Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Invoice4334567.htm
|
HTML document, ASCII text, with very long lines, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0c64b74a-a6df-4409-9429-aa7ab753fb67.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1312f5ce-01da-4bf6-a251-69dae95b8f82.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1caa5f71-dd49-4439-a60e-43b4210290d9.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\20bb8c12-1aba-40f5-909a-6e97926d68c7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\62275110-41da-4748-8a57-7ec275eff305.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\67613437-52c4-4365-aac6-303a8e77fe16.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6c7d6dd8-096f-4f35-bb44-ffc787a83666.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7f76792e-822c-4d51-9c00-d66d6608e2e7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\857e845a-f45e-4a4c-85c5-dde9c2b0ba9b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9fa5dd18-e691-441e-b59b-16a380e69cc5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\198a8f22-c0c8-480c-8343-2586d7bbcc77.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2db0f736-0ed4-4fd8-a7b9-e53d7537c10d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\43f0cd02-63c9-430e-bc53-a0424e7355f9.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4db7618d-1924-44ce-ab00-9e76a9fcb660.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\601baeb3-a8e0-4f66-beda-f7e894c0445d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\62dbcdd6-4fbf-4fab-91eb-dd876f9f0b82.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7025a2ea-f467-4224-a198-f466e71b17cb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\71096d6e-bd7d-471c-8bf0-2957eec6c77a.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\82189672-6df8-4028-ba62-104a0d096def.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8afdda30-01a8-480d-97a2-53d14c523b72.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldZ (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldad (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldal (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabscr (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State40 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldMP (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesZ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences_T (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences` (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesr/ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\811750ea-83b0-4655-928b-27873ec332ad.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.oldrt
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old.
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old,=
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\de9076dd-6882-4b2a-80e0-408a7aabed2c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldn.
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a09c63e6-810a-4671-8a24-1611c6d4be14.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a21783b1-e8a6-4a54-8b14-13359c60ed40.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a49b4dbf-4f6b-4bb6-9aee-76f963dffe41.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b081fe38-054e-4347-8c9c-54aec169d0c1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bbde9d3f-9106-4efc-8b3c-3949d64a1b60.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c204c979-a927-4b41-8cae-a1aca00923dd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ce567813-cdfd-4e12-bc98-0c01be04bf79.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT2 (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e0c5e2b8-ec68-406e-8546-9727cb140fc3.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e99ccb42-b64c-48a4-8c8b-869c43f97393.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f629f775-a2a2-4049-a757-5e16ca164479.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateZ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Staten (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache. (copy)
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachet (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6136_276377208\Ruleset Data
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\badf7ab4-a5bb-4cc2-bce8-23a014c5bb0c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c487dcb3-b44a-4d49-9b1c-889ed2894ab8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e13507ec-cf2d-46b6-af0c-89ae1f227710.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1221550091\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1221550091\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1221550091\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1221550091\ssl_error_assistant.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1388810708\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1765146992\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1765146992\download_file_types.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1765146992\manifest.fingerprint
|
ASCII text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1765146992\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_301321102\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_301321102\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_301321102\crl-set
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_301321102\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_301321102\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_629647227\Filtering Rules
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_629647227\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_629647227\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_629647227\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_629647227\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\b377729b-ae07-4bdd-9ca8-da85a8e245c3.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\c01a2eac-b2e0-4501-ad1c-b720a382da26.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cbf1f493-ae50-4ed8-b027-19b89850ef94.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cf843f34-37a0-4e11-a92f-8493f0f84ebe.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_1511423530\b377729b-ae07-4bdd-9ca8-da85a8e245c3.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_703469499\cbf1f493-ae50-4ed8-b027-19b89850ef94.tmp
|
Google Chrome extension, version 3
|
dropped
|
There are 282 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\Invoice4334567.htm
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,4139972253200470826,14798658315390979341,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/Invoice4334567.htm
|
|
||
|
https://vrvinfoled.com/zob/index.php
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://outlook.office365.com/owa/prefetch.aspx
|
52.98.208.2
|
||
|
https://play.google.com
|
unknown
|
||
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_r8qeyuqc-ou9fp3gsplqeq2.js
|
152.199.23.37
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.p
|
unknown
|
||
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kb8fbtudybay5t8ts3k87g2.css
|
152.199.23.37
|
||
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/scripts/boot.worldwide.3.mouse.js
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.203.97
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/resources/images/0/sprite1.mouse.png
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_badf853975be13
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1
|
unknown
|
||
|
https://github.com/easylist)
|
unknown
|
||
|
https://creativecommons.org/.
|
unknown
|
||
|
https://hangouts.clients6.google.com
|
unknown
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/scripts/boot.worldwide.0.mouse.js
|
unknown
|
||
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.google.com/cr/report
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
|
152.199.23.37
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
|
152.199.23.37
|
||
|
http://angularjs.org
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
|
152.199.23.37
|
||
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kb8fbtudybay5t8ts3k87
|
unknown
|
||
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
||
|
https://github.com/angular/material
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_r8qeyuqc-o
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.sv
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
|
152.199.23.37
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/scripts/boot.worldwide.2.mouse.jsj
|
unknown
|
||
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico/g
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/resources/styles/0/boot.worldwide.mouse.css.imag
|
unknown
|
||
|
https://www.google.com/tools/feedback
|
unknown
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/scripts/boot.worldwide.1.mouse.js
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90b
|
unknown
|
||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796b
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.203.110
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
|
152.199.23.37
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://hangouts.google.com/
|
unknown
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/resources/styles/0/boot.worldwide.mouse.css
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_4rDcu3CeBBnX_W5sFR0hMw2.js
|
152.199.23.37
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/resources/images/0/sprite1.mouse.css
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/scripts/boot.worldwide.0.mouse.jsz
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://meetings.clients6.google.com
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://outlook.office365.com/owa/prefetch.aspx
|
|||
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
|
152.199.23.37
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_badf853975be13d20e0d.js
|
152.199.23.37
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://feedback.googleusercontent.com
|
unknown
|
||
|
https://r4.res.office365.com/owa/prem/15.20.4930.15/scripts/boot.worldwide.2.mouse.js
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
||
|
https://clients6.google.com
|
unknown
|
There are 77 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cs1100.wpc.omegacdn.net
|
152.199.23.37
|
||
|
accounts.google.com
|
172.217.168.45
|
||
|
clients.l.google.com
|
142.250.203.110
|
||
|
HHN-efz.ms-acdc.office.com
|
52.98.208.2
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
clients2.google.com
|
unknown
|
||
|
r4.res.office365.com
|
unknown
|
||
|
aadcdn.msftauth.net
|
unknown
|
||
|
aadcdn.msauth.net
|
unknown
|
||
|
outlook.office365.com
|
unknown
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
142.250.203.110
|
clients.l.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.3
|
unknown
|
unknown
|
||
|
172.217.168.45
|
accounts.google.com
|
United States
|
||
|
52.98.208.2
|
HHN-efz.ms-acdc.office.com
|
United States
|
||
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
152.199.23.37
|
cs1100.wpc.omegacdn.net
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2140C66F000
|
unkown
|
page read and write
|
||
|
1FC3879F000
|
unkown
|
page read and write
|
||
|
A825C7F000
|
stack
|
page read and write
|
||
|
8488AFF000
|
stack
|
page read and write
|
||
|
26FD1841000
|
unkown
|
page read and write
|
||
|
2172F9C0000
|
heap
|
page read and write
|
||
|
26FD186C000
|
unkown
|
page read and write
|
||
|
27228E90000
|
heap
|
page read and write
|
||
|
2140C613000
|
unkown
|
page read and write
|
||
|
1FC38777000
|
unkown
|
page read and write
|
||
|
1FC38782000
|
unkown
|
page read and write
|
||
|
2439FEA0000
|
heap
|
page read and write
|
||
|
1FC38778000
|
unkown
|
page read and write
|
||
|
27229108000
|
unkown
|
page read and write
|
||
|
2439FED0000
|
heap
|
page read and write
|
||
|
2439FEC6000
|
heap
|
page read and write
|
||
|
C1429F7000
|
stack
|
page read and write
|
||
|
9A3047E000
|
stack
|
page read and write
|
||
|
22C3C7F000
|
stack
|
page read and write
|
||
|
26FD182E000
|
unkown
|
page read and write
|
||
|
41364FF000
|
stack
|
page read and write
|
||
|
11B41FF000
|
stack
|
page read and write
|
||
|
C63350B000
|
stack
|
page read and write
|
||
|
1FC38792000
|
unkown
|
page read and write
|
||
|
2439FEAD000
|
heap
|
page read and write
|
||
|
8488B79000
|
stack
|
page read and write
|
||
|
1C743FB0000
|
heap
|
page read and write
|
||
|
2439FEB6000
|
heap
|
page read and write
|
||
|
1FC38C13000
|
unkown
|
page read and write
|
||
|
C633CFF000
|
stack
|
page read and write
|
||
|
D55807E000
|
stack
|
page read and write
|
||
|
184D8613000
|
unkown
|
page read and write
|
||
|
2439FD30000
|
heap
|
page read and write
|
||
|
8488BFF000
|
stack
|
page read and write
|
||
|
1FC37EA1000
|
unkown
|
page read and write
|
||
|
26FD1842000
|
unkown
|
page read and write
|
||
|
2722903C000
|
unkown
|
page read and write
|
||
|
1FC38602000
|
unkown
|
page read and write
|
||
|
1C744102000
|
unkown
|
page read and write
|
||
|
2439FE70000
|
heap
|
page read and write
|
||
|
1FC38792000
|
unkown
|
page read and write
|
||
|
184D83A0000
|
heap
|
page read and write
|
||
|
2140C600000
|
unkown
|
page read and write
|
||
|
1FC3870D000
|
unkown
|
page read and write
|
||
|
2140C6C3000
|
unkown
|
page read and write
|
||
|
1FC3879F000
|
unkown
|
page read and write
|
||
|
1CFDE14C000
|
heap
|
page read and write
|
||
|
1FC3877D000
|
unkown
|
page read and write
|
||
|
2140C640000
|
unkown
|
page read and write
|
||
|
C1427FE000
|
stack
|
page read and write
|
||
|
C633AFE000
|
stack
|
page read and write
|
||
|
4135FFE000
|
stack
|
page read and write
|
||
|
2140CF00000
|
unkown
|
page read and write
|
||
|
1FC387A4000
|
unkown
|
page read and write
|
||
|
26FD185F000
|
unkown
|
page read and write
|
||
|
C14307B000
|
stack
|
page read and write
|
||
|
A824F9B000
|
stack
|
page read and write
|
||
|
27229061000
|
unkown
|
page read and write
|
||
|
1FC37E4F000
|
unkown
|
page read and write
|
||
|
184D8602000
|
unkown
|
page read and write
|
||
|
26FD186A000
|
unkown
|
page read and write
|
||
|
1C744090000
|
unkown
|
page read and write
|
||
|
1CFDE118000
|
heap
|
page read and write
|
||
|
1FC37E55000
|
unkown
|
page read and write
|
||
|
1FC38782000
|
unkown
|
page read and write
|
||
|
2140C540000
|
heap
|
page read and write
|
||
|
24CB6C58000
|
unkown
|
page read and write
|
||
|
27229802000
|
unkown
|
page read and write
|
||
|
11B3FF7000
|
stack
|
page read and write
|
||
|
24CB6B90000
|
remote allocation
|
page read and write
|
||
|
1FC38717000
|
unkown
|
page read and write
|
||
|
C63358E000
|
stack
|
page read and write
|
||
|
1FC38770000
|
unkown
|
page read and write
|
||
|
1FC38789000
|
unkown
|
page read and write
|
||
|
1FC38792000
|
unkown
|
page read and write
|
||
|
2140C6CC000
|
unkown
|
page read and write
|
||
|
1FC37E82000
|
unkown
|
page read and write
|
||
|
1CFDE100000
|
trusted library allocation
|
page read and write
|
||
|
1CFDE060000
|
heap
|
page read and write
|
||
|
1C744802000
|
unkown
|
page read and write
|
||
|
11B40FC000
|
stack
|
page read and write
|
||
|
A82597C000
|
stack
|
page read and write
|
||
|
184D8713000
|
unkown
|
page read and write
|
||
|
1FC38782000
|
unkown
|
page read and write
|
||
|
1FC37F13000
|
unkown
|
page read and write
|
||
|
26FD1878000
|
unkown
|
page read and write
|
||
|
41363FF000
|
stack
|
page read and write
|
||
|
FD54D7F000
|
stack
|
page read and write
|
||
|
1FC37EA8000
|
unkown
|
page read and write
|
||
|
9A3017E000
|
stack
|
page read and write
|
||
|
2439FEDB000
|
heap
|
page read and write
|
||
|
27229000000
|
unkown
|
page read and write
|
||
|
1FC38758000
|
unkown
|
page read and write
|
||
|
26FD1849000
|
unkown
|
page read and write
|
||
|
1CFDE16B000
|
heap
|
page read and write
|
||
|
2172FBF0000
|
unkown
|
page read and write
|
||
|
1FC37D80000
|
heap
|
page read and write
|
||
|
1FC38782000
|
unkown
|
page read and write
|
||
|
26FD15C0000
|
heap
|
page read and write
|
||
|
1FC3877D000
|
unkown
|
page read and write
|
||
|
184D8C02000
|
unkown
|
page read and write
|
||
|
9A3037E000
|
stack
|
page read and write
|
||
|
1CFDEF70000
|
trusted library allocation
|
page read and write
|
||
|
24CB6B30000
|
heap
|
page read and write
|
||
|
11B3C7E000
|
stack
|
page read and write
|
||
|
2172FA20000
|
heap
|
page read and write
|
||
|
2439FEDE000
|
heap
|
page read and write
|
||
|
1C74404D000
|
unkown
|
page read and write
|
||
|
2439FEDB000
|
heap
|
page read and write
|
||
|
24CB6AD0000
|
heap
|
page read and write
|
||
|
1FC3876D000
|
unkown
|
page read and write
|
||
|
1FC37EF6000
|
unkown
|
page read and write
|
||
|
26FD1813000
|
unkown
|
page read and write
|
||
|
1FC38770000
|
unkown
|
page read and write
|
||
|
26FD1885000
|
unkown
|
page read and write
|
||
|
1FC37EAC000
|
unkown
|
page read and write
|
||
|
41365FF000
|
stack
|
page read and write
|
||
|
2722904C000
|
unkown
|
page read and write
|
||
|
26FD186E000
|
unkown
|
page read and write
|
||
|
2172FC29000
|
unkown
|
page read and write
|
||
|
2439FEAB000
|
heap
|
page read and write
|
||
|
1C744108000
|
unkown
|
page read and write
|
||
|
184D8410000
|
heap
|
page read and write
|
||
|
26FD1897000
|
unkown
|
page read and write
|
||
|
D55787B000
|
stack
|
page read and write
|
||
|
2172FC64000
|
unkown
|
page read and write
|
||
|
26FD1845000
|
unkown
|
page read and write
|
||
|
C142BFA000
|
stack
|
page read and write
|
||
|
1CFDEF40000
|
trusted library allocation
|
page read and write
|
||
|
2140C689000
|
unkown
|
page read and write
|
||
|
1FC37E4A000
|
unkown
|
page read and write
|
||
|
11B3DFF000
|
stack
|
page read and write
|
||
|
26FD1864000
|
unkown
|
page read and write
|
||
|
24CB6B60000
|
unkown
|
page read and write
|
||
|
22C3EF9000
|
stack
|
page read and write
|
||
|
1C74407A000
|
unkown
|
page read and write
|
||
|
2172FC5D000
|
unkown
|
page read and write
|
||
|
26FD1876000
|
unkown
|
page read and write
|
||
|
2439FEDB000
|
heap
|
page read and write
|
||
|
1FC38719000
|
unkown
|
page read and write
|
||
|
26FD1E02000
|
unkown
|
page read and write
|
||
|
26FD1867000
|
unkown
|
page read and write
|
||
|
24CB6C29000
|
unkown
|
page read and write
|
||
|
2140C5B0000
|
heap
|
page read and write
|
||
|
1CFDE16B000
|
heap
|
page read and write
|
||
|
1FC37EDE000
|
unkown
|
page read and write
|
||
|
1FC387AF000
|
unkown
|
page read and write
|
||
|
1FC3877E000
|
unkown
|
page read and write
|
||
|
D557B7C000
|
stack
|
page read and write
|
||
|
1FC37E50000
|
unkown
|
page read and write
|
||
|
2172FC52000
|
unkown
|
page read and write
|
||
|
1CFDE080000
|
heap
|
page read and write
|
||
|
D557DFF000
|
stack
|
page read and write
|
||
|
1FC38782000
|
unkown
|
page read and write
|
||
|
2172FC13000
|
unkown
|
page read and write
|
||
|
C63397B000
|
stack
|
page read and write
|
||
|
1FC3876D000
|
unkown
|
page read and write
|
||
|
1FC37EC4000
|
unkown
|
page read and write
|
||
|
26FD1865000
|
unkown
|
page read and write
|
||
|
26FD1902000
|
unkown
|
page read and write
|
||
|
1CFDDFF0000
|
heap
|
page read and write
|
||
|
1FC385A0000
|
remote allocation
|
page read and write
|
||
|
2439FEDD000
|
heap
|
page read and write
|
||
|
1FC37E3C000
|
unkown
|
page read and write
|
||
|
1FC37F16000
|
unkown
|
page read and write
|
||
|
1CFDECF0000
|
trusted library allocation
|
page read and write
|
||
|
1FC37F08000
|
unkown
|
page read and write
|
||
|
C14237C000
|
stack
|
page read and write
|
||
|
1FC37E29000
|
unkown
|
page read and write
|
||
|
C633DFC000
|
stack
|
page read and write
|
||
|
2140C702000
|
unkown
|
page read and write
|
||
|
C142D7F000
|
stack
|
page read and write
|
||
|
11B3D7B000
|
stack
|
page read and write
|
||
|
2439FED0000
|
heap
|
page read and write
|
||
|
27228F90000
|
unkown
|
page read and write
|
||
|
2172FD13000
|
unkown
|
page read and write
|
||
|
27228E20000
|
heap
|
page read and write
|
||
|
184D8629000
|
unkown
|
page read and write
|
||
|
1FC37F02000
|
unkown
|
page read and write
|
||
|
A825A7E000
|
stack
|
page read and write
|
||
|
1FC38777000
|
unkown
|
page read and write
|
||
|
26FD183A000
|
unkown
|
page read and write
|
||
|
1CFDE16B000
|
heap
|
page read and write
|
||
|
2722902A000
|
unkown
|
page read and write
|
||
|
8488A7E000
|
stack
|
page read and write
|
||
|
41361FF000
|
stack
|
page read and write
|
||
|
26FD184B000
|
unkown
|
page read and write
|
||
|
1FC387D4000
|
unkown
|
page read and write
|
||
|
1C744029000
|
unkown
|
page read and write
|
||
|
1FC37E49000
|
unkown
|
page read and write
|
||
|
1CFDE009000
|
heap
|
page read and write
|
||
|
C14267E000
|
stack
|
page read and write
|
||
|
21730202000
|
unkown
|
page read and write
|
||
|
22C39FB000
|
stack
|
page read and write
|
||
|
4135CFF000
|
stack
|
page read and write
|
||
|
FD5487E000
|
stack
|
page read and write
|
||
|
26FD15D0000
|
heap
|
page read and write
|
||
|
1FC387D3000
|
unkown
|
page read and write
|
||
|
1FC37E58000
|
unkown
|
page read and write
|
||
|
2172FD00000
|
unkown
|
page read and write
|
||
|
184D8678000
|
unkown
|
page read and write
|
||
|
1FC3878E000
|
unkown
|
page read and write
|
||
|
4135BFB000
|
stack
|
page read and write
|
||
|
2140CE02000
|
unkown
|
page read and write
|
||
|
1CFDE005000
|
heap
|
page read and write
|
||
|
9A2FDFE000
|
stack
|
page read and write
|
||
|
A8257FD000
|
stack
|
page read and write
|
||
|
1FC38792000
|
unkown
|
page read and write
|
||
|
1FC38781000
|
unkown
|
page read and write
|
||
|
1FC38C00000
|
unkown
|
page read and write
|
||
|
1CFDEFC0000
|
trusted library allocation
|
page read and write
|
||
|
2140C5E0000
|
unkown
|
page read and write
|
||
|
1FC3877E000
|
unkown
|
page read and write
|
||
|
1FC37E8B000
|
unkown
|
page read and write
|
||
|
26FD1840000
|
unkown
|
page read and write
|
||
|
2439FD35000
|
heap
|
page read and write
|
||
|
26FD185C000
|
unkown
|
page read and write
|
||
|
1FC38793000
|
unkown
|
page read and write
|
||
|
27229079000
|
unkown
|
page read and write
|
||
|
26FD1630000
|
heap
|
page read and write
|
||
|
D557EFD000
|
stack
|
page read and write
|
||
|
26FD1868000
|
unkown
|
page read and write
|
||
|
26FD182A000
|
unkown
|
page read and write
|
||
|
27229061000
|
unkown
|
page read and write
|
||
|
1FC37E4E000
|
unkown
|
page read and write
|
||
|
1C74404A000
|
unkown
|
page read and write
|
||
|
1FC387B6000
|
unkown
|
page read and write
|
||
|
1FC38793000
|
unkown
|
page read and write
|
||
|
24CB6D02000
|
unkown
|
page read and write
|
||
|
1FC37D20000
|
heap
|
page read and write
|
||
|
1C743F40000
|
heap
|
page read and write
|
||
|
11B3EFB000
|
stack
|
page read and write
|
||
|
184D865B000
|
unkown
|
page read and write
|
||
|
24CB6C13000
|
unkown
|
page read and write
|
||
|
1C744070000
|
unkown
|
page read and write
|
||
|
41360FE000
|
stack
|
page read and write
|
||
|
184D8600000
|
unkown
|
page read and write
|
||
|
1FC38789000
|
unkown
|
page read and write
|
||
|
A82557E000
|
stack
|
page read and write
|
||
|
27229013000
|
unkown
|
page read and write
|
||
|
26FD1862000
|
unkown
|
page read and write
|
||
|
11B392C000
|
stack
|
page read and write
|
||
|
84887CE000
|
stack
|
page read and write
|
||
|
9A2FCFB000
|
stack
|
page read and write
|
||
|
1FC3877D000
|
unkown
|
page read and write
|
||
|
26FD1861000
|
unkown
|
page read and write
|
||
|
1C743F50000
|
heap
|
page read and write
|
||
|
2172FD08000
|
unkown
|
page read and write
|
||
|
9A3027E000
|
stack
|
page read and write
|
||
|
184D83B0000
|
heap
|
page read and write
|
||
|
26FD1847000
|
unkown
|
page read and write
|
||
|
1CFDEF60000
|
trusted library allocation
|
page read and write
|
||
|
9A2FD7E000
|
stack
|
page read and write
|
||
|
1CFDE110000
|
heap
|
page read and write
|
||
|
FD54C77000
|
stack
|
page read and write
|
||
|
26FD187E000
|
unkown
|
page read and write
|
||
|
26FD183B000
|
unkown
|
page read and write
|
||
|
1FC38782000
|
unkown
|
page read and write
|
||
|
22C3D79000
|
stack
|
page read and write
|
||
|
1FC37DB0000
|
unkown
|
page read and write
|
||
|
C1423FE000
|
stack
|
page read and write
|
||
|
A82587C000
|
stack
|
page read and write
|
||
|
26FD1860000
|
unkown
|
page read and write
|
||
|
24CB6AC0000
|
heap
|
page read and write
|
||
|
184D863D000
|
unkown
|
page read and write
|
||
|
184D8702000
|
unkown
|
page read and write
|
||
|
1FC37E71000
|
unkown
|
page read and write
|
||
|
2172FC5F000
|
unkown
|
page read and write
|
||
|
1FC3875D000
|
unkown
|
page read and write
|
||
|
D557AFE000
|
stack
|
page read and write
|
||
|
24CB6C00000
|
unkown
|
page read and write
|
||
|
FD54E7F000
|
stack
|
page read and write
|
||
|
2172FC5A000
|
unkown
|
page read and write
|
||
|
1C744113000
|
unkown
|
page read and write
|
||
|
2722906A000
|
unkown
|
page read and write
|
||
|
1FC387AE000
|
unkown
|
page read and write
|
||
|
26FD1875000
|
unkown
|
page read and write
|
||
|
2140C550000
|
heap
|
page read and write
|
||
|
C142AFF000
|
stack
|
page read and write
|
||
|
26FD183D000
|
unkown
|
page read and write
|
||
|
2439FD20000
|
heap
|
page read and write
|
||
|
1FC37E00000
|
unkown
|
page read and write
|
||
|
1FC38C13000
|
unkown
|
page read and write
|
||
|
1FC387B6000
|
unkown
|
page read and write
|
||
|
2140C713000
|
unkown
|
page read and write
|
||
|
1FC38700000
|
unkown
|
page read and write
|
||
|
1FC38782000
|
unkown
|
page read and write
|
||
|
26FD182D000
|
unkown
|
page read and write
|
||
|
24CB6B90000
|
remote allocation
|
page read and write
|
||
|
11B42FF000
|
stack
|
page read and write
|
||
|
184D866A000
|
unkown
|
page read and write
|
||
|
26FD187B000
|
unkown
|
page read and write
|
||
|
1CFDE163000
|
heap
|
page read and write
|
||
|
A82567E000
|
stack
|
page read and write
|
||
|
184D85E0000
|
unkown
|
page read and write
|
||
|
C1428FB000
|
stack
|
page read and write
|
||
|
4135DFC000
|
stack
|
page read and write
|
||
|
1CFDE151000
|
heap
|
page read and write
|
||
|
22C3CFF000
|
stack
|
page read and write
|
||
|
2172FC9B000
|
unkown
|
page read and write
|
||
|
C63387D000
|
stack
|
page read and write
|
||
|
2140C629000
|
unkown
|
page read and write
|
||
|
11B39AE000
|
stack
|
page read and write
|
||
|
1CFDE0A0000
|
trusted library allocation
|
page read and write
|
||
|
FD54B7F000
|
stack
|
page read and write
|
||
|
FD549FC000
|
stack
|
page read and write
|
||
|
26FD187C000
|
unkown
|
page read and write
|
||
|
1FC38C13000
|
unkown
|
page read and write
|
||
|
2439FED0000
|
heap
|
page read and write
|
||
|
1FC37D10000
|
heap
|
page read and write
|
||
|
1C744050000
|
unkown
|
page read and write
|
||
|
2172FC00000
|
unkown
|
page read and write
|
||
|
1FC38717000
|
unkown
|
page read and write
|
||
|
24CB7402000
|
unkown
|
page read and write
|
||
|
41357CB000
|
stack
|
page read and write
|
||
|
1C744000000
|
unkown
|
page read and write
|
||
|
1FC387B3000
|
unkown
|
page read and write
|
||
|
27229053000
|
unkown
|
page read and write
|
||
|
FD54AFB000
|
stack
|
page read and write
|
||
|
1FC387D3000
|
unkown
|
page read and write
|
||
|
1C744100000
|
unkown
|
page read and write
|
||
|
2439FEB1000
|
heap
|
page read and write
|
||
|
1CFDEC90000
|
trusted library allocation
|
page read and write
|
||
|
1CFDE000000
|
heap
|
page read and write
|
||
|
2172F9B0000
|
heap
|
page read and write
|
||
|
26FD1831000
|
unkown
|
page read and write
|
||
|
1FC387A6000
|
unkown
|
page read and write
|
||
|
1FC38C74000
|
unkown
|
page read and write
|
||
|
22C3DFA000
|
stack
|
page read and write
|
||
|
1C74403C000
|
unkown
|
page read and write
|
||
|
FD548FE000
|
stack
|
page read and write
|
||
|
27228E30000
|
heap
|
page read and write
|
||
|
1FC38777000
|
unkown
|
page read and write
|
||
|
1FC3877B000
|
unkown
|
page read and write
|
||
|
22C3F7B000
|
stack
|
page read and write
|
||
|
2439FE50000
|
heap
|
page read and write
|
||
|
2172FC3C000
|
unkown
|
page read and write
|
||
|
26FD1848000
|
unkown
|
page read and write
|
||
|
1FC3876D000
|
unkown
|
page read and write
|
||
|
1FC38719000
|
unkown
|
page read and write
|
||
|
C142F78000
|
stack
|
page read and write
|
||
|
1FC37E53000
|
unkown
|
page read and write
|
||
|
1CFDEF50000
|
heap
|
page readonly
|
||
|
26FD1846000
|
unkown
|
page read and write
|
||
|
C142E78000
|
stack
|
page read and write
|
||
|
A825B7C000
|
stack
|
page read and write
|
||
|
1FC37E4B000
|
unkown
|
page read and write
|
||
|
27229113000
|
unkown
|
page read and write
|
||
|
1FC38723000
|
unkown
|
page read and write
|
||
|
D557C7E000
|
stack
|
page read and write
|
||
|
1FC3877D000
|
unkown
|
page read and write
|
||
|
C633EFF000
|
stack
|
page read and write
|
||
|
26FD1844000
|
unkown
|
page read and write
|
||
|
1FC37E56000
|
unkown
|
page read and write
|
||
|
1FC387D3000
|
unkown
|
page read and write
|
||
|
FD545BB000
|
stack
|
page read and write
|
||
|
1FC37EC8000
|
unkown
|
page read and write
|
||
|
1C744088000
|
unkown
|
page read and write
|
||
|
26FD1800000
|
unkown
|
page read and write
|
||
|
1CFDED00000
|
trusted library allocation
|
page read and write
|
||
|
1FC38785000
|
unkown
|
page read and write
|
||
|
2172FD02000
|
unkown
|
page read and write
|
||
|
2439FEC7000
|
heap
|
page read and write
|
||
|
C633BF7000
|
stack
|
page read and write
|
||
|
26FD1D90000
|
unkown
|
page read and write
|
||
|
C633A7B000
|
stack
|
page read and write
|
||
|
27229102000
|
unkown
|
page read and write
|
||
|
A8253FC000
|
stack
|
page read and write
|
||
|
26FD1863000
|
unkown
|
page read and write
|
||
|
1FC38759000
|
unkown
|
page read and write
|
||
|
1FC3876F000
|
unkown
|
page read and write
|
||
|
1FC37EB4000
|
unkown
|
page read and write
|
||
|
A8256FC000
|
stack
|
page read and write
|
||
|
1FC387D3000
|
unkown
|
page read and write
|
||
|
1FC37EBE000
|
unkown
|
page read and write
|
||
|
24CB6C40000
|
unkown
|
page read and write
|
||
|
27229082000
|
unkown
|
page read and write
|
||
|
1CFDE120000
|
heap
|
page read and write
|
||
|
22C3E7F000
|
stack
|
page read and write
|
||
|
2172FC7F000
|
unkown
|
page read and write
|
||
|
1FC37EE0000
|
unkown
|
page read and write
|
||
|
27229100000
|
unkown
|
page read and write
|
||
|
1FC37E4D000
|
unkown
|
page read and write
|
||
|
C142CF8000
|
stack
|
page read and write
|
||
|
1CFDE2E0000
|
trusted library allocation
|
page read and write
|
||
|
D557D7D000
|
stack
|
page read and write
|
||
|
1FC385A0000
|
remote allocation
|
page read and write
|
||
|
1FC385A0000
|
remote allocation
|
page read and write
|
||
|
2172FC59000
|
unkown
|
page read and write
|
||
|
1C743FE0000
|
unkown
|
page read and write
|
||
|
24CB6B90000
|
remote allocation
|
page read and write
|
||
|
1FC38792000
|
unkown
|
page read and write
|
||
|
41362FE000
|
stack
|
page read and write
|
||
|
1C744013000
|
unkown
|
page read and write
|
||
|
1FC38782000
|
unkown
|
page read and write
|
||
|
1FC37E13000
|
unkown
|
page read and write
|
||
|
2140C6BB000
|
unkown
|
page read and write
|
||
|
848874A000
|
stack
|
page read and write
|
||
|
1C744053000
|
unkown
|
page read and write
|
||
|
24CB6C02000
|
unkown
|
page read and write
|
||
|
8488C7D000
|
stack
|
page read and write
|
There are 391 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/Invoice4334567.htm
|
||
|
https://outlook.office365.com/owa/prefetch.aspx
|