IOC Report

loading gif

Files

File Path
Type
Category
Malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\12ebe537-a541-4bd9-b41d-6c0b2bda5bcf.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\1a041006-3dfc-4366-84d5-a91d27e6c33c.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\25947faa-0cde-4b66-afb2-4abebcbf0cb3.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\373f699c-7b68-4cae-9452-fa032ac6d88d.tmp
SysEx File -
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\525216c8-3d6a-4604-8930-cbdae6d14b05.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\693c4a5e-7f14-4b65-b101-7a8cc3bcf949.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\7d5d8578-b03e-4611-a199-4200de553b52.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\7fbf9687-5987-4d35-be15-4921cabca843.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\8b166c41-37b9-4be5-b433-3171eaaed10e.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1dabbd6f-8aa7-4763-95a6-313f0fc53696.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3986476a-79cf-4c77-824b-db73ebeb77e0.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\51ea77e7-620f-4297-9607-dabfc578dd4b.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5c82f211-e55c-4e29-824f-28b8b29a62f1.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\642debb1-2803-4aca-be10-e4e71a96b353.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\798cba07-bd90-4bb5-80d5-7941f813ee2c.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8b74c677-fa94-4da0-9b5d-757b77c28285.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8e9e6684-5fb9-4240-b614-1d2f540304a2.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\980df397-b506-4ed6-bff7-b94330d0fc37.tmp
ASCII text, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9ab9e20a-4e94-4c98-bf90-88d78f8bc46b.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent Statemp (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencese (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesfn (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\4ffc04b6-d8c0-4f67-ac72-40bcdc10607f.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State.. (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\db795b52-1412-40c6-a04c-0a4defb9463b.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurityMP (copy)
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a8c076c5-e544-471f-af6b-3aaa1e4e8bea.tmp
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\aa917eaa-189d-46cd-808f-edf3308cddf3.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b14865d2-598b-4ed1-a12c-7bd5da561001.tmp
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b9bc0aa4-71b1-45df-8714-2e278026136e.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c366ac19-2db8-47bc-ae5a-8013d7600b53.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT. (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dc89c097-f819-47b9-9858-132aac441971.tmp
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ea2ef4d8-e23c-43e3-b650-d20fdaa619e3.tmp
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ea5aef07-dd87-4f20-b0ca-095724a3aeb0.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f6a3fa6a-4330-4db7-9f19-26202fda87a1.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f72c4cd4-8ef2-4cbd-8ce2-c6de2c8d7e2a.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f794f48d-9b99-4760-917b-7d6c7b9983fd.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fff4c294-8b77-40ed-af53-5562882e1b5c.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheFD (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6760_955344158\Ruleset Data
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\b19ff24c-8248-4f7d-9b7e-4ba4083bdb7a.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\b823aa69-7386-4624-96fd-ce18c21d93a1.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\b8925bb9-576f-423b-95fc-f4026e75719d.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\e8c50bd3-7fa5-419b-87bd-69d770545d74.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\fc7b8661-0df4-466c-99b7-a87255d2838d.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\4b36dbfb-df43-4f34-b401-572980654fc8.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\4d8ebc1e-4be5-4e4f-81b3-8aa89597a059.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\6760_1431660835\Filtering Rules
data
dropped
C:\Users\user\AppData\Local\Temp\6760_1431660835\LICENSE.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\6760_1431660835\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\6760_1431660835\manifest.fingerprint
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\6760_1431660835\manifest.json
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\7317be36-9f82-462f-8ffd-03d633714428.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\d181d15e-928c-4b6e-a63d-3ea1a806682e.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\4d8ebc1e-4be5-4e4f-81b3-8aa89597a059.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\feedback.css
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1072695678\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
modified
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir6760_1236654752\d181d15e-928c-4b6e-a63d-3ea1a806682e.tmp
Google Chrome extension, version 3
dropped
There are 192 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://6v4feb7simf.typeform.com/to/v3GA1r6t
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1584,15928684533581983461,16347382913123571543,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1584,15928684533581983461,16347382913123571543,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5536 /prefetch:8

URLs

Name
IP
Malicious
https://6v4feb7simf.typeform.com/to/v3GA1r6t
malicious
https://stats.g.doubleclick.net
unknown
https://apis.google.com/js/client.js
unknown
https://www.google.com/images/cleardot.gif
unknown
https://play.google.com
unknown
https://crash.corp.google.com/samples?reportid=&q=
unknown
https://www.google.ch
unknown
https://www.google.com/log?format=json&hasfast=true
unknown
https://easylist.to/)
unknown
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
https://10579985.fls.doubleclick.net/activityi;dc_pre=CPac-YXD1PUCFTERBgAdHssPzQ;src=10579985;type=tf_visit;cat=pageview;ord=7023634409798;gtm=2wg1q0;gcs=G111;auiddc=101564392.1643407963;u17=www.typeform.com%2Ftemplates%2F;u18=(Non-Company);~oref=https%3A%2F%2Fwww.typeform.com%2Ftemplates%2F?
https://accounts.google.com/MergeSession
unknown
https://creativecommons.org/compatiblelicenses
unknown
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
https://www.google.com
unknown
https://github.com/easylist)
unknown
https://creativecommons.org/.
unknown
https://hangouts.clients6.google.com
unknown
https://meet.google.com
unknown
https://hangouts.google.com/hangouts/_/logpref
unknown
https://accounts.google.com
unknown
https://clients2.google.com/cr/report
unknown
http://angularjs.org
unknown
https://6v4feb7simf.typeform.com/to/v3GA1r6t
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
https://github.com/angular/material
unknown
https://apis.google.com
unknown
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
https://www.typeform.com/templates/
https://github.com/madler/zlib/blob/master/zlib.h
unknown
https://www-googleapis-staging.sandbox.google.com
unknown
https://clients2.google.com
unknown
https://www.typeform.com/pricing/
https://www.typeform.com/enterprise/
https://www.google.com/tools/feedback
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
https://dns.google
unknown
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
https://www.google.com/intl/en-US/chrome/blank.html
unknown
https://ogs.google.com
unknown
https://www.typeform.com/
https://support.google.com/chromecast/troubleshooter/2995236
unknown
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
https://admin.typeform.com/login
https://payments.google.com/payments/v4/js/integrator.js
unknown
https://adservice.google.com
unknown
https://www.google.com;
unknown
https://googleads.g.doubleclick.net
unknown
https://hangouts.google.com/
unknown
https://www.google.com/images/x2.gif
unknown
https://www.google.com/images/dot2.gif
unknown
https://meetings.clients6.google.com
unknown
https://play.google.com/log?format=json&hasfast=true
unknown
https://10579985.fls.doubleclick.net
unknown
https://admin.typeform.com/signup
http://tools.ietf.org/html/rfc1950
unknown
https://6v4feb7simf.typeform.com/to/v3GA1r6t2
unknown
https://support.google.com/chromecast/answer/2998456
unknown
https://clients2.googleusercontent.com
unknown
https://docs.google.com
unknown
https://www.google.com/
unknown
https://feedback.googleusercontent.com
unknown
https://clients2.google.com/service/update2/crx
unknown
https://clients6.google.com
unknown
There are 54 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
privacyportal-de.onetrust.com
104.20.184.68
d2citsn5wf4j9j.cloudfront.net
18.66.196.121
track.hubspot.com
104.19.155.83
cdnjs.cloudflare.com
104.16.18.94
js.hs-scripts.com
104.17.210.204
api.segment.io
54.149.50.128
www.google.com
172.217.168.68
polyfill.io
151.101.65.26
ok11-crtr-custom-domains-cd76c2bd4d92725a.elb.us-east-2.amazonaws.com
3.15.36.195
px.mountain.com
52.42.124.195
reveal.clearbit.com
52.56.230.239
match.adsrvr.org
52.223.40.198
px.steelhousemedia.com
44.237.157.168
js.hs-banner.com
104.18.20.191
star-mini.c10r.facebook.com
157.240.17.35
stats.l.doubleclick.net
108.177.127.155
dx.mountain.com
52.88.179.26
cdn.amplitude.com
108.156.0.174
dna8twue3dlxq.cloudfront.net
18.66.196.79
edge.fullstory.com
35.201.112.186
gs.mountain.com
34.212.4.35
d2q0tm6nh3syda.cloudfront.net
18.66.196.93
d1ftdm4q83us3q.cloudfront.net
18.66.218.92
googleads.g.doubleclick.net
172.217.168.66
api.amplitude.com
54.149.64.13
us2-events-2-1917544754.us-west-2.elb.amazonaws.com
52.26.89.215
clients.l.google.com
142.250.203.110
unpkg.com
104.16.124.175
d2nvsmtq2poimt.cloudfront.net
18.66.218.95
cdn.cookielaw.org
104.16.149.64
googlehosted.l.googleusercontent.com
142.250.203.97
d3orhvfyxudxxq.cloudfront.net
108.139.243.33
dart.l.doubleclick.net
142.250.203.102
global-v2.clearbit.com
52.56.230.239
js.hs-analytics.net
104.17.68.176
adservice.google.com
172.217.168.2
x.clearbit.com
52.56.230.239
insight.adsrvr.org
52.223.40.198
d296je7bbdd650.cloudfront.net
108.139.240.122
scontent.xx.fbcdn.net
157.240.17.15
prod-east-stats-tap-alb-627711272.us-east-1.elb.amazonaws.com
54.86.117.43
d2cjrwb117kaxb.cloudfront.net
18.66.218.54
tracks.trackingplan.com
3.224.204.97
accounts.google.com
172.217.168.45
www-google-analytics.l.google.com
216.58.215.238
ws.zoominfo.com
104.16.168.82
www-googletagmanager.l.google.com
172.217.168.8
d19fvy74nkvmoz.cloudfront.net
18.66.218.11
p13nlog-1106815646.us-east-1.elb.amazonaws.com
52.2.252.209
d2p6vz8nayi9a3.cloudfront.net
18.66.196.24
pixel.streetmetrics.io
104.21.11.153
rs.fullstory.com
35.186.194.58
d3m6p8tvnbsibq.cloudfront.net
18.66.218.75
www.datadoghq-browser-agent.com
18.66.203.63
tags.srv.stackadapt.com
52.204.174.192
www.google.ch
172.217.168.35
geolocation.onetrust.com
104.20.185.68
cdn.rollbar.com
unknown
stats.g.doubleclick.net
unknown
clients2.googleusercontent.com
unknown
clients2.google.com
unknown
endpoint2.collection.us2.sumologic.com
unknown
logx.optimizely.com
unknown
admin.typeform.com
unknown
images.ctfassets.net
unknown
connect.facebook.net
unknown
px.ads.linkedin.com
unknown
cdn.optimizely.com
unknown
public-assets.typeform.com
unknown
fast.wistia.com
unknown
10579985.fls.doubleclick.net
unknown
x.clearbitjs.com
unknown
cdn.segment.com
unknown
renderer-assets.typeform.com
unknown
www.typeform.com
unknown
distillery.wistia.com
unknown
www.facebook.com
unknown
www.linkedin.com
unknown
images.typeform.com
unknown
public.profitwell.com
unknown
auth.typeform.com
unknown
config.trackingplan.com
unknown
embed-fastly.wistia.com
unknown
font.typeform.com
unknown
snap.licdn.com
unknown
6v4feb7simf.typeform.com
unknown
There are 76 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
18.66.196.93
d2q0tm6nh3syda.cloudfront.net
United States
104.19.155.83
track.hubspot.com
United States
104.17.68.176
js.hs-analytics.net
United States
192.168.2.1
unknown
unknown
216.58.215.238
www-google-analytics.l.google.com
United States
35.186.194.58
rs.fullstory.com
United States
104.18.20.191
js.hs-banner.com
United States
157.240.17.35
star-mini.c10r.facebook.com
United States
172.217.168.45
accounts.google.com
United States
18.66.218.92
d1ftdm4q83us3q.cloudfront.net
United States
142.250.203.97
googlehosted.l.googleusercontent.com
United States
104.20.184.68
privacyportal-de.onetrust.com
United States
104.16.124.175
unpkg.com
United States
18.66.196.121
d2citsn5wf4j9j.cloudfront.net
United States
18.66.218.11
d19fvy74nkvmoz.cloudfront.net
United States
104.16.18.94
cdnjs.cloudflare.com
United States
18.66.218.54
d2cjrwb117kaxb.cloudfront.net
United States
18.66.218.95
d2nvsmtq2poimt.cloudfront.net
United States
52.88.179.26
dx.mountain.com
United States
52.11.156.223
unknown
United States
108.177.127.155
stats.l.doubleclick.net
United States
172.217.168.2
adservice.google.com
United States
52.42.124.195
px.mountain.com
United States
18.66.218.127
unknown
United States
239.255.255.250
unknown
Reserved
54.86.117.43
prod-east-stats-tap-alb-627711272.us-east-1.elb.amazonaws.com
United States
108.139.243.33
d3orhvfyxudxxq.cloudfront.net
United States
127.0.0.1
unknown
unknown
18.66.196.90
unknown
United States
34.212.4.35
gs.mountain.com
United States
18.66.196.79
dna8twue3dlxq.cloudfront.net
United States
142.250.203.110
clients.l.google.com
United States
172.217.168.68
www.google.com
United States
104.17.210.204
js.hs-scripts.com
United States
157.240.17.15
scontent.xx.fbcdn.net
United States
172.217.168.8
www-googletagmanager.l.google.com
United States
104.21.11.153
pixel.streetmetrics.io
United States
172.217.168.66
googleads.g.doubleclick.net
United States
108.139.240.122
d296je7bbdd650.cloudfront.net
United States
18.66.218.75
d3m6p8tvnbsibq.cloudfront.net
United States
54.149.64.13
api.amplitude.com
United States
52.56.230.239
reveal.clearbit.com
United States
108.156.0.174
cdn.amplitude.com
United States
54.149.50.128
api.segment.io
United States
142.250.203.102
dart.l.doubleclick.net
United States
18.66.196.24
d2p6vz8nayi9a3.cloudfront.net
United States
52.26.89.215
us2-events-2-1917544754.us-west-2.elb.amazonaws.com
United States
18.66.203.63
www.datadoghq-browser-agent.com
United States
18.66.196.29
unknown
United States
104.16.149.64
cdn.cookielaw.org
United States
172.217.168.35
www.google.ch
United States
151.101.65.26
polyfill.io
United States
104.20.185.68
geolocation.onetrust.com
United States
35.201.112.186
edge.fullstory.com
United States
104.16.168.82
ws.zoominfo.com
United States
3.224.204.97
tracks.trackingplan.com
United States
52.2.252.209
p13nlog-1106815646.us-east-1.elb.amazonaws.com
United States
52.204.174.192
tags.srv.stackadapt.com
United States
3.15.36.195
ok11-crtr-custom-domains-cd76c2bd4d92725a.elb.us-east-2.amazonaws.com
United States
There are 49 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
HKEY_CURRENT_USER\Software\Microsoft\Speech\Voices
DefaultTokenId
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
There are 33 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
22F7D35D000
heap
page read and write
D2B3B7A000
stack
page read and write
15A9E860000
unkown
page read and write
1E53F402000
unkown
page read and write
22F7D440000
trusted library allocation
page read and write
2B099E4D000
unkown
page read and write
1820B790000
heap
page read and write
D2B387B000
stack
page read and write
22F7D383000
heap
page read and write
1820B84F000
unkown
page read and write
15A9E83B000
unkown
page read and write
15A9E83A000
unkown
page read and write
687F477000
stack
page read and write
22F7D35F000
heap
page read and write
1820B829000
unkown
page read and write
1820B900000
unkown
page read and write
1E53EFDC000
unkown
page read and write
15A9E862000
unkown
page read and write
1DED0A83000
unkown
page read and write
1E53EFBC000
unkown
page read and write
15A9E800000
unkown
page read and write
15A9F002000
unkown
page read and write
1DED0B08000
unkown
page read and write
1E53E6A6000
unkown
page read and write
E79373E000
stack
page read and write
1E53EDF0000
remote allocation
page read and write
1820B800000
unkown
page read and write
1DED1202000
unkown
page read and write
22F7D371000
heap
page read and write
2B099E13000
unkown
page read and write
2B099F13000
unkown
page read and write
22F7D383000
heap
page read and write
15A9E813000
unkown
page read and write
2518CFE000
stack
page read and write
D2B339F000
stack
page read and write
1E53EF8A000
unkown
page read and write
1DED0800000
heap
page read and write
1E53EF87000
unkown
page read and write
1DED0A27000
unkown
page read and write
1E53EFDC000
unkown
page read and write
2B099E3C000
unkown
page read and write
1E53EF7F000
unkown
page read and write
E793AFB000
stack
page read and write
1E53E69F000
unkown
page read and write
15A9E85C000
unkown
page read and write
15A9E831000
unkown
page read and write
22F7D37F000
heap
page read and write
1820B780000
heap
page read and write
15A9E846000
unkown
page read and write
1820B908000
unkown
page read and write
15A9E87F000
unkown
page read and write
1DED0860000
heap
page read and write
1820B850000
unkown
page read and write
2518A7E000
stack
page read and write
1E53EF8A000
unkown
page read and write
1820B870000
unkown
page read and write
1E53EDF0000
remote allocation
page read and write
2B099C80000
heap
page read and write
15A9E842000
unkown
page read and write
1820B913000
unkown
page read and write
15A9E87B000
unkown
page read and write
22F7D35D000
heap
page read and write
15A9E885000
unkown
page read and write
15A9E600000
heap
page read and write
2B099E6A000
unkown
page read and write
2518BFE000
stack
page read and write
15A9E82D000
unkown
page read and write
1E53EF81000
unkown
page read and write
15A9E858000
unkown
page read and write
15A9E845000
unkown
page read and write
15A9E86E000
unkown
page read and write
1DED0B02000
unkown
page read and write
1820C002000
unkown
page read and write
687F17F000
stack
page read and write
15A9E808000
unkown
page read and write
1820B87F000
unkown
page read and write
1F17AC66000
unkown
page read and write
1E53EF96000
unkown
page read and write
687F37B000
stack
page read and write
1DED0960000
unkown
page read and write
22F7D355000
heap
page read and write
1DED07F0000
heap
page read and write
E793E7F000
stack
page read and write
2B099E2A000
unkown
page read and write
1DED0A5C000
unkown
page read and write
186839A0000
remote allocation
page read and write
1E53EFA9000
unkown
page read and write
1E53EF9B000
unkown
page read and write
2B099E00000
unkown
page read and write
22F7D383000
heap
page read and write
1DED0A69000
unkown
page read and write
1DED0A7A000
unkown
page read and write
15A9E610000
heap
page read and write
1E53EDF0000
remote allocation
page read and write
1820B88A000
unkown
page read and write
1E53EF79000
unkown
page read and write
D2B331C000
stack
page read and write
251875C000
stack
page read and write
1820B7F0000
heap
page read and write
1820B813000
unkown
page read and write
15A9E82A000
unkown
page read and write
2B099F02000
unkown
page read and write
1DED0B13000
unkown
page read and write
1DED0A64000
unkown
page read and write
2B099F08000
unkown
page read and write
1DED0A5D000
unkown
page read and write
1DED0B00000
unkown
page read and write
1820B902000
unkown
page read and write
2B099E7D000
unkown
page read and write
1820BF50000
unkown
page read and write
1820B852000
unkown
page read and write
186839A0000
remote allocation
page read and write
1DED0A13000
unkown
page read and write
1E53E6ED000
unkown
page read and write
2B09A602000
unkown
page read and write
2518EFF000
stack
page read and write
15A9E83D000
unkown
page read and write
15A9E847000
unkown
page read and write
687F07C000
stack
page read and write
2B099CE0000
heap
page read and write
15A9E87C000
unkown
page read and write
E793C7E000
stack
page read and write
687F57F000
stack
page read and write
1E53E6EA000
unkown
page read and write
D2B3A7E000
stack
page read and write
E7936BB000
stack
page read and write
1820B84B000
unkown
page read and write
1820B84D000
unkown
page read and write
15A9E86C000
unkown
page read and write
1DED0A7A000
unkown
page read and write
2B099E53000
unkown
page read and write
186839A0000
remote allocation
page read and write
15A9E85F000
unkown
page read and write
15A9E82E000
unkown
page read and write
1DED0A00000
unkown
page read and write
2B099E87000
unkown
page read and write
15A9E841000
unkown
page read and write
25187DE000
stack
page read and write
1820B83C000
unkown
page read and write
687F0FF000
stack
page read and write
1E53EFA9000
unkown
page read and write
15A9E670000
heap
page read and write
15A9E824000
unkown
page read and write
2B099F00000
unkown
page read and write
15A9E878000
unkown
page read and write
15A9E859000
unkown
page read and write
1E53EF79000
unkown
page read and write
687F27B000
stack
page read and write
E7937BE000
stack
page read and write
1E53EF96000
unkown
page read and write
D2B367F000
stack
page read and write
15A9E867000
unkown
page read and write
2518DFE000
stack
page read and write
15A9E85A000
unkown
page read and write
E793BFB000
stack
page read and write
1DED0A54000
unkown
page read and write
15A9E902000
unkown
page read and write
E793D77000
stack
page read and write
1E53EF92000
unkown
page read and write
E793F7F000
stack
page read and write
22F7E130000
trusted library allocation
page read and write
22F7D377000
heap
page read and write
15A9E86A000
unkown
page read and write
687F67F000
stack
page read and write
15A9E840000
unkown
page read and write
15A9E770000
unkown
page read and write
1DED0A3A000
unkown
page read and write
15A9E844000
unkown
page read and write
1E53EF80000
unkown
page read and write
15A9E865000
unkown
page read and write
2B099DE0000
unkown
page read and write
D2B3977000
stack
page read and write
1E53EFA7000
unkown
page read and write
22F7D35D000
heap
page read and write
1E53EF7F000
unkown
page read and write
15A9E863000
unkown
page read and write
1E53EF87000
unkown
page read and write
1E53EF82000
unkown
page read and write
2B099C70000
heap
page read and write
There are 169 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://6v4feb7simf.typeform.com/to/v3GA1r6t
 malicious
https://www.typeform.com/explore/?utm_campaign=v3GA1r6t&utm_source=typeform.com-18086319-free&utm_medium=typeform&utm_content=typeform-closescreenbutton&utm_term=EN
https://www.typeform.com/explore/?utm_campaign=v3GA1r6t&utm_source=typeform.com-18086319-free&utm_medium=typeform&utm_content=typeform-closescreen&utm_term=EN
https://www.typeform.com/
https://www.typeform.com/pricing/
https://www.typeform.com/enterprise/
https://admin.typeform.com/login
https://www.typeform.com/templates/
https://admin.typeform.com/signup
https://10579985.fls.doubleclick.net/activityi;dc_pre=CPac-YXD1PUCFTERBgAdHssPzQ;src=10579985;type=tf_visit;cat=pageview;ord=7023634409798;gtm=2wg1q0;gcs=G111;auiddc=101564392.1643407963;u17=www.typeform.com%2Ftemplates%2F;u18=(Non-Company);~oref=https%3A%2F%2Fwww.typeform.com%2Ftemplates%2F?