Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
AkimaPAYROLL 2023-03-20.htm
|
HTML document, ASCII text, with very long lines (65386), with CRLF line terminators
|
initial sample
|
||
C:\Users\eyup\Documents\Outlook Files\Outlook Data File - NoEmail.pst
|
data
|
dropped
|
||
Chrome Cache Entry: 136
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 137
|
HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 139
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
|
downloaded
|
||
Chrome Cache Entry: 141
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113577
|
downloaded
|
||
Chrome Cache Entry: 142
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 143
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 347498
|
downloaded
|
||
Chrome Cache Entry: 144
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
|
dropped
|
||
Chrome Cache Entry: 145
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 47818
|
downloaded
|
||
Chrome Cache Entry: 146
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 148
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 854156
|
downloaded
|
||
Chrome Cache Entry: 149
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 110674
|
downloaded
|
||
Chrome Cache Entry: 151
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 152
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1266361
|
downloaded
|
||
Chrome Cache Entry: 155
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
|
dropped
|
||
Chrome Cache Entry: 157
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 412391
|
downloaded
|
||
Chrome Cache Entry: 158
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
dropped
|
||
Chrome Cache Entry: 159
|
ASCII text, with very long lines (32030)
|
downloaded
|
||
Chrome Cache Entry: 160
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 109863
|
downloaded
|
There are 10 hidden files, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
file:///C:/Users/eyup/Desktop/AkimaPAYROLL%202023-03-20.htm
|
|||
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000006-0000-0ff1-ce00-000000000000&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DyTv8auMLORdIcWeO11-2rveQJRH_dYo9RISyrj0a1sCP5C-YZOFmewUrp_ro-Kr7aBo_hYN_nbj6VXY8rQWMD9NGkN7i4QkVe6mHpNHef8Uvad_iTMMkpEY4xjmLQ8-RA0VMG1rw3ZXloOzjsCfEww&response_mode=form_post&nonce=638149470490347218.YTQ1NWI5MzQtNGYyMy00MmFhLWI5ODMtZTQ2MTkyMjI0NzAyYmRiNzFmZTgtODdlZi00NmFiLWI1OTItNWFlYzg1YTM0MDBk&redirect_uri=https%3A%2F%2Fportal.office.com%2Flanding&ui_locales=en-US&mkt=en-US&client-request-id=a8e8bdec-70fe-4013-911c-97f82fdc6d64&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
|
|||
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000006-0000-0ff1-ce00-000000000000&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DyTv8auMLORdIcWeO11-2rveQJRH_dYo9RISyrj0a1sCP5C-YZOFmewUrp_ro-Kr7aBo_hYN_nbj6VXY8rQWMD9NGkN7i4QkVe6mHpNHef8Uvad_iTMMkpEY4xjmLQ8-RA0VMG1rw3ZXloOzjsCfEww&response_mode=form_post&nonce=638149470490347218.YTQ1NWI5MzQtNGYyMy00MmFhLWI5ODMtZTQ2MTkyMjI0NzAyYmRiNzFmZTgtODdlZi00NmFiLWI1OTItNWFlYzg1YTM0MDBk&redirect_uri=https%3A%2F%2Fportal.office.com%2Flanding&ui_locales=en-US&mkt=en-US&client-request-id=a8e8bdec-70fe-4013-911c-97f82fdc6d64&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0&sso_reload=true
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
l0u4.tk
|
8.39.235.63
|
||
cs1100.wpc.omegacdn.net
|
152.199.23.37
|
||
accounts.google.com
|
142.250.185.141
|
||
www.google.com
|
172.217.18.100
|
||
clients.l.google.com
|
142.250.185.110
|
||
clients2.google.com
|
unknown
|
||
code.jquery.com
|
unknown
|
||
aadcdn.msftauth.net
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
142.250.184.195
|
unknown
|
United States
|
||
13.107.6.156
|
unknown
|
United States
|
||
142.250.186.67
|
unknown
|
United States
|
||
34.104.35.123
|
unknown
|
United States
|
||
192.168.2.1
|
unknown
|
unknown
|
||
20.224.254.73
|
unknown
|
United States
|
||
20.190.159.73
|
unknown
|
United States
|
||
142.250.185.110
|
clients.l.google.com
|
United States
|
||
52.109.88.191
|
unknown
|
United States
|
||
192.168.2.3
|
unknown
|
unknown
|
||
142.250.185.202
|
unknown
|
United States
|
||
69.16.175.42
|
unknown
|
United States
|
||
20.190.160.14
|
unknown
|
United States
|
||
2.19.126.200
|
unknown
|
European Union
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.250.185.141
|
accounts.google.com
|
United States
|
||
13.107.237.45
|
unknown
|
United States
|
||
192.229.221.95
|
unknown
|
United States
|
||
152.199.23.37
|
cs1100.wpc.omegacdn.net
|
United States
|
||
142.250.184.228
|
unknown
|
United States
|
||
127.0.0.1
|
unknown
|
unknown
|
||
8.39.235.63
|
l0u4.tk
|
United States
|
There are 12 hidden IPs, click here to show them.