IOC Report
4G1n4pmjH3.html

loading gif

Files

File Path
Type
Category
Malicious
4G1n4pmjH3.html
HTML document, Unicode text, UTF-8 text
initial sample
 malicious
Chrome Cache Entry: 60
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 61
Zstandard compressed data (v0.8+), Dictionary ID: None
downloaded
Chrome Cache Entry: 62
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 63
Web Open Font Format (Version 2), TrueType, length 52648, version 1.0
downloaded

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1968,i,2488983959081157426,10894814468624279180,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1968,i,2488983959081157426,10894814468624279180,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=3852 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "C:\Users\user\Desktop\4G1n4pmjH3.html"

URLs

Name
IP
Malicious
file:///C:/Users/user/Desktop/4G1n4pmjH3.html
malicious
https://www.google.com/intl/en/policies/terms/
unknown
http://c.pki.goog/r/r4.crl
142.250.113.94
https://sdfwer234.com/13.vbs
unknown
https://tradingviewprime.com/lander/tradingview/recaptcha-verify.html
unknown
https://tradingviewprime.com/lander/tradingview/recaptcha-project-browser-transparent.png
unknown
https://use.fontawesome.com/releases/v5.0.0/css/all.css
unknown
https://www.google.com/intl/en/policies/privacy/
unknown

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.210.172
tradingviewprime.com
104.21.48.1
www.google.com
173.194.208.106
use.fontawesome.com.cdn.cloudflare.net
104.21.27.152
pki-goog.l.google.com
142.250.113.94
use.fontawesome.com
unknown
c.pki.goog
unknown

IPs

IP
Domain
Country
Malicious
104.21.48.1
tradingviewprime.com
United States
173.194.208.106
www.google.com
United States
104.21.27.152
use.fontawesome.com.cdn.cloudflare.net
United States
104.21.96.1
unknown
United States
192.168.2.5
unknown
unknown

DOM / HTML

URL
Malicious
file:///C:/Users/user/Desktop/4G1n4pmjH3.html
 malicious