http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd

Status: finished

Submission Time: 2022-08-09 14:56:08 +02:00

Suspicious

Trojan

Comments

Details

Analysis ID:
680978
API (Web) ID:
1048484
Analysis Started:

2022-08-09 14:56:09 +02:00
Analysis Finished:

2022-08-09 15:02:20 +02:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	suspicious Score: 20	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
128.1.77.230	United States
219.141.240.182	China
219.141.240.178	China
Click to see the 12 hidden entries
117.184.226.70	China
114.251.191.206	China
172.217.168.14	United States
103.235.46.191	Hong Kong
239.255.255.250	Reserved
114.246.31.165	China
117.184.226.43	China
117.184.226.7	China
114.251.191.210	China
117.184.226.1	China
36.112.20.164	China
142.250.203.109	United States

Domains

Name	IP	Detection
beian.miit.gov.cn	0.0.0.0
www.gov.cn	0.0.0.0
zgovweb.v.bsgslb.cn	128.1.77.230
Click to see the 16 hidden entries
hm.baidu.com	0.0.0.0
www.12377.cn	0.0.0.0
clients2.google.com	0.0.0.0
zwdt.sh.gov.cn	117.184.226.1
clients.l.google.com	172.217.168.14
3z4qr0nn.slt-dk.sched.tdnsv8.com	61.54.91.250
www.beian.gov.cn	219.142.142.150
lxm.qrcode.sh.gov.cn	117.184.226.43
dcs.conac.cn	219.141.240.182
23a72c571eab6919.cdn.jiashule.com	119.39.205.85
hm.e.shifen.com	103.235.46.191
zfwzgl.www.gov.cn	36.112.20.164
zfwzzc.www.gov.cn	114.246.31.165
bszs.conac.cn	219.141.240.178
zwdtuser.sh.gov.cn	117.184.226.7
accounts.google.com	142.250.203.109

URLs

Name	Detection
https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jsp
https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.g
https://www.gov.cn/2016public/bottom.htm
Click to see the 97 hidden entries
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.html
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/jquery-1.7.2.min.js
http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.html
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/foot-icp.png
http://zwdt.sh.gov.cn/zwdtSW/dphead/img/sublogo.png
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/initQA.do
https://play.google.com
https://www.gov.cn/govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1434.png
https://www.gov.cn/govweb/xhtml/2016gov/css/base.css
https://www.google.com/images/cleardot.gif
https://zfwzzc.www.gov.cn/check_web/js/jquery.tips.js
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery-1.10.2.js
https://zfwzzc.www.gov.cn/check_web/images/magnify-icon.png
https://zfwzzc.www.gov.cn/check_web/images/jc/jiuc_img8.jpg
https://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049840950
https://zfwzzc.www.gov.cn/check_web/images/jiuc_header.jpg
https://www.google.com/
http://117.184.226.70:9022/ac-guide-ext/resources/bootstrap-3.3.5/js/bootstrap.min.js
http://zwdt.sh.gov.cn/zwdtSW/plugin/fontawesome/css/font-awesome.min.css
https://zfwzzc.www.gov.cn/check_web/images/right_doub.png
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/bootstrap/css/bootstrap.min.css
https://www.gov.cn/2016public/bottom.htm
https://creativecommons.org/.
https://clients2.google.com
https://www-googleapis-staging.sandbox.google.com
http://zwdt.sh.gov.cn/zwdtSW/dphead/head/header.js?1660049838314
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/ico1.png
http://zwdt.sh.gov.cn/zwdtSW/dphead/common/js/version.js?time=0.4290670805374541
https://apis.google.com
https://zwdt.sh.gov.cn/zwdtSW/dphead/data/dept.json
https://zfwzgl.www.gov.cn/favicon.ico
https://accounts.google.com
https://zfwzzc.www.gov.cn/check_web/map/js/echarts.js
https://zfwzzc.www.gov.cn/check_web/errorInfo_querySearch.action?sEcho=1&iColumns=7&sColumns=%2C%2C%2C%2C%2C%2C&iDisplayStart=0&iDisplayLength=10&mDataProp_0=dataNumber&sSearch_0=&bRegex_0=false&bSearchable_0=true&bSortable_0=false&mDataProp_1=sitecode&sSearch_1=&bRegex_1=false&bSearchable_1=true&bSortable_1=false&mDataProp_2=wzmc&sSearch_2=&bRegex_2=false&bSearchable_2=true&bSortable_2=false&mDataProp_3=problem_id&sSearch_3=&bRegex_3=false&bSearchable_3=true&bSortable_3=false&mDataProp_4=bgdate&sSearch_4=&bRegex_4=false&bSearchable_4=true&bSortable_4=false&mDataProp_5=blzt&sSearch_5=&bRegex_5=false&bSearchable_5=true&bSortable_5=false&mDataProp_6=chakan&sSearch_6=&bRegex_6=false&bSearchable_6=true&bSortable_6=false&sSearch=&bRegex=false&iSortCol_0=0&sSortDir_0=asc&iSortingCols=1&status=0%2C1%2C5%2C6%2C7%2C8%2C9%2C16%2C17%2C18&sitecodebg=&problemIdbg=&tt=Tue+Aug+09+2022+14%3A57%3A55+GMT%2B0200+(Central+European+Summer+Time)&size=10&pos=1&pageNo=1&_t=1660049875337
https://zfwzzc.www.gov.cn/check_web/images/jc/bgt.png
https://zwdt.sh.gov.cn/govPortals/common/css/common_new.css
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=1131
https://github.com/easylist)
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/ico3.png
https://creativecommons.org/compatiblelicenses
https://accounts.google.com/MergeSession
https://zfwzzc.www.gov.cn/check_web/js/flexslider/flexslider.css
http://zwdt.sh.gov.cn/zwdtSW/dphead/head/header.js?1660049839811
https://sandbox.google.com/payments/v4/js/integrator.js
http://zwdt.sh.gov.cn/govPortals/common/css/common_new.css
https://hm.baidu.com/hm.js?3a125f686abed6dc0209db1fb2efac2b
https://www.google.com/images/dot2.gif
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/layui.js
https://zwdtuser.sh.gov.cn/uc/usercenter/userinfo.jsp
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.dataTables.js
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css
https://www.google.com
https://zfwzzc.www.gov.cn/check_web/css/master_cn_v1.0.css
http://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049839811
https://zwdt.sh.gov.cn/zwdtSW/dphead/img/location.png
http://117.184.226.70:9022/ac-guide-ext/fillform/notity/js/vue.min.js
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.select.js
https://www.gov.cn/govweb/xhtml/2016gov/images/public/select_jiantou.jpg
https://easylist.to/)
https://zfwzzc.www.gov.cn/check_web/css/base.css
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/bootstrap/fonts/glyphicons-halflings-regular.woff2
http://117.184.226.70:9022/ac-guide-ext/resources/bootstrap-3.3.5/css/bootstrap.min.css
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/lay/modules/layer.js
https://zfwzzc.www.gov.cn/check_web/js/flexslider/jquery.flexslider.js
https://zwdt.sh.gov.cn/zwdtSW/dphead/head/header.js?1660049840950
https://zwdt.sh.gov.cn/zwdtSW/dphead/img/sublogo.png
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
https://zfwzzc.www.gov.cn/check_web/js/jcInfoNew.js?v=202002181
http://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css
https://zfwzzc.www.gov.cn/check_web/css/EDM.css
https://zfwzzc.www.gov.cn/check_web/images/jc/red_asterisk.png
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.validate.js
https://www.gov.cn/govweb/xhtml/2016gov/images/index/2018guohui03.png
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.form.js
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/css/modules/layer/default/layer.css?v=3.1.1
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://www.google.com/images/x2.gif
http://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/jquery-1.7.2.min.js
http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jsp
https://zfwzzc.www.gov.cn/check_web/js/kindeditor/themes/default/default.css
https://zfwzzc.www.gov.cn/check_web/kaptcha.jpg?1660049875267
https://payments.google.com/payments/v4/js/integrator.js
https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.css
https://zfwzzc.www.gov.cn/check_web/css/xinxikf.css
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/css/layui.css
http://117.184.226.70:9022/favicon.ico
https://zfwzzc.www.gov.cn/check_web/js/util.js
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
https://dns.google
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/foot-ga.png
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
https://zfwzzc.www.gov.cn/check_web/js/placeholder.js
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/ico2.png
http://117.184.226.70:9022/ac-guide-ext/fillform/common/js/jquery-1.11.0.min.js
https://zfwzzc.www.gov.cn/check_web/js/slider.js
https://www.gov.cn/govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1534.png

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\nb\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\id\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\es_419\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\en_GB\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\en\messages.json	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button_close.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\icon_16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\flapper.gif	GIF image data, version 89a, 30 x 30	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\html\craw_window.html	HTML document, ASCII text	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\css\craw_window.css	ASCII text	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\craw_window.js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\craw_background.js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\zh_CN\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\pt_PT\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\pt_BR\messages.json	UTF-8 Unicode text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\4e795b3c-3c2c-49a8-80bb-0db96d6ccb7b.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\321675e0-8103-480a-a7e8-b38cce85d665.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\79afce29-70f3-4876-ab85-42e8c2f9f1e9.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4409b1fd-6fe6-4672-9064-de733a9d59c1.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c7f7819-c5b0-466c-96e3-b28e69fca4ac.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\9ed38ada-65de-4475-a162-ba3e84ff162e.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\7fd73cad-aace-48ac-a55b-ba71a4834420.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\7fa03d5c-c19f-4896-997a-ff2d91f86098.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\54993c21-b51c-4757-9575-b220900a434a.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\40ab066d-491b-4a5f-bbc4-6f114b988baf.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\acaa55c2-023a-448c-9697-2cff0dbc3f79.tmp	data	#
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\3f482a4b-2899-4262-be89-6ad22fc4361c.tmp	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Temp\fbe537f8-f982-4c52-a461-84ce3ba85ad7.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\ab3c7410-90c5-4216-a441-a4fd65482e58.tmp	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\6140_158424456\manifest.json	ASCII text	#
C:\Users\user\AppData\Local\Temp\6140_158424456\LICENSE.txt	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\6140_1085709407\manifest.json	ASCII text	#
C:\Users\user\AppData\Local\Temp\6140_1085709407\manifest.fingerprint	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Temp\6140_1085709407\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Temp\6140_1085709407\Recovery.crx3	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Temp\3f482a4b-2899-4262-be89-6ad22fc4361c.tmp	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Temp\3b576cee-3db8-4e8c-8006-1374266a2684.tmp	Google Chrome extension, version 3	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\f1840a41-4f50-4157-b519-9e53f5c0ecd3.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\2de65193-9323-4bbc-9b33-7595d4a14e85.tmp	SysEx File -	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ce054faf-ddbf-4e09-babb-6ebf8923b7fd.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cc421846-2af2-4329-9c10-38c5e1cb7d90.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c472a7b2-762b-4774-8fcd-a76600d09759.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\aa00a0e4-e508-4131-badc-5eb0c5a54574.tmp	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a16e0775-36c0-4d66-a918-07242a85afc1.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	#

http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd Options

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started

http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd