspjgndviiqjboedfl99fkwrbe1q8uvc7kmybiei89u.amayaxw.es
|
104.21.49.96
|
||
|
developers.cloudflare.com
|
104.16.6.189
|
||
|
github.com
|
140.82.121.4
|
||
|
xfeoii3kbm.woofradio.cfd
|
172.67.129.81
|
||
|
code.jquery.com
|
151.101.2.137
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
challenges.cloudflare.com
|
104.18.95.41
|
||
|
get.geojs.io
|
172.67.70.233
|
||
|
www.google.com
|
142.250.184.196
|
||
|
d19d360lklgih4.cloudfront.net
|
13.33.187.68
|
||
|
xoq7.qakaco.ru
|
172.67.180.46
|
||
|
objects.githubusercontent.com
|
185.199.110.133
|
||
|
grupomarina.brightnexst.ru
|
104.21.41.104
|
||
|
ok4static.oktacdn.com
|
unknown
|
There are 5 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.180.46
|
xoq7.qakaco.ru
|
United States
|
||
|
104.26.1.100
|
unknown
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
104.21.49.96
|
5qdxsl77lrspjgndviiqjboedfl99fkwrbe1q8uvc7kmybiei89u.amayaxw.es
|
United States
|
||
|
104.21.2.147
|
unknown
|
United States
|
||
|
172.67.129.81
|
xfeoii3kbm.woofradio.cfd
|
United States
|
||
|
104.16.6.189
|
developers.cloudflare.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
185.199.110.133
|
objects.githubusercontent.com
|
Netherlands
|
||
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
142.250.184.196
|
www.google.com
|
United States
|
||
|
13.33.187.68
|
d19d360lklgih4.cloudfront.net
|
United States
|
||
|
104.18.95.41
|
challenges.cloudflare.com
|
United States
|
||
|
140.82.121.4
|
github.com
|
United States
|
||
|
151.101.2.137
|
code.jquery.com
|
United States
|
||
|
13.33.187.96
|
unknown
|
United States
|
||
|
172.67.70.233
|
get.geojs.io
|
United States
|
||
|
104.21.41.104
|
grupomarina.brightnexst.ru
|
United States
|
There are 8 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://grupomarina.brightnexst.ru/pax6lf1/#Tssalazar%40grupomarina.cl
|
|
|
|
https://grupomarina.brightnexst.ru/pax6lf1/#Tssalazar%40grupomarina.cl
|
|
|
|
https://grupomarina.brightnexst.ru/AMCNUFNXZDUICPHJPN1DKQYE79CZQHUFVI5DL1S6E2BHE?VPBVFBFRDRWKLIZWKSEPXXPW
|
|
|
|
https://grupomarina.brightnexst.ru/AMCNUFNXZDUICPHJPN1DKQYE79CZQHUFVI5DL1S6E2BHE?VPBVFBFRDRWKLIZWKSEPXXPW
|
|
|
|
https://grupomarina.brightnexst.ru/pax6lf1/#Tssalazar%40grupomarina.cl
|