IOC Report

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Local\Google\Chrome\User Data\0a669ba1-4ffb-4fda-b405-fdc0b4afe851.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\261e3fd0-b4bd-43f1-9a9f-5e26dbd287da.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\38bb355d-6818-4b6d-8c63-c4d94f3d568a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\3beaec9a-dc45-4c48-8efe-fed5428a6284.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\47bfeafa-3570-473e-989e-1b3ed5f56b10.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\784376f7-689b-4347-ae6c-c33034cfa0aa.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1514d93a-59e1-4f89-863d-d3ec0714f445.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\264c8541-ea61-499f-8f3b-3b1316c263bd.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\410350c4-690d-4b53-b19a-2aabc2ab46ac.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\41e8bd9c-59c6-4634-b965-9997033c976e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5088c76e-6987-41f5-b0e1-e19c5cf8f54d.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\54ade329-ab1e-4f2e-bd25-0a92bcce7065.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\02d4aaf953a2f242_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\047447b274c22c54_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\089da834c75847e1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\09f2c706fbeaa761_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0e9db8ca960fef70_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\12609919983ee517_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1ab14149c9b37915_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bc1b686e63f82ff_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bff270e32b0ba8c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1fd1d25d46212c70_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\253ada26cb26b6aa_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2e60a340af51fb52_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2f093249a8f8bca4_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\387591b72ede2a53_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3a0931e6eb23e5a7_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3cea4a09fd476ccb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3da036a9ad3ac2b3_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\41925020bae877cf_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\494f0b1321cc8f5a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a0fdcbc7d76ecf2_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a5863ccb129da6d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4faa0455d4039afa_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\511f06892f5a721b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5266d9eec5c58a3c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\526dece192072100_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5bde89341a061de0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\621b14f10032e8ca_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6307df8c1ac7f419_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\65947caaf1db9298_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6c5096a78a4a9b6d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7444ea2da1317cfb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7627f51e9323d3c1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cd4eb7d184ef6b5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\810e53cf61aed9ba_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8a281a193daaab2f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8db287ed550f8594_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e1634acc9edb463_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\92ac6bcd4238ab45_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9353779ee6ffff87_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\93a3fa42e61c139b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\941b06fb8478e48f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\97f512e7491a7456_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a25d4617c36f111_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9b678471d0290a69_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9bee922fc98a1fe8_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9e03917aff818da1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ed2fcd8165ac8a3_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ef530ac8e11a4d2_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a29dc5bca0d7f772_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a4e4f981b679f738_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a5534787ec2d07e5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a63ea7b972ca7cfa_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ae91f4d35288cc27_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af47f16bd7610af9_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af5c3b38004ce8f5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b67b6a74d56845ce_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ba859982ea35aebb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c2a8b1231073fa2a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c589c410046f7db0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cbc4c2abcb8aa92a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d83685a8009852e3_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dc791ca3e3d643d6_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2fa7340d4950923_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e96383cd4fdf8308_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ea8fc1980a2c60c0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f3d7599b2ef11517_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f7dd50aa7b62010a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f8454b9b69153474_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa1d01002fa990ce_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\faa473b89c4cb6d5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexge (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.oldK (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\9221.427.0.1_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldCK (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico7 (copy)
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000001.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\MANIFEST-000001
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesTM (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesTM (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\296802b5-6ae6-43e6-9894-c27898dfc039\index
ISO-8859 text, with no line terminators, with escape sequences
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\296802b5-6ae6-43e6-9894-c27898dfc039\index-dir\temp-index
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\296802b5-6ae6-43e6-9894-c27898dfc039\index-dir\the-real-index (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txtn (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13277273603590869
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13277273603921596
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\720bfa16-594b-4b36-8e2a-9eea58b3693a.tmp
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State.t (copy)
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent StateTM (copy)
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\fe25653b-bf87-4e49-9b8a-e86f3b7dfc1f.tmp
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldz (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldTM (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3035005
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\abed3e84-2ea6-436c-8712-4a76cb29db3c.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b57ddb40-7385-42cd-9f10-3fe4bc378ee9.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bb5bd19d-b164-4928-8553-d248e69db682.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ca6123e8-1436-4dcd-9c96-9887485f69c2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d9264dca-fdf1-4849-9ad0-4079edd8a335.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old8z (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000006
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e5ec7c0b-f7f0-4d23-9414-5521ce07c8d2.tmp
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\efdcf966-1d07-4321-96e4-1f65a5b068ed.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fa0b0ad1-dad9-48e1-85fb-f534f2ae204e.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG.oldOG (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldG. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateTM (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statewa (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache1. (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheTM (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\d9e3992f-6c4f-4448-b29e-d4c7a19087a3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\3400bbc4-bf3a-4ea8-8f21-7a6f92fd745f.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\5859964d-7796-4174-91f3-e643c336649b.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\7364_875426161\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\bf8ffef5-233a-424a-ab1f-e4475f91db6c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\fbf6b1d0-c47b-4172-b9ed-2f5d6e7d96f5.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_571343811\bf8ffef5-233a-424a-ab1f-e4475f91db6c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7364_937275356\fbf6b1d0-c47b-4172-b9ed-2f5d6e7d96f5.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.acl
empty
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
empty
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.exc
empty
dropped
 clean
There are 264 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation --single-argument https://1drv.ms/o/s!BH0KAtIoTvDMgQINIwbDDmuQjxkp?e=tej6OVmcREW9hZcUcQddjw&at=9
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1692,15970318600001114932,16779282638548115686,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 /prefetch:8
clean

URLs

Name
IP
Malicious
https://1drv.ms:443/o/s!BH0KAtIoTvDMgQINIwbDDmuQjxkp?e=tej6OVmcREW9hZcUcQddjw&at=9
malicious
https://i.ibb.co/qNj7bsz/other1.png
145.239.131.51
 clean
https://onedrive.live.com/redir?resid=CCF04E28D2020A7D
unknown
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.js
unknown
 clean
https://i.ibb.co/1Rvzzk8/gmail1.png
145.239.131.51
 clean
https://live.com/_C
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac_s_office-
unknown
 clean
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.725.0719.2003&
unknown
 clean
https://great-efficacious-libra.glitch.me/ue908.htmlShare
unknown
 clean
https://onedrive.live.com/redir?resid=CCF04E28D2020A7D%21130&authkey=%21Ag0jBsMOa5CPGSk&page=View&wd
unknown
 clean
https://onedrive.live.com/
unknown
 clean
https://www.google.com
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
unknown
 clean
https://i.ibb.co/6rZqcnD/office365.png
145.239.131.51
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac1-cdc297b4
unknown
 clean
https://live.com/
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=gbp5iRzxkFD5bhKdG2wq%2Bc1cH1RkcFxLNQmF1R8TtAsFeFWa3oyJOZItm
unknown
 clean
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushersu
unknown
 clean
https://cdnjs.cloudflare.com
unknown
 clean
https://kit.fontawesome.com/585b051251.js
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/jquery-1.7.2-
unknown
 clean
https://great-efficacious-libra.glitch.me/ue908.html
18.210.105.246
 clean
https://onenote.com/WRe)
unknown
 clean
https://live.com/fT
unknown
 clean
https://live.com/s)
unknown
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
https://maxcdn.bootstrapcdn.com/
unknown
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://kit.fontawesome.com/
unknown
 clean
https://great-efficacious-libra.glitch.me/
unknown
 clean
https://great-efficacious-libra.glitch.me/css/hover.css
18.210.105.246
 clean
https://onedrive.live.com/view.aspx?resid=CCF04E28D2020A7D!130&ithint=onenote&authkey=!Ag0jBsMOa5CPGSk
clean
https://live.com/qC
unknown
 clean
https://maxcdn.bootstrapcdn.com
unknown
 clean
https://spoprod-a.akamaihd.net
unknown
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.725.0719.2003&useReq
unknown
 clean
https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi/external
unknown
 clean
https://ka-f.fontawesome.com
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac0-efa56458
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
unknown
 clean
https://onedrive.live.com:443
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
https://great-efficacious-libra.glitch.me/1P
unknown
 clean
https://www.onenote.com/officeaddins/learningtools/?et=
unknown
 clean
https://great-efficacious-libra.glitch.me/favicon.ico
18.210.105.246
 clean
https://live.com/6
unknown
 clean
https://accounts.google.com
unknown
 clean
https://live.com/?
unknown
 clean
https://1drv.ms/o/s!BH0KAtIoTvDMgQINIwbDDmuQjxkp?e=tej6OVmcREW9hZcUcQddjw&at=9
13.107.42.12
 clean
https://1drv.ms/o/s
unknown
 clean
https://great-efficacious-libra.glitch.me/ue908.html
clean
https://ka-f.fontawesome.com/
unknown
 clean
https://live.com/$
unknown
 clean
https://apis.google.com
unknown
 clean
https://great-efficacious-libra.glitch.me/G
unknown
 clean
https://onenote.com/b
unknown
 clean
https://p.sfx.ms//storage/aria-2.5.0.min.js
unknown
 clean
https://great-efficacious-libra.glitch.me/F
unknown
 clean
https://utfl.us//ue908/a/next.php
162.241.149.153
 clean
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac2-bf8b3319
unknown
 clean
https://clients2.google.com
unknown
 clean
https://onedrive.live.com/view.aspx?resid=CCF04E28D2020A7D
unknown
 clean
https://live.com/Q
unknown
 clean
https://ogs.google.com
unknown
 clean
https://onedrive.live.com/redir?resid=CCF04E28D2020A7D%21130&authkey=%21Ag0jBsMOa5CPGSk&page=View&wd=target%28Quick%20Notes.one%7C93d3533d-5f38-4277-8b03-bbccb389355c%2FBurkett%20Restaurant%20Equipment%20%20Supplies%7Ce83b5133-7b0d-4fe6-8f9d-ba805b8e2eef%2F%29
clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=92.0.4515.107&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.185.78
 clean
https://onedrive.live.com
unknown
 clean
https://live.com/Z
unknown
 clean
https://code.jquery.com/jquery-3.1.1.min.js
unknown
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.250.184.205
 clean
https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-US&wrapperId=suites
unknown
 clean
https://code.jquery.com/
unknown
 clean
https://live.com/C
unknown
 clean
https://great-efficacious-libra.glitch.me/.
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://live.com/H
unknown
 clean
https://live.com/E
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.10.207
 clean
https://a.nel.cloudflare.com/report/v3?s=5U%2FkU%2BjFeOKRc1nOWWsjAOd%2BgExs5Erq0pNBD0rlRsbmWcgrcyjk0
unknown
 clean
https://live.com/M
unknown
 clean
https://onenote.com/-
unknown
 clean
https://skyapi.onedrive.live.com/api/proxy?v=3
40.90.142.226
 clean
https://live.com/x
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.16.19.94
 clean
https://onenote.com/
unknown
 clean
https://live.com/y
unknown
 clean
https://onenote.com/(
unknown
 clean
https://i.ibb.co/vZXCdtH/outlook.png
145.239.131.51
 clean
https://support.google.com/chromecast/answer/2998456
unknown
 clean
https://live.com/a
unknown
 clean
https://live.com/b
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://live.com/g
unknown
 clean
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
unknown
 clean
https://live.com/h
unknown
 clean
https://live.com/e
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gstaticadssl.l.google.com
142.250.186.99
 clean
i-dub01p-cor001.api.p001.1drv.com
40.90.128.17
 clean
accounts.google.com
142.250.184.205
 clean
cdnjs.cloudflare.com
104.16.19.94
 clean
great-efficacious-libra.glitch.me
18.210.105.246
 clean
maxcdn.bootstrapcdn.com
104.18.10.207
 clean
clients.l.google.com
142.250.185.78
 clean
i-am3p-cor002.api.p001.1drv.com
40.90.142.226
 clean
googlehosted.l.googleusercontent.com
142.250.74.193
 clean
utfl.us
162.241.149.153
 clean
1drv.ms
13.107.42.12
 clean
i.ibb.co
145.239.131.51
 clean
onenoteonlinesync.onenote.com
unknown
 clean
ka-f.fontawesome.com
unknown
 clean
kit.fontawesome.com
unknown
 clean
messaging.office.com
unknown
 clean
c.live.com
unknown
 clean
storage.live.com
unknown
 clean
ajax.aspnetcdn.com
unknown
 clean
skyapi.onedrive.live.com
unknown
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean
code.jquery.com
unknown
 clean
onedrive.live.com
unknown
 clean
p.sfx.ms
unknown
 clean
amcdn.msftauth.net
unknown
 clean
spoprod-a.akamaihd.net
unknown
 clean
www.onenote.com
unknown
 clean
There are 18 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
192.168.2.3
unknown
unknown
clean
40.90.142.226
i-am3p-cor002.api.p001.1drv.com
United States
clean
13.107.42.12
1drv.ms
United States
clean
239.255.255.250
unknown
Reserved
clean
169.254.68.153
unknown
Reserved
clean
127.0.0.1
unknown
unknown
clean
142.250.185.78
clients.l.google.com
United States
clean
145.239.131.51
i.ibb.co
France
clean
104.18.10.207
maxcdn.bootstrapcdn.com
United States
clean
142.250.74.193
googlehosted.l.googleusercontent.com
United States
clean
142.250.184.205
accounts.google.com
United States
clean
142.250.186.99
gstaticadssl.l.google.com
United States
clean
18.210.105.246
great-efficacious-libra.glitch.me
United States
clean
162.241.149.153
utfl.us
United States
clean
40.90.128.17
i-dub01p-cor001.api.p001.1drv.com
United States
clean
104.16.19.94
cdnjs.cloudflare.com
United States
clean
There are 7 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-2660496737-530772487-1027249058-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blocklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
version
 clean
There are 40 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF5353D5000
unkown image
page readonly
 clean
7FF5D21A9000
unkown image
page readonly
 clean
297CC240000
unkown
page read and write
 clean
7DF5E6720000
unkown image
page readonly
 clean
1B59D7A0000
heap default
page read and write
 clean
1B59D8A0000
unkown
page read and write
 clean
1B59D843000
unkown
page read and write
 clean
297CBB80000
unkown image
page readonly
 clean
7DF5E6710000
unkown image
page readonly
 clean
7FF5350EF000
unkown image
page readonly
 clean
297CBD5B000
unkown
page read and write
 clean
297CBD5A000
unkown
page read and write
 clean
297CC5C0000
unkown image
page readonly
 clean
7FF5D23E9000
unkown image
page readonly
 clean
607D34C000
unkown
page read and write
 clean
1B59D830000
unkown
page read and write
 clean
7FF535451000
unkown image
page readonly
 clean
A1DF67E000
unkown
page read and write
 clean
7FF5921BB000
unkown image
page readonly
 clean
297CBC00000
unkown
page read and write
 clean
1B59D843000
unkown
page read and write
 clean
297CB698000
unkown
page read and write
 clean
1B59D8C1000
unkown image
page readonly
 clean
1B59D81C000
unkown
page read and write
 clean
1B59E10A000
unkown
page read and write
 clean
297CBD19000
unkown
page read and write
 clean
7FF53531C000
unkown image
page readonly
 clean
20A80AA0000
unkown image
page readonly
 clean
7FF5920FD000
unkown image
page readonly
 clean
20A80C50000
heap default
page read and write
 clean
7FF535429000
unkown image
page readonly
 clean
1B59D842000
unkown
page read and write
 clean
297CCA43000
unkown
page read and write
 clean
1B59E440000
unkown
page read and write
 clean
A1DE9FC000
unkown
page read and write
 clean
7FF5D2362000
unkown image
page readonly
 clean
7FF535475000
unkown image
page readonly
 clean
7DF5E6720000
unkown image
page readonly
 clean
297D0D60000
unkown
page read and write
 clean
297D0C37000
unkown
page read and write
 clean
1B59D81C000
unkown
page read and write
 clean
7FF5D243B000
unkown image
page readonly
 clean
20A80A80000
unkown image
page readonly
 clean
1B59D88D000
unkown
page read and write
 clean
1B59E44E000
unkown
page read and write
 clean
297CB6E2000
unkown
page read and write
 clean
7FF591C9E000
unkown image
page readonly
 clean
297CCB32000
unkown
page read and write
 clean
1B59E2F2000
heap private
page read and write
 clean
297CBD5A000
unkown
page read and write
 clean
7FF534F32000
unkown image
page readonly
 clean
7FF5D2386000
unkown image
page readonly
 clean
7FF5D2039000
unkown image
page readonly
 clean
1B59D81D000
unkown
page read and write
 clean
297CCB32000
unkown
page read and write
 clean
1B59D81C000
unkown
page read and write
 clean
297CBD19000
unkown
page read and write
 clean
277087F000
unkown
page read and write
 clean
A1DEF7E000
unkown
page read and write
 clean
1B59D88D000
unkown
page read and write
 clean
1B59E2F0000
heap private
page read and write
 clean
1B59E101000
unkown
page read and write
 clean
A1DE7FF000
unkown
page read and write
 clean
7DF549770000
unkown image
page readonly
 clean
297CBC02000
unkown
page read and write
 clean
7FF5D234C000
unkown image
page readonly
 clean
7FF5D21A6000
unkown image
page readonly
 clean
7FF53547D000
unkown image
page readonly
 clean
1B59D830000
unkown
page read and write
 clean
7FF534ECD000
unkown image
page readonly
 clean
1B59D7BA000
unkown
page read and write
 clean
7DF5A6492000
unkown image
page readonly
 clean
297CC960000
unkown
page read and write
 clean
20A80C8F000
unkown
page read and write
 clean
1B59E2F4000
heap private
page read and write
 clean
297CB6F0000
unkown
page read and write
 clean
297CC4A0000
unkown
page read and write
 clean
1B59D804000
unkown
page read and write
 clean
7FF5353B8000
unkown image
page readonly
 clean
20A80EB0000
unkown image
page readonly
 clean
7FF5D1F5B000
unkown image
page readonly
 clean
7FF5D2023000
unkown image
page readonly
 clean
297CB716000
unkown
page read and write
 clean
1B59D88D000
unkown
page read and write
 clean
297CCA65000
unkown
page read and write
 clean
297CCB10000
unkown
page read and write
 clean
1B59D830000
unkown
page read and write
 clean
1B59E2F5000
heap private
page read and write
 clean
1B59D81F000
unkown
page read and write
 clean
1B59D830000
unkown
page read and write
 clean
7FF535420000
unkown image
page readonly
 clean
1B59DCE0000
unkown image
page readonly
 clean
7FF535387000
unkown image
page readonly
 clean
297CCAAA000
unkown
page read and write
 clean
7FF5353BC000
unkown image
page readonly
 clean
297D0C02000
unkown
page read and write
 clean
297CB691000
unkown
page read and write
 clean
20A80C58000
heap default
page read and write
 clean
7FF5D2142000
unkown image
page readonly
 clean
7FF5352A9000
unkown image
page readonly
 clean
297CB679000
unkown
page read and write
 clean
1B59E2F3000
heap private
page read and write
 clean
7FF5D21F1000
unkown image
page readonly
 clean
7DF549750000
unkown image
page readonly
 clean
1B59D817000
unkown
page read and write
 clean
20A80C85000
unkown
page read and write
 clean
7FF592159000
unkown image
page readonly
 clean
A1DEC7F000
unkown
page read and write
 clean
7FF534914000
unkown image
page readonly
 clean
7FF5D23BA000
unkown image
page readonly
 clean
297CC921000
unkown
page read and write
 clean
7FF534D4E000
unkown image
page readonly
 clean
297CB67E000
unkown
page read and write
 clean
7FF5353DB000
unkown image
page readonly
 clean
7DF549752000
unkown image
page readonly
 clean
7FF586001000
unkown image
page readonly
 clean
1B59E447000
unkown
page read and write
 clean
7FF535287000
unkown image
page readonly
 clean
297CCAAC000
unkown
page read and write
 clean
1B59D843000
unkown
page read and write
 clean
297D0D50000
unkown
page read and write
 clean
607D77D000
unkown
page read and write
 clean
297CCAAF000
unkown
page read and write
 clean
7FF535246000
unkown image
page readonly
 clean
7FF592153000
unkown image
page readonly
 clean
7DF5E6712000
unkown image
page readonly
 clean
297CBC15000
unkown
page read and write
 clean
297D0C92000
unkown
page read and write
 clean
20A80BB0000
unkown
page read and write
 clean
A1DF27E000
unkown
page read and write
 clean
297CB6C1000
unkown
page read and write
 clean
297CBD00000
unkown
page read and write
 clean
1B59D690000
unkown image
page readonly
 clean
1B59E117000
unkown
page read and write
 clean
297CCA87000
unkown
page read and write
 clean
27703EE000
unkown
page read and write
 clean
297CCC00000
unkown
page read and write
 clean
7FF53538C000
unkown image
page readonly
 clean
7DF5A64B0000
unkown image
page readonly
 clean
1B59D842000
unkown
page read and write
 clean
1B59E220000
unkown
page read and write
 clean
7FF5D1F75000
unkown image
page readonly
 clean
A1DE8FB000
unkown
page read and write
 clean
1B59D7FE000
unkown
page read and write
 clean
7FF534F4D000
unkown image
page readonly
 clean
297CB67B000
unkown
page read and write
 clean
1B59D830000
unkown
page read and write
 clean
7FF535239000
unkown image
page readonly
 clean
7DF549752000
unkown image
page readonly
 clean
20A810B0000
unkown image
page readonly
 clean
1B59D804000
unkown
page read and write
 clean
297D0E40000
unkown
page read and write
 clean
297CB3C0000
unkown image
page read and write
 clean
20A80B90000
unkown
page read and write
 clean
297CB6A2000
unkown
page read and write
 clean
7FF5350E2000
unkown image
page readonly
 clean
7FF535419000
unkown image
page readonly
 clean
297CC9F0000
unkown
page read and write
 clean
7FF5D2435000
unkown image
page readonly
 clean
297CB713000
unkown
page read and write
 clean
27706FB000
unkown
page read and write
 clean
7DF5A64A0000
unkown image
page readonly
 clean
20A80C5F000
heap default
page read and write
 clean
7FF535349000
unkown image
page readonly
 clean
1B59E2FA000
heap private
page read and write
 clean
7FF535180000
unkown image
page readonly
 clean
2770367000
unkown
page read and write
 clean
7FF53523E000
unkown image
page readonly
 clean
7FF5353A2000
unkown image
page readonly
 clean
7FF53547B000
unkown image
page readonly
 clean
297D0C00000
unkown
page read and write
 clean
20A80C6A000
unkown
page read and write
 clean
7FF59211B000
unkown image
page readonly
 clean
7FF535368000
unkown image
page readonly
 clean
1B59E129000
unkown
page read and write
 clean
20A80C76000
unkown
page read and write
 clean
7FF535448000
unkown image
page readonly
 clean
7FF5921BD000
unkown image
page readonly
 clean
297D0F80000
unkown
page read and write
 clean
1B59E2FA000
heap private
page read and write
 clean
7FF5D239B000
unkown image
page readonly
 clean
1B59D830000
unkown
page read and write
 clean
27708FC000
unkown
page read and write
 clean
1B59D7D4000
unkown
page read and write
 clean
297CBBA0000
unkown image
page read and write
 clean
7FF5D243D000
unkown image
page readonly
 clean
1B59E104000
unkown
page read and write
 clean
297CC580000
unkown image
page readonly
 clean
7FF5D2395000
unkown image
page readonly
 clean
20A80C8F000
unkown
page read and write
 clean
7FF534B82000
unkown image
page readonly
 clean
7FF592188000
unkown image
page readonly
 clean
297CC590000
unkown image
page readonly
 clean
1B59E126000
unkown
page read and write
 clean
7FF535069000
unkown image
page readonly
 clean
7FF53510F000
unkown image
page readonly
 clean
297CBD13000
unkown
page read and write
 clean
297CCB0A000
unkown
page read and write
 clean
1B59D670000
unkown image
page readonly
 clean
7FF59213A000
unkown image
page readonly
 clean
297D0C05000
unkown
page read and write
 clean
20A80A71000
unkown image
page readonly
 clean
7FF5D22E4000
unkown image
page readonly
 clean
7FF5D2182000
unkown image
page readonly
 clean
297D0C01000
unkown
page read and write
 clean
1B59DB60000
unkown image
page readonly
 clean
7FF5348F4000
unkown image
page readonly
 clean
1B59D830000
unkown
page read and write
 clean
297CBA00000
unkown image
page readonly
 clean
297CCACC000
unkown
page read and write
 clean
1B59D817000
unkown
page read and write
 clean
607D7FA000
unkown
page read and write
 clean
20A80C8F000
unkown
page read and write
 clean
7FF5920F9000
unkown image
page readonly
 clean
7FF535432000
unkown image
page readonly
 clean
7FF53546E000
unkown image
page readonly
 clean
1B59E116000
unkown
page read and write
 clean
7DF5A64A2000
unkown image
page readonly
 clean
7DF5A64B0000
unkown image
page readonly
 clean
297CB800000
unkown image
page readonly
 clean
7FF535353000
unkown image
page readonly
 clean
297CCACB000
unkown
page read and write
 clean
297CB521000
unkown image
page readonly
 clean
7DF549760000
unkown image
page readonly
 clean
297CB6F2000
unkown
page read and write
 clean
297CB693000
unkown
page read and write
 clean
7FF535065000
unkown image
page readonly
 clean
1B59E449000
unkown
page read and write
 clean
297CBD59000
unkown
page read and write
 clean
1B59D7BF000
heap default
page read and write
 clean
7FF5D2158000
unkown image
page readonly
 clean
297D0C11000
unkown
page read and write
 clean
1B59D960000
unkown image
page readonly
 clean
7FF5D1B8E000
unkown image
page readonly
 clean
297CCB10000
unkown
page read and write
 clean
7FF535063000
unkown image
page readonly
 clean
7FF53490E000
unkown image
page readonly
 clean
A1DF07B000
unkown
page read and write
 clean
7DF5E6730000
unkown image
page readonly
 clean
7FF5353FA000
unkown image
page readonly
 clean
297D0C20000
unkown
page read and write
 clean
7DF5E6722000
unkown image
page readonly
 clean
A1DED7F000
unkown
page read and write
 clean
7FF592106000
unkown image
page readonly
 clean
297D0CC0000
unkown
page read and write
 clean
1B59D955000
heap private
page read and write
 clean
277067E000
unkown
page read and write
 clean
7FF535116000
unkown image
page readonly
 clean
7DF5A64A0000
unkown image
page readonly
 clean
7FF535376000
unkown image
page readonly
 clean
1B59E11E000
unkown
page read and write
 clean
1B59D88D000
unkown
page read and write
 clean
297CC5B0000
unkown image
page readonly
 clean
297CBD19000
unkown
page read and write
 clean
7DF5E6730000
unkown image
page readonly
 clean
607D3CF000
unkown
page read and write
 clean
297CC9E0000
unkown
page read and write
 clean
7DF5A6490000
unkown image
page readonly
 clean
7FF535399000
unkown image
page readonly
 clean
297D0CD0000
unkown
page read and write
 clean
20A80C76000
heap default
page read and write
 clean
7FF535276000
unkown image
page readonly
 clean
7FF5920BA000
unkown image
page readonly
 clean
7FF5921BD000
unkown image
page readonly
 clean
297D0C14000
unkown
page read and write
 clean
1B59D817000
unkown
page read and write
 clean
7DF447610000
unkown image
page readonly
 clean
1B59E12A000
unkown
page read and write
 clean
1B59D88D000
unkown
page read and write
 clean
297CCB02000
unkown
page read and write
 clean
7DF5A6492000
unkown image
page readonly
 clean
297D0C00000
unkown
page read and write
 clean
7DF549762000
unkown image
page readonly
 clean
297CB600000
unkown
page read and write
 clean
7DF5E6710000
unkown image
page readonly
 clean
7FF5D21F9000
unkown image
page readonly
 clean
297CBD19000
unkown
page read and write
 clean
7FF5353E5000
unkown image
page readonly
 clean
1B59D88D000
unkown
page read and write
 clean
7DF549762000
unkown image
page readonly
 clean
7FF5352E0000
unkown image
page readonly
 clean
1B59D7D2000
unkown
page read and write
 clean
20A80C6F000
heap default
page read and write
 clean
7FF535231000
unkown image
page readonly
 clean
A1DEDFF000
unkown
page read and write
 clean
7FF535400000
unkown image
page readonly
 clean
297CCACB000
unkown
page read and write
 clean
297CC5D0000
unkown image
page readonly
 clean
1B59D805000
unkown
page read and write
 clean
7DF4A4350000
unkown image
page readonly
 clean
297CC3C0000
unkown image
page read and write
 clean
7FF534B93000
unkown image
page readonly
 clean
297D0C30000
unkown
page read and write
 clean
A1DEE7F000
unkown
page read and write
 clean
297D0D30000
unkown
page read and write
 clean
20A80EA0000
heap private
page read and write
 clean
A1DE29B000
unkown
page read and write
 clean
7FF5D2411000
unkown image
page readonly
 clean
1B59E454000
unkown
page read and write
 clean
297CB430000
heap default
page read and write
 clean
297CB3E0000
unkown image
page readonly
 clean
1B59D843000
unkown
page read and write
 clean
7FF5D23E0000
unkown image
page readonly
 clean
7FF5352D9000
unkown image
page readonly
 clean
7FF5D2374000
unkown image
page readonly
 clean
20A80C8F000
unkown
page read and write
 clean
297D0C34000
unkown
page read and write
 clean
1B59D800000
unkown
page read and write
 clean
1B59E2FB000
heap private
page read and write
 clean
1B59E113000
unkown
page read and write
 clean
1B59E2FA000
heap private
page read and write
 clean
20A80EA5000
heap private
page read and write
 clean
7DF549750000
unkown image
page readonly
 clean
7FF5D1DEB000
unkown image
page readonly
 clean
297CB6D4000
unkown
page read and write
 clean
1B59D830000
unkown
page read and write
 clean
297CB3E0000
unkown image
page readonly
 clean
7FF5D2408000
unkown image
page readonly
 clean
A1DEEFE000
unkown
page read and write
 clean
7FF5D23F2000
unkown image
page readonly
 clean
7FF586001000
unkown image
page readonly
 clean
297CCA52000
unkown
page read and write
 clean
1B59D817000
unkown
page read and write
 clean
297CB400000
unkown image
page readonly
 clean
7FF534BE8000
unkown image
page readonly
 clean
A1DE31F000
unkown
page read and write
 clean
7FF53547D000
unkown image
page readonly
 clean
7FF5D23C7000
unkown image
page readonly
 clean
7FF592170000
unkown image
page readonly
 clean
297CCB12000
unkown
page read and write
 clean
7FF535413000
unkown image
page readonly
 clean
1B59D88D000
unkown
page read and write
 clean
1B59E451000
unkown
page read and write
 clean
1B59D81D000
unkown
page read and write
 clean
1B59D843000
unkown
page read and write
 clean
7FF5353B4000
unkown image
page readonly
 clean
297CBD5A000
unkown
page read and write
 clean
A1DEBFB000
unkown
page read and write
 clean
297CCB21000
unkown
page read and write
 clean
297CB62B000
unkown
page read and write
 clean
1B59E2FE000
heap private
page read and write
 clean
1B59D843000
unkown
page read and write
 clean
27709FE000
unkown
page read and write
 clean
7DF549770000
unkown image
page readonly
 clean
7FF535057000
unkown image
page readonly
 clean
7FF53522D000
unkown image
page readonly
 clean
297CB65F000
unkown
page read and write
 clean
297CBD02000
unkown
page read and write
 clean
7FF535417000
unkown image
page readonly
 clean
1B59D88D000
unkown
page read and write
 clean
297CCB21000
unkown
page read and write
 clean
1B59D830000
unkown
page read and write
 clean
297CC9F0000
unkown
page read and write
 clean
1B59E44C000
unkown
page read and write
 clean
7DF5E6722000
unkown image
page readonly
 clean
1B59E121000
unkown
page read and write
 clean
7FF534F27000
unkown image
page readonly
 clean
7FF5D23F0000
unkown image
page readonly
 clean
297CB702000
unkown
page read and write
 clean
297CB511000
unkown image
page readonly
 clean
7FF592147000
unkown image
page readonly
 clean
297CB674000
unkown
page read and write
 clean
607D67F000
unkown
page read and write
 clean
297D0C7B000
unkown
page read and write
 clean
7FF535182000
unkown image
page readonly
 clean
607D6FE000
unkown
page read and write
 clean
297CCB38000
unkown
page read and write
 clean
1B59E2F7000
heap private
page read and write
 clean
297D0D50000
unkown
page read and write
 clean
1B59E2F7000
heap private
page read and write
 clean
A1DF57C000
unkown
page read and write
 clean
297CC950000
unkown
page read and write
 clean
20A80C7A000
unkown
page read and write
 clean
7FF5D2359000
unkown image
page readonly
 clean
7FF5353C6000
unkown image
page readonly
 clean
1B59E105000
unkown
page read and write
 clean
297D0C08000
unkown
page read and write
 clean
297D0D40000
unkown
page read and write
 clean
1B59D89B000
unkown
page read and write
 clean
7FF534FB5000
unkown image
page readonly
 clean
7FF53537A000
unkown image
page readonly
 clean
7FF534F30000
unkown image
page readonly
 clean
7FF5D2378000
unkown image
page readonly
 clean
7DF5E6712000
unkown image
page readonly
 clean
297D0C4C000
unkown
page read and write
 clean
20A80C86000
unkown
page read and write
 clean
7DF4E45D0000
unkown image
page readonly
 clean
1B59D804000
unkown
page read and write
 clean
A1DEAFC000
unkown
page read and write
 clean
7DF549760000
unkown image
page readonly
 clean
297CBD59000
unkown
page read and write
 clean
277077F000
unkown
page read and write
 clean
7DF5A64A2000
unkown image
page readonly
 clean
297CCA00000
unkown
page read and write
 clean
297CCB36000
unkown
page read and write
 clean
297CCAF6000
unkown
page read and write
 clean
297CCA54000
unkown
page read and write
 clean
7FF5351E6000
unkown image
page readonly
 clean
297D0D50000
unkown
page read and write
 clean
A1DE6F8000
unkown
page read and write
 clean
1B59D88D000
unkown
page read and write
 clean
7FF5D23C0000
unkown image
page readonly
 clean
7FF592169000
unkown image
page readonly
 clean
1B59E104000
unkown
page read and write
 clean
297CB643000
unkown
page read and write
 clean
1B59D81E000
unkown
page read and write
 clean
297D0C44000
unkown
page read and write
 clean
297CBF01000
unkown
page read and write
 clean
A1DF17B000
unkown
page read and write
 clean
1B59D88D000
unkown
page read and write
 clean
7FF5D2035000
unkown image
page readonly
 clean
297CB410000
unkown image
page readonly
 clean
7FF5D243D000
unkown image
page readonly
 clean
297D0CC0000
unkown
page read and write
 clean
297D0C20000
unkown
page read and write
 clean
7FF5D237C000
unkown image
page readonly
 clean
1B59E456000
unkown
page read and write
 clean
7FF592115000
unkown image
page readonly
 clean
1B59E100000
unkown
page read and write
 clean
297D0C73000
unkown
page read and write
 clean
297D0C30000
unkown
page read and write
 clean
297CCB29000
unkown
page read and write
 clean
7FF535407000
unkown image
page readonly
 clean
7FF534D4B000
unkown image
page readonly
 clean
7FF53535A000
unkown image
page readonly
 clean
297D0D50000
unkown
page read and write
 clean
20A80C78000
unkown
page read and write
 clean
7FF592172000
unkown image
page readonly
 clean
297CB3D0000
heap private
page read and write
 clean
297CCB0C000
unkown
page read and write
 clean
A1DECFE000
unkown
page read and write
 clean
A1DF37A000
unkown
page read and write
 clean
7FF5D2343000
unkown image
page readonly
 clean
7FF592163000
unkown image
page readonly
 clean
1B59D842000
unkown
page read and write
 clean
7FF5D2328000
unkown image
page readonly
 clean
1B59D650000
unkown image
page read and write
 clean
7FF5351E9000
unkown image
page readonly
 clean
277097E000
unkown
page read and write
 clean
7FF53520C000
unkown image
page readonly
 clean
7FF5D23D9000
unkown image
page readonly
 clean
1B59D830000
unkown
page read and write
 clean
7FF535324000
unkown image
page readonly
 clean
607D87F000
unkown
page read and write
 clean
7FF5352FC000
unkown image
page readonly
 clean
7FF535391000
unkown image
page readonly
 clean
7FF5921AE000
unkown image
page readonly
 clean
1B59D950000
heap private
page read and write
 clean
7FF535383000
unkown image
page readonly
 clean
7FF5D1DF4000
unkown image
page readonly
 clean
1B59D670000
unkown image
page readonly
 clean
20A80A80000
unkown image
page readonly
 clean
297CBB90000
unkown
page read and write
 clean
7FF5D21CC000
unkown image
page readonly
 clean
1B59D843000
unkown
page read and write
 clean
7FF5D2347000
unkown image
page readonly
 clean
7FF5D2351000
unkown image
page readonly
 clean
7FF535190000
unkown image
page readonly
 clean
297CC9D0000
unkown
page read and write
 clean
1B59D82B000
unkown
page read and write
 clean
7DF5A6490000
unkown image
page readonly
 clean
1B59D804000
unkown
page read and write
 clean
7FF591654000
unkown image
page readonly
 clean
297CC5A0000
unkown image
page readonly
 clean
1B59E107000
unkown
page read and write
 clean
297D0D20000
unkown
page read and write
 clean
27707FC000
unkown
page read and write
 clean
20A80A60000
unkown image
page read and write
 clean
297CB613000
unkown
page read and write
 clean
7FF535430000
unkown image
page readonly
 clean
7FF5D23D3000
unkown image
page readonly
 clean
20A81230000
unkown image
page readonly
 clean
7FF5D242E000
unkown image
page readonly
 clean
1B59D930000
unkown image
page read and write
 clean
1B59D770000
unkown
page read and write
 clean
1B59D7A8000
heap default
page read and write
 clean
There are 466 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://great-efficacious-libra.glitch.me/ue908.html
 malicious
https://onedrive.live.com/view.aspx?resid=CCF04E28D2020A7D!130&ithint=onenote&authkey=!Ag0jBsMOa5CPGSk
 clean
https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=uaD%2BnJ80T0yXy%2Blaplvq3Q.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FCCF04E28D2020A7D!130&wdo=2&sc=host%3D%26qt%3DFolders&wdp=6&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1632800005603&jsapi=1&jsapiver=v1&newsession=1&corrid=95bc272c-e44e-4bbc-a3ff-a52ce722b692&usid=95bc272c-e44e-4bbc-a3ff-a52ce722b692&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
 clean
https://onedrive.live.com/redir?resid=CCF04E28D2020A7D%21130&authkey=%21Ag0jBsMOa5CPGSk&page=View&wd=target%28Quick%20Notes.one%7C93d3533d-5f38-4277-8b03-bbccb389355c%2FBurkett%20Restaurant%20Equipment%20%20Supplies%7Ce83b5133-7b0d-4fe6-8f9d-ba805b8e2eef%2F%29
 clean