IOC Report

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Local\Google\Chrome\User Data\064603d0-503d-4c55-8bde-18b275ae2d92.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\202441ea-86fc-40ee-8a5d-ed5dde4d2e25.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\5705c809-b64f-4219-a97d-b61c1b336387.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\938fdebe-f7ee-42a7-89e6-d5968276c690.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\9dd8cb1e-29ba-4d16-ae55-f9bc1a3a8700.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\9f31886b-bf83-493b-ba28-04be51ee9769.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\03d22845-ebb3-413a-8bca-23dc8c2378a8.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\08979ffb-1863-4526-a17a-5ba30ca36ba4.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0d3b5a50-5668-41d9-8150-fbc9126d8dfe.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\103c6991-cae4-4944-b2d8-07c3e3c5db11.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\137716cf-f47a-42a9-9067-e5bab8b3f4fd.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5be0a269-ef77-469d-a8a4-a42ea9d9d365.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7cefa909-7758-47a7-9b45-b3a7c9ebec10.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7e05d7ab-6453-44da-8045-682bdb4ac071.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9704f37c-93b7-4873-8d77-0fe4a7aa949e.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\02d4aaf953a2f242_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\047447b274c22c54_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\04c181100cdfb9a2_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\089da834c75847e1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\09f2c706fbeaa761_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0e9db8ca960fef70_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\12609919983ee517_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1273ab226cd7fd25_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1ab14149c9b37915_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bc1b686e63f82ff_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bff270e32b0ba8c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1fd1d25d46212c70_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\254e8887241da11f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2e60a340af51fb52_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2f093249a8f8bca4_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\387591b72ede2a53_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3a0931e6eb23e5a7_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3cea4a09fd476ccb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3da036a9ad3ac2b3_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\41925020bae877cf_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\494f0b1321cc8f5a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a0fdcbc7d76ecf2_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4faa0455d4039afa_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\511f06892f5a721b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5bde89341a061de0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\621b14f10032e8ca_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6307df8c1ac7f419_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\65947caaf1db9298_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\68f288d8342d8d7d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6c5096a78a4a9b6d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7444ea2da1317cfb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7627f51e9323d3c1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\78aa54cc66311898_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cd4eb7d184ef6b5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\810e53cf61aed9ba_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\88f296436c4e3508_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8a281a193daaab2f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c0a87f73cfc83c3_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8db287ed550f8594_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e1634acc9edb463_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9353779ee6ffff87_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\93a3fa42e61c139b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\941b06fb8478e48f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\97f512e7491a7456_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a25d4617c36f111_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9b678471d0290a69_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9bee922fc98a1fe8_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9e03917aff818da1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ed2fcd8165ac8a3_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ef530ac8e11a4d2_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a29dc5bca0d7f772_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a4e4f981b679f738_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a5534787ec2d07e5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a63ea7b972ca7cfa_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ae91f4d35288cc27_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af47f16bd7610af9_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af5c3b38004ce8f5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b67b6a74d56845ce_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c2a8b1231073fa2a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cb2363910694cc97_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cbc4c2abcb8aa92a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d83685a8009852e3_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d9e7fedc2d930b19_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dc791ca3e3d643d6_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e086e20a4544416f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2fa7340d4950923_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4db85a58b045986_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e96383cd4fdf8308_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f3d7599b2ef11517_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f7dd50aa7b62010a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f8454b9b69153474_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa1d01002fa990ce_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\faa473b89c4cb6d5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index( (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexui (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old8a (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldO (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\9221.427.0.1_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldG (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000001.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\MANIFEST-000001
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State26 (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State55 (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesTM (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesld (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesTM (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\3f528ed0-011f-4ef1-ad81-bec5df4464d4\index
ISO-8859 text, with no line terminators, with escape sequences
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\3f528ed0-011f-4ef1-ad81-bec5df4464d4\index-dir\temp-index
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\3f528ed0-011f-4ef1-ad81-bec5df4464d4\index-dir\the-real-index (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt. (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt.. (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13277272323915037
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13277272324294110
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State.. (copy)
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\b89ff233-730b-477a-b546-6f2b48844150.tmp
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\8605a427-07ae-47fd-a197-12bcd4c2ddd9.tmp
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent StateTM (copy)
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldra (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a6bcd394-c977-4b74-950f-6bb905fb8a26.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b288d7a5-d417-4061-94a4-faad86891955.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b3274e05-a897-4d5a-b25a-78d5f624cb89.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c96742f1-b28b-4103-a74e-bb1425444483.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000006
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f07a5341-4fa2-4b49-a091-bd52cbce4a0f.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f0a94a05-b9a6-405f-a10f-2dee02a4276f.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f71e71c1-a6ab-494c-89fc-4fa3a2000854.tmp
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f9b38052-133c-4c73-8cc9-e23ca4ff6e33.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG.oldB\ (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldLO (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache0. (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheTM (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\a7c345d0-5863-4f8a-a96c-4cafd564e5b7.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\ca7acfc1-3540-41e0-87b3-e5ecaabb05a0.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
ASCII text, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\e8022133-b660-485d-a455-fa7c4cba6a16.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\41c3e589-473b-4dcf-a477-ae111bf1aebb.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\47682910-3e2b-4f01-bf8e-afbe7b14ae66.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\885ca393-343f-4ff0-af8d-7866d552c9bf.tmp
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\b226a0e7-bd81-416a-94d0-6b2f4a1943de.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\ea3e1a1b-fb5f-4ce6-8819-77b6a7403d1c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\41c3e589-473b-4dcf-a477-ae111bf1aebb.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_1122916713\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\feedback.css
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7876_59346788\ea3e1a1b-fb5f-4ce6-8819-77b6a7403d1c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.acl
empty
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
empty
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.exc
empty
dropped
 clean
C:\Windows\Fonts\timesi.ttf
data
dropped
 clean
There are 281 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation --single-argument https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f1drv.ms%2fu%2fs%21AkodBYHyG1DWb7SSY7m8YBUEyng%3fe%3dblm7w0&c=E,1,Dj7Q4HmkOZ3qXMDHZ2zgLPoWv5nD5C7gYieOiNzOl6PJxbzRL-piJW1ktBB1FWAVlQzkemDRZ_VpojdssWKzejgaAiAkyqkwM7TzzAiKoAHyfEn6Ln1QDoba8A,,&typo=1
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1740,11051325782549474695,12488764856173818770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1856 /prefetch:8
clean

URLs

Name
IP
Malicious
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f1drv.ms%2fu%2fs%21AkodBYHyG1DWb7SSY7m8YBUEyng%3fe%3dblm7w0&c=E,1,Dj7Q4HmkOZ3qXMDHZ2zgLPoWv5nD5C7gYieOiNzOl6PJxbzRL-piJW1ktBB1FWAVlQzkemDRZ_VpojdssWKzejgaAiAkyqkwM7TzzAiKoAHyfEn6Ln1QDoba8A,,&typo=1
malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/
176.57.150.65
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/b
unknown
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/2
unknown
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/images/outlook1.png
176.57.150.65
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/
malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/images/office3651.png
176.57.150.65
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/Share
unknown
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/images/gmail.png
176.57.150.65
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/images/othermail.ico
176.57.150.65
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/css/hover.css
176.57.150.65
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/images/other1.png
176.57.150.65
 malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/images/adobe.jpg
176.57.150.65
 malicious
https://code.jquery.com/jquery-3.2.1.slim.min.jsaD
unknown
 clean
https://lakeviewanimalsanctuary.org/favicon.ico
176.57.150.65
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.js
unknown
 clean
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f1drv.ms%2fu%2fs%21AkodBYHyG1DWb7SSY7m8YBUEyng%3f
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac_s_office-
unknown
 clean
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.725.0719.2003&
unknown
 clean
https://onedrive.live.com/
unknown
 clean
https://www.google.com
unknown
 clean
https://1drv.ms/u/s
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac1-cdc297b4
unknown
 clean
https://live.com/
unknown
 clean
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushersu
unknown
 clean
https://cdnjs.cloudflare.com
unknown
 clean
https://onedrive.live.com/view.aspx?resid=D6501BF281051D4A!111&authkey=!ALSSY7m8YBUEyng
clean
https://kit.fontawesome.com/585b051251.js
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/jquery-1.7.2-
unknown
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
https://maxcdn.bootstrapcdn.com/
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=m%2B%2BETSmyrlT5R%2BLj9OHfFRPD%2Ba93zbgjt3i49Y1Z4YY91Kq9OPS
unknown
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://kit.fontawesome.com/
unknown
 clean
https://onenote.com/Dq
unknown
 clean
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/externalu
unknown
 clean
https://1drv.ms/u/s!AkodBYHyG1DWb7SSY7m8YBUEyng?e=blm7w0
13.107.42.12
 clean
https://maxcdn.bootstrapcdn.com
unknown
 clean
https://live.com/Vw
unknown
 clean
https://spoprod-a.akamaihd.net
unknown
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jsaD
unknown
 clean
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.725.0719.2003&useReq
unknown
 clean
https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi/external
unknown
 clean
https://code.jquery.com/jquery-3.1.1.min.jsaD
unknown
 clean
https://ka-f.fontawesome.com
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac0-efa56458
unknown
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.jsa
unknown
 clean
https://lakeviewanimalsanctuary.org/
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
unknown
 clean
https://onedrive.live.com:443
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
https://live.com/Zc
unknown
 clean
https://onenote.com/_p
unknown
 clean
https://onedrive.live.com/view.aspx?resid=D6501BF281051D4A
unknown
 clean
https://live.com/3
unknown
 clean
https://www.onenote.com/officeaddins/learningtools/?et=
unknown
 clean
https://live.com/2
unknown
 clean
https://onenote.com/%n
unknown
 clean
https://live.com/5
unknown
 clean
https://onedrive.live.com/redir?resid=D6501BF281051D4A%21111&authkey=%21ALSSY7m8YBUEyng&page=View&wd
unknown
 clean
https://accounts.google.com
unknown
 clean
https://ka-f.fontawesome.com/
unknown
 clean
https://apis.google.com
unknown
 clean
https://p.sfx.ms//storage/aria-2.5.0.min.js
unknown
 clean
https://live.com/)
unknown
 clean
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac2-bf8b3319
unknown
 clean
https://clients2.google.com
unknown
 clean
https://live.com/R
unknown
 clean
https://ogs.google.com
unknown
 clean
https://live.com/uh
unknown
 clean
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f1drv.ms%2fu%2fs%21AkodBYHyG1DWb7SSY7m8YBUEyng%3fe%3dblm7w0&c=E,1,Dj7Q4HmkOZ3qXMDHZ2zgLPoWv5nD5C7gYieOiNzOl6PJxbzRL-piJW1ktBB1FWAVlQzkemDRZ_VpojdssWKzejgaAiAkyqkwM7TzzAiKoAHyfEn6Ln1QDoba8A,,&typo=1
3.122.46.253
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=92.0.4515.107&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.181.238
 clean
https://onedrive.live.com
unknown
 clean
https://code.jquery.com/jquery-3.1.1.min.js
unknown
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.250.74.141
 clean
https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-US&wrapperId=suites
unknown
 clean
https://code.jquery.com/
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://live.com/G
unknown
 clean
https://onenote.com/4
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.10.207
 clean
https://live.com/P
unknown
 clean
https://live.com/s
unknown
 clean
https://skyapi.onedrive.live.com/api/proxy?v=3
40.90.128.17
 clean
https://live.com/Sf
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.16.18.94
 clean
https://onenote.com/
unknown
 clean
https://live.com/~
unknown
 clean
https://support.google.com/chromecast/answer/2998456
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
unknown
 clean
https://onedrive.live.com/redir?resid=D6501BF281051D4A
unknown
 clean
https://live.com/f
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.jsaD
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=dfr6GGSEJG3jfF0Ir4G4B8RnRQt9Btr6H%2Fh4IBSMmVCFEggjyLLxihkTV
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gstaticadssl.l.google.com
142.250.181.227
 clean
i-dub01p-cor001.api.p001.1drv.com
40.90.128.17
 clean
i-db3p-cor002.api.p001.1drv.com
40.90.136.180
 clean
accounts.google.com
142.250.74.141
 clean
cdnjs.cloudflare.com
104.16.18.94
 clean
maxcdn.bootstrapcdn.com
104.18.10.207
 clean
clients.l.google.com
142.250.181.238
 clean
linkprotect.cudasvc.com
3.122.46.253
 clean
googlehosted.l.googleusercontent.com
142.250.74.193
 clean
lakeviewanimalsanctuary.org
176.57.150.65
 clean
1drv.ms
13.107.42.12
 clean
onenoteonlinesync.onenote.com
unknown
 clean
ka-f.fontawesome.com
unknown
 clean
kit.fontawesome.com
unknown
 clean
messaging.office.com
unknown
 clean
c.live.com
unknown
 clean
ajax.aspnetcdn.com
unknown
 clean
storage.live.com
unknown
 clean
skyapi.onedrive.live.com
unknown
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean
code.jquery.com
unknown
 clean
onedrive.live.com
unknown
 clean
p.sfx.ms
unknown
 clean
amcdn.msftauth.net
unknown
 clean
spoprod-a.akamaihd.net
unknown
 clean
www.onenote.com
unknown
 clean
There are 17 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
192.168.2.3
unknown
unknown
clean
104.16.18.94
cdnjs.cloudflare.com
United States
clean
13.107.42.12
1drv.ms
United States
clean
239.255.255.250
unknown
Reserved
clean
169.254.68.153
unknown
Reserved
clean
176.57.150.65
lakeviewanimalsanctuary.org
Germany
clean
127.0.0.1
unknown
unknown
clean
142.250.74.141
accounts.google.com
United States
clean
104.18.10.207
maxcdn.bootstrapcdn.com
United States
clean
3.122.46.253
linkprotect.cudasvc.com
United States
clean
142.250.181.238
clients.l.google.com
United States
clean
142.250.74.193
googlehosted.l.googleusercontent.com
United States
clean
142.250.181.227
gstaticadssl.l.google.com
United States
clean
40.90.128.17
i-dub01p-cor001.api.p001.1drv.com
United States
clean
40.90.136.180
i-db3p-cor002.api.p001.1drv.com
United States
clean
There are 6 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-2660496737-530772487-1027249058-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blocklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
There are 41 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF572C79000
unkown image
page readonly
 clean
7FF5151FC000
unkown image
page readonly
 clean
7FF572B9B000
unkown image
page readonly
 clean
2483EB19000
unkown
page read and write
 clean
7FF57307D000
unkown image
page readonly
 clean
7FF515300000
unkown image
page readonly
 clean
19E99313000
heap default
page read and write
 clean
7FF5147E1000
unkown image
page readonly
 clean
7DF587370000
unkown image
page readonly
 clean
2483E486000
unkown
page read and write
 clean
3F595FC000
unkown
page read and write
 clean
2483F900000
unkown
page read and write
 clean
7FF515279000
unkown image
page readonly
 clean
19E99BE4000
unkown
page read and write
 clean
1E0AF9B0000
unkown
page read and write
 clean
7FF572F24000
unkown image
page readonly
 clean
7FF573032000
unkown image
page readonly
 clean
7FF5151C0000
unkown image
page readonly
 clean
7FF5151B9000
unkown image
page readonly
 clean
7DF5D4A30000
unkown image
page readonly
 clean
19E993B3000
unkown
page read and write
 clean
2483F780000
unkown
page read and write
 clean
7FF515204000
unkown image
page readonly
 clean
7DF5D4A20000
unkown image
page readonly
 clean
2483E3F0000
unkown
page read and write
 clean
7FF515256000
unkown image
page readonly
 clean
7FF573051000
unkown image
page readonly
 clean
7FF5150C6000
unkown image
page readonly
 clean
19E99BD0000
unkown
page read and write
 clean
2483EA00000
unkown
page read and write
 clean
7FF515282000
unkown image
page readonly
 clean
E90F27B000
unkown
page read and write
 clean
24843A11000
unkown
page read and write
 clean
7FF5C06AB000
unkown image
page readonly
 clean
2483E444000
unkown
page read and write
 clean
7DF5D4A32000
unkown image
page readonly
 clean
E90E3DC000
unkown
page read and write
 clean
7FF5151DC000
unkown image
page readonly
 clean
7FF514A87000
unkown image
page readonly
 clean
7FF5B444F000
unkown image
page readonly
 clean
2483EB59000
unkown
page read and write
 clean
2483F040000
unkown
page read and write
 clean
19E99313000
unkown
page read and write
 clean
2483F7C0000
unkown
page read and write
 clean
7FF514E79000
unkown image
page readonly
 clean
7FF515189000
unkown image
page readonly
 clean
19E99E60000
unkown
page read and write
 clean
2483F93D000
unkown
page read and write
 clean
2483EB19000
unkown
page read and write
 clean
7FF572FDB000
unkown image
page readonly
 clean
1E0AFEE0000
unkown image
page readonly
 clean
19E99E5E000
heap private
page read and write
 clean
19E9933D000
unkown
page read and write
 clean
7DF587362000
unkown image
page readonly
 clean
24843C50000
unkown
page read and write
 clean
19E99323000
heap default
page read and write
 clean
19E99E57000
heap private
page read and write
 clean
2483F869000
unkown
page read and write
 clean
1E0AFA1D000
heap default
page read and write
 clean
7FF514F49000
unkown image
page readonly
 clean
7FF514F43000
unkown image
page readonly
 clean
7DF529650000
unkown image
page readonly
 clean
24843A4C000
unkown
page read and write
 clean
24843A44000
unkown
page read and write
 clean
24843A73000
unkown
page read and write
 clean
81EED0C000
unkown
page read and write
 clean
19E99E53000
heap private
page read and write
 clean
7DF529640000
unkown image
page readonly
 clean
19E99420000
heap private
page read and write
 clean
19E99E5A000
heap private
page read and write
 clean
2483F1B0000
unkown image
page read and write
 clean
7FF5C074D000
unkown image
page readonly
 clean
E90F17B000
unkown
page read and write
 clean
19E99BDC000
unkown
page read and write
 clean
2483F919000
unkown
page read and write
 clean
3F5977E000
unkown
page read and write
 clean
7FF572F91000
unkown image
page readonly
 clean
7FF515263000
unkown image
page readonly
 clean
24843B50000
unkown
page read and write
 clean
7DF5D4A20000
unkown image
page readonly
 clean
81EF07F000
unkown
page read and write
 clean
7FF573013000
unkown image
page readonly
 clean
2483EB5A000
unkown
page read and write
 clean
7FF572A2B000
unkown image
page readonly
 clean
2483E47C000
unkown
page read and write
 clean
19E99140000
unkown image
page readonly
 clean
7FF515119000
unkown image
page readonly
 clean
3F594FE000
unkown
page read and write
 clean
19E99240000
unkown
page read and write
 clean
24843A24000
unkown
page read and write
 clean
2483E800000
unkown image
page readonly
 clean
7FF573007000
unkown image
page readonly
 clean
7FF51510E000
unkown image
page readonly
 clean
2483EB9C000
unkown
page read and write
 clean
2483F92A000
unkown
page read and write
 clean
19E993B6000
unkown
page read and write
 clean
2483EB02000
unkown
page read and write
 clean
7FF5152DA000
unkown image
page readonly
 clean
2483F902000
unkown
page read and write
 clean
2483F7E0000
unkown
page read and write
 clean
7DF5D4A40000
unkown image
page readonly
 clean
81EF2FF000
unkown
page read and write
 clean
2483EB5A000
unkown
page read and write
 clean
19E993B8000
unkown
page read and write
 clean
19E99BDD000
unkown
page read and write
 clean
7FF515070000
unkown image
page readonly
 clean
19E9931E000
unkown
page read and write
 clean
7FF514E12000
unkown image
page readonly
 clean
2483F7F0000
unkown
page read and write
 clean
7FF514E07000
unkown image
page readonly
 clean
2483FA00000
unkown
page read and write
 clean
7FF572F99000
unkown image
page readonly
 clean
19E99BDC000
unkown
page read and write
 clean
7FF514E10000
unkown image
page readonly
 clean
19E99360000
unkown
page read and write
 clean
7FF572C63000
unkown image
page readonly
 clean
2483F7F0000
unkown
page read and write
 clean
19E9931D000
unkown
page read and write
 clean
2483F93D000
unkown
page read and write
 clean
7FF515167000
unkown image
page readonly
 clean
E90E6FF000
unkown
page read and write
 clean
2483F8FF000
unkown
page read and write
 clean
2483F370000
unkown image
page readonly
 clean
24843A92000
unkown
page read and write
 clean
7FF51529C000
unkown image
page readonly
 clean
2483F8F6000
unkown
page read and write
 clean
2483F7E0000
unkown
page read and write
 clean
24843A01000
unkown
page read and write
 clean
7FF515248000
unkown image
page readonly
 clean
7FF515062000
unkown image
page readonly
 clean
24843D80000
unkown
page read and write
 clean
24843B40000
unkown
page read and write
 clean
7FF573075000
unkown image
page readonly
 clean
7FF572F83000
unkown image
page readonly
 clean
7DF587350000
unkown image
page readonly
 clean
2483E200000
unkown image
page readonly
 clean
7DF587362000
unkown image
page readonly
 clean
2483E1C0000
heap private
page read and write
 clean
7FF515060000
unkown image
page readonly
 clean
19E992C8000
heap default
page read and write
 clean
7FF5C0700000
unkown image
page readonly
 clean
19E9933D000
unkown
page read and write
 clean
2483E311000
unkown image
page readonly
 clean
2483E4A9000
unkown
page read and write
 clean
7FF5B444F000
unkown image
page readonly
 clean
7FF5152C5000
unkown image
page readonly
 clean
19E99400000
unkown image
page read and write
 clean
19E992D0000
heap default
page read and write
 clean
19E993BC000
unkown
page read and write
 clean
2483E220000
heap default
page read and write
 clean
7DF587370000
unkown image
page readonly
 clean
7FF515312000
unkown image
page readonly
 clean
81EED8F000
unkown
page read and write
 clean
24843A00000
unkown
page read and write
 clean
3F5967E000
unkown
page read and write
 clean
19E99E71000
unkown
page read and write
 clean
7FF5C0696000
unkown image
page readonly
 clean
7FF572FBC000
unkown image
page readonly
 clean
7DF587350000
unkown image
page readonly
 clean
2483F8D2000
unkown
page read and write
 clean
19E99BEE000
unkown
page read and write
 clean
19E99BE5000
unkown
page read and write
 clean
7FF514FCF000
unkown image
page readonly
 clean
7FF5603CC000
unkown image
page readonly
 clean
7FF515355000
unkown image
page readonly
 clean
24843A7B000
unkown
page read and write
 clean
19E99360000
unkown
page read and write
 clean
2483F290000
unkown
page read and write
 clean
7FF5C0702000
unkown image
page readonly
 clean
2483E481000
unkown
page read and write
 clean
2483F864000
unkown
page read and write
 clean
2483F854000
unkown
page read and write
 clean
7FF51523A000
unkown image
page readonly
 clean
19E99301000
heap default
page read and write
 clean
24843A08000
unkown
page read and write
 clean
7FF5152BB000
unkown image
page readonly
 clean
24843AC0000
unkown
page read and write
 clean
1E0AF990000
unkown
page read and write
 clean
19E99324000
unkown
page read and write
 clean
7DF5D4A32000
unkown image
page readonly
 clean
7FF572E39000
unkown image
page readonly
 clean
2483EB9E000
unkown
page read and write
 clean
19E99291000
unkown image
page readonly
 clean
1E0AF930000
unkown image
page read and write
 clean
7FF5152E7000
unkown image
page readonly
 clean
7FF515310000
unkown image
page readonly
 clean
24843B30000
unkown
page read and write
 clean
19E99430000
unkown image
page readonly
 clean
19E99360000
unkown
page read and write
 clean
2483E4D8000
unkown
page read and write
 clean
2483F390000
unkown image
page readonly
 clean
19E99BF0000
unkown
page read and write
 clean
7DF5D4A22000
unkown image
page readonly
 clean
2483EA02000
unkown
page read and write
 clean
2483EA15000
unkown
page read and write
 clean
19E99BE3000
unkown
page read and write
 clean
7FF5152F3000
unkown image
page readonly
 clean
7FF514E95000
unkown image
page readonly
 clean
7FF515328000
unkown image
page readonly
 clean
24843AB0000
unkown
page read and write
 clean
7FF5C06E9000
unkown image
page readonly
 clean
2483F8D1000
unkown
page read and write
 clean
2483F851000
unkown
page read and write
 clean
7FF5147EF000
unkown image
page readonly
 clean
7FF5C022E000
unkown image
page readonly
 clean
7FF515233000
unkown image
page readonly
 clean
E90F07E000
unkown
page read and write
 clean
7FF515298000
unkown image
page readonly
 clean
7FF5C06D7000
unkown image
page readonly
 clean
19E99E6C000
unkown
page read and write
 clean
7DF529642000
unkown image
page readonly
 clean
1E0AF941000
unkown image
page readonly
 clean
7FF573048000
unkown image
page readonly
 clean
19E99360000
unkown
page read and write
 clean
2483E413000
unkown
page read and write
 clean
19E99360000
unkown
page read and write
 clean
E90F47F000
unkown
page read and write
 clean
24843A02000
unkown
page read and write
 clean
19E99E50000
heap private
page read and write
 clean
7FF5C074D000
unkown image
page readonly
 clean
7FF514FEF000
unkown image
page readonly
 clean
2483E301000
unkown image
page readonly
 clean
7FF572D98000
unkown image
page readonly
 clean
2483E49A000
unkown
page read and write
 clean
19E99E52000
heap private
page read and write
 clean
2483F750000
unkown
page read and write
 clean
2483E4F7000
unkown
page read and write
 clean
7FF572DC2000
unkown image
page readonly
 clean
19E99E5B000
heap private
page read and write
 clean
E90E8FF000
unkown
page read and write
 clean
1E0B0060000
unkown image
page readonly
 clean
7DF5D4A40000
unkown image
page readonly
 clean
2483F740000
unkown
page read and write
 clean
3F5957F000
unkown
page read and write
 clean
19E99E30000
unkown
page read and write
 clean
19E99E74000
unkown
page read and write
 clean
7FF572F8C000
unkown image
page readonly
 clean
7FF51511E000
unkown image
page readonly
 clean
19E99120000
unkown image
page read and write
 clean
7FF572E0C000
unkown image
page readonly
 clean
19E99BDD000
unkown
page read and write
 clean
19E99BD9000
unkown
page read and write
 clean
7DF587360000
unkown image
page readonly
 clean
7DF587352000
unkown image
page readonly
 clean
E90F57F000
unkown
page read and write
 clean
2483E1D0000
unkown image
page readonly
 clean
19E99323000
unkown
page read and write
 clean
2483F93D000
unkown
page read and write
 clean
7FF514FC2000
unkown image
page readonly
 clean
2483F3B0000
unkown image
page readonly
 clean
19E99E5A000
heap private
page read and write
 clean
2483F8C2000
unkown
page read and write
 clean
19E99140000
unkown image
page readonly
 clean
7DF529640000
unkown image
page readonly
 clean
7FF514C2E000
unkown image
page readonly
 clean
2483E516000
unkown
page read and write
 clean
7DF529632000
unkown image
page readonly
 clean
7FF572FFA000
unkown image
page readonly
 clean
E90EBFA000
unkown
page read and write
 clean
1E0AF950000
unkown image
page readonly
 clean
19E99E57000
heap private
page read and write
 clean
7FF572FB8000
unkown image
page readonly
 clean
7FF5150EC000
unkown image
page readonly
 clean
7FF51525A000
unkown image
page readonly
 clean
2483E4E7000
unkown
page read and write
 clean
19E99E5A000
heap private
page read and write
 clean
2483E498000
unkown
page read and write
 clean
E90EF7E000
unkown
page read and write
 clean
3F59477000
unkown
page read and write
 clean
1E0AFA18000
heap default
page read and write
 clean
2483F940000
unkown
page read and write
 clean
E90EAFB000
unkown
page read and write
 clean
24843AB0000
unkown
page read and write
 clean
7FF515309000
unkown image
page readonly
 clean
7FF514F45000
unkown image
page readonly
 clean
7FF573000000
unkown image
page readonly
 clean
19E99160000
unkown image
page readonly
 clean
2483E502000
unkown
page read and write
 clean
2483F8C9000
unkown
page read and write
 clean
2483EB00000
unkown
page read and write
 clean
2483E4F4000
unkown
page read and write
 clean
1E0AF950000
unkown image
page readonly
 clean
2483F843000
unkown
page read and write
 clean
7FF573020000
unkown image
page readonly
 clean
2483F800000
unkown
page read and write
 clean
2483EB5B000
unkown
page read and write
 clean
2483E1F0000
unkown image
page readonly
 clean
7FF572BB5000
unkown image
page readonly
 clean
7FF5BFBE3000
unkown image
page readonly
 clean
19E992C0000
heap default
page read and write
 clean
2483F380000
unkown image
page readonly
 clean
3F597FF000
unkown
page read and write
 clean
19E99BEC000
unkown
page read and write
 clean
7DF529632000
unkown image
page readonly
 clean
7FF5152F7000
unkown image
page readonly
 clean
7FF572E31000
unkown image
page readonly
 clean
2483E1B0000
unkown image
page read and write
 clean
2483F93B000
unkown
page read and write
 clean
7FF514DAD000
unkown image
page readonly
 clean
7FF572D82000
unkown image
page readonly
 clean
2483E4C9000
unkown
page read and write
 clean
2483F902000
unkown
page read and write
 clean
81EF17A000
unkown
page read and write
 clean
7FF5C068D000
unkown image
page readonly
 clean
24843B40000
unkown
page read and write
 clean
7FF514E2D000
unkown image
page readonly
 clean
19E99E54000
heap private
page read and write
 clean
19E993B4000
unkown
page read and write
 clean
1E0AF9F8000
heap default
page read and write
 clean
7FF572FA2000
unkown image
page readonly
 clean
19E9933D000
unkown
page read and write
 clean
7FF57307D000
unkown image
page readonly
 clean
7FF5C0689000
unkown image
page readonly
 clean
7FF51534E000
unkown image
page readonly
 clean
19E99BDD000
unkown
page read and write
 clean
7FF5152A6000
unkown image
page readonly
 clean
7FF5147ED000
unkown image
page readonly
 clean
81EF27F000
unkown
page read and write
 clean
2483E463000
unkown
page read and write
 clean
7FF5C06CA000
unkown image
page readonly
 clean
1E0AF9F0000
heap default
page read and write
 clean
2483E529000
unkown
page read and write
 clean
7FF515294000
unkown image
page readonly
 clean
19E99E67000
unkown
page read and write
 clean
7DF529642000
unkown image
page readonly
 clean
2483E400000
unkown
page read and write
 clean
2483E600000
unkown image
page readonly
 clean
1E0AF9FF000
heap default
page read and write
 clean
7FF5152E0000
unkown image
page readonly
 clean
19E99BD9000
unkown
page read and write
 clean
2483EB19000
unkown
page read and write
 clean
19E99E6E000
unkown
page read and write
 clean
2483E990000
unkown image
page read and write
 clean
2483E42B000
unkown
page read and write
 clean
7DF587352000
unkown image
page readonly
 clean
E90EDFE000
unkown
page read and write
 clean
2483F3A0000
unkown image
page readonly
 clean
2483F3C0000
unkown image
page readonly
 clean
2483F93D000
unkown
page read and write
 clean
2483ED91000
unkown
page read and write
 clean
2483EB13000
unkown
page read and write
 clean
19E99BD9000
unkown
page read and write
 clean
2483F915000
unkown
page read and write
 clean
2483E980000
unkown image
page readonly
 clean
19E992DA000
unkown
page read and write
 clean
19E99365000
unkown
page read and write
 clean
7FF51535B000
unkown image
page readonly
 clean
19E99BDD000
unkown
page read and write
 clean
7FF5C06E3000
unkown image
page readonly
 clean
19E99E69000
unkown
page read and write
 clean
7FF57306E000
unkown image
page readonly
 clean
7FF515126000
unkown image
page readonly
 clean
E90E7F8000
unkown
page read and write
 clean
E90E9FC000
unkown
page read and write
 clean
7FF572FB4000
unkown image
page readonly
 clean
2483F8C0000
unkown
page read and write
 clean
E90EE7F000
unkown
page read and write
 clean
19E993B3000
unkown
page read and write
 clean
7FF5603CC000
unkown image
page readonly
 clean
19E99630000
unkown image
page readonly
 clean
E90ED7F000
unkown
page read and write
 clean
19E99BD1000
unkown
page read and write
 clean
7FF572FC6000
unkown image
page readonly
 clean
24843B40000
unkown
page read and write
 clean
7FF514C2B000
unkown image
page readonly
 clean
2483E513000
unkown
page read and write
 clean
7FF5150C9000
unkown image
page readonly
 clean
7FF5152B5000
unkown image
page readonly
 clean
1E0AFCD5000
heap private
page read and write
 clean
2483EB59000
unkown
page read and write
 clean
7FF57307B000
unkown image
page readonly
 clean
7DF529630000
unkown image
page readonly
 clean
E90EFFF000
unkown
page read and write
 clean
7FF572A34000
unkown image
page readonly
 clean
2483F7F0000
unkown
page read and write
 clean
E90EEFF000
unkown
page read and write
 clean
19E9933A000
unkown
page read and write
 clean
7FF5C06F3000
unkown image
page readonly
 clean
7FF51535D000
unkown image
page readonly
 clean
2483E49E000
unkown
page read and write
 clean
2483F92A000
unkown
page read and write
 clean
7FF573019000
unkown image
page readonly
 clean
19E99360000
heap default
page read and write
 clean
7FF5727CE000
unkown image
page readonly
 clean
24843A00000
unkown
page read and write
 clean
7FF515271000
unkown image
page readonly
 clean
7FF572DE6000
unkown image
page readonly
 clean
7FF51535D000
unkown image
page readonly
 clean
7FF5C074B000
unkown image
page readonly
 clean
2483EB19000
unkown
page read and write
 clean
24843B10000
unkown
page read and write
 clean
7FF572C75000
unkown image
page readonly
 clean
7FF5C06A5000
unkown image
page readonly
 clean
24843A37000
unkown
page read and write
 clean
7FF5C0718000
unkown image
page readonly
 clean
7FF514A73000
unkown image
page readonly
 clean
7DF4274F0000
unkown image
page readonly
 clean
1E0AF970000
unkown image
page readonly
 clean
7FF514F37000
unkown image
page readonly
 clean
7DF587360000
unkown image
page readonly
 clean
24843B20000
unkown
page read and write
 clean
19E9933A000
heap default
page read and write
 clean
7FF51526C000
unkown image
page readonly
 clean
7FF5C073E000
unkown image
page readonly
 clean
24843A05000
unkown
page read and write
 clean
2483F8F8000
unkown
page read and write
 clean
7DF485210000
unkown image
page readonly
 clean
3F596FB000
unkown
page read and write
 clean
19E99BE6000
unkown
page read and write
 clean
24843A14000
unkown
page read and write
 clean
2483F7D0000
unkown
page read and write
 clean
19E99425000
heap private
page read and write
 clean
7FF573030000
unkown image
page readonly
 clean
7FF572DE9000
unkown image
page readonly
 clean
7FF5C06F9000
unkown image
page readonly
 clean
2483E1D0000
unkown image
page readonly
 clean
7DF529650000
unkown image
page readonly
 clean
19E993B3000
unkown
page read and write
 clean
7FF572F68000
unkown image
page readonly
 clean
7FF515229000
unkown image
page readonly
 clean
24843DC0000
unkown
page read and write
 clean
2483E484000
unkown
page read and write
 clean
7DF5D4A22000
unkown image
page readonly
 clean
81EF1FD000
unkown
page read and write
 clean
7FF514FF6000
unkown image
page readonly
 clean
19E99365000
unkown
page read and write
 clean
E90ECFB000
unkown
page read and write
 clean
2483F711000
unkown
page read and write
 clean
2483F88B000
unkown
page read and write
 clean
7FF572FD5000
unkown image
page readonly
 clean
2483F913000
unkown
page read and write
 clean
19E997B0000
unkown image
page readonly
 clean
19E99E55000
heap private
page read and write
 clean
19E99301000
unkown
page read and write
 clean
7DF5D4A30000
unkown image
page readonly
 clean
19E99E76000
unkown
page read and write
 clean
7FF5152F9000
unkown image
page readonly
 clean
7FF515267000
unkown image
page readonly
 clean
7FF515331000
unkown image
page readonly
 clean
2483EB5A000
unkown
page read and write
 clean
7FF573029000
unkown image
page readonly
 clean
19E9933D000
unkown
page read and write
 clean
24843DE0000
unkown
page read and write
 clean
19E99260000
unkown
page read and write
 clean
7FF515111000
unkown image
page readonly
 clean
19E9933A000
unkown
page read and write
 clean
7FF5C064A000
unkown image
page readonly
 clean
81EF0FF000
unkown
page read and write
 clean
7DF4D28E0000
unkown image
page readonly
 clean
1E0AFCE0000
unkown image
page readonly
 clean
19E992DF000
heap default
page read and write
 clean
7FF515156000
unkown image
page readonly
 clean
7FF572F87000
unkown image
page readonly
 clean
19E99323000
unkown
page read and write
 clean
7DF529630000
unkown image
page readonly
 clean
24843A20000
unkown
page read and write
 clean
1E0AFCD0000
heap private
page read and write
 clean
There are 447 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://lakeviewanimalsanctuary.org/dallas/rm/hundred/
 malicious
https://onedrive.live.com/view.aspx?resid=D6501BF281051D4A!111&authkey=!ALSSY7m8YBUEyng
 clean
https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=UCrnFM1QLU23%2FW4ub%2BBXoA.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FD6501BF281051D4A!111&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1632798727319&jsapi=1&jsapiver=v1&newsession=1&corrid=7970041e-de9f-4c31-88a5-87e7ef0490ae&usid=7970041e-de9f-4c31-88a5-87e7ef0490ae&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
 clean