IOCReport

loading gif

Files

File Path
Type
Category
Malicious
https://cccounty-my.sharepoint.com:443/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTcabNAlPBEs5P2S2tskyUBhQhFZwBkm1yxjBcGA2YQ5A?e=4%3aJ55MhG&at=9
URL
initial url
 malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\2a9a0d61-d368-4fa5-bdf1-8a17b1465db0.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\3b3a67de-571d-4d50-b611-9a2f58001b13.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\3d8bd7bd-1e0d-433c-937d-3b6fe88ccfb6.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\80b92f5e-1af5-47b8-8a52-1d9f2821fd4f.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\82f7701b-8e6a-4d5d-9731-c24499eab8f2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\02f10b20-624c-4574-bca9-222400ff88ab.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\07737f85-48a4-4268-a7b1-6fc14a7a82c7.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0f96e568-8533-49f4-bb6a-0e7f81cf8af1.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\19480760-04f7-416c-b509-6fb989b37d2a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1bb6e6f9-7b0f-4989-84be-56a9b40525f6.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4008cc86-4ba3-4be3-9cf6-359ef989c609.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4ed80575-7a24-428a-b1d4-ba5194805ce9.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5703ca06-bf7a-46ab-b8b7-8a209145f104.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5983c13b-a561-4a3e-ab61-7b97d5068539.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6bf45214-0143-45bc-b2ac-8d7b0a940340.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7630cb86-5e8d-4a52-ba35-111751caa80d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9ae5b71a-19cd-47fe-9bdb-b45f4cf9210c.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0481116f3cd8293f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\04b9cf4c7c39886f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\087e843a6a77f2e0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\094e2d6bf2abec98_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0b6a779b97f6aaad_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1316511c4faf2fc7_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\136d745a1210e64e_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\14557f4877e37a1a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\14c06f6781117c4a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\166ee82c52b87e97_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1addd37645bc92bb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\225853b3d3cc9c98_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\300bb9fb98ab63f0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\30411d1af682235b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\328b75cf02d95d5e_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\347259540ff04e44_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\38c7c19d1d0ee3c7_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\462d64d34aad30da_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a7b0a16eebe4c59_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4ac2f448771ab57b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5563163b962da706_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6686b0c92e7fc912_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\76c0ccd3a8d876aa_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\839dc2a9677b3e84_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83e647e14a56f97a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\86aa07f121a6237f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f3c2e2c260a7099_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\94d12f6ce814ffd5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a5575bef7c495dc_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a4e37f7fb809c2dc_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a7088b4299cd1633_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ae966ea7cdbe242d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b5c044ed76bbe646_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c94540d4c86c0448_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0f7c6311eac26cc_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d70d38ab121c5d18_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e80e6e93d4807d92_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e9e05c56f0030d6b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee5d3a8d13f7d9ff_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\e72addbe-6b1d-45a5-b361-9657049270c6.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\7bfb62a6-3a75-44fc-af2c-f79f44843a16.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b43606ef-0c04-4907-ba18-dd1835cb1538.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\be4755c6-1d2c-426f-9633-f0817db4ccdd.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c438ab14-ff9d-4fda-9438-bbc1d9ab01d9.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d07cb13e-4265-4bdc-a0eb-247755ccc8b1.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\da4f4bd3-ae89-4403-9468-09b0fff43257.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fee28290-59eb-49d0-a7b9-6a7612753d29.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\afc33b3b-6acd-4d68-846a-f210b978abc4.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\c41ab0b5-db3f-4edf-9841-d59df1078f98.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\8578694f-e9fb-400a-acc9-2a1177710abf.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\c5754e04-48e4-4e4e-9c4b-9fd8a11db8b1.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\dd30a7c4-ec6f-4027-a135-c8fbcb5bbb40.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\f3fa91dc-d76a-4dac-a922-0b9b6a6d1729.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_182733379\f3fa91dc-d76a-4dac-a922-0b9b6a6d1729.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4440_1917804545\dd30a7c4-ec6f-4027-a135-c8fbcb5bbb40.tmp
Google Chrome extension, version 3
dropped
 clean
There are 208 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://cccounty-my.sharepoint.com:443/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTcabNAlPBEs5P2S2tskyUBhQhFZwBkm1yxjBcGA2YQ5A?e=4%3aJ55MhG&at=9'
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,11341300835914849824,6073494584447434684,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1768 /prefetch:8
clean

URLs

Name
IP
Malicious
https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTcabNAlPBEs5P2S2tskyUBhQhFZwBkm1yxjBcGA2YQ5A?e=4%3aJ55MhG&at=9
malicious
https://assets.onestore.ms/
unknown
 clean
https://logincdn.msauth.net/16.000/content/js/MeControl_cT3-bL3bZ5AAnjmz77cksQ2.js
unknown
 clean
https://logincdn.msauth.net/16.000/content/js/MeControl_cT3-bL3bZ5AAnjmz77cksQ2.jsaD
unknown
 clean
https://dns.google
unknown
 clean
https://live.com/QB
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/en-US/meBoot.min.jsaD
unknown
 clean
https://sharepoint.com/
unknown
 clean
https://ajax.aspnetcdn.com
unknown
 clean
https://aka.ms/PrivacyReport5
unknown
 clean
https://mem.gfx.ms/meversion?partner=OfficeProducts&market=de-ch&uhf=1
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.1.min.js
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/en-US/meCore.min.jsaD
unknown
 clean
https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTcabNAlPBEs5P2S2tsk
unknown
 clean
https://consentreceiverfd-prod.azurefd.net/v1
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.jsaD
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/en-US/meCore.min.js
unknown
 clean
https://mem.gfx.ms/meversion?partner=amc&market=en-us&uhf=1
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.js
unknown
 clean
https://ajax.aspnetcdn.com/
unknown
 clean
https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-us&uhf=1
unknown
 clean
https://cccounty-my.sharepoint.com/personal/dcdresources_dcd_cccounty_us/_layouts/15/guestaccess.asp
unknown
 clean
https://amp.azure.net/libs/amp/1.8.0/azuremediaplayer.min.js
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/en-US/meBoot.min.js
unknown
 clean
https://cccounty-my.sharepoint.com/
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.js
unknown
 clean
https://cccounty-my.sharepoint.com/ScriptResource.axd?d=1fDsP7T8iuixVwu-fVH5iZr4cSvnLTO52_v1doY-7Fhg
unknown
 clean
https://cccounty-my.sharepoint.com/WebResource.axd?d=M5O6KBnw2Kc30Ye7wKtYeOmA0-ax1yV1j7R_PuQmXE74ijK
unknown
 clean
https://aka.ms/PrivacyReport
unknown
 clean
https://cccounty-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://cccounty-my.sharepoint.com/ScriptResource.axd?d=XLHvvuqUg5InnNgZ7caYxePwb7iO9lfyUqU9z6CieiK1
unknown
 clean
https://spoprod-a.akamaihd.net
unknown
 clean
https://cccounty-my.sharepoint.com/ScriptResource.axd?d=XjLkEB_vSvznU474E48kPJA1H9JTKlbxQRrF9mf4oevb
unknown
 clean
https://logincdn.msauth.net
unknown
 clean
https://aka.ms/PrivacyReportMicrosoft
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
There are 28 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
cs1227.wpc.alphacdn.net
192.229.221.185
 clean
aka.ms
95.101.18.109
 clean
20687-ipv4.farm.prod.aa-rt.sharepoint.com
40.108.248.29
 clean
googlehosted.l.googleusercontent.com
216.58.212.129
 clean
clients2.googleusercontent.com
unknown
 clean
logincdn.msauth.net
unknown
 clean
assets.onestore.ms
unknown
 clean
amp.azure.net
unknown
 clean
spoprod-a.akamaihd.net
unknown
 clean
ajax.aspnetcdn.com
unknown
 clean
cccounty-my.sharepoint.com
unknown
 clean
mem.gfx.ms
unknown
 clean
There are 2 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
216.58.212.129
googlehosted.l.googleusercontent.com
United States
clean
40.108.248.29
20687-ipv4.farm.prod.aa-rt.sharepoint.com
United States
clean
95.101.18.109
aka.ms
European Union
clean
239.255.255.250
unknown
Reserved
clean
192.229.221.185
cs1227.wpc.alphacdn.net
United States
clean
127.0.0.1
unknown
unknown
clean

Registry

Path
Value
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
ahfgeienlihckogmohjhadlkjgocpleb
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
kmendfapggjehodndflmmgagdbamhnfd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mfehgcgbbipciphmccgaenjidiccnmng
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
neajdppkdcdipfabeoofebfddakdcjhd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nkeimhogjdpnpccoofpliimaahmaaome
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.reporting
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
module_blacklist_cache_md5_digest
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
media.storage_id_salt
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_seed
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
default_search_provider_data.template_url_data
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
safebrowsing.incidents_sent
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pinned_tabs
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
search_provider_overrides
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_default_search
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_username
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.restore_on_startup
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_version
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.prompt_wave
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage_is_newtabpage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
browser.show_home_button
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
user_experience_metrics.stability.exited_cleanly
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
lastrun
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
There are 33 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF4F23FD000
unkown
page readonly
 clean
7FF4F25C0000
unkown
page readonly
 clean
7FF4F24C4000
unkown
page readonly
 clean
1098C259000
unkown
page read and write
 clean
1098C170000
unkown
page readonly
 clean
7FF5DFEAD000
unkown
page readonly
 clean
7FF4F24A7000
unkown
page readonly
 clean
1098C27A000
unkown
page read and write
 clean
7FF5DFC33000
unkown
page readonly
 clean
1C4C9268000
unkown
page read and write
 clean
7FF5DFF50000
unkown
page readonly
 clean
7FF4F22F7000
unkown
page readonly
 clean
1C4C9313000
unkown
page read and write
 clean
1098C266000
unkown
page read and write
 clean
1E7907D1000
unkown
page read and write
 clean
1C4C9200000
unkown
page read and write
 clean
7FF4F23DE000
unkown
page readonly
 clean
7FF4F253A000
unkown
page readonly
 clean
7FF5DFE77000
unkown
page readonly
 clean
7FF4F2533000
unkown
page readonly
 clean
1098C200000
unkown
page read and write
 clean
7FF5DF377000
unkown
page readonly
 clean
1E7907BE000
unkown
page read and write
 clean
1E7907D4000
unkown
page read and write
 clean
1E790910000
unkown
page read and write
 clean
1098C279000
unkown
page read and write
 clean
1E78BB18000
unkown
page read and write
 clean
7FF515C0F000
unkown
page readonly
 clean
1E790B03000
unkown
page read and write
 clean
1C4C9302000
unkown
page read and write
 clean
1C4C9268000
unkown
page read and write
 clean
1098C262000
unkown
page read and write
 clean
1098C26B000
unkown
page read and write
 clean
7FF4F251D000
unkown
page readonly
 clean
1C4C9268000
unkown
page read and write
 clean
1C4C923F000
unkown
page read and write
 clean
1098C25F000
unkown
page read and write
 clean
7FF5DFECA000
unkown
page readonly
 clean
7FF4F2553000
unkown
page readonly
 clean
7FF5DFF6E000
unkown
page readonly
 clean
1C4C9300000
unkown
page read and write
 clean
7FF4F21CD000
unkown
page readonly
 clean
1C4C9060000
unkown
page readonly
 clean
1C4C9202000
unkown
page read and write
 clean
1E78BB59000
unkown
page read and write
 clean
9711FF000
unkown
page read and write
 clean
7FF4F2367000
unkown
page readonly
 clean
7FF4F25AF000
unkown
page readonly
 clean
7FF4F2315000
unkown
page readonly
 clean
1098C246000
unkown
page read and write
 clean
1098C269000
unkown
page read and write
 clean
1C4C9268000
unkown
page read and write
 clean
7FF4F2500000
unkown
page readonly
 clean
1098C255000
unkown
page read and write
 clean
1E790AB7000
unkown
page read and write
 clean
7FF4F21BF000
unkown
page readonly
 clean
1098C24D000
unkown
page read and write
 clean
7FF4F25DB000
unkown
page readonly
 clean
1098C27E000
unkown
page read and write
 clean
7FF5DFE98000
unkown
page readonly
 clean
1C4CACA0000
unkown
page readonly
 clean
63060FF000
unkown
page read and write
 clean
7FF4F25EF000
unkown
page readonly
 clean
630637D000
unkown
page read and write
 clean
7FF4F25A8000
unkown
page readonly
 clean
1C4C9268000
unkown
page read and write
 clean
7FF4F2529000
unkown
page readonly
 clean
7FF5487AF000
unkown
page readonly
 clean
1E790900000
unkown
page read and write
 clean
7FF4F1C9B000
unkown
page readonly
 clean
1098C25C000
unkown
page read and write
 clean
1C4C9050000
heap default
page read and write
 clean
63063FF000
unkown
page read and write
 clean
1E790AB5000
unkown
page read and write
 clean
1E790AC1000
unkown
page read and write
 clean
1D729DD0000
unkown
page read and write
 clean
9710FE000
unkown
page read and write
 clean
7FF5DF375000
unkown
page readonly
 clean
1098C400000
unkown
page readonly
 clean
1098C258000
unkown
page read and write
 clean
7FF5DFD1D000
unkown
page readonly
 clean
1C4C9268000
unkown
page read and write
 clean
7FF5DFEE5000
unkown
page readonly
 clean
7FF5DFF46000
unkown
page readonly
 clean
7FF4F25BB000
unkown
page readonly
 clean
1E7907E0000
unkown
page read and write
 clean
266989EF000
heap private
page read and write
 clean
1098C284000
unkown
page read and write
 clean
1098C230000
unkown
page read and write
 clean
7FF4F25EF000
unkown
page readonly
 clean
1D729DD0000
unkown
page read and write
 clean
1C4C9268000
unkown
page read and write
 clean
1098C257000
unkown
page read and write
 clean
1098C22F000
unkown
page read and write
 clean
7FF4F25DE000
unkown
page readonly
 clean
7FF5DFF7F000
unkown
page readonly
 clean
7FF5BD69F000
unkown
page readonly
 clean
1098C26D000
unkown
page read and write
 clean
7FF5DFF64000
unkown
page readonly
 clean
266988F0000
heap private
page read and write
 clean
1D729DD0000
unkown
page read and write
 clean
1C4C9268000
unkown
page read and write
 clean
1E790AB3000
unkown
page read and write
 clean
7FF542B9F000
unkown
page readonly
 clean
1C4C9213000
unkown
page read and write
 clean
1E790AD0000
unkown
page read and write
 clean
1098C26F000
unkown
page read and write
 clean
7FF4F2525000
unkown
page readonly
 clean
1E78BB18000
unkown
page read and write
 clean
970BDE000
unkown
page read and write
 clean
7FF4F249D000
unkown
page readonly
 clean
1C4C9229000
unkown
page read and write
 clean
1E7907F4000
unkown
page read and write
 clean
7FF4F21D2000
unkown
page readonly
 clean
1E7907B4000
unkown
page read and write
 clean
1C4C9400000
unkown
page readonly
 clean
7FF4F2508000
unkown
page readonly
 clean
7FF4F24A0000
unkown
page readonly
 clean
1E7907B0000
unkown
page read and write
 clean
1098C242000
unkown
page read and write
 clean
1C4C9268000
unkown
page read and write
 clean
1E790AB1000
unkown
page read and write
 clean
1098C27D000
unkown
page read and write
 clean
7FF5DFEB9000
unkown
page readonly
 clean
1E78BB18000
unkown
page read and write
 clean
7FF5DFF7F000
unkown
page readonly
 clean
1098C239000
unkown
page read and write
 clean
1098C240000
unkown
page read and write
 clean
1C4C9255000
unkown
page read and write
 clean
7FF5DFF38000
unkown
page readonly
 clean
1E790910000
unkown
page read and write
 clean
1098C274000
unkown
page read and write
 clean
7FF5DFE8C000
unkown
page readonly
 clean
630617F000
unkown
page read and write
 clean
1098C275000
unkown
page read and write
 clean
1098C27B000
unkown
page read and write
 clean
1098C25A000
unkown
page read and write
 clean
1098C160000
heap default
page read and write
 clean
630607B000
unkown
page read and write
 clean
7FF4F24FC000
unkown
page readonly
 clean
1098C25E000
unkown
page read and write
 clean
1098CA02000
unkown
page read and write
 clean
1E790AAF000
unkown
page read and write
 clean
1C4C9268000
unkown
page read and write
 clean
7FF5DFEB5000
unkown
page readonly
 clean
1098C180000
unkown
page readonly
 clean
7FF5DFF3F000
unkown
page readonly
 clean
1098C260000
unkown
page read and write
 clean
7FF4F25D4000
unkown
page readonly
 clean
1098C241000
unkown
page read and write
 clean
7FF4F25CD000
unkown
page readonly
 clean
1098C267000
unkown
page read and write
 clean
1E78BB59000
unkown
page read and write
 clean
970ADB000
unkown
page read and write
 clean
1C4CABA0000
unkown
page read and write
 clean
1E790AB9000
unkown
page read and write
 clean
1E7907B1000
unkown
page read and write
 clean
7FF4F22ED000
unkown
page readonly
 clean
1E7907F0000
unkown
page read and write
 clean
7FF5DFF7B000
unkown
page readonly
 clean
1E78BB59000
unkown
page read and write
 clean
1C4C926A000
unkown
page read and write
 clean
970FFE000
unkown
page read and write
 clean
1098C213000
unkown
page read and write
 clean
1098C302000
unkown
page read and write
 clean
630627A000
unkown
page read and write
 clean
7FF4F25B6000
unkown
page readonly
 clean
7FF5DFF4B000
unkown
page readonly
 clean
1E790880000
unkown
page read and write
 clean
1E790910000
unkown
page read and write
 clean
1E78BB18000
unkown
page read and write
 clean
1C4C9268000
unkown
page read and write
 clean
63061F9000
unkown
page read and write
 clean
7FF4F21DA000
unkown
page readonly
 clean
7FF4F24F7000
unkown
page readonly
 clean
1098C23C000
unkown
page read and write
 clean
1098C261000
unkown
page read and write
 clean
1098C248000
unkown
page read and write
 clean
1E790CB0000
unkown
page read and write
 clean
7FF4F25EB000
unkown
page readonly
 clean
1098C229000
unkown
page read and write
 clean
1C4C8FF0000
heap private
page read and write
 clean
1C4C9180000
unkown
page readonly
 clean
1098C4D0000
unkown
page readonly
 clean
1098C100000
heap private
page read and write
 clean
1C4C9130000
unkown
page write copy
 clean
7FF5DFF6B000
unkown
page readonly
 clean
1098C264000
unkown
page read and write
 clean
1E790AB5000
unkown
page read and write
 clean
1E790910000
unkown
page read and write
 clean
1098C263000
unkown
page read and write
 clean
970B5E000
unkown
page read and write
 clean
7FF54A40F000
unkown
page readonly
 clean
1098C22D000
unkown
page read and write
 clean
1E7907B0000
unkown
page read and write
 clean
1E7907B8000
unkown
page read and write
 clean
7FF5DFEC3000
unkown
page readonly
 clean
1098C24E000
unkown
page read and write
 clean
63062FE000
unkown
page read and write
 clean
7FF5663CF000
unkown
page readonly
 clean
1098C256000
unkown
page read and write
 clean
1C4C9268000
unkown
page read and write
 clean
1C4C926C000
unkown
page read and write
 clean
1E78BB59000
unkown
page read and write
 clean
1098C190000
unkown
page read and write
 clean
1C4C9268000
unkown
page read and write
 clean
There are 196 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://cccounty-my.sharepoint.com/:b:/g/personal/dcdresources_dcd_cccounty_us/EXTcabNAlPBEs5P2S2tskyUBhQhFZwBkm1yxjBcGA2YQ5A?e=4%3aJ55MhG&at=9
 malicious
https://privacy.microsoft.com/en-us/privacystatement#maincookiessimilartechnologiesmodule
 clean
https://account.microsoft.com/account/privacy?ru=https%3A%2F%2Faccount.microsoft.com%2Fprivacy&destrt=privacy-dashboard
 clean
https://www.microsoft.com/store/buy/cartcount
 clean
https://www.microsoft.com/en-us/microsoft-365/microsoft-office
 clean
https://privacy.microsoft.com/en-us/privacystatement
 clean
https://privacy.microsoft.com/en-US/privacy-report
 clean
https://privacy.microsoft.com/en-US/privacy-in-our-products
 clean
https://www.microsoft.com/de-ch/microsoft-365?rtc=1
 clean
https://privacy.microsoft.com/en-US/
 clean