Automated Malware Analysis IOC Report for

Files

File Path

Type

Category

Malicious

https://onedrive.live.com/view.aspx?resid=BBBE2211A9BFBBEA!212&wdo=2&authkey=!AEJn6N9d9VRmlNY

URL

initial url

C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic

data

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_27F2F3EAE5ACF629E280F218628D1935

data

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\572BF21E454637C9F000BE1AF9B1E1A9

data

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

Microsoft Cabinet archive data, 58596 bytes, 1 file

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A153659244D4657E2973A1765102781B_A73E63721CDD7A2F9C2ACFC55BAAC82D

data

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_27F2F3EAE5ACF629E280F218628D1935

data

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\572BF21E454637C9F000BE1AF9B1E1A9

data

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

data

dropped

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A153659244D4657E2973A1765102781B_A73E63721CDD7A2F9C2ACFC55BAAC82D

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\043a39e2-f35b-46b2-95fc-8008908aef88.tmp

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\11e6d15c-a7be-4778-a0ed-542583f1304e.tmp

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\29f82551-f2a9-40f0-8085-81785694cc11.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\577b5945-3cb1-4b8f-b332-a3c6c06bf3b6.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\5b96fcca-baed-45ab-9dbd-217f48865adf.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\7eee9657-ba14-4eb4-90b2-0f73ca0c4662.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0076154a-7017-4ee9-a342-287ea39d4af1.tmp

UTF-8 Unicode text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0354bce5-1894-49a4-adcf-35936df969fb.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\05cab134-bc5d-4799-9169-e9d1d5cca6a3.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0ec3ee90-e590-4360-8382-8f7fe2d7ff85.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\140a75df-11c8-43f1-a33f-813303c739da.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\152e57df-edc7-4574-acfa-bb25309fcc35.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\179ee7cd-2b39-40fb-9e52-80beb4799aa9.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\180520e6-af81-449f-905c-354d92fb73c7.tmp

UTF-8 Unicode text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1a74a03a-edb5-4917-8958-989cfff0e267.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3a34dbdd-430e-4910-8032-308e6f186d1b.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\42a2821e-8000-4201-ad57-c00c8fc6b474.tmp

UTF-8 Unicode text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5b242159-4796-4abe-971c-3a04f17077e0.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\74ec9425-80dd-4e1f-8914-7801185d2eb5.tmp

UTF-8 Unicode text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\90300a4e-ee8f-4789-8b54-ca47ab22ba57.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9400dd4e-cd14-4996-b2eb-37023f8d206c.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0b0e082679315186_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0e95785c5c7fc903_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\12e9f7a5754eabc3_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1399c0c5768e9149_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\16f8a4f9752a1238_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1916fe9d3c747fef_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d5582ba5edb9b59_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22caab40b88abda7_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2398cf4ac380af6e_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\24215ede5385238b_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\24af17d226eee8c1_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2b178dc788abedc5_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2e36b2047189d8a4_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2eac174dde5c806e_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\324ff239dba9759d_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\36e68586828ffbd4_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3c48ab533b061584_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3d3bb4106c1a0467_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3d526a8124c0bde3_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3d5cf7e3dd24edc5_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3d82cb120e19d746_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\40aeda517102c153_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\40e28dad09fba182_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\42bb21ed90c95e46_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\49c3de3abf9291a9_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4c86c8bac3ba93ea_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5072c668b3ed6ec4_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\511f06892f5a721b_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\56a1c54121bced7a_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\594cec52998be81d_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5c65553377705661_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5df93476604d46db_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\627ee706b0a1e610_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\66c96e4e3a3f6772_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\681fd9719250177b_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b5c24ed233dd799_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b96086d34df59a0_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6ce6c89585f187e2_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6dde4a80019bae0d_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6e4b41db45f04ca5_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\73bc2959bbe08e4f_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\742164eda427c98a_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7444ea2da1317cfb_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7c09118d3d75e3a8_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7ea87c16eac874ed_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\810e53cf61aed9ba_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8a7dba7149f3d333_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8a9bb120acaab28f_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8b64ecc4262c4430_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e09854e908bf7ca_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8fe5704c7b27840b_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\90a2d87359957c41_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9217f737cff04956_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\929fa13d4ef61aaa_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\93a3fa42e61c139b_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9422602c3104bebd_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\98c76a69202da264_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\996fb0cc97dc8409_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9cbb21a4bf86e0fd_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ea376314010a7df_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f395f73deac96c3_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f9618de9c6bcb9d_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9fa3e08635ef38cd_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a5534787ec2d07e5_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a70da6d09ed29ebf_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a7f5238a08868646_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a8cf95dd88fa3419_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a947101d498ca626_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa2fc5a9454aa8d9_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aacab199021528da_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\abaf606fe1b93cc7_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ac019aa6441efee1_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ae824f296039a280_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aff618be55cad59c_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b0befa3d680344c1_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b2273f0c1af7041a_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b72c548cd644b281_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bb10d014a808faae_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bb6d03b294c9ff3d_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bbc149ea10d29cc1_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c00ea5e2b2004bce_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c34c088eb3ef63ba_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c787521737d48d0a_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c952f751be8315f7_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c95918580f8c1f73_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cd4a93dbb80020d1_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ce3b1a62ea8a441d_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d038b2bf14b55bee_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d3c8ce2690f55320_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d541f5b59e49a2d6_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d66feeae39fc5d63_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d87258609659b4ab_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d9655d05b22e667e_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d9b7591a7c39b239_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dda6c47d45a66465_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ddf697422f5b7076_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\de272f24ef9bbe31_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e03f50a0799b9a85_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e09d1f778ed89312_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2e650ed46fced2f_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2fa7340d4950923_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e3cfa6ba85c75176_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4b9a913b33ada37_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e627cc91d1ac9eb3_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e808b8f39e801b15_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e8474ba2e1e91fff_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e96383cd4fdf8308_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eb29abe6f9a73f7f_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eb367444c11661a9_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ec7d32126082108b_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f25916ec352795fe_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f2e7233ee833e446_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f350d8c33b51e783_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f6a58be1ee04a8d7_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fc35d240367785ec_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd7404bfa10212a2_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fec1328bc6b677d7_0

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies

SQLite 3.x database, last written using SQLite version 3032001

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal

data

modified

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons

SQLite 3.x database, last written using SQLite version 3032001

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History

SQLite 3.x database, last written using SQLite version 3032001

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000001.dbtmp

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\MANIFEST-000001

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor

SQLite 3.x database, last written using SQLite version 3032001

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager

SQLite 3.x database, last written using SQLite version 3032001

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\372311dd-88e7-40b8-bfae-82830ea334e5\index

ISO-8859 text, with no line terminators, with escape sequences

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\372311dd-88e7-40b8-bfae-82830ea334e5\index-dir\temp-index

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt.tmp

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\cccb23fe-b824-40d6-a22b-fd97d53a104e.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\b7642952-abfe-4529-a203-f2695e987918.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\bbe5c11d-f61a-476d-83f5-c7528f588d0c.tmp

MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a9d4953c-8e29-4b43-a6b4-f6f223706eb0.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b99fa149-9d86-4548-955a-85173595e534.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d2659c71-7b02-410b-9542-ec4b4812b553.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004

MPEG-4 LOAS

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\db47d0f9-4a30-4bce-9a9f-169a907b9697.tmp

very short file (no magic)

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version

ASCII text, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\b4a3e740-57a2-4da0-a81d-7ccf327fa00f.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\e24fe537-eb06-4986-a575-4d0839e158f3.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\e751c098-6d61-4e72-a062-a77399fba4f0.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Temp\28fc0906-f2e8-4ee9-aa49-3918a1279a8a.tmp

very short file (no magic)

dropped

C:\Users\user\AppData\Local\Temp\4364_609912071\manifest.fingerprint

ASCII text, with no line terminators

modified

C:\Users\user\AppData\Local\Temp\6171bfa7-4034-4ea4-9a3b-bc89498dc9da.tmp

Google Chrome extension, version 3

dropped

C:\Users\user\AppData\Local\Temp\b9a5c272-8d8e-46b9-8c7f-19ef22be358b.tmp

very short file (no magic)

dropped

C:\Users\user\AppData\Local\Temp\be8837c5-ad3f-4e22-80f5-d919b12caf51.tmp

Google Chrome extension, version 3

dropped

C:\Users\user\AppData\Local\Temp\d3ee8240-10bb-4339-9f37-df51ea2791e4.tmp

Google Chrome extension, version 3

dropped

C:\Users\user\AppData\Local\Temp\f8f59615-45e3-47a6-b234-af998d258a14.tmp

very short file (no magic)

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\6171bfa7-4034-4ea4-9a3b-bc89498dc9da.tmp

Google Chrome extension, version 3

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\bg\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\ca\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\cs\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\da\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\de\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\el\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\en\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\en_GB\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\es\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\es_419\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\et\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\fi\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\fil\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\fr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\hi\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\hr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\hu\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\id\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\it\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\ja\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\ko\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\lt\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\lv\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\nb\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\nl\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\pl\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\pt_BR\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\pt_PT\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\ro\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\ru\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\sk\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\sl\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\sr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\sv\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\th\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\tr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\uk\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\vi\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\zh_CN\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\_locales\zh_TW\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\images\icon_128.png

PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\images\icon_16.png

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_1617801346\CRX_INSTALL\manifest.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\bg\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\ca\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\cs\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\da\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\de\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\el\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\en\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\en_GB\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\es\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\es_419\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\et\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\fi\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\fil\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\fr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\hi\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\hr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\hu\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\id\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\it\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\ja\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\ko\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\lt\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\lv\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\nb\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\nl\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\pl\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\pt_BR\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\pt_PT\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\ro\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\ru\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\sk\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\sl\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\sr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\sv\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\th\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\tr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\uk\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\vi\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\zh_CN\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\_locales\zh_TW\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\images\icon_128.png

PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\images\icon_16.png

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\CRX_INSTALL\manifest.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_2143732006\be8837c5-ad3f-4e22-80f5-d919b12caf51.tmp

Google Chrome extension, version 3

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\am\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\ar\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\bg\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\bn\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\ca\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\cs\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\da\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\de\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\el\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\en\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\es\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\et\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\fa\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\fi\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\fil\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\fr\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\gu\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\hi\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\hr\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\hu\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\id\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\it\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\ja\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\kn\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\ko\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\lt\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\lv\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\ml\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\mr\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\ms\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\nb\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\nl\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\pl\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\pt\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\ro\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\ru\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\sk\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\sl\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\sr\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\sv\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\sw\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\ta\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\te\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\th\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\tr\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\uk\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\vi\messages.json

UTF-8 Unicode text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\zh\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\_locales\zh_TW\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\CRX_INSTALL\manifest.json

ASCII text, with very long lines, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir4364_914652866\d3ee8240-10bb-4339-9f37-df51ea2791e4.tmp

Google Chrome extension, version 3

dropped

There are 356 hidden files, click here to show them.

Processes

Path

Cmdline

Malicious

C:\Program Files\Google\Chrome\Application\chrome.exe

'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://onedrive.live.com/view.aspx?resid=BBBE2211A9BFBBEA!212&wdo=2&authkey=!AEJn6N9d9VRmlNY'

Details

Is windows:	true
Is dropped:	false
PID:	4364
Target ID:	0
Parent PID:	4716
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://onedrive.live.com/view.aspx?resid=BBBE2211A9BFBBEA!212&wdo=2&authkey=!AEJn6N9d9VRmlNY'
Size:	2150896
MD5:	C139654B5C1438A95B321BB01AD63EF6
Time:	18:48:07
Date:	09/04/2021
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff77b960000
Modulesize:	2199552
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,811269984779653485,8825632401784948793,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1796 /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	5780
Target ID:	2
Parent PID:	4364
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,811269984779653485,8825632401784948793,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1796 /prefetch:8
Size:	2150896
MD5:	C139654B5C1438A95B321BB01AD63EF6
Time:	18:48:09
Date:	09/04/2021
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff77b960000
Modulesize:	2199552
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1540,811269984779653485,8825632401784948793,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5648 /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	6624
Target ID:	3
Parent PID:	4364
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1540,811269984779653485,8825632401784948793,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5648 /prefetch:8
Size:	2150896
MD5:	C139654B5C1438A95B321BB01AD63EF6
Time:	18:48:15
Date:	09/04/2021
Reason:	newprocess
Reputation:	low
Is admin:	false
Is elevated:	false
Modulebase:	0x7ff77b960000
Modulesize:	2199552
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1540,811269984779653485,8825632401784948793,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=5664 /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	6648
Target ID:	4
Parent PID:	4364
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1540,811269984779653485,8825632401784948793,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=5664 /prefetch:8
Size:	2150896
MD5:	C139654B5C1438A95B321BB01AD63EF6
Time:	18:48:16
Date:	09/04/2021
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff77b960000
Modulesize:	2199552
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

URLs

Name

Malicious

https://igv-uj.xyz/go/Sign%20in%20to%20your%20account_files/prefetch(1).html

https://mem.gfx.ms/meversion?partner=Sway&market=en-us&uhf=1aD

unknown

https://eus-www.sway-cdn.com/161392240102_Content/en-us/Resources.jsa

unknown

https://cpanel.net/wp-content/themes/cPbase/assets/img/favicon.icoI

unknown

https://sway.office.comh

unknown

https://www.onenote.com/notebooks?ui=en%2DUS&rs=US

unknown

https://eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js

unknown

https://eus-www.sway-cdn.com/161392240102_Content/Common.jsaD

unknown

http://cpanel.net/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404refer

unknown

https://eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.jsaD

unknown

https://www.onenote.com/notebooks?ui=en%2DUS&rs=USMicrosoft

unknown

https://login.microsoftonline.com/savedusers?wreply=https://sway.office.com/&appid=905fcf26-4eb7-48a

unknown

https://sway.office.com/?ui=en-US&rs=US

https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true

unknown

https://office.com/

unknown

https://onenote.com/oTu

unknown

https://igv-uj.xyz/go/

unknown

https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js

unknown

https://cpanel.net/privacy-policy.html

unknown

https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.jsaD

unknown

https://microsoftonline.com/i

unknown

https://sway.office.com/

unknown

https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20201013.002/wac0-efa56458

unknown

https://sway.com/?ui=en%2DUS&rs=USRb

unknown

https://cpanel.com/

unknown

https://eus-www.sway-cdn.com/161392240102_Content/common_raw.jsaD

unknown

https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/en-US/meCore.min.js

unknown

https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icov

unknown

https://microsoftonline.com/

unknown

https://www.onenote.com/

unknown

https://ajax.aspnetcdn.com/

unknown

https://eus-www.sway-cdn.com/161392240102_Content/feedback/OfficeBrowserFeedback.jsaD

unknown

https://igv-uj.xyz/

unknown

https://eus-www.sway-cdn.com/161392240102_Content/en-us/Resources.jsaD

unknown

https://eus-www.sway-cdn.com/161392240102_Content/en-us/Resources.js

unknown

https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.js

unknown

http://cpanel.net/

unknown

https://feedback.googleusercontent.com

unknown

https://cpanel.net/privacy-policy.htmlPrivacy

unknown

https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondcno

unknown

https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=trueMicrosoft

unknown

https://store.cpanel.net/commonui/js/vendor/cookieconsent/3.1.0/cookieconsent.min.js

unknown

https://web.skype.com/?source=wac&ui=en%2DUS&rs=US

unknown

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js

unknown

https://twemoji.maxcdn.com/v/13.0.1/

unknown

https://cpanel.net/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404referral

https://onenote.com/z5

unknown

https://cpanel.net/privacy-policy/

https://igv-uj.xyz

unknown

https://www.onenote.com/officeaddins/learningtools/?et=

unknown

https://login.microsoftonline.com

unknown

http://cpanel.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404refer

unknown

https://logincdn.msauth.net/16.000.28976.3/images/favicon.icoB

unknown

https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20201013.002/wac2-bf8b3319

unknown

https://www.onenote.comh

unknown

https://eus-www.sway-cdn.com/Content/Hammer-2.0.4.jsaD

unknown

https://eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.jsaD

unknown

https://p.sfx.ms//storage/aria-2.5.0.min.js

unknown

https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20201013.002/wac1-cdc297b4

unknown

https://eus-www.sway-cdn.com/Content/Hammer-2.0.4.js

unknown

https://www.onenote.com/notebooks?ui=en%2DUS&rs=USI

unknown

https://onenote.com/R

unknown

http://cpanel.net/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404referral

208.74.123.84

https://cpanel.net/wp-includes/js/wp-embed.min.js?ver=5.6

unknown

https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true

https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks

https://eus-www.sway-cdn.com/161392240102_Content/feedback/OfficeBrowserFeedback.js

unknown

https://mem.gfx.ms

unknown

https://onenote.com/7

unknown

https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.jsa

unknown

https://skyapi.onedrive.live.com/api/proxy?v=3

unknown

https://web.skype.com/?source=wac&ui=en%2DUS&rs=USSign

unknown

https://onedrive.live.com/view.aspx?resid=BBBE2211A9BFBBEA!212&authkey=!AEJn6N9d9VRmlNY

https://cpanel.net/

unknown

https://clients2.googleusercontent.com

unknown

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.619.0204.2006&useReq

unknown

https://login.microsoftonline.com/savedusers?wreply=https://sway.office.com/&appid=905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba&mectrlwinsso=true&sso_reload=true

https://eus-www.sway-cdn.com/161392240102_Content/tdb.js

unknown

https://pro.fontawesome.com/

unknown

https://eus-www.sway-cdn.com/Content/Hammer-2.0.4.jsa

unknown

https://login.microsoftonline.com/

unknown

https://live.com/GA

unknown

https://office.com/X

unknown

https://eus-www.sway-cdn.com/Content/DefaultSignIn-1.3.1387.1646.js

unknown

https://cpanel.net/wp-includes/js/wp-emoji-release.min.js?ver=5.6aD

unknown

https://live.com/xU

unknown

https://sway.office.com/?ui=en-US&rs=USMicrosoft

unknown

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.0.min.jsaD

unknown

https://aadcdn.msftauth.net/

unknown

https://web.skype.com/?source=wac&ui=en%2DUS&rs=UShn

unknown

https://office.com/h

unknown

https://onedrive.live.com/

unknown

https://sway.com/?ui=en%2DUS&rs=USMicrosoft

unknown

https://logincdn.msauth.net/

unknown

https://www.youtube.com/iframe_api

unknown

https://store.cpanel.net/idev_magic_revision/e470da806e17928830aa7ed88e3301a2/commonui/js/common/gdp

unknown

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js

unknown

https://cpanel.net/wp-content/themes/cPbase/assets/js/dist/script.js?ver=5.6aD

unknown

https://office.com/5

unknown

https://cpanel.net/wp-includes/js/wp-embed.min.js?ver=5.6aD

unknown

There are 90 hidden URLs, click here to show them.

Domains

Name

Malicious

igv-uj.xyz

63.250.38.203

store.cpanel.net

184.94.204.2

i-db3p-cor004.api.p001.1drv.com

13.104.208.162

cs1100.wpc.omegacdn.net

152.199.23.37

pi-ue1-lba3.pardot.com

35.174.150.168

cpanel.net

208.74.123.84

pro.fontawesome.com

151.139.128.8

cpanel.com

208.74.123.84

i-db3p-cor005.api.p001.1drv.com

13.104.208.160

i-db3p-cor002.api.p001.1drv.com

40.90.136.180

ocsp.sectigo.com

151.139.128.14

cs1227.wpc.alphacdn.net

192.229.221.185

go.cpanel.net

184.94.204.4

googlehosted.l.googleusercontent.com

172.217.168.33

sway.com

52.109.12.50

s.w.org

192.0.77.48

logincdn.msauth.net

unknown

messaging.office.com

unknown

c.live.com

unknown

ajax.aspnetcdn.com

unknown

clients2.googleusercontent.com

unknown

secure.aadcdn.microsoftonline-p.com

unknown

code.jquery.com

unknown

onedrive.live.com

unknown

sway.office.com

unknown

p.sfx.ms

unknown

amcdn.msftauth.net

unknown

www.onenote.com

unknown

pi.pardot.com

unknown

web.skype.com

unknown

onenoteonlinesync.onenote.com

unknown

aadcdn.msftauth.net

unknown

aadcdn.msauth.net

unknown

storage.live.com

unknown

eus-www.sway-cdn.com

unknown

skyapi.onedrive.live.com

unknown

mem.gfx.ms

unknown

oauth.online.office.com

unknown

spoprod-a.akamaihd.net

unknown

There are 31 hidden domains, click here to show them.

IPs

Domain

Country

Malicious

63.250.38.203

igv-uj.xyz

United States

52.109.12.50

sway.com

United States

192.168.2.1

unknown

52.109.12.51

unknown

United States

192.168.2.4

unknown

151.139.128.8

pro.fontawesome.com

United States

184.94.204.4

go.cpanel.net

United States

184.94.204.2

store.cpanel.net

United States

239.255.255.250

unknown

Reserved

192.229.221.185

cs1227.wpc.alphacdn.net

United States

152.199.23.37

cs1100.wpc.omegacdn.net

United States

127.0.0.1

unknown

35.174.150.168

pi-ue1-lba3.pardot.com

United States

208.74.123.84

cpanel.net

United States

13.104.208.162

i-db3p-cor004.api.p001.1drv.com

United States

13.104.208.160

i-db3p-cor005.api.p001.1drv.com

United States

172.217.168.33

googlehosted.l.googleusercontent.com

United States

There are 7 hidden IPs, click here to show them.

Registry

Path

Value

Malicious

C:\Program Files\Google\Chrome\Application\chrome.exe

S-1-5-21-3853321935-2125563209-4053062332-1002

C:\Program Files\Google\Chrome\Application\chrome.exe

ahfgeienlihckogmohjhadlkjgocpleb

C:\Program Files\Google\Chrome\Application\chrome.exe

gdaefkejpgkiemlaofpalmlakkmbjdnl

C:\Program Files\Google\Chrome\Application\chrome.exe

gfdkimpbcpahaombhbimeihdjnejgicl

C:\Program Files\Google\Chrome\Application\chrome.exe

kmendfapggjehodndflmmgagdbamhnfd

C:\Program Files\Google\Chrome\Application\chrome.exe

mfehgcgbbipciphmccgaenjidiccnmng

C:\Program Files\Google\Chrome\Application\chrome.exe

mhjfbmdgcfjbbpaeojofohoefgiehjai

C:\Program Files\Google\Chrome\Application\chrome.exe

neajdppkdcdipfabeoofebfddakdcjhd

C:\Program Files\Google\Chrome\Application\chrome.exe

nkeimhogjdpnpccoofpliimaahmaaome

C:\Program Files\Google\Chrome\Application\chrome.exe

prefs.preference_reset_time

C:\Program Files\Google\Chrome\Application\chrome.exe

gfdkimpbcpahaombhbimeihdjnejgicl

C:\Program Files\Google\Chrome\Application\chrome.exe

nmmhkkegccagdldgiimedpiccmgmieda

C:\Program Files\Google\Chrome\Application\chrome.exe

pkedcjkdefgpdelpbcmbmeomcjbeemfm

C:\Program Files\Google\Chrome\Application\chrome.exe

nmmhkkegccagdldgiimedpiccmgmieda

C:\Program Files\Google\Chrome\Application\chrome.exe

nmmhkkegccagdldgiimedpiccmgmieda

C:\Program Files\Google\Chrome\Application\chrome.exe

state

C:\Program Files\Google\Chrome\Application\chrome.exe

StatusCodes

C:\Program Files\Google\Chrome\Application\chrome.exe

StatusCodes

C:\Program Files\Google\Chrome\Application\chrome.exe

state

C:\Program Files\Google\Chrome\Application\chrome.exe

software_reporter.reporting

C:\Program Files\Google\Chrome\Application\chrome.exe

module_blacklist_cache_md5_digest

C:\Program Files\Google\Chrome\Application\chrome.exe

media.storage_id_salt

C:\Program Files\Google\Chrome\Application\chrome.exe

google.services.last_account_id

C:\Program Files\Google\Chrome\Application\chrome.exe

google.services.account_id

C:\Program Files\Google\Chrome\Application\chrome.exe

software_reporter.prompt_seed

C:\Program Files\Google\Chrome\Application\chrome.exe

settings_reset_prompt.last_triggered_for_homepage

C:\Program Files\Google\Chrome\Application\chrome.exe

default_search_provider_data.template_url_data

C:\Program Files\Google\Chrome\Application\chrome.exe

safebrowsing.incidents_sent

C:\Program Files\Google\Chrome\Application\chrome.exe

pinned_tabs

C:\Program Files\Google\Chrome\Application\chrome.exe

search_provider_overrides

C:\Program Files\Google\Chrome\Application\chrome.exe

settings_reset_prompt.last_triggered_for_default_search

C:\Program Files\Google\Chrome\Application\chrome.exe

prefs.preference_reset_time

C:\Program Files\Google\Chrome\Application\chrome.exe

google.services.last_username

C:\Program Files\Google\Chrome\Application\chrome.exe

session.startup_urls

C:\Program Files\Google\Chrome\Application\chrome.exe

session.restore_on_startup

C:\Program Files\Google\Chrome\Application\chrome.exe

software_reporter.prompt_version

C:\Program Files\Google\Chrome\Application\chrome.exe

settings_reset_prompt.last_triggered_for_startup_urls

C:\Program Files\Google\Chrome\Application\chrome.exe

settings_reset_prompt.prompt_wave

C:\Program Files\Google\Chrome\Application\chrome.exe

homepage

C:\Program Files\Google\Chrome\Application\chrome.exe

homepage_is_newtabpage

C:\Program Files\Google\Chrome\Application\chrome.exe

browser.show_home_button

C:\Program Files\Google\Chrome\Application\chrome.exe

user_experience_metrics.stability.exited_cleanly

C:\Program Files\Google\Chrome\Application\chrome.exe

lastrun

C:\Program Files\Google\Chrome\Application\chrome.exe

S-1-5-21-3853321935-2125563209-4053062332-1002

C:\Program Files\Google\Chrome\Application\chrome.exe

GlobalAssocChangedCounter

C:\Program Files\Google\Chrome\Application\chrome.exe

Blob

C:\Program Files\Google\Chrome\Application\chrome.exe

Blob

C:\Program Files\Google\Chrome\Application\chrome.exe

Blob

C:\Program Files\Google\Chrome\Application\chrome.exe

Blob

C:\Program Files\Google\Chrome\Application\chrome.exe

Version

There are 40 hidden registries, click here to show them.

Memdumps

Base Address

Regiontype

Protect

Malicious

1944456B000

unkown

page read and write

7FF5E7300000

unkown

page readonly

19444585000

unkown

page read and write

1CA43046000

unkown

page read and write

1B037B8C000

unkown

page read and write

19444572000

unkown

page read and write

ACB9C7D000

unkown

page read and write

23C46867000

unkown

page read and write

23C4686E000

unkown

page read and write

23C46841000

unkown

page read and write

26C9DD58000

unkown

page read and write

23C46A00000

unkown

page readonly

21F5668A000

unkown

page read and write

7FF5E71D5000

unkown

page readonly

7FF5096EE000

unkown

page readonly

7FF509E27000

unkown

page readonly

194445C4000

unkown

page read and write

7FF5B703A000

unkown

page readonly

BCF357E000

unkown

page read and write

1B037B8C000

unkown

page read and write

7FF5B72B0000

unkown

page readonly

7FF52AB25000

unkown

page readonly

1B035AD7000

unkown

page read and write

82130FD000

unkown

page read and write

7FF52ABE9000

unkown

page readonly

26CA2C08000

unkown

page read and write

BCF39FB000

unkown

page read and write

26CA2CC0000

unkown

page read and write

294C8600000

unkown

page read and write

7FF57931A000

unkown

page readonly

7FF5E72F5000

unkown

page readonly

7FF527E6F000

unkown

page readonly

7FF52ABE1000

unkown

page readonly

1944454B000

unkown

page read and write

7FF5E842A000

unkown

page readonly

8616EFE000

unkown

page read and write

19444540000

unkown

page read and write

7FF5791E8000

unkown

page readonly

7FF5E723A000

unkown

page readonly

7FF5E849C000

unkown

page readonly

BCF38F5000

unkown

page read and write

26CA2C0E000

unkown

page read and write

7FF52AB5C000

unkown

page readonly

7FF5E7243000

unkown

page readonly

19444551000

unkown

page read and write

7FF579237000

unkown

page readonly

7FF579203000

unkown

page readonly

1CA449E0000

unkown

page read and write

8212CF9000

unkown

page read and write

7FF5E735E000

unkown

page readonly

19443EE9000

unkown

page read and write

23C46832000

unkown

page read and write

7FF5E8174000

unkown

page readonly

19444585000

unkown

page read and write

1DA3B260000

unkown

page read and write

1DA3B302000

unkown

page read and write

7FF509E21000

unkown

page readonly

7FF5B729C000

unkown

page readonly

194443F0000

unkown

page read and write

7FF5E70BA000

unkown

page readonly

7FF52AB87000

unkown

page readonly

7FF527E9C000

unkown

page readonly

27F94A00000

unkown

page readonly

23C4683B000

unkown

page read and write

19444539000

unkown

page read and write

8212F7B000

unkown

page read and write

7FF57920D000

unkown

page readonly

1B035B1A000

unkown

page read and write

21F56C60000

unkown

page readonly

7FF5E701E000

unkown

page readonly

1DA3B202000

unkown

page read and write

19444538000

unkown

page read and write

7FF5B6E10000

unkown

page readonly

7FF527EAC000

unkown

page readonly

23C46840000

unkown

page read and write

21F5664B000

unkown

page read and write

7FF579366000

unkown

page readonly

ACB9FF7000

unkown

page read and write

160FA560000

unkown

page read and write

8A3587F000

unkown

page read and write

294C8800000

unkown

page readonly

23C46873000

unkown

page read and write

7FF5E7217000

unkown

page readonly

7FF5E72A5000

unkown

page readonly

19444585000

unkown

page read and write

1944453E000

unkown

page read and write

7FF5E8327000

unkown

page readonly

1944454C000

unkown

page read and write

1B038010000

unkown

page read and write

1B035AC5000

unkown

page read and write

19444562000

unkown

page read and write

7FF5E721A000

unkown

page readonly

1944455A000

unkown

page read and write

7FF5E7221000

unkown

page readonly

7FF527E79000

unkown

page readonly

19444566000

unkown

page read and write

194445AF000

unkown

page read and write

7FF57911A000

unkown

page readonly

1B035AA7000

unkown

page read and write

7FF5E724C000

unkown

page readonly

19444547000

unkown

page read and write

21F56530000

unkown

page readonly

23C46866000

unkown

page read and write

1944453D000

unkown

page read and write

294C8713000

unkown

page read and write

27F96270000

unkown

page read and write

1DA3BA02000

unkown

page read and write

8212C7B000

unkown

page read and write

7FF5C2D89000

unkown

page readonly

19444565000

unkown

page read and write

23C467B0000

unkown

page read and write

23C46862000

unkown

page read and write

7FF5E8187000

unkown

page readonly

7FF5E72AF000

unkown

page readonly

7FF5E6FD3000

unkown

page readonly

27F94857000

unkown

page read and write

7FF579349000

unkown

page readonly

7FF5E7260000

unkown

page readonly

7FF509F80000

unkown

page readonly

7FF5E8519000

unkown

page readonly

26CA2971000

unkown

page read and write

7FF509EE2000

unkown

page readonly

1B035ED0000

unkown

page readonly

1944452D000

unkown

page read and write

19444547000

unkown

page read and write

23989E60000

unkown

page readonly

19443EEC000

unkown

page read and write

23C47002000

unkown

page read and write

23C46780000

heap default

page read and write

ACB99AE000

unkown

page read and write

21F56602000

unkown

page read and write

7FF509F2F000

unkown

page readonly

1B035AE5000

unkown

page read and write

7FF5B7255000

unkown

page readonly

26CA2AAD000

unkown

page read and write

23989E55000

heap private

page read and write

7FF5E6AE6000

unkown

page readonly

21F56613000

unkown

page read and write

1CA449E0000

unkown

page read and write

7FF5E729E000

unkown

page readonly

19444563000

unkown

page read and write

8A359F9000

unkown

page read and write

7FF5E848C000

unkown

page readonly

7FF509DFD000

unkown

page readonly

7FF5E6FD7000

unkown

page readonly

7FF57932E000

unkown

page readonly

19444551000

unkown

page read and write

27F94780000

heap default

page read and write

7FF5E8469000

unkown

page readonly

7FF5E843A000

unkown

page readonly

7FF509F56000

unkown

page readonly

21F5663C000

unkown

page read and write

26C9DD18000

unkown

page read and write

8A3597A000

unkown

page read and write

294C9000000

unkown

page readonly

1DA3B1D0000

unkown

page read and write

23C46AD0000

unkown

page readonly

19444583000

unkown

page read and write

1B037B1B000

unkown

page read and write

294C8702000

unkown

page read and write

7FF579335000

unkown

page readonly

23C46869000

unkown

page read and write

7FF578EEA000

unkown

page readonly

1DA3B300000

unkown

page read and write

19444540000

unkown

page read and write

19444567000

unkown

page read and write

194443F0000

unkown

page read and write

1B035A55000

unkown

page read and write

1DA3B200000

unkown

page read and write

7FF5B7212000

unkown

page readonly

19444545000

unkown

page read and write

26CA2AC7000

unkown

page read and write

7FF579390000

unkown

page readonly

26C9DD59000

unkown

page read and write

1DA3B266000

unkown

page read and write

7FF579308000

unkown

page readonly

7FF57917F000

unkown

page readonly

1944453E000

unkown

page read and write

19444542000

unkown

page read and write

7FF5E81E0000

unkown

page readonly

7FF5E72D6000

unkown

page readonly

1B037980000

unkown

page readonly

23989ACE000

unkown

page read and write

7FF527EC2000

unkown

page readonly

7FF5793F9000

unkown

page readonly

7FF5B728C000

unkown

page readonly

294C84E0000

heap private

page read and write

7FF527E8D000

unkown

page readonly

7FF5B7319000

unkown

page readonly

F838EFE000

unkown

page read and write

7FF5E7262000

unkown

page readonly

19444551000

unkown

page read and write

7FF509DBA000

unkown

page readonly

1B035C00000

unkown

page readonly

160FA560000

unkown

page read and write

27F94790000

unkown

page write copy

26CA29A4000

unkown

page read and write

23C46864000

unkown

page read and write

23C46902000

unkown

page read and write

7FF5E7177000

unkown

page readonly

23C4685E000

unkown

page read and write

26CA2990000

unkown

page read and write

8212FFA000

unkown

page read and write

7FF5E8422000

unkown

page readonly

F838BFB000

unkown

page read and write

19444540000

unkown

page read and write

7FF5B70DE000

unkown

page readonly

7FF509F87000

unkown

page readonly

19444564000

unkown

page read and write

19444540000

unkown

page read and write

7FF5B709F000

unkown

page readonly

7FF5E8183000

unkown

page readonly

7FF5E850E000

unkown

page readonly

1B035A00000

unkown

page read and write

294C8650000

unkown

page read and write

7FF527F1E000

unkown

page readonly

7FF5B6E0A000

unkown

page readonly

23C4685C000

unkown

page read and write

294C864F000

unkown

page read and write

294C864D000

unkown

page read and write

BCF3C7F000

unkown

page read and write

19444559000

unkown

page read and write

7FF52AB6C000

unkown

page readonly

194445D7000

unkown

page read and write

23C4683D000

unkown

page read and write

7FF509D0A000

unkown

page readonly

21F56652000

unkown

page read and write

8A35A7E000

unkown

page read and write

7FF527F29000

unkown

page readonly

7FF5E845F000

unkown

page readonly

26CA2970000

unkown

page read and write

19444593000

unkown

page read and write

19444547000

unkown

page read and write

7FF5B7226000

unkown

page readonly

7FF5E71DC000

unkown

page readonly

1DA3B140000

heap private

page read and write

21F563F0000

heap private

page read and write

1DA3B22A000

unkown

page read and write

7FF5E8486000

unkown

page readonly

7FF5E720A000

unkown

page readonly

7FF5E84A7000

unkown

page readonly

19444538000

unkown

page read and write

1B035AFD000

unkown

page read and write

194445AF000

unkown

page read and write

1CA43047000

unkown

page read and write

7FF5E7369000

unkown

page readonly

294C8E02000

unkown

page read and write

7FF5E8496000

unkown

page readonly

7FF5E7173000

unkown

page readonly

7FF529FFE000

unkown

page readonly

7FF5E8455000

unkown

page readonly

1944454B000

unkown

page read and write

19444551000

unkown

page read and write

23989AA8000

heap default

page read and write

294C8570000

unkown

page read and write

7FF5E72E6000

unkown

page readonly

ACB9EFB000

unkown

page read and write

7FF5E72D1000

unkown

page readonly

7FF5B727D000

unkown

page readonly

26C9DD18000

unkown

page read and write

3A223FF000

unkown

page read and write

19444540000

unkown

page read and write

21F56540000

unkown

page readonly

7FF5E7201000

unkown

page readonly

8212DFA000

unkown

page read and write

19444549000

unkown

page read and write

821290F000

unkown

page read and write

19444539000

unkown

page read and write

294C8700000

unkown

page read and write

7FF578F00000

unkown

page readonly

27F96370000

unkown

page readonly

7FF5E847D000

unkown

page readonly

294C8629000

unkown

page read and write

7FF52AAE0000

unkown

page readonly

19444563000

unkown

page read and write

8A358FF000

unkown

page read and write

7FF509AE0000

unkown

page readonly

7FF509F39000

unkown

page readonly

7FF5E6AEA000

unkown

page readonly

1DA3B288000

unkown

page read and write

7FF527E65000

unkown

page readonly

1DA3B1C0000

unkown

page readonly

23C46813000

unkown

page read and write

7FF5E708B000

unkown

page readonly

23989AB6000

heap default

page read and write

23C46790000

unkown

page readonly

294C9340000

unkown

page readonly

1CA449E0000

unkown

page read and write

7FF509F66000

unkown

page readonly

23989AC7000

unkown

page read and write

19444A02000

unkown

page read and write

27F94720000

heap private

page read and write

26CA2C00000

unkown

page read and write

23989ACE000

unkown

page read and write

27F947E0000

unkown

page readonly

1CA43047000

unkown

page read and write

7FF5E7158000

unkown

page readonly

19444585000

unkown

page read and write

194445B3000

unkown

page read and write

F8387EF000

unkown

page read and write

1B0359B0000

unkown

page write copy

7FF5E70EF000

unkown

page readonly

7FF5B7222000

unkown

page readonly

19444563000

unkown

page read and write

21F56E02000

unkown

page read and write

7FF5272E9000

unkown

page readonly

1B035A82000

unkown

page read and write

1B037B02000

unkown

page read and write

23989E50000

heap private

page read and write

7FF5B6F4B000

unkown

page readonly

7FF57937C000

unkown

page readonly

19444572000

unkown

page read and write

19444539000

unkown

page read and write

23C46863000

unkown

page read and write

7FF5B72B7000

unkown

page readonly

26CA2ACD000

unkown

page read and write

1B037960000

unkown

page readonly

1B035CD0000

unkown

page readonly

27F94800000

unkown

page read and write

1944453C000

unkown

page read and write

23C46848000

unkown

page read and write

7FF5E72F7000

unkown

page readonly

26C9DD9A000

unkown

page read and write

7FF509FE9000

unkown

page readonly

26CA2AB4000

unkown

page read and write

7FF5E7C9A000

unkown

page readonly

7FF5791CA000

unkown

page readonly

26CA29A0000

unkown

page read and write

7FF5B7108000

unkown

page readonly

7FF5E7369000

unkown

page readonly

19444564000

unkown

page read and write

27F94AD0000

unkown

page readonly

7FF5E72CD000

unkown

page readonly

7FF5E7307000

unkown

page readonly

7FF5E7276000

unkown

page readonly

19444543000

unkown

page read and write

1DA3B4D0000

unkown

page readonly

7FF5B9019000

unkown

page readonly

8616D7F000

unkown

page read and write

19443EA8000

unkown

page read and write

21F5664F000

unkown

page read and write

F83876F000

unkown

page read and write

8212EFC000

unkown

page read and write

23C46858000

unkown

page read and write

19444538000

unkown

page read and write

7FF5E7017000

unkown

page readonly

8A355DB000

unkown

page read and write

7FF579231000

unkown

page readonly

19444A54000

unkown

page read and write

19444532000

unkown

page read and write

7FF5E83EA000

unkown

page readonly

1B037580000

unkown

page readonly

7FF5E83EC000

unkown

page readonly

F838AF5000

unkown

page read and write

7FF5B7210000

unkown

page readonly

19444540000

unkown

page read and write

7FF5E7278000

unkown

page readonly

1B037910000

heap private

page read and write

23C46883000

unkown

page read and write

7FF52AB80000

unkown

page readonly

7FF5E844E000

unkown

page readonly

7FF5E7025000

unkown

page readonly

23C46861000

unkown

page read and write

BCF34FC000

unkown

page read and write

8616FFE000

unkown

page read and write

7FF52AAF6000

unkown

page readonly

21F56700000

unkown

page read and write

7FF5B7311000

unkown

page readonly

1DA3B313000

unkown

page read and write

23C4684E000

unkown

page read and write

27F94813000

unkown

page read and write

23C46829000

unkown

page read and write

294C8550000

unkown

page readonly

7FF5E7304000

unkown

page readonly

23C46842000

unkown

page read and write

294C8560000

unkown

page readonly

194445D7000

unkown

page read and write

861698E000

unkown

page read and write

7FF5E6E73000

unkown

page readonly

23C4686A000

unkown

page read and write

21F5664D000

unkown

page read and write

7FF509EF2000

unkown

page readonly

19444537000

unkown

page read and write

7FF52AB66000

unkown

page readonly

7FF5793F1000

unkown

page readonly

7FF5B7269000

unkown

page readonly

8212D7E000

unkown

page read and write

7FF5B7228000

unkown

page readonly

19444536000

unkown

page read and write

26CA2974000

unkown

page read and write

7FF5E7272000

unkown

page readonly

1CA43057000

unkown

page read and write

19444580000

unkown

page read and write

BCF3D7E000

unkown

page read and write

1DA3BC00000

unkown

page readonly

821298E000

unkown

page read and write

19444587000

unkown

page read and write

21F56670000

unkown

page read and write

7FF5E8426000

unkown

page readonly

7FF52AB4D000

unkown

page readonly

7FF5B70EA000

unkown

page readonly

19444539000

unkown

page read and write

19444548000

unkown

page read and write

19444588000

unkown

page read and write

19444583000

unkown

page read and write

7FF5793EE000

unkown

page readonly

1DA3B254000

unkown

page read and write

7FF578B7A000

unkown

page readonly

19444552000

unkown

page read and write

1CA43056000

unkown

page read and write

7FF509F6C000

unkown

page readonly

1B035A13000

unkown

page read and write

7FF509F84000

unkown

page readonly

7FF5E72B9000

unkown

page readonly

7FF509F4D000

unkown

page readonly

1B037970000

unkown

page read and write

23989AC5000

unkown

page read and write

7FF57933F000

unkown

page readonly

21F8B060000

unkown

page read and write

7FF52AB56000

unkown

page readonly

19444567000

unkown

page read and write

7FF509DD8000

unkown

page readonly

26CA2C24000

unkown

page read and write

19444572000

unkown

page read and write

19444572000

unkown

page read and write

7FF5E7258000

unkown

page readonly

19444548000

unkown

page read and write

19444538000

unkown

page read and write

294C8613000

unkown

page read and write

7FF5E6E9D000

unkown

page readonly

21F56713000

unkown

page read and write

1B035A3F000

unkown

page read and write

7FF5E83C7000

unkown

page readonly

1B035AE2000

unkown

page read and write

7FF5E8511000

unkown

page readonly

7FF59F809000

unkown

page readonly

7FF5A5D79000

unkown

page readonly

21F56600000

unkown

page read and write

21F56629000

unkown

page read and write

21F8B060000

unkown

page read and write

7FF5792F2000

unkown

page readonly

19444562000

unkown

page read and write

7FF509F75000

unkown

page readonly

21F56460000

unkown

page readonly

7FF527B57000

unkown

page readonly

1B037B4C000

unkown

page read and write

19444540000

unkown

page read and write

821317F000

unkown

page read and write

1B037970000

unkown

page read and write

23C4687D000

unkown

page read and write

26CA2AB0000

unkown

page read and write

19444545000

unkown

page read and write

7FF5E723C000

unkown

page readonly

23989A90000

unkown

page readonly

21F56450000

heap default

page read and write

23C4687C000

unkown

page read and write

1DA3BF40000

unkown

page readonly

7FF5E83D1000

unkown

page readonly

21F56702000

unkown

page read and write

8212E7F000

unkown

page read and write

7FF4F7E89000

unkown

page readonly

21F56800000

unkown

page readonly

8616C7E000

unkown

page read and write

7FF5791BE000

unkown

page readonly

19444527000

unkown

page read and write

7FF509FE1000

unkown

page readonly

7FF5B72A5000

unkown

page readonly

7FF527F21000

unkown

page readonly

3A2257C000

unkown

page read and write

821288B000

unkown

page read and write

7FF5B7286000

unkown

page readonly

7FF509DF3000

unkown

page readonly

194443F0000

unkown

page read and write

23C46720000

heap private

page read and write

1B0359A0000

heap default

page read and write

19444A02000

unkown

page read and write

19444532000

unkown

page read and write

26CA2970000

unkown

page read and write

1B037480000

unkown

page read and write

1B035B13000

unkown

page read and write

1DA3B400000

unkown

page readonly

1B037B00000

unkown

page read and write

7FF5793F9000

unkown

page readonly

7FF5E7247000

unkown

page readonly

7FF5E7361000

unkown

page readonly

BCF35FE000

unkown

page read and write

19444583000

unkown

page read and write

86170FF000

unkown

page read and write

19444541000

unkown

page read and write

23989A40000

unkown

page read and write

7FF5B718C000

unkown

page readonly

7FF5E7214000

unkown

page readonly

27F94902000

unkown

page read and write

23C46802000

unkown

page read and write

23C46874000

unkown

page read and write

1DA3B1B0000

unkown

page readonly

7FF52AB39000

unkown

page readonly

7FF509E5C000

unkown

page readonly

3A224FF000

unkown

page read and write

23989AB1000

unkown

page read and write

ACB9DFE000

unkown

page read and write

26C9DD59000

unkown

page read and write

27F94829000

unkown

page read and write

7FF52AB75000

unkown

page readonly

7FF5D0449000

unkown

page readonly

26CA2960000

unkown

page read and write

23C46859000

unkown

page read and write

1B037900000

unkown

page readonly

3A2237F000

unkown

page read and write

294C863C000

unkown

page read and write

7FF5E6FC4000

unkown

page readonly

19444532000

unkown

page read and write

23989A60000

unkown

page read and write

7FF509ADA000

unkown

page readonly

1B037B2B000

unkown

page read and write

19444546000

unkown

page read and write

7FF5E709C000

unkown

page readonly

1B037C00000

unkown

page readonly

7FF509EE0000

unkown

page readonly

21F5668C000

unkown

page read and write

19444532000

unkown

page read and write

BCF3B77000

unkown

page read and write

7FF598CA9000

unkown

page readonly

1B035940000

heap private

page read and write

7FF5B723A000

unkown

page readonly

23C46856000

unkown

page read and write

23C4685A000

unkown

page read and write

7FF5E8519000

unkown

page readonly

19444583000

unkown

page read and write

1944453F000

unkown

page read and write

F838DFF000

unkown

page read and write

861690B000

unkown

page read and write

7FF509F0A000

unkown

page readonly

7FF509F25000

unkown

page readonly

23989C70000

unkown

page readonly

26C9DD18000

unkown

page read and write

7FF5E8308000

unkown

page readonly

7FF57902B000

unkown

page readonly

7FF509FE9000

unkown

page readonly

26CA2C21000

unkown

page read and write

8616DFE000

unkown

page read and write

7FF509EF6000

unkown

page readonly

3A22479000

unkown

page read and write

7FF527E3A000

unkown

page readonly

7FF5E8323000

unkown

page readonly

7FF5E6FEC000

unkown

page readonly

7FF5B7157000

unkown

page readonly

7FF5B6AA0000

unkown

page readonly

19444572000

unkown

page read and write

7FF52AB1E000

unkown

page readonly

7FF5B6E20000

unkown

page readonly

BCF3A7E000

unkown

page read and write

160FA560000

unkown

page read and write

3A222FE000

unkown

page read and write

7FF5B725F000

unkown

page readonly

7FF5276E4000

unkown

page readonly

1CA43057000

unkown

page read and write

21F56550000

unkown

page read and write

ACB992B000

unkown

page read and write

7FF579376000

unkown

page readonly

19444546000

unkown

page read and write

7FF5B712D000

unkown

page readonly

23C4686C000

unkown

page read and write

7FF52AB2F000

unkown

page readonly

26CA2975000

unkown

page read and write

7FF5E8280000

unkown

page readonly

1B037970000

unkown

page read and write

3A2227A000

unkown

page read and write

7FF527EB5000

unkown

page readonly

7FF52AB0A000

unkown

page readonly

7FF509D6F000

unkown

page readonly

19444A02000

unkown

page read and write

1B037A02000

unkown

page read and write

ACBA1FE000

unkown

page read and write

7FF509EF8000

unkown

page readonly

7FF579397000

unkown

page readonly

7FF579394000

unkown

page readonly

19444525000

unkown

page read and write

1DA3B1A0000

heap default

page read and write

23C46800000

unkown

page read and write

7FF5E72DC000

unkown

page readonly

7FF52A90A000

unkown

page readonly

7FF527F29000

unkown

page readonly

7FF527EA6000

unkown

page readonly

26C9DD18000

unkown

page read and write

7FF5B7319000

unkown

page readonly

7FF5276E7000

unkown

page readonly

ACB9D75000

unkown

page read and write

7FF5E72EC000

unkown

page readonly

23989BA0000

unkown

page readonly

26CA2AB3000

unkown

page read and write

7FF57935D000

unkown

page readonly

294C8670000

unkown

page read and write

294C8708000

unkown

page read and write

7FF5E7030000

unkown

page readonly

294C8652000

unkown

page read and write

1944455C000

unkown

page read and write

1DA3B23C000

unkown

page read and write

19444565000

unkown

page read and write

7FF52ABE9000

unkown

page readonly

23C46860000

unkown

page read and write

7FF5B6A9A000

unkown

page readonly

23C46845000

unkown

page read and write

19444539000

unkown

page read and write

1B0378F0000

unkown

page read and write

7FF578EF0000

unkown

page readonly

23C46844000

unkown

page read and write

21F57000000

unkown

page readonly

1944456F000

unkown

page read and write

7FF509FDE000

unkown

page readonly

19444565000

unkown

page read and write

19444548000

unkown

page read and write

7FF5B7296000

unkown

page readonly

19444583000

unkown

page read and write

19444588000

unkown

page read and write

7FF5E84B0000

unkown

page readonly

F838CF7000

unkown

page read and write

7FF5E70A8000

unkown

page readonly

ACBA0FE000

unkown

page read and write

7FF5E70CE000

unkown

page readonly

194445C6000

unkown

page read and write

294C88D0000

unkown

page readonly

26CA29D0000

unkown

page read and write

7FF579306000

unkown

page readonly

1B0379A0000

unkown

page readonly

19444A61000

unkown

page read and write

21F5667E000

unkown

page read and write

19444548000

unkown

page read and write

7FF527E96000

unkown

page readonly

23C4687A000

unkown

page read and write

26CA2CC0000

unkown

page read and write

294C8540000

heap default

page read and write

7FF5B724E000

unkown

page readonly

1B035B02000

unkown

page read and write

7FF527E5E000

unkown

page readonly

7FF509F5C000

unkown

page readonly

194445A8000

unkown

page read and write

7FF5B72B4000

unkown

page readonly

1B037B4C000

unkown

page read and write

21F56708000

unkown

page read and write

7FF5D7869000

unkown

page readonly

7FF52A96F000

unkown

page readonly

7FF5B730E000

unkown

page readonly

19444580000

unkown

page read and write

7FF5B7123000

unkown

page readonly

294C864B000

unkown

page read and write

7FF5E81D5000

unkown

page readonly

7FF52AB84000

unkown

page readonly

7FF5E8428000

unkown

page readonly

7FF5E7C96000

unkown

page readonly

7FF5E84B7000

unkown

page readonly

23C467A0000

unkown

page readonly

19444538000

unkown

page read and write

1B035A29000

unkown

page read and write

7FF5792F0000

unkown

page readonly

7FF509F1E000

unkown

page readonly

23C46857000

unkown

page read and write

21F56655000

unkown

page read and write

7FF579385000

unkown

page readonly

7FF5E728A000

unkown

page readonly

27F9483F000

unkown

page read and write

7FF579302000

unkown

page readonly

7FF5B7151000

unkown

page readonly

7FF509AF0000

unkown

page readonly

23C4685F000

unkown

page read and write

7FF5E84B4000

unkown

page readonly

26C9DD58000

unkown

page read and write

7FF5E826A000

unkown

page readonly

7FF527E38000

unkown

page readonly

1B037970000

unkown

page read and write

7FF57926C000

unkown

page readonly

1944453D000

unkown

page read and write

1DA3B213000

unkown

page read and write

F8386EB000

unkown

page read and write

23989AA0000

heap default

page read and write

7FF52AAF8000

unkown

page readonly

7FF5E70D0000

unkown

page readonly

7FF5E83CA000

unkown

page readonly

294C868A000

unkown

page read and write

7FF509DAE000

unkown

page readonly

7FF57936C000

unkown

page readonly

27F94802000

unkown

page read and write

7FF52ABDE000

unkown

page readonly

1DA3B308000

unkown

page read and write

26CA2CC0000

unkown

page read and write

23989ACE000

unkown

page read and write

8213079000

unkown

page read and write

7FF578B80000

unkown

page readonly

There are 678 hidden memdumps, click here to show them.

DOM / HTML

URL

Malicious

https://igv-uj.xyz/go/+%20%20login.microsoftonline.com%20%20%20%20%20%20secure%20%20%20%20%20%20%20%20microsoftonline%20%20%20%20%20%20%20%20%20%20online%20%20%20%20%20%20%20%20%20.php

https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=roJutOdci0KaZVg6%2Ba912g.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBBBE2211A9BFBBEA!212&wdo=2&wde=ca&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1618019288769&jsapi=1&jsapiver=v1&newsession=1&corrid=4f5684f2-075d-472a-bce5-ed25cddc5100&usid=4f5684f2-075d-472a-bce5-ed25cddc5100&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1617986923&rver=7.1.6819.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fclient_id%3D572381%26redirect_uri%3Dhttps%253A%252F%252Fweb.skype.com%252FAuth%252FPostHandler%26state%3Db54de359-6da3-40d9-8724-331152618f47&lc=1033&id=293290&mkt=en-US&psi=skype&lw=1&cobrandid=2befc4b5-19e3-46e8-8347-77317a16a5a5&client_flight=ReservedFlight33%2CReservedFlight67

https://sway.office.com/?ui=en-US&rs=US

https://login.microsoftonline.com/savedusers?wreply=https://sway.office.com/&appid=905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba&mectrlwinsso=true&sso_reload=true

https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondcnotebooks&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de

https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true

https://cpanel.net/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404referral

https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks

https://onedrive.live.com/view.aspx?resid=BBBE2211A9BFBBEA!212&authkey=!AEJn6N9d9VRmlNY

https://onedrive.live.com/redir?resid=BBBE2211A9BFBBEA%21212&authkey=%21AEJn6N9d9VRmlNY&page=View&wd=target%28Quick%20Notes.one%7Cd345f682-9db9-4a34-aa4e-8fdf72cc3b02%2FCCTFA%7C1a778126-1cf3-4b49-9c82-e5cf527a3436%2F%29

https://cpanel.net/privacy-policy/

https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1

https://login.microsoftonline.com/common/oauth2/authorize?client_id=6204c1d1-4712-4c46-a7d9-3ed63d992682&resource=https%3A%2F%2Fservice.flow.microsoft.com%2F&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3D3jrQXStM15hwRBjptWh5Si1YtTMabvSjFGruxtw83sJnGdotpgxquQJUh1qvYcp9n7PUhH1Saq2uTWOEq3FISb2ZoaZRBBpErVH5dM5YzWsBtVoa80V7nrxaNlyASY-x1xeZOtOMFi-bzhvrSAlGjGj6Zam8uwzQoEn035u3MvoB73xIauOa_ajbiYUMjIduuEZ4EpeMDdMviVB37Gh-KZBIJ_kKl-Ijqb3J-ustFErKXtULBch7gYdKWm_mFtnb5W0Y7CRHvNhNtd_qXUyFYg&response_mode=form_post&nonce=637535837244320327.NWVlOGQ3ZmUtNjNiNS00NmRhLThjNjQtODQxOGM2Yzg0MmNiOWQ0OWUxMjYtMDlmZi00MDA2LTlhMDEtY2FiMjkxZTMzNTk3&redirect_uri=https%3A%2F%2Fflow.microsoft.com%2F&post_logout_redirect_uri=https%3A%2F%2Fflow.microsoft.com%2F&nux=1&msafed=1&x-client-SKU=ID_NET45&x-client-ver=5.3.0.0

https://igv-uj.xyz/go/Sign%20in%20to%20your%20account_files/prefetch(1).html

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1617986942&rver=7.1.6819.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fclient_id%3D572381%26redirect_uri%3Dhttps%253A%252F%252Fweb.skype.com%252FAuth%252FPostHandler%26state%3D7b6265ce-6754-4a13-8b43-9a100f5aeb5f&lc=1033&id=293290&mkt=en-US&psi=skype&lw=1&cobrandid=2befc4b5-19e3-46e8-8347-77317a16a5a5&client_flight=ReservedFlight33%2CReservedFlight67

https://login.microsoftonline.com/common/oauth2/authorize?client_id=6204c1d1-4712-4c46-a7d9-3ed63d992682&resource=https%3A%2F%2Fservice.flow.microsoft.com%2F&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DSyR28VEtzzXsykjqi-v55uL0NY1Jv9Vs7i3p0LZxPzOnhfX9fUUK_WDnEThnF8YS5tHo7oF5QmHNTi7mj0ykUIG6vyIo-UHzlx52mhtDgyrCTIarbX0M8H1vuX-PTgWChnbDfu6oOilxJJBMgQQ4pC-1687gl-fe6_FcSH1zvh06nRkFvEXuIvG9SqZ6LxdbJ3_ZezX5Z66YH5tmMr5ig4lQCmaOfc6o5hiF-ZjkVqnP8uuw7pysrGz-LNaWawZGhuSN6VIi9eTMOhijc0p30w&response_mode=form_post&nonce=637535837439415970.MWIyN2Q1ODAtZjQ0Yy00MDZhLTk4MWYtZTY5ZjFkY2YxOTU0MTQ3MjU3NmEtNGJlYy00M2JlLWI0Y2ItYWRiNTBmOWNmNzVj&redirect_uri=https%3A%2F%2Fflow.microsoft.com%2F&post_logout_redirect_uri=https%3A%2F%2Fflow.microsoft.com%2F&nux=1&msafed=1&x-client-SKU=ID_NET45&x-client-ver=5.3.0.0

https://igv-uj.xyz/go/Sign%20in%20to%20your%20account_files/prefetch(1).html

There are 9 hidden doms, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOCReport

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

DOM / HTML