https://www.extcovdoc125.org/

Status: finished

Submission Time: 2022-05-26 18:21:38 +02:00

Malicious

Phishing

HTMLPhisher

Comments

Details

Analysis ID:
634729
API (Web) ID:
1002235
Analysis Started:

2022-05-26 18:21:39 +02:00
Analysis Finished:

2022-05-26 18:29:13 +02:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 64	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
3.231.116.131	United States
104.18.10.207	United States
216.58.215.238	United States
Click to see the 9 hidden entries
34.96.106.200	United States
142.250.203.109	United States
104.17.24.14	United States
52.203.39.37	United States
216.58.215.227	United States
34.117.168.233	United States
104.18.11.207	United States
239.255.255.250	Reserved
34.102.176.152	United States

Domains

Name	IP	Detection
clients.l.google.com	216.58.215.238
static.parastorage.com	0.0.0.0
frog.wix.com	0.0.0.0
Click to see the 17 hidden entries
code.jquery.com	0.0.0.0
clients2.google.com	0.0.0.0
www.extcovdoc125.org	0.0.0.0
frog.editorx.com	0.0.0.0
static.wixstatic.com	0.0.0.0
siteassets.parastorage.com	0.0.0.0
bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com	3.231.116.131
gstaticadssl.l.google.com	216.58.215.227
c-0001.c-msedge.net	13.107.4.50
maxcdn.bootstrapcdn.com	104.18.11.207
gcp.media-router.wixstatic.com	34.102.176.152
cdnjs.cloudflare.com	104.17.24.14
accounts.google.com	142.250.203.109
torch-rare-nerine.glitch.me	52.203.39.37
td-static-34-96-106-200.parastorage.com	34.96.106.200
td-ccm-168-233.wixdns.net	34.117.168.233
stackpath.bootstrapcdn.com	104.18.10.207

URLs

Name	Detection
https://www.extcovdoc125.org/
https://static.wixstatic.com
https://payments.google.com/payments/v4/js/integrator.js
Click to see the 49 hidden entries
https://static.wixstatic.com/media/02b81a_70fc0acae7884e1fa34a11a1711c102e~mv2.png/v1/fill/w_931,h_570,al_c,q_90,usm_0.66_1.00_0.01,enc_auto/Screenshot%202022.png
https://torch-rare-nerine.glitch.me/extdoc125index.html2
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84&et=1&event_name=Init&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=361b8621-7187-4e93-b748-a6b720cc5eed&pn=1&sessionId=81c9320b-2bae-438b-a0b9-134b38f115b3&siterev=5-__siteCacheRevision__&st=2&ts=18&tts=1954&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&v=1.10130.0&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&_brandId=editorx
https://www.google.com/images/x2.gif
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84&et=33&event_name=page%20interactive&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=361b8621-7187-4e93-b748-a6b720cc5eed&pid=c1dmp&pn=1&sar=1280x984&sessionId=81c9320b-2bae-438b-a0b9-134b38f115b3&siterev=5-__siteCacheRevision__&sr=1280x1024&st=2&ts=1994&tts=3930&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&v=1.10130.0&vid=97ac8d2d-0072-4f2c-8777-f8339eb78d25&bsi=4b670852-7e7a-4bc3-8324-43727fa80a06\|1&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&wor=1280x984&wr=1280x869&_brandId=editorx
https://torch-rare-nerine.glitch.me/extdoc125index.html
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://www.extcovdoc125.org/_api/v2/dynamicmodel
https://siteassets.parastorage.com
https://torch-rare-nerine.glitch.me/favicon.ico
https://www.google.com/images/dot2.gif
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
https://frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt-responsive&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&is_cached=true&msid=361b8621-7187-4e93-b748-a6b720cc5eed&session_id=81c9320b-2bae-438b-a0b9-134b38f115b3&ish=true&isb=true&isbr=webdriver&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&caching=hit,hit&pv=visible&pn=1&v=1.10130.0&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&st=2&ts=13&tsn=1949
https://frog.wix.com/bolt-performance?src=72&evid=28&appName=thunderbolt-responsive&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&is_cached=true&msid=361b8621-7187-4e93-b748-a6b720cc5eed&session_id=81c9320b-2bae-438b-a0b9-134b38f115b3&ish=true&isb=true&isbr=webdriver&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&caching=hit,hit&pv=visible&pn=1&v=1.10130.0&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&st=2&ts=13&tsn=1949&name=partially_visible&duration=1653582165943&pageId=c1dmp
https://frog.editorx.com/bpm
https://clients2.googleusercontent.com
https://static.wixstatic.com/media/02b81a_70fc0acae7884e1fa34a11a1711c102e~mv2.png/v1/fill/w_245,h_126,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/Screenshot%202022.png
https://frog.editorx.com/pa?_msid=361b8621-7187-4e93-b748-a6b720cc5eed&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&_av=thunderbolt-1.10130.0&isb=true&isbr=webdriver&_brandId=editorx&_siteBranchId=undefined&_ms=3898&_lv=2.0.985%7CC&_visitorId=97ac8d2d-0072-4f2c-8777-f8339eb78d25&_siteMemberId=undefined&bsi=4b670852-7e7a-4bc3-8324-43727fa80a06%7C1&src=76&evid=1109&pid=c1dmp&pn=1&viewer=TB&pt=static&pa=editor&pti=c1dmp&uuid=02b81a5a-1805-4b9f-83a2-e2f77f7ddb0b&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&ref=&bot=true&bl=en-GB&pl=en-GB%2Cen-US%2Cen&_=16535821675170
https://www.google.com/
https://torch-rare-nerine.glitch.me/extdoc125index.html
https://clients2.google.com/service/update2/crx
https://apis.google.com
https://play.google.com
https://easylist.to/)
https://www.extcovdoc125.org/
https://sandbox.google.com/payments/v4/js/integrator.js
https://accounts.google.com/MergeSession
https://creativecommons.org/compatiblelicenses
https://www.google.com
https://github.com/easylist)
https://creativecommons.org/.
https://www.extcovdoc125.org/2
https://accounts.google.com
https://www.extcovdoc125.org
https://www.google.com/images/cleardot.gif
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
https://www-googleapis-staging.sandbox.google.com
https://clients2.google.com
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84&et=12&event_name=Partially%20visible&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=361b8621-7187-4e93-b748-a6b720cc5eed&pid=c1dmp&pn=1&sessionId=81c9320b-2bae-438b-a0b9-134b38f115b3&siterev=5-__siteCacheRevision__&st=2&ts=398&tts=2334&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&v=1.10130.0&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&_brandId=editorx
https://www.extcovdoc125.org/_api/tag-manager/api/v1/tags/sites/361b8621-7187-4e93-b748-a6b720cc5eed?wixSite=false&htmlsiteId=d2f95b4d-d274-49b1-b7ae-045e9f4850bf&language=en
https://dns.google
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
https://www.google.com/intl/en-US/chrome/blank.html
https://ogs.google.com
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://frog.editorx.com/bpm?_msid=361b8621-7187-4e93-b748-a6b720cc5eed&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&_av=thunderbolt-1.10130.0&isb=true&isbr=webdriver&ts=6004&tsn=7940&dc=84&caching=hit%2Chit&session_id=81c9320b-2bae-438b-a0b9-134b38f115b3&st=2&url=https%253A%252F%252Fwww.extcovdoc125.org%252F&ish=true&pn=1&pv=true&pageId=c1dmp&isServerSide=false&is_lightbox=false&is_cached=true&is_sav_rollout=0&is_dac_rollout=0&v=1.10130.0&_brandId=editorx&_siteBranchId=undefined&_ms=7941&_lv=2.0.985%7CC&_visitorId=undefined&_siteMemberId=undefined&src=72&evid=502&_=16535821715601&tti=3441&tbt=89&iframes=0&screens=1&entryType=loaded&lcp=3154&lcpSize=529506&closestId=img-comp-l3imgj4o&lcpTag=PICTURE&lcpResourceType=png&lcpInLightbox=false&countScripts=22&startTimeScripts=1941&durationScripts=1935&mttfbScripts=29&attfbScripts=41&tbdScripts=1016138&countImages=2&startTimeImages=2452&durationImages=490&mttfbImages=256&attfbImages=256&tbdImages=135200&countFonts=2&startTimeFonts=2059&durationFonts=2476&mttfbFonts=9&attfbFonts=9&tbdFonts=18344&duration=3947&ttlb=1925&dcl=2374&transferSize=263842&decodedBodySize=262198&pageCaching=maybe%20CDN&isSsr=true&isWelcome=false&visitorId=97ac8d2d-0072-4f2c-8777-f8339eb78d25&btype=webdriver&bsi=4b670852-7e7a-4bc3-8324-43727fa80a06%7C1&ssrDuration=41&ssrTimestamp=1653541541625&microPop=euw3&isRollout=false&isPlatformLoaded=false&maybeBot=true&cls=0&countCls=0&clsOld=0&clientType=ugc&analytics=true

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Temp\55b6949c-382d-42a0-9862-3e9d4fa4ad79.tmp	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\es_419\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\en_GB\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\en\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\55b6949c-382d-42a0-9862-3e9d4fa4ad79.tmp	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Temp\c2c2fb6c-f259-490b-ba8b-6ab0dd963234.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\5164_329640452\manifest.json~	ASCII text	#
C:\Users\user\AppData\Local\Temp\5164_329640452\manifest.json	ASCII text	#
C:\Users\user\AppData\Local\Temp\5164_329640452\manifest.fingerprint	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Temp\5164_329640452\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Temp\5164_329640452\LICENSE.txt	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\5164_329640452\Filtering Rules	data	#
C:\Users\user\AppData\Local\Temp\5164_1892479222\manifest.json	ASCII text	#
C:\Users\user\AppData\Local\Temp\5164_1892479222\manifest.fingerprint	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Temp\5164_1892479222\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Temp\5164_1606807745\manifest.json	ASCII text	#
C:\Users\user\AppData\Local\Temp\5164_1606807745\manifest.fingerprint	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\pt_PT\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\pt_BR\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\nb\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\5164_1606807745\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\id\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\557d11ab-346e-4ead-9c60-6b4c45f063c9.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9e61d1e6-e002-42ab-9f16-2495e9afe44b.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7a14fc07-ecc6-4902-824c-2d0a5290101a.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\46e5f088-0d1a-4158-b735-5e87e4cc747d.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1e193c6d-b39a-4ab6-815e-9c65934a80fa.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1db2c452-2ff7-4dbf-ba38-abc98065c6ee.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\95fbdc4d-36d1-49ac-a585-7971f0b16bda.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\88edfec8-a8e4-4411-b332-f2884fb997fc.tmp	SysEx File -	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\7e5e2a86-fea0-4e2f-9ac6-cebd53dea438.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\49996986-d7d7-41df-9b18-428ab74489a4.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\3fdd3811-ff4b-492c-acf4-1d02e144fdda.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\3d2f77ec-0582-487d-b313-87da644e83c6.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\298af2d3-aa17-4443-93f9-b346fc222585.tmp	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\16077ec1-bb00-469d-b5df-4bdcd8e0a67e.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\0759b745-6ff1-4982-8800-edc977ae5b72.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	#
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, 61476 bytes, 1 file	#
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\manifest.json	ASCII text	#
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	#
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\ChromeRecoveryCRX.crx	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ad8021df-c392-483e-a98f-826780bc171d.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Temp\5164_1606807745\Recovery.crx3	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\ec92b34f-b1a1-46b3-92f2-ab635cbacffe.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5164_283591160\Ruleset Data	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f52e71c0-9043-47b0-a259-d592085c61cc.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d1b627a8-bd66-48ff-9246-9c9ac8968020.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d1aa2759-9bd6-4978-b770-e1479d6b81be.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\ChromeRecovery.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a13c8b74-6e05-4699-a045-65c609372f68.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\95a364d5-26f9-4ca9-adeb-c806278941d8.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\76a08e1b-f850-43ff-98b8-abad74e26e25.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	#

https://www.extcovdoc125.org/

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

https://www.extcovdoc125.org/ Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

https://www.extcovdoc125.org/