Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ATT97576.html
|
HTML document, ASCII text, with very long lines (460), with CRLF line terminators
|
initial sample
|
 |
|
|
Chrome Cache Entry: 100
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 102
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 103
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 104
|
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 107
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 109
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 110
|
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 111
|
very short file (no magic)
|
dropped
|
||
|
Chrome Cache Entry: 112
|
Web Open Font Format, TrueType, length 35970, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 114
|
ASCII text, with very long lines (48316), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
ASCII text, with very long lines (26765), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 119
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 120
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 122
|
PNG image data, 245 x 36, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 123
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2],
progressive, precision 8, 1920x1080, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
ASCII text, with very long lines (10450)
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2],
progressive, precision 8, 1920x1080, components 3
|
dropped
|
||
|
Chrome Cache Entry: 78
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 79
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 80
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 81
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 82
|
HTML document, ASCII text, with very long lines (9417), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 83
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 84
|
Unicode text, UTF-8 text, with very long lines (21558), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 86
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 87
|
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 89
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 91
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
ASCII text, with very long lines (51734)
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
HTML document, ASCII text, with very long lines (52009), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 95
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 96
|
Web Open Font Format, TrueType, length 36696, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 97
|
ASCII text, with very long lines (10017)
|
downloaded
|
||
|
Chrome Cache Entry: 98
|
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
PNG image data, 245 x 36, 8-bit/color RGBA, non-interlaced
|
downloaded
|
There are 40 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1920,i,10021694767062057168,13490331872174097278,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
--variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2152 /prefetch:3
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "C:\Users\user\Desktop\ATT97576.html"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://mkn.salieibs.es/RAPYOENUEFSYOXZSWMRPVKDHOHLIYArfushzqlcazkhkfuAPHAH88039HL0WSE5D?CUXGBHOMZORTCBPOXVWRKBW
|
|
||
|
https://mkn.salieibs.es/ReatING/
|
172.67.184.222
|
|
|
|
https://mkn.salieibs.es/GDSherpa-bold.woff2
|
172.67.184.222
|
||
|
https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
|
18.164.78.67
|
||
|
https://92zdd9mbg7dvniicx3uhxvwlrcjaslif20sccrd8ztnhnldohe7v7mb.olfpof.es/hkxgmzwicmqkqgadiputlpdnzOFMvAnOQGHAHLLCGMHRNKMGDQLJCWHETWIHUOGSFITPLQSRYJ12oW90GjuAmjBHeQ56XdNATMop45
|
104.21.50.190
|
||
|
https://mkn.salieibs.es/GDSherpa-bold.woff
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/favicon.ico
|
172.67.184.222
|
||
|
https://a.nel.cloudflare.com/report/v4?s=ZPePoaSDPzZCHoCYaQUSbpxS0M3L%2FSkITB%2B%2BTiagg7teJufeyugbOJ2ssNNwVPaWwlEg%2FafqlXdKnv4gtLr7UfkTjolWB7LOjFQQc1xCEUTw%2Bnsh4ffRYXcw%2Fwl7
|
35.190.80.1
|
||
|
https://code.jquery.com/jquery-3.6.0.min.js
|
151.101.194.137
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
|
104.17.25.14
|
||
|
https://mkn.salieibs.es/uv5fuqFqN8F158SpxrnGkFp21fENh9SOmnsySonOA1cRIiAn9VjtuzcR8pef260
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/GDSherpa-regular.woff2
|
172.67.184.222
|
||
|
https://www.amazon.com
|
unknown
|
||
|
https://mkn.salieibs.es/gqwdR1NxSQXik1OWwjVhdWE3o
|
172.67.184.222
|
||
|
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
|
18.164.78.67
|
||
|
https://mkn.salieibs.es/xyolSSYprxRfZpqEgh30
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/yz7GaljUgFIufMA43hynhUarMfjmnNHb0F8j4AYwQ38JhYkLN90179
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/GDSherpa-vf.woff2
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/rq4TWp2B52v4997fH5lts6ewgUwIlBfoL8zy5wGfq
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/ijjDrh7cvHBdlybIXyRTiIvd6cR9lC0QQy2QzA0C89urPD5NHIBh35v8M1FVY8ERSwVG4rrYUY3lyz230
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/wxtKLtMtEsNyj7u7R16E71kv8jopuGbBxNgf4x3Zr34130
|
172.67.184.222
|
||
|
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
|
18.164.78.67
|
||
|
https://mkn.salieibs.es/klSFnJeqoaVF5lDxsrMyz480DEaywfkxEF0dqH1Aaakdhy78164
|
172.67.184.222
|
||
|
https://github.com/fent)
|
unknown
|
||
|
https://92zdd9mbg7dvniicx3uhxvwlrcjaslif20sccrd8ztnhnldohe7v7mb.olfpof.es/hkxgmzwicmqkqgadiputlpdnzOFMvAnOQGHAHLLCGMHRNKMGDQLJCWHETWIHUOGSFITPLQSRYJyz26N128YyQWQaYR78OpEJeeYop50
|
104.21.50.190
|
||
|
https://92zdd9mbg7dvniicx3uhxvwlrcjaslif20sccrd8ztnhnldohe7v7mb.olfpof.es/hkxgmzwicmqkqgadiputlpdnzOFMvAnOQGHAHLLCGMHRNKMGDQLJCWHETWIHUOGSFITPLQSRYJrsro9Jc7mOezEAuyzOXec6zuv39
|
104.21.50.190
|
||
|
https://92zdd9mbg7dvniicx3uhxvwlrcjaslif20sccrd8ztnhnldohe7v7mb.olfpof.es/hkxgmzwicmqkqgadiputlpdnzOFMvAnOQGHAHLLCGMHRNKMGDQLJCWHETWIHUOGSFITPLQSRYJ127KjBwRK155xvM56ovzrprqr50
|
104.21.50.190
|
||
|
https://mkn.salieibs.es/GDSherpa-regular.woff
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/34S5KJ5gNQ1500ixKRZlIYBvKlDijhZnOQ9QSLon67101
|
172.67.184.222
|
||
|
https://a.nel.cloudflare.com/report/v4?s=BqINuYmWXAnI494Rp3noYN7CpBWA8ROabxqhNQbblKGq97P%2FSTI%2FjPgv6zJ%2F545FobWH8E6IJ8IwGTxjV2dJZtQApROe292pXwI72%2B52WyOjsUesOHAxx31OtEDK
|
35.190.80.1
|
||
|
https://mkn.salieibs.es/qrinVIVm1FP9peR3R6u7keErLf6L7p0efJaXBoSosncEe5LQ8TxZk45140
|
172.67.184.222
|
||
|
https://t2ms0.uishkfyv.ru/rand!w61gi
|
104.21.112.1
|
||
|
https://mkn.salieibs.es/GDSherpa-vf2.woff2
|
172.67.184.222
|
||
|
https://get.geojs.io/v1/ip/geo.json
|
104.26.0.100
|
||
|
https://mkn.salieibs.es/wbRRf3Gdt4CBPMHHh4XvwGxkAjGHmnKFl474obsCSMpgmoHivr6f
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/ReatING/#cmViZWNjYS5rYXJwaW5vc0BqdW5rbGVzc2Zvb2RzLmNvbQ==
|
|||
|
https://mkn.salieibs.es/gh7Mu1eFyB88op8GC5Kmo3nhh2tQO7MseXILQMhA7jxytIotehpX3LCT8ZiArEPef206
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/opTvq0FrTzPpMftFY05wTFTc7YnRGnOghIasnHSipU2prFvwQub9ucd198
|
172.67.184.222
|
||
|
https://mkn.salieibs.es/12MiLjXFEyxyBKzTto8914
|
172.67.184.222
|
There are 29 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mkn.salieibs.es
|
172.67.184.222
|
|
|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
92zdd9mbg7dvniicx3uhxvwlrcjaslif20sccrd8ztnhnldohe7v7mb.olfpof.es
|
104.21.50.190
|
||
|
e329293.dscd.akamaiedge.net
|
23.66.101.50
|
||
|
code.jquery.com
|
151.101.194.137
|
||
|
cdnjs.cloudflare.com
|
104.17.25.14
|
||
|
github.com
|
140.82.114.3
|
||
|
t2ms0.uishkfyv.ru
|
104.21.112.1
|
||
|
get.geojs.io
|
104.26.0.100
|
||
|
www.google.com
|
108.177.122.106
|
||
|
d19d360lklgih4.cloudfront.net
|
18.164.78.67
|
||
|
objects.githubusercontent.com
|
185.199.110.133
|
||
|
aadcdn.msauthimages.net
|
unknown
|
||
|
ok4static.oktacdn.com
|
unknown
|
There are 4 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.184.222
|
mkn.salieibs.es
|
United States
|
|
|
|
140.82.114.3
|
github.com
|
United States
|
||
|
104.21.50.190
|
92zdd9mbg7dvniicx3uhxvwlrcjaslif20sccrd8ztnhnldohe7v7mb.olfpof.es
|
United States
|
||
|
23.66.101.50
|
e329293.dscd.akamaiedge.net
|
United States
|
||
|
192.168.2.7
|
unknown
|
unknown
|
||
|
96.7.218.74
|
unknown
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
172.67.209.168
|
unknown
|
United States
|
||
|
104.21.112.1
|
t2ms0.uishkfyv.ru
|
United States
|
||
|
151.101.194.137
|
code.jquery.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
185.199.110.133
|
objects.githubusercontent.com
|
Netherlands
|
||
|
18.164.78.67
|
d19d360lklgih4.cloudfront.net
|
United States
|
||
|
104.21.32.1
|
unknown
|
United States
|
||
|
108.177.122.106
|
www.google.com
|
United States
|
||
|
172.67.70.233
|
unknown
|
United States
|
||
|
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
104.26.0.100
|
get.geojs.io
|
United States
|
There are 9 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://mkn.salieibs.es/ReatING/#cmViZWNjYS5rYXJwaW5vc0BqdW5rbGVzc2Zvb2RzLmNvbQ==
|
|
|
|
https://mkn.salieibs.es/ReatING/#cmViZWNjYS5rYXJwaW5vc0BqdW5rbGVzc2Zvb2RzLmNvbQ==
|
|
|
|
https://mkn.salieibs.es/RAPYOENUEFSYOXZSWMRPVKDHOHLIYArfushzqlcazkhkfuAPHAH88039HL0WSE5D?CUXGBHOMZORTCBPOXVWRKBW
|
|
|
|
https://mkn.salieibs.es/RAPYOENUEFSYOXZSWMRPVKDHOHLIYArfushzqlcazkhkfuAPHAH88039HL0WSE5D?CUXGBHOMZORTCBPOXVWRKBW
|
|
|
|
https://mkn.salieibs.es/RAPYOENUEFSYOXZSWMRPVKDHOHLIYArfushzqlcazkhkfuAPHAH88039HL0WSE5D?CUXGBHOMZORTCBPOXVWRKBW
|
|
|
|
https://mkn.salieibs.es/RAPYOENUEFSYOXZSWMRPVKDHOHLIYArfushzqlcazkhkfuAPHAH88039HL0WSE5D?CUXGBHOMZORTCBPOXVWRKBW
|
|
|
|
https://mkn.salieibs.es/ReatING/#cmViZWNjYS5rYXJwaW5vc0BqdW5rbGVzc2Zvb2RzLmNvbQ==
|