Description
- Probable Name: Trojan.Script.Heuristic-js.iacgm? (one of the files downloaded)
- URL: https://goo.gl/NrGdrX
- Redirected to: Location: https://www.googledrive.com/host/0BxqXKTpruwHMOEVibmdrNjNwOWs
- Redirected to: Location: https://26ca0f7cda8bfb6ae3d1301a29dcf2563946356e-www.googledrive.com/host/0BxqXKTpruwHMOEVibmdrNjNwOWs
- Unzipped-Content-Md5: mwBrCUKydJkinbFZAeTArA==
- X-Goog-Hash: crc32c=7kyNcw==
- Last file downloaded and included here: NrGdrX
Timeline
Sat Jun 11 01:31:14 CEST 2016
Started windows-normal-1
Sat Jun 11 01:34:00 CEST 2016
infected with https://goo.gl/NrGdrX
https://virustotal.com/en/url/f75f607099028e4799b45f9670f131b2480c87bcd1c687734ea51612201b5642/analysis/1465606509/
That downloads this file... https://virustotal.com/en/file/c974f5d5294849c3d7869dddda349a9f81a148644bb484245fb6837085aad8ff/analysis/1465603719/ Trojan.Script.Heuristic-js.iacgm
Sat Jun 11 01:42:40 CEST 2016
It is still doing stuff but I will install the extension.
Sat Jun 11 01:43:16 CEST 2016
Extension installed