IOC Report

loading gif

Files

File Path
Type
Category
Malicious
nuno.palmeiro-validate.html
HTML document, ASCII text, with very long lines
initial sample
malicious
C:\Users\user\AppData\Local\Google\Chrome\User Data\1c68a495-f815-43c3-9582-0c0c37279bf4.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\31f170e0-7131-473d-a254-22fcfff8a023.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\5b469b13-1227-4824-99cb-38a98d156250.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\5ebb7ffb-2a7d-4e74-b9f8-a3fe1125f8af.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\64f9e4ca-8bb1-430b-b397-7702c5d95eb8.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\6b13dde8-e7f5-46a5-8d98-ad2302ff635b.tmp
SysEx File -
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\6e64b312-cc17-4caf-86ad-e7edea16c548.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\7d01d229-c016-45b1-bbb7-e0a4271cef81.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\857c21b1-26f9-427b-8d3a-0c69d228e60c.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0655f46e-4cf1-4505-b247-5cfb18f76fe4.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0af7b1a3-f548-446e-8945-5c87e1730297.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\11152950-61d0-4053-89ee-d5f4ec4f968f.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1611be7c-e5dc-4f15-87f1-a615a64db7d7.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1d13571c-d794-4763-886a-81299761dce4.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1d8710af-298a-4bfc-85ef-c228314d411e.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\24be5b5d-3ed2-4fd7-a199-2c6fa0cdb976.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\24de40bd-d544-4e2c-8d3f-1ee4a0fb25b5.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\342bf28f-5413-4f8f-b788-0d8675d43684.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3e0e3530-eb0c-404f-a176-dcfbd7f258c4.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5a1ce58b-4caa-40c6-8f5a-7b172638f4c9.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\67d7e31a-b10e-4ced-b18b-4153138d58bb.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6c5019b3-8b0d-4850-8328-d4889ae7c833.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7a812469-fabc-4b2c-8ac5-3a46f9e319b6.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\861791a6-0e56-4aa1-8c7f-fb3c41a71db0.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\91d1b286-0ef4-4a99-ab44-571390019deb.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9f438101-4c53-43b0-8035-ce389d001772.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldDB (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
dBase III DBT, next free block index 3238316739, block length 1024
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldE (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldnf (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old.d (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Sessionp (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsle (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateB} (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesh\ (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesn/ (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesss (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.. (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesoa (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old!. (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\96d37696-3451-440f-991e-4fee5726742d.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State.. (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.olde/ (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old.c (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\ff162f2e-ac68-41a7-8875-09813a5a9d80.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldMP (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ab740f59-d7b9-4369-9a8a-3b84e3cd5b87.tmp
ASCII text, with very long lines, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f753a61c-c4b0-48f3-9dcc-0173dfc9dfd6.tmp
ASCII text, with very long lines, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f91deeed-32cd-4753-a1e7-75141fb7262c.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fb957d9f-cb13-4436-94dc-4af1a4a6247d.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldd (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateE (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheMP (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir4284_1546706430\Ruleset Data
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\be550a3b-eaad-486e-91b5-3d1dbf1027d7.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\de0051ff-e5d0-44db-bcc7-a3c694c72f37.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\fdb29afb-fbb8-4b74-a003-a797ace645cd.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\4284_33018302\LICENSE
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\4284_33018302\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\4284_33018302\crl-set
data
dropped
C:\Users\user\AppData\Local\Temp\4284_33018302\manifest.fingerprint
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\4284_33018302\manifest.json
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\4284_439174981\Filtering Rules
data
dropped
C:\Users\user\AppData\Local\Temp\4284_439174981\LICENSE.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\4284_439174981\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\4284_439174981\manifest.fingerprint
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\4284_439174981\manifest.json
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\72f477a7-5a26-4306-aae2-3fe1656e34c4.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\a10a1713-ebdd-4877-9ccb-e17001a9fa84.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\ecea2ae4-48f2-43ef-89d2-4dc10bc205d8.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\eee79102-66c8-40d3-921e-bfdb8889db24.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\feedback.css
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_1947421046\ecea2ae4-48f2-43ef-89d2-4dc10bc205d8.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4284_583879259\a10a1713-ebdd-4877-9ccb-e17001a9fa84.tmp
Google Chrome extension, version 3
dropped
There are 254 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\nuno.palmeiro-validate.html
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1568,6117690780338458555,14944996718431420838,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8

URLs

Name
IP
Malicious
file:///C:/Users/user/Desktop/nuno.palmeiro-validate.html
malicious
https://apis.google.com/js/client.js
unknown
https://www.google.com/images/cleardot.gif
unknown
https://play.google.com
unknown
https://crash.corp.google.com/samples?reportid=&q=
unknown
https://www.google.com/log?format=json&hasfast=true
unknown
https://easylist.to/)
unknown
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
https://accounts.google.com/MergeSession
unknown
https://creativecommons.org/compatiblelicenses
unknown
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
142.250.185.65
https://www.google.com
unknown
https://github.com/easylist)
unknown
https://creativecommons.org/.
unknown
https://hangouts.clients6.google.com
unknown
https://meet.google.com
unknown
https://hangouts.google.com/hangouts/_/logpref
unknown
https://accounts.google.com
unknown
https://clients2.google.com/cr/report
unknown
http://angularjs.org
unknown
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
https://github.com/angular/material
unknown
https://apis.google.com
unknown
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
https://github.com/madler/zlib/blob/master/zlib.h
unknown
https://i.imgur.com/h8YEvNH.png
151.101.112.193
https://www-googleapis-staging.sandbox.google.com
unknown
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
unknown
https://clients2.google.com
unknown
https://www.google.com/tools/feedback
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
https://dns.google
unknown
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
https://www.google.com/intl/en-US/chrome/blank.html
unknown
https://ogs.google.com
unknown
https://support.google.com/chromecast/troubleshooter/2995236
unknown
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
172.217.16.141
https://payments.google.com/payments/v4/js/integrator.js
unknown
https://www.google.com;
unknown
https://hangouts.google.com/
unknown
https://csp.withgoogle.com/csp/hosted-libraries-pushers
unknown
https://www.google.com/images/x2.gif
unknown
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.185.78
https://www.google.com/images/dot2.gif
unknown
https://i.imgur.com/UeUQRKC.png
151.101.112.193
https://meetings.clients6.google.com
unknown
https://play.google.com/log?format=json&hasfast=true
unknown
http://tools.ietf.org/html/rfc1950
unknown
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
unknown
https://support.google.com/chromecast/answer/2998456
unknown
https://clients2.googleusercontent.com
unknown
https://docs.google.com
unknown
https://www.google.com/
unknown
https://feedback.googleusercontent.com
unknown
https://clients2.google.com/service/update2/crx
unknown
https://clients6.google.com
unknown
There are 49 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
accounts.google.com
172.217.16.141
clients.l.google.com
142.250.185.78
googlehosted.l.googleusercontent.com
142.250.185.65
ipv4.imgur.map.fastly.net
151.101.112.193
clients2.googleusercontent.com
unknown
clients2.google.com
unknown
i.imgur.com
unknown

IPs

IP
Domain
Country
Malicious
142.250.185.78
clients.l.google.com
United States
192.168.2.1
unknown
unknown
239.255.255.250
unknown
Reserved
151.101.112.193
ipv4.imgur.map.fastly.net
United States
172.217.16.141
accounts.google.com
United States
127.0.0.1
unknown
unknown
142.250.185.65
googlehosted.l.googleusercontent.com
United States

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
There are 35 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
184A3E50000
trusted library allocation
page read and write
17BB61E0000
heap
page read and write
1D012683000
unkown
page read and write
1CE8519E000
heap
page read and write
1849F118000
unkown
page read and write
17BB61D0000
heap
page read and write
1D3C7E7F000
unkown
page read and write
1849E89F000
unkown
page read and write
17BB645A000
unkown
page read and write
17BB6487000
unkown
page read and write
17BB6B9E000
unkown
page read and write
1D3C7F02000
unkown
page read and write
184A4099000
unkown
page read and write
184A3E70000
trusted library allocation
page read and write
17BB7002000
unkown
page read and write
184A3F70000
trusted library allocation
page read and write
17BB7002000
unkown
page read and write
184A3FB0000
remote allocation
page read and write
1849F113000
unkown
page read and write
1D012530000
heap
page read and write
184A3F80000
trusted library allocation
page read and write
1D3C7E56000
unkown
page read and write
17BB7000000
unkown
page read and write
17BB648C000
unkown
page read and write
2BB6724E000
unkown
page read and write
67028FF000
stack
page read and write
1D012708000
unkown
page read and write
30879FE000
stack
page read and write
3086F2B000
stack
page read and write
5E10C7A000
stack
page read and write
1849EFF0000
trusted library allocation
page read and write
17BB64F4000
unkown
page read and write
1849F159000
unkown
page read and write
1D3C7E00000
unkown
page read and write
184A4080000
unkown
page read and write
5E105F7000
stack
page read and write
17BB6B92000
unkown
page read and write
17BB6B7D000
unkown
page read and write
1D012649000
unkown
page read and write
2BB66FF0000
heap
page read and write
17BB6B17000
unkown
page read and write
17BB6B9E000
unkown
page read and write
184A4092000
unkown
page read and write
1D01267D000
unkown
page read and write
1849F950000
trusted library section
page readonly
CE782FB000
stack
page read and write
1D3C7F08000
unkown
page read and write
1849F970000
trusted library section
page readonly
17BB6B6F000
unkown
page read and write
184A3E74000
trusted library allocation
page read and write
1D3C7E9A000
unkown
page read and write
17BB6B89000
unkown
page read and write
1D3C7E6E000
unkown
page read and write
17BB645D000
unkown
page read and write
17BB6B9C000
unkown
page read and write
184A3FB0000
trusted library allocation
page read and write
1B26B7B000
stack
page read and write
1849F840000
trusted library allocation
page read and write
1849E878000
unkown
page read and write
2BB6723C000
unkown
page read and write
1CE8519E000
heap
page read and write
17BB6B91000
unkown
page read and write
CE7867F000
stack
page read and write
1D3C7F00000
unkown
page read and write
17BB6B8C000
unkown
page read and write
1849F600000
trusted library allocation
page read and write
17BB6FA0000
remote allocation
page read and write
184A3FB0000
remote allocation
page read and write
1849EF50000
unkown
page read and write
6702B7C000
stack
page read and write
17BB643C000
unkown
page read and write
2BB67300000
unkown
page read and write
5E10D7F000
stack
page read and write
17BB6B9E000
unkown
page read and write
17BB7063000
unkown
page read and write
17BB7003000
unkown
page read and write
17BB6487000
unkown
page read and write
670287A000
stack
page read and write
184A3FB0000
remote allocation
page read and write
17BB6B80000
unkown
page read and write
1849E7F0000
heap
page read and write
1B2687D000
stack
page read and write
5E10B7E000
stack
page read and write
FCD73AE000
stack
page read and write
1849E875000
unkown
page read and write
184A3D30000
trusted library allocation
page read and write
184A42B0000
trusted library allocation
page read and write
17BB6BA2000
unkown
page read and write
2BB67302000
unkown
page read and write
184A4080000
unkown
page read and write
1D012629000
unkown
page read and write
2BB67000000
heap
page read and write
184A4099000
unkown
page read and write
2BB67060000
heap
page read and write
1849F940000
trusted library section
page readonly
1849F920000
trusted library section
page readonly
1D3C7E89000
unkown
page read and write
184A4090000
unkown
page read and write
1849EF60000
trusted library section
page read and write
1D012653000
unkown
page read and write
2BB6728A000
unkown
page read and write
17BB6BCE000
unkown
page read and write
17BB6BA3000
unkown
page read and write
184A4000000
unkown
page read and write
2BB67213000
unkown
page read and write
17BB7100000
unkown
page read and write
1D012600000
unkown
page read and write
184A408D000
unkown
page read and write
1849E88D000
unkown
page read and write
5E106FD000
stack
page read and write
1D3C7E3C000
unkown
page read and write
1849F159000
unkown
page read and write
17BB6BBC000
unkown
page read and write
184A3CF0000
trusted library allocation
page read and write
1849E87A000
unkown
page read and write
1849E813000
unkown
page read and write
17BB645B000
unkown
page read and write
1CE8517B000
heap
page read and write
1CE85100000
heap
page read and write
FCD732C000
stack
page read and write
FCD767D000
stack
page read and write
CE7857F000
stack
page read and write
67029F9000
stack
page read and write
2BB67200000
unkown
page read and write
17BB6BB6000
unkown
page read and write
17BB6B8C000
unkown
page read and write
1B26C77000
stack
page read and write
6702AFF000
stack
page read and write
17BB6BA0000
unkown
page read and write
2BB67253000
unkown
page read and write
1849EFE0000
trusted library allocation
page read and write
1849F960000
trusted library section
page readonly
1CE85186000
heap
page read and write
17BB6B9C000
unkown
page read and write
1CE85195000
heap
page read and write
5E108FF000
stack
page read and write
184A3E51000
trusted library allocation
page read and write
17BB645F000
unkown
page read and write
308727E000
stack
page read and write
1CE851B0000
heap
page read and write
1D012560000
unkown
page read and write
17BB6FA0000
remote allocation
page read and write
FCD78FE000
stack
page read and write
17BB6502000
unkown
page read and write
184A4017000
unkown
page read and write
5E10AFE000
stack
page read and write
3087BFB000
stack
page read and write
1849FCC0000
trusted library allocation
page read and write
1849EFE3000
trusted library allocation
page read and write
1CE851AC000
heap
page read and write
17BB6BCA000
unkown
page read and write
2BB67270000
unkown
page read and write
1CE854E0000
heap
page read and write
2BB67A02000
unkown
page read and write
17BB6466000
unkown
page read and write
17BB6B89000
unkown
page read and write
17BB6467000
unkown
page read and write
17BB6240000
heap
page read and write
1D012650000
unkown
page read and write
1D3C7E53000
unkown
page read and write
184A4092000
unkown
page read and write
FCD79F7000
stack
page read and write
17BB6BDA000
unkown
page read and write
3087577000
stack
page read and write
17BB6B9E000
unkown
page read and write
1B26E7E000
stack
page read and write
1CE85181000
heap
page read and write
1849F118000
unkown
page read and write
3087879000
stack
page read and write
184A4062000
unkown
page read and write
17BB7021000
unkown
page read and write
1B265CB000
stack
page read and write
1D01264B000
unkown
page read and write
2BB67247000
unkown
page read and write
184A3E5B000
trusted library allocation
page read and write
1849EFC1000
trusted library allocation
page read and write
1849F102000
unkown
page read and write
184A3E80000
trusted library allocation
page read and write
17BB6463000
unkown
page read and write
2BB6722A000
unkown
page read and write
17BB6B00000
unkown
page read and write
1CE85186000
heap
page read and write
1D3C7E47000
unkown
page read and write
1849E780000
heap
page read and write
17BB7002000
unkown
page read and write
1D012702000
unkown
page read and write
184A401D000
unkown
page read and write
184A3E94000
trusted library allocation
page read and write
1849F118000
unkown
page read and write
1D012602000
unkown
page read and write
1D3C7E6A000
unkown
page read and write
1849E870000
unkown
page read and write
17BB6508000
unkown
page read and write
1849E859000
unkown
page read and write
1CE85170000
heap
page read and write
184A4084000
unkown
page read and write
184A3E56000
trusted library allocation
page read and write
1CE85340000
heap
page read and write
1849E893000
unkown
page read and write
17BB6453000
unkown
page read and write
17BB64DF000
unkown
page read and write
17BB6FA0000
remote allocation
page read and write
17BB6B9A000
unkown
page read and write
184A4096000
unkown
page read and write
3086FAE000
stack
page read and write
2BB67313000
unkown
page read and write
184A3E5E000
trusted library allocation
page read and write
17BB6400000
unkown
page read and write
5E104FE000
stack
page read and write
1849F159000
unkown
page read and write
17BB69A0000
unkown
page read and write
184A3F90000
trusted library allocation
page read and write
1849E829000
unkown
page read and write
17BB6BAE000
unkown
page read and write
17BB64C7000
unkown
page read and write
1CE85196000
heap
page read and write
184A4081000
unkown
page read and write
CE77DEB000
stack
page read and write
1D012700000
unkown
page read and write
1D3C8602000
unkown
page read and write
17BB6464000
unkown
page read and write
1849F002000
unkown
page read and write
1D3C7E4E000
unkown
page read and write
5E109FB000
stack
page read and write
CE7807E000
stack
page read and write
1849E925000
unkown
page read and write
1D012713000
unkown
page read and write
1CE85360000
heap
page read and write
184A3FA0000
trusted library allocation
page read and write
670297E000
stack
page read and write
184A3E50000
trusted library allocation
page read and write
184A4049000
unkown
page read and write
1D01264D000
unkown
page read and write
1D3C7E55000
unkown
page read and write
1D3C7CB0000
heap
page read and write
1D3C7E2A000
unkown
page read and write
1D0124C0000
heap
page read and write
1D012E02000
unkown
page read and write
184A42C0000
trusted library allocation
page read and write
184A3F60000
trusted library allocation
page read and write
17BB7002000
unkown
page read and write
17BB6516000
unkown
page read and write
1D012670000
unkown
page read and write
1849E840000
unkown
page read and write
184A3CC0000
trusted library allocation
page read and write
1849E800000
unkown
page read and write
5E10EFE000
stack
page read and write
1B26A7E000
stack
page read and write
184A3E80000
trusted library allocation
page read and write
17BB6413000
unkown
page read and write
30878FE000
stack
page read and write
17BB6BBC000
unkown
page read and write
1B269FB000
stack
page read and write
1D012688000
unkown
page read and write
184A40A3000
unkown
page read and write
FCD777B000
stack
page read and write
17BB6BB6000
unkown
page read and write
5E10F7F000
stack
page read and write
1B26D7E000
stack
page read and write
17BB7002000
unkown
page read and write
1CE8519E000
heap
page read and write
184A407A000
unkown
page read and write
17BB6B11000
unkown
page read and write
17BB64A8000
unkown
page read and write
FCD7AFF000
stack
page read and write
17BB6455000
unkown
page read and write
FCD787B000
stack
page read and write
5E1107A000
stack
page read and write
17BB6BA4000
unkown
page read and write
1D012613000
unkown
page read and write
CE7837E000
stack
page read and write
184A400E000
unkown
page read and write
17BB64EA000
unkown
page read and write
17BB6BA3000
unkown
page read and write
17BB6BA2000
unkown
page read and write
1CE854E5000
heap
page read and write
17BB6B80000
unkown
page read and write
184A3E57000
trusted library allocation
page read and write
308767E000
stack
page read and write
FCD7BFE000
stack
page read and write
17BB64D6000
unkown
page read and write
CE781FC000
stack
page read and write
17BB7063000
unkown
page read and write
17BB7002000
unkown
page read and write
1849F381000
trusted library allocation
page read and write
5E10E7F000
stack
page read and write
17BB6513000
unkown
page read and write
308747B000
stack
page read and write
1CE851AC000
heap
page read and write
1849E902000
unkown
page read and write
17BB64A7000
unkown
page read and write
1849F159000
unkown
page read and write
184A402B000
unkown
page read and write
17BB6B92000
unkown
page read and write
1CE851AF000
heap
page read and write
1D3C7E4C000
unkown
page read and write
2BB67160000
unkown
page read and write
17BB6BB3000
unkown
page read and write
1D3C7F13000
unkown
page read and write
1D3C7E4B000
unkown
page read and write
184A3CF3000
trusted library allocation
page read and write
184A3E55000
trusted library allocation
page read and write
1849F158000
unkown
page read and write
1849E855000
unkown
page read and write
1D01263C000
unkown
page read and write
1CE851AC000
heap
page read and write
17BB6BBD000
unkown
page read and write
184A3F20000
trusted library allocation
page read and write
184A408D000
unkown
page read and write
184A3E90000
trusted library allocation
page read and write
17BB6B9A000
unkown
page read and write
CE780FE000
stack
page read and write
17BB64C0000
unkown
page read and write
17BB6BAD000
unkown
page read and write
1849F100000
unkown
page read and write
17BB6B4C000
unkown
page read and write
184A3D40000
trusted library allocation
page read and write
184A3FA0000
trusted library allocation
page read and write
3087AF8000
stack
page read and write
2BB67308000
unkown
page read and write
184A4300000
trusted library allocation
page read and write
CE78477000
stack
page read and write
17BB645C000
unkown
page read and write
1849F930000
trusted library section
page readonly
1849E790000
heap
page read and write
17BB6468000
unkown
page read and write
17BB6429000
unkown
page read and write
17BB6B13000
unkown
page read and write
1D0124D0000
heap
page read and write
17BB7102000
unkown
page read and write
5E107FA000
stack
page read and write
17BB646A000
unkown
page read and write
3087778000
stack
page read and write
1D3C7E13000
unkown
page read and write
1849E88F000
unkown
page read and write
5E1047D000
stack
page read and write
17BB6460000
unkown
page read and write
1849E8FE000
unkown
page read and write
1D3C7DB0000
unkown
page read and write
17BB64B1000
unkown
page read and write
5E101BC000
stack
page read and write
2BB6724B000
unkown
page read and write
1D3C7C50000
heap
page read and write
5E10A7E000
stack
page read and write
184A4089000
unkown
page read and write
1849F015000
unkown
page read and write
6702A7A000
stack
page read and write
184A403C000
unkown
page read and write
184A3E58000
trusted library allocation
page read and write
1D3C7C40000
heap
page read and write
184A3E5C000
trusted library allocation
page read and write
17BB7002000
unkown
page read and write
184A3E71000
trusted library allocation
page read and write
17BB6B86000
unkown
page read and write
2BB67282000
unkown
page read and write
1849F000000
unkown
page read and write
1B268FE000
stack
page read and write
1849E913000
unkown
page read and write
1D3C7E49000
unkown
page read and write
1D3C7E51000
unkown
page read and write
184A408F000
unkown
page read and write
1849F118000
unkown
page read and write
17BB6A02000
unkown
page read and write
There are 353 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
file:///C:/Users/user/Desktop/nuno.palmeiro-validate.html
malicious