IOCReport

loading gif

Files

File Path
Type
Category
Malicious
https://ww-agf.primside.ga/YW5keS5rb2NoYXJAYWdmLmNvbQ==
URL
initial url
 malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, 59134 bytes, 1 file
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\0129cfb3-5ed5-4d93-8a1b-66c6235633e3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\234bde21-9b5e-4d37-bad0-e7e113540445.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\2a54a5ad-1e43-40c1-bc9b-ca30dc5e385d.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\2c10c6a5-25c7-421d-8ca9-0039863da4c8.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\4ce0e581-54d2-47b1-8286-57ad74f4e6e6.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\4f2c1bd8-04b1-4009-ad36-945037dc656f.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\73c6fcfb-0b6e-4010-af7a-42ae04fc98c1.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\830f6d71-f14f-4425-8444-d8ae53d174d3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\9d17ae73-80d1-44df-88ca-efb8d7627f86.tmp
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0ec8195d-560a-4721-94a6-7f51dcf513a3.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c7dc873-96c8-4ccf-8476-d32acdbc1b74.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1ffb1c12-8e67-4610-a43d-85a8d7ad61f5.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\27bda5cb-db84-4d48-b6fe-4b6986678f30.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\38c897cf-f38c-4142-8c40-3a54566787eb.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4f8c529e-b48c-4147-9d8f-c3900f6e629c.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\56d9fc6a-e8f3-441c-8f65-98dc89e5d5b5.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7302de00-9c6e-4b9a-adf1-843a7291d8a1.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\845fcbde-0615-40a5-a17a-11be9d8a03ec.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\89a2b4b8-8744-4d1a-b469-cd599255f02a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8a43084a-5b1a-4f82-a744-0c7659b27bab.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\00add0752dc81105_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0464521381b40578_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\094e2d6bf2abec98_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0ab0a6b6ec5e900e_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\11a58c3d643cb456_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\145375f6fd9456d5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\166ee82c52b87e97_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\176d14383a4cd8c3_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22fb0e1969c285c1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2e8df38f3f8fb595_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\309184ad59030aa2_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\330c4816a9e28618_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\359022573035c25f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3b99dc3d3bc104fb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\431ab35fa84a13dd_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\43fb384703621b6c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\462d64d34aad30da_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4ac2f448771ab57b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\50030ae951750ff1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\547db41b413d52f1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\560eb50eaa655bc7_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5775d7ea69d43f30_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5a0d44391b90ff78_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5ce38a7727ba7508_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5db4ad138a5b020e_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\67ff2080fc2646fa_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6aa8f657d25858ac_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b848a87f40dd230_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\72090e93af2b3d0c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\73b12b162f1cf8a7_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\778b8f5c60850b23_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\781980b07f1bb38f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f3c2e2c260a7099_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9299ed2c4c7a3963_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a5575bef7c495dc_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ac17804cac642505_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0581f11f03b3afc_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d351c2e105cdeba7_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dc2be4daef321d91_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4b92c98510f85ab_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4b9b26cef092fbf_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f46ad1d2652b0b43_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f4de1fe6dac9263c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f50f7e3b3653a201_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fbfb01c217345625_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff3254c380ce1732_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000001.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\MANIFEST-000001
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_publisher.liveperson.net_0.indexeddb.leveldb\000001.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_publisher.liveperson.net_0.indexeddb.leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_publisher.liveperson.net_0.indexeddb.leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_publisher.liveperson.net_0.indexeddb.leveldb\MANIFEST-000001
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\7c168c30-6ca2-4e13-be78-b11bd2163b82.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\2f52bada-9a8b-43b4-8f63-9c4d3480cea3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a550cfa2-8b0f-4b79-8ed3-99e396007058.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b4b5fa34-81fc-4804-8e7c-87eecb086dc8.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c2c22fe8-e44e-4eb2-bd87-6e25065f6850.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dfc7e3c3-9fcb-4b92-8927-b54c3e659036.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f52ae607-b889-4072-8be9-f08aecd256ca.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f7ddd684-16eb-4df6-b435-36e827ec2c37.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fce495f8-e0be-499d-b7ae-fffd4d300a4d.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\fb944e4f-a1e1-48df-87b2-c281b042b7a8.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\1384dbd2-962c-4302-a9bb-748f39d32c68.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\4e1bcf6f-da9c-4e99-bbef-a4a576c325c7.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\6cb8422d-9935-49ca-a2d3-ffe65966faed.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\767a1aae-3040-4348-806b-9335bbc277f2.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\767a1aae-3040-4348-806b-9335bbc277f2.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_60691035\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\1384dbd2-962c-4302-a9bb-748f39d32c68.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_74392843\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
There are 233 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://ww-agf.primside.ga/YW5keS5rb2NoYXJAYWdmLmNvbQ=='
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,13880197655046322879,7359506738743907629,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1692 /prefetch:8
clean

URLs

Name
IP
Malicious
https://snowtike.cf/aU5Y9Sr7Z6nkVtcMyiIpNePqHXJB2lRLsfwzhEm0FO8Tgv4GjAKboCQ13DuxsceumNbRTPlWDO7y0hz8gE9x42XrYApiqajkfS1LM6nZJUQ3HtCwvVoIKGB5yFRDtqlKkLAUm3E7Mr6if2o08InaYbpOZ1BV4h9N5gexzGTXWJvSQPwCusjc23JnlRX9s0gPyOpcFuHMh7Qv4jkBrowibSq1zNt56VImCeZfaDKxEYUAWL8T/lFXaUGxqWkQEj2DLgt5cJRZwCnAP3Mp9SNBv4HVhK61u8fmTybeo7z0sIiYr.php
malicious
https://assets.onestore.ms/
unknown
 clean
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb223
unknown
 clean
https://publisher.liveperson.net-_https://publisher.liveperson.net
unknown
 clean
https://lpcdn.lpsnmedia.net(_https://lpcdn.lpsnmedia.net
unknown
 clean
https://publisher.liveperson.net/
unknown
 clean
https://liveperson.net//
unknown
 clean
https://consentreceiverfd-prod.azurefd.net/v1
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.jsaD
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
unknown
 clean
https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-us&uhf=1
unknown
 clean
https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/zones?fields=id&fields=z
unknown
 clean
https://lpcdn.lpsnmedia.net/
unknown
 clean
https://live.com/
unknown
 clean
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-
unknown
 clean
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=http
unknown
 clean
https://lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/UISuite.js?_v=3.43.0.1-release_5028
unknown
 clean
https://publisher.liveperson.net
unknown
 clean
https://a.nel.cloudflare.com/report?s=fHk66Wobqmp1oRWQAGcEYYR9LG79ETz6PsBQ0Jf4Z8Lqd4gGsWKYC0MH%2BTUX
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/de-DE/meBoot.min.js
unknown
 clean
https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/campaigns/1644274130/eng
unknown
 clean
https://mem.gfx.ms/meversion?partner=MSHomePage&market=de-ch&uhf=1
unknown
 clean
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%
unknown
 clean
https://dns.google
unknown
 clean
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb321
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/en-US/meCore.min.js
unknown
 clean
https://logincdn.msauth.net/16.000/content/js/MeControl_cfDm2fEwfL1YuSiw8j6tzA2.js
unknown
 clean
https://lpcdn.lpsnmedia.net
unknown
 clean
https://liveperson.net/
unknown
 clean
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-ch&buttons=lpChatService,lpChatSales
clean
https://accdn.lpsnmedia.net/api/account/60270350/configuration/engagement-window/window-confs/164451
unknown
 clean
https://mem.gfx.ms/meversion?partner=OfficeProducts&market=de-ch&uhf=1
unknown
 clean
https://logincdn.msauth.net/16.000/content/js/MeControl_cfDm2fEwfL1YuSiw8j6tzA2.jsaD
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/de-DE/meCore.min.jsaD
unknown
 clean
https://cdn.clipart.email/de08a54070b0e35e96d77ab05a6eea4a_microsoft-logo-transparent-png-picture-75
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.jsaD
unknown
 clean
https://snowtike.cf
unknown
 clean
https://lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/overlay.js?_v=3.43.0.1-release_5028
unknown
 clean
https://ajax.aspnetcdn.com/
unknown
 clean
https://amp.azure.net/libs/amp/1.8.0/azuremediaplayer.min.js
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/de-DE/meBoot.min.jsaD
unknown
 clean
https://snowtike.cf/andy.kochar
unknown
 clean
https://aadcdn.msftauth.net
unknown
 clean
https://cdn.clipart.email
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/de-DE/meCore.min.js
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.20321.2/en-US/meBoot.min.js
unknown
 clean
https://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.js
unknown
 clean
https://aadcdn.msauth.net
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://snowtike.cf/aU5Y9Sr7Z6nkVtcMyiIpNePqHXJB2lRLsfwzhEm0FO8Tgv4GjAKboCQ13DuxsceumNbRTPlWDO7y0hz8
unknown
 clean
https://lptag.liveperson.net/lptag/api/account/60270350/configuration/applications/taglets/.jsonp?v=
unknown
 clean
https://lptag.liveperson.net/tag/tag.js?site=60270350
unknown
 clean
There are 44 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
cdn.clipart.email
172.67.70.208
 clean
cs1100.wpc.omegacdn.net
152.199.23.37
 clean
microsoftwindows.112.2o7.net
35.181.18.61
 clean
ww-agf.primside.ga
162.241.67.201
 clean
dh1y47vf5ttia.cloudfront.net
143.204.11.14
 clean
va.v.liveperson.net
208.89.12.87
 clean
cs1227.wpc.alphacdn.net
192.229.221.185
 clean
mcraa.fs.liveperson.com
3.218.234.129
 clean
snowtike.cf
162.241.67.201
 clean
liveperson.map.fastly.net
151.101.1.192
 clean
googlehosted.l.googleusercontent.com
172.217.22.225
 clean
logincdn.msauth.net
unknown
 clean
lpcdn.lpsnmedia.net
unknown
 clean
accdn.lpsnmedia.net
unknown
 clean
aadcdn.msftauth.net
unknown
 clean
aadcdn.msauth.net
unknown
 clean
assets.onestore.ms
unknown
 clean
ajax.aspnetcdn.com
unknown
 clean
static-assets.fs.liveperson.com
unknown
 clean
mem.gfx.ms
unknown
 clean
clients2.googleusercontent.com
unknown
 clean
bingexplore.azurewebsites.net
unknown
 clean
publisher.liveperson.net
unknown
 clean
amp.azure.net
unknown
 clean
lptag.liveperson.net
unknown
 clean
There are 15 hidden domains, click here to show them.

IPs

IP
Domain
Country
Active
Malicious
172.217.22.225
unknown
United States
unknown
 clean
192.168.2.1
unknown
unknown
unknown
 clean
208.89.12.87
unknown
United States
unknown
 clean
151.101.1.192
unknown
United States
unknown
 clean
172.67.70.208
unknown
United States
unknown
 clean
162.241.67.201
unknown
United States
unknown
 clean
239.255.255.250
unknown
Reserved
unknown
 clean
192.229.221.185
unknown
United States
unknown
 clean
35.181.18.61
unknown
United States
unknown
 clean
143.204.11.14
unknown
United States
unknown
 clean
152.199.23.37
unknown
United States
unknown
 clean
127.0.0.1
unknown
unknown
unknown
 clean
There are 2 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
ahfgeienlihckogmohjhadlkjgocpleb
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
kmendfapggjehodndflmmgagdbamhnfd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mfehgcgbbipciphmccgaenjidiccnmng
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
neajdppkdcdipfabeoofebfddakdcjhd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nkeimhogjdpnpccoofpliimaahmaaome
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.reporting
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
module_blacklist_cache_md5_digest
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
media.storage_id_salt
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_seed
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
default_search_provider_data.template_url_data
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
safebrowsing.incidents_sent
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pinned_tabs
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
search_provider_overrides
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_default_search
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_username
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.restore_on_startup
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_version
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.prompt_wave
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage_is_newtabpage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
browser.show_home_button
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
user_experience_metrics.stability.exited_cleanly
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
lastrun
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
There are 39 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF5885E7000
unkown
page readonly
 clean
FFBEFE000
unkown
page read and write
 clean
1B31DC90000
unkown
page read and write
 clean
14E78442000
unkown
page read and write
 clean
1B31DC74000
unkown
page read and write
 clean
211985C0000
unkown
page readonly
 clean
21198702000
unkown
page read and write
 clean
19EF7E00000
unkown
page read and write
 clean
7FF59FFD9000
unkown
page readonly
 clean
1B31DC9B000
unkown
page read and write
 clean
917127E000
unkown
page read and write
 clean
19EF7E63000
unkown
page read and write
 clean
1B31DC91000
unkown
page read and write
 clean
7FF5885EC000
unkown
page readonly
 clean
1B31DC94000
unkown
page read and write
 clean
14E7843B000
unkown
page read and write
 clean
7FF59FC67000
unkown
page readonly
 clean
1B31DC9D000
unkown
page read and write
 clean
8485D7F000
unkown
page read and write
 clean
1B31DC9E000
unkown
page read and write
 clean
8485C7D000
unkown
page read and write
 clean
14E78600000
unkown
page readonly
 clean
211985A0000
heap default
page read and write
 clean
14E783A0000
unkown
page readonly
 clean
21198713000
unkown
page read and write
 clean
1B31DC94000
unkown
page read and write
 clean
1B31DC9B000
unkown
page read and write
 clean
14E7846C000
unkown
page read and write
 clean
14E7845E000
unkown
page read and write
 clean
7FF4F86FF000
unkown
page readonly
 clean
8485A7B000
unkown
page read and write
 clean
1B31DC95000
unkown
page read and write
 clean
14E783B0000
unkown
page read and write
 clean
7FF5885D3000
unkown
page readonly
 clean
14E78461000
unkown
page read and write
 clean
21198540000
heap private
page read and write
 clean
14E78250000
heap private
page read and write
 clean
7FF5A02DE000
unkown
page readonly
 clean
91716FF000
unkown
page read and write
 clean
1B31DC9E000
unkown
page read and write
 clean
1CEDADA0000
unkown
page read and write
 clean
7FF5A04D6000
unkown
page readonly
 clean
7FF58EAED000
unkown
page readonly
 clean
19EF8B40000
unkown
page readonly
 clean
211988D0000
unkown
page readonly
 clean
7FF55945F000
unkown
page readonly
 clean
19EF8000000
unkown
page readonly
 clean
19EF7E70000
unkown
page read and write
 clean
19EF80D0000
unkown
page readonly
 clean
7FF58EB03000
unkown
page readonly
 clean
7FF588554000
unkown
page readonly
 clean
7FF5885F8000
unkown
page readonly
 clean
14E7847D000
unkown
page read and write
 clean
7FF5A04C8000
unkown
page readonly
 clean
21199340000
unkown
page readonly
 clean
1B31DC96000
unkown
page read and write
 clean
7FF58EACC000
unkown
page readonly
 clean
2119868A000
unkown
page read and write
 clean
14E78458000
unkown
page read and write
 clean
19EF7E63000
unkown
page read and write
 clean
1B31DC9A000
unkown
page read and write
 clean
14E78462000
unkown
page read and write
 clean
7FF5A0445000
unkown
page readonly
 clean
7FF5A035F000
unkown
page readonly
 clean
19EF7E50000
unkown
page read and write
 clean
7FF58860D000
unkown
page readonly
 clean
91717FE000
unkown
page read and write
 clean
1B31DC96000
unkown
page read and write
 clean
21198600000
unkown
page read and write
 clean
19EF7E3C000
unkown
page read and write
 clean
28F70264000
unkown
page read and write
 clean
7FF5A02FE000
unkown
page readonly
 clean
14E78479000
unkown
page read and write
 clean
7FF58EBBB000
unkown
page readonly
 clean
19EF7DC0000
unkown
page read and write
 clean
1CED5F59000
unkown
page read and write
 clean
14E78440000
unkown
page read and write
 clean
1CEDADA0000
unkown
page read and write
 clean
1B31DC9A000
unkown
page read and write
 clean
7FF5A0407000
unkown
page readonly
 clean
1F7BE9C0000
unkown
page read and write
 clean
19EF8800000
unkown
page readonly
 clean
7FF58EBAE000
unkown
page readonly
 clean
7FF5A0453000
unkown
page readonly
 clean
1B31DC70000
unkown
page read and write
 clean
19EF7E29000
unkown
page read and write
 clean
7FF55594F000
unkown
page readonly
 clean
19EF7F02000
unkown
page read and write
 clean
1B31DC73000
unkown
page read and write
 clean
19EF7F08000
unkown
page read and write
 clean
14E7843D000
unkown
page read and write
 clean
91715F7000
unkown
page read and write
 clean
1B31DC96000
unkown
page read and write
 clean
14E78390000
unkown
page readonly
 clean
7FF5884AE000
unkown
page readonly
 clean
14E7847A000
unkown
page read and write
 clean
14E782B0000
heap default
page read and write
 clean
21198652000
unkown
page read and write
 clean
14E78413000
unkown
page read and write
 clean
1B31FD79000
unkown
page read and write
 clean
1CED5F18000
unkown
page read and write
 clean
9170F7B000
unkown
page read and write
 clean
1CEDAC61000
unkown
page read and write
 clean
1CEDAC84000
unkown
page read and write
 clean
28F70264000
unkown
page read and write
 clean
7FF5A02D3000
unkown
page readonly
 clean
14E78476000
unkown
page read and write
 clean
7FF58EAF9000
unkown
page readonly
 clean
28F70264000
unkown
page read and write
 clean
1B31DC9D000
unkown
page read and write
 clean
7FF58869F000
unkown
page readonly
 clean
7FF5886BD000
unkown
page readonly
 clean
7FF5A04F4000
unkown
page readonly
 clean
7FF5884CE000
unkown
page readonly
 clean
1B31DC74000
unkown
page read and write
 clean
FFC1FE000
unkown
page read and write
 clean
7FF58EB90000
unkown
page readonly
 clean
1B31DC91000
unkown
page read and write
 clean
1B31DC9D000
unkown
page read and write
 clean
19EF7E13000
unkown
page read and write
 clean
21198700000
unkown
page read and write
 clean
1CED5F59000
unkown
page read and write
 clean
FFBE7E000
unkown
page read and write
 clean
9170FFE000
unkown
page read and write
 clean
1B31DC9B000
unkown
page read and write
 clean
1B31DC72000
unkown
page read and write
 clean
91714FB000
unkown
page read and write
 clean
7FF588698000
unkown
page readonly
 clean
21198613000
unkown
page read and write
 clean
28F70264000
unkown
page read and write
 clean
7FF58EAD8000
unkown
page readonly
 clean
7FF58EBA4000
unkown
page readonly
 clean
7FF588619000
unkown
page readonly
 clean
19EF7DA0000
unkown
page readonly
 clean
1B31DC76000
unkown
page read and write
 clean
1B31DC97000
unkown
page read and write
 clean
1CEDADA0000
unkown
page read and write
 clean
7FF588645000
unkown
page readonly
 clean
1B31DC9E000
unkown
page read and write
 clean
7FF5A050F000
unkown
page readonly
 clean
7FF5A04CF000
unkown
page readonly
 clean
1B31DC74000
unkown
page read and write
 clean
1B31DC75000
unkown
page read and write
 clean
1CEDAC70000
unkown
page read and write
 clean
7FF5A0475000
unkown
page readonly
 clean
21199000000
unkown
page readonly
 clean
7FF5886DF000
unkown
page readonly
 clean
1B31DC9D000
unkown
page read and write
 clean
1CEDAC80000
unkown
page read and write
 clean
1CEDAEB3000
unkown
page read and write
 clean
1B31DC98000
unkown
page read and write
 clean
7FF58EB8B000
unkown
page readonly
 clean
21198670000
unkown
page read and write
 clean
19EF8602000
unkown
page read and write
 clean
19EF7E02000
unkown
page read and write
 clean
7FF59FC61000
unkown
page readonly
 clean
14E78402000
unkown
page read and write
 clean
2119864F000
unkown
page read and write
 clean
211985D0000
unkown
page read and write
 clean
1B31DC9B000
unkown
page read and write
 clean
19EF7E8A000
unkown
page read and write
 clean
848553B000
unkown
page read and write
 clean
7FF5A04FB000
unkown
page readonly
 clean
1B31DC9C000
unkown
page read and write
 clean
7FF5A0384000
unkown
page readonly
 clean
1B31DC92000
unkown
page read and write
 clean
1B31DC9C000
unkown
page read and write
 clean
7FF5881A3000
unkown
page readonly
 clean
14E78457000
unkown
page read and write
 clean
7FF5A0428000
unkown
page readonly
 clean
7FF5884F3000
unkown
page readonly
 clean
7FF5A045A000
unkown
page readonly
 clean
1B31DC72000
unkown
page read and write
 clean
1B31DC89000
unkown
page read and write
 clean
1B31DC9D000
unkown
page read and write
 clean
7FF5886CE000
unkown
page readonly
 clean
7FF5A0323000
unkown
page readonly
 clean
84855BF000
unkown
page read and write
 clean
7FF58EAB7000
unkown
page readonly
 clean
7FF58E3F6000
unkown
page readonly
 clean
14E78483000
unkown
page read and write
 clean
21198E02000
unkown
page read and write
 clean
1B31DC6E000
unkown
page read and write
 clean
1F7BE9C0000
unkown
page read and write
 clean
211985B0000
unkown
page readonly
 clean
8485B77000
unkown
page read and write
 clean
1B31DC9F000
unkown
page read and write
 clean
1CEDAC64000
unkown
page read and write
 clean
848587F000
unkown
page read and write
 clean
1B31DC91000
unkown
page read and write
 clean
1CEDAC40000
unkown
page read and write
 clean
14E7846A000
unkown
page read and write
 clean
21198708000
unkown
page read and write
 clean
7FF5886C4000
unkown
page readonly
 clean
7FF5886B0000
unkown
page readonly
 clean
1B31DC74000
unkown
page read and write
 clean
14E78429000
unkown
page read and write
 clean
14E7844E000
unkown
page read and write
 clean
14E7845F000
unkown
page read and write
 clean
14E782C0000
unkown
page readonly
 clean
7FF5A043D000
unkown
page readonly
 clean
1CED5F18000
unkown
page read and write
 clean
1B31DC92000
unkown
page read and write
 clean
7FF58862A000
unkown
page readonly
 clean
21198629000
unkown
page read and write
 clean
21198650000
unkown
page read and write
 clean
FFC2FE000
unkown
page read and write
 clean
1B31DC9E000
unkown
page read and write
 clean
1B31DC96000
unkown
page read and write
 clean
1B31DC92000
unkown
page read and write
 clean
7FF588615000
unkown
page readonly
 clean
7FF5886DB000
unkown
page readonly
 clean
1B31DC94000
unkown
page read and write
 clean
1B31DC6E000
unkown
page read and write
 clean
7FF5A050B000
unkown
page readonly
 clean
8485E7F000
unkown
page read and write
 clean
7FF58EB25000
unkown
page readonly
 clean
2119863C000
unkown
page read and write
 clean
7FF5A04FE000
unkown
page readonly
 clean
19EF7DB0000
unkown
page readonly
 clean
1B31DC93000
unkown
page read and write
 clean
7FF5886A6000
unkown
page readonly
 clean
1F7BE9C0000
unkown
page read and write
 clean
2119864B000
unkown
page read and write
 clean
7FF52BCEF000
unkown
page readonly
 clean
7FF5A050F000
unkown
page readonly
 clean
7FF5885D7000
unkown
page readonly
 clean
7FF5A0365000
unkown
page readonly
 clean
7FF5886CB000
unkown
page readonly
 clean
1B31DC91000
unkown
page read and write
 clean
7FF5A0417000
unkown
page readonly
 clean
1CEDAEE1000
unkown
page read and write
 clean
1B31DC91000
unkown
page read and write
 clean
14E78448000
unkown
page read and write
 clean
7FF5882B1000
unkown
page readonly
 clean
14E7845C000
unkown
page read and write
 clean
19EF7E56000
unkown
page read and write
 clean
2119864D000
unkown
page read and write
 clean
FFBBBB000
unkown
page read and write
 clean
7FF58E406000
unkown
page readonly
 clean
7FF588393000
unkown
page readonly
 clean
14E78432000
unkown
page read and write
 clean
7FF58EBAB000
unkown
page readonly
 clean
19EF7F13000
unkown
page read and write
 clean
7FF58852F000
unkown
page readonly
 clean
7FF58E873000
unkown
page readonly
 clean
1B31DC9E000
unkown
page read and write
 clean
7FF52EC1F000
unkown
page readonly
 clean
1B31DC9C000
unkown
page read and write
 clean
7FF58EB86000
unkown
page readonly
 clean
14E78446000
unkown
page read and write
 clean
1B31DC9E000
unkown
page read and write
 clean
7FF5A0403000
unkown
page readonly
 clean
7FF5A04DB000
unkown
page readonly
 clean
19EF7D90000
heap default
page read and write
 clean
1B31DC73000
unkown
page read and write
 clean
1CEDAD10000
unkown
page read and write
 clean
1CEDAD90000
unkown
page read and write
 clean
1CEDAC48000
unkown
page read and write
 clean
1CEDAEAF000
unkown
page read and write
 clean
1CEDADA0000
unkown
page read and write
 clean
1B31DC9E000
unkown
page read and write
 clean
1B31DC92000
unkown
page read and write
 clean
1B31DC9B000
unkown
page read and write
 clean
14E78502000
unkown
page read and write
 clean
14E78466000
unkown
page read and write
 clean
7FF5A04ED000
unkown
page readonly
 clean
7FF5A0449000
unkown
page readonly
 clean
14E78464000
unkown
page read and write
 clean
7FF58EB7F000
unkown
page readonly
 clean
14E78400000
unkown
page read and write
 clean
14E78469000
unkown
page read and write
 clean
7FF5881B8000
unkown
page readonly
 clean
14E78445000
unkown
page read and write
 clean
91713FE000
unkown
page read and write
 clean
1CEDAEB3000
unkown
page read and write
 clean
7FF5881A9000
unkown
page readonly
 clean
1CEDAC4E000
unkown
page read and write
 clean
1CEDAC40000
unkown
page read and write
 clean
1B31DC96000
unkown
page read and write
 clean
7FF58E435000
unkown
page readonly
 clean
7FF5884A3000
unkown
page readonly
 clean
1B31DC9A000
unkown
page read and write
 clean
7FF5886AB000
unkown
page readonly
 clean
21198800000
unkown
page readonly
 clean
14E78C02000
unkown
page read and write
 clean
7FF59FFD3000
unkown
page readonly
 clean
1B31DC94000
unkown
page read and write
 clean
7FF58EBBF000
unkown
page readonly
 clean
1B31DC9C000
unkown
page read and write
 clean
19EF7D30000
heap private
page read and write
 clean
1B31DC72000
unkown
page read and write
 clean
1CEDAC41000
unkown
page read and write
 clean
7FF5886DF000
unkown
page readonly
 clean
7FF58847D000
unkown
page readonly
 clean
7FF58EAF5000
unkown
page readonly
 clean
7FF5A04E0000
unkown
page readonly
 clean
7FF588623000
unkown
page readonly
 clean
7FF5A01B6000
unkown
page readonly
 clean
7FF58EB78000
unkown
page readonly
 clean
1B31DC92000
unkown
page read and write
 clean
7FF5A01C3000
unkown
page readonly
 clean
7FF588535000
unkown
page readonly
 clean
1CED5F18000
unkown
page read and write
 clean
7FF58E95D000
unkown
page readonly
 clean
7FF58EB0A000
unkown
page readonly
 clean
14E7845A000
unkown
page read and write
 clean
7FF59FFE8000
unkown
page readonly
 clean
FFC0FE000
unkown
page read and write
 clean
7FF5A02AD000
unkown
page readonly
 clean
7FF5A041C000
unkown
page readonly
 clean
7FF58EBBF000
unkown
page readonly
 clean
There are 302 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://snowtike.cf/aU5Y9Sr7Z6nkVtcMyiIpNePqHXJB2lRLsfwzhEm0FO8Tgv4GjAKboCQ13DuxsceumNbRTPlWDO7y0hz8gE9x42XrYApiqajkfS1LM6nZJUQ3HtCwvVoIKGB5yFRDtqlKkLAUm3E7Mr6if2o08InaYbpOZ1BV4h9N5gexzGTXWJvSQPwCusjc23JnlRX9s0gPyOpcFuHMh7Qv4jkBrowibSq1zNt56VImCeZfaDKxEYUAWL8T/lFXaUGxqWkQEj2DLgt5cJRZwCnAP3Mp9SNBv4HVhK61u8fmTybeo7z0sIiYr.php
 malicious
https://www.microsoft.com/store/buy/cartcount
 clean
https://www.microsoft.com/de-ch/
 clean
https://www.microsoft.com/en-us/servicesagreement/faq.aspx
 clean
https://www.microsoft.com/en-us/microsoft-365/microsoft-office
 clean
https://www.microsoft.com/en-us/servicesagreement
 clean
https://www.microsoft.com/en-US/servicesagreement/
 clean
https://www.microsoft.com/en-us/servicesagreement/default.aspx
 clean
https://privacy.microsoft.com/en-US/privacystatement
 clean
https://www.microsoft.com/de-ch/microsoft-365?rtc=1
 clean
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-ch&buttons=lpChatService,lpChatSales
 clean
https://bingexplore.azurewebsites.net/bing-data-suppliers/en/
 clean
There are 2 hidden doms, click here to show them.