Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Basketball court_66cd88d07e3dc69fb61476c8628af1fac4e3dd8_1ed34277_01b8f5a5-bc66-45ef-aa18-8c689e24d4c3\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Basketball court_66cd88d07e3dc69fb61476c8628af1fac4e3dd8_1ed34277_59f87023-7e98-46fa-b9bf-9fd68f1f11fb\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Basketball court_66cd88d07e3dc69fb61476c8628af1fac4e3dd8_1ed34277_7c5edfb8-94cc-44c6-b5b8-501c500f21df\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Basketball court_66cd88d07e3dc69fb61476c8628af1fac4e3dd8_1ed34277_853fa412-d11e-42b2-a06e-0036eb8cfb88\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER258B.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Mar 26 18:26:36 2024, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER29A3.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER29C4.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER457.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Mar 26 18:26:28 2024, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER862F.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Mar 26 18:25:56 2024, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER88F.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER89F.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8A50.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Mar 26 18:27:02 2024, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8A66.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8A86.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8E49.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8E69.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB2FB.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Mar 26 18:26:07 2024, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB713.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB733.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 17:25:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 17:25:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 17:25:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 17:25:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 17:25:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\Downloads\Basketball court short version 3-18-24.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
C:\Users\user\Downloads\Unconfirmed 75163.crdownload
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
Chrome Cache Entry: 113
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 114
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 115
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 118
|
ASCII text, with very long lines (2628)
|
downloaded
|
||
Chrome Cache Entry: 119
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
Chrome Cache Entry: 120
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 121
|
ASCII text, with very long lines (2054)
|
downloaded
|
||
Chrome Cache Entry: 123
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 124
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 125
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 126
|
ASCII text, with very long lines (597)
|
downloaded
|
||
Chrome Cache Entry: 127
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 128
|
ASCII text, with very long lines (2122)
|
downloaded
|
||
Chrome Cache Entry: 129
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 131
|
ASCII text, with very long lines (1290)
|
downloaded
|
||
Chrome Cache Entry: 132
|
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 133
|
ASCII text, with very long lines (875)
|
downloaded
|
||
Chrome Cache Entry: 135
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 136
|
ASCII text, with very long lines (3383)
|
downloaded
|
||
Chrome Cache Entry: 138
|
PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 141
|
ASCII text, with very long lines (1843)
|
downloaded
|
||
Chrome Cache Entry: 144
|
Web Open Font Format (Version 2), TrueType, length 34108, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 145
|
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
|
dropped
|
||
Chrome Cache Entry: 147
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 149
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 150
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 151
|
ASCII text, with very long lines (2121)
|
downloaded
|
There are 46 hidden files, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://drive.google.com/file/d/1sXNMWYhWddKXv_kCgAKwr0JbUOh92VfC/view?usp=drive_web__;!!EvuEbwJvtYU!hX3qgZLVsnnlzGLSO-nK5A0pPClpa_LYwFKYUOTE-npzFgqOUUxE_g1OWw9h_aaJf6BIxIy0ARGU3yeccf2k02Q%24
|
|||
https://drive.google.com/auth_warmup
|
|||
about:blank
|
|||
https://drive.google.com/file/d/1sXNMWYhWddKXv_kCgAKwr0JbUOh92VfC/view
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
blobcomments-pa.clients6.google.com
|
142.251.16.95
|
||
play.google.com
|
142.251.111.101
|
||
plus.l.google.com
|
172.253.122.138
|
||
drive.google.com
|
172.253.115.101
|
||
www.google.com
|
172.253.115.99
|
||
googlehosted.l.googleusercontent.com
|
142.251.163.132
|
||
drive-thirdparty.googleusercontent.com
|
unknown
|
||
lh3.googleusercontent.com
|
unknown
|
||
apis.google.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
142.251.179.94
|
unknown
|
United States
|
||
142.251.111.101
|
play.google.com
|
United States
|
||
172.253.122.138
|
plus.l.google.com
|
United States
|
||
172.253.62.94
|
unknown
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
172.253.63.139
|
unknown
|
United States
|
||
172.253.62.95
|
unknown
|
United States
|
||
52.182.143.212
|
unknown
|
United States
|
||
172.253.122.113
|
unknown
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
142.251.167.94
|
unknown
|
United States
|
||
172.253.115.99
|
www.google.com
|
United States
|
||
172.253.115.101
|
drive.google.com
|
United States
|
||
20.42.73.29
|
unknown
|
United States
|
||
142.251.179.101
|
unknown
|
United States
|
||
172.253.115.94
|
unknown
|
United States
|
||
142.251.163.94
|
unknown
|
United States
|
||
172.253.62.101
|
unknown
|
United States
|
||
142.251.163.95
|
unknown
|
United States
|
||
142.251.111.99
|
unknown
|
United States
|
||
1.1.1.1
|
unknown
|
Australia
|
||
142.251.167.132
|
unknown
|
United States
|
||
142.251.163.132
|
googlehosted.l.googleusercontent.com
|
United States
|
||
172.253.63.95
|
unknown
|
United States
|
||
20.189.173.20
|
unknown
|
United States
|
||
172.253.63.94
|
unknown
|
United States
|
||
142.251.111.94
|
unknown
|
United States
|
||
172.253.63.100
|
unknown
|
United States
|
||
20.189.173.22
|
unknown
|
United States
|
||
172.253.63.132
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.251.16.95
|
blobcomments-pa.clients6.google.com
|
United States
|
||
142.251.16.94
|
unknown
|
United States
|
||
172.253.115.84
|
unknown
|
United States
|
There are 24 hidden IPs, click here to show them.