Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\05d8a8e2-4681-4304-95f7-dd3ddc9d524f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4b75347a-1ca5-4f99-a839-442455eb5227.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\51904d78-7904-470d-a584-2ff17794c279.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\560f4fb4-cb9d-4217-9826-18d77e808f44.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\56ea67a1-d403-4472-826c-0164654dd6ac.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7d20dec3-eee7-48e7-af24-09b2437acab0.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\960af746-fe8d-401b-8b8a-6bbafff54057.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5173a041-abc9-496c-9de9-8d9fece84bb7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6c0ee288-2543-4cb2-8708-dbf4266f607c.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\82b7dfda-23a3-47e7-b725-f933c56cc6ef.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9001b829-d207-4cc3-a79a-91b91f8c2fb2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9648ab04-24f1-4b32-8899-d79643600861.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\972260c3-c6f7-4e42-90fc-4342130250f6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9d407e21-b635-4aa6-83dd-8f0faae02273.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9f8fd026-4c5d-49d2-8bb9-aa76b918a01a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old.s (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old. (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old6 (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\CURRENTl
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\MANIFEST-000001
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session6 (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs) (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old01 (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencese (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.. (copy)
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\7e6cfa80-807e-43aa-81da-da0690a1e336\index
|
ISO-8859 text, with no line terminators, with escape sequences
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\7e6cfa80-807e-43aa-81da-da0690a1e336\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldUL (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
StateP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.oldri
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old6
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\fbd8880a-7af6-4d47-9f74-404a31517fc6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\5eef011a-ef80-4190-b459-3b55c7d34d63.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldg
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old..
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f3469627-cdf8-4b49-87a4-91b8da1b0944.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f56538e9-29e0-40c7-9b19-866aebb87cff.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fc6d70e2-139f-468a-8c6d-58059fc38eea.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old\ (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statedg (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Stater3 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache. (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a168411b-692b-44f6-8bef-17b657e6962f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ea12ed0d-653e-4d18-8f9e-4aa59b8186dd.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\24c258cb-5235-41a1-af16-633c330d4abe.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\43e51d1b-70aa-4dea-ba70-81dd53343ae0.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5916_1070667582\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\64054bab-7ebd-4aa5-a490-9e419f7dc69f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8948aa28-1d9e-404e-9621-12e03e91044a.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\8948aa28-1d9e-404e-9621-12e03e91044a.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_1513406282\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\64054bab-7ebd-4aa5-a490-9e419f7dc69f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5916_2013803096\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
There are 250 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://1drv.ms/o/s!BHKIhV1bB5BYgmk0Y3amEiFjpOkm?e=4jMd_F12EUOBJkiyUyiEYw&at=9
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1660,188383026965401033,7131490049536642209,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1780 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://1drv.ms/o/s!BHKIhV1bB5BYgmk0Y3amEiFjpOkm?e=4jMd_F12EUOBJkiyUyiEYw&at=9
|
 |
||
|
https://onedrive.live.com/redir?resid=5890075B5D858872
|
unknown
|
||
|
https://i.gyazo.com/83cffd1ebf23ed93aa925eb9529f5348.png
|
104.19.143.111
|
||
|
https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0
|
unknown
|
||
|
https://magenta-flicker-surprise.glitch.me/freedo.html
|
18.209.2.231
|
||
|
https://code.jquery.com/jquery-3.2.1.slim.min.js
|
unknown
|
||
|
https://magenta-flicker-surprise.glitch.me/
|
unknown
|
||
|
https://magenta-flicker-surprise.glitch.me/css/hover.css
|
18.209.2.231
|
||
|
https://logo.clearbit.com/gmail.comkf
|
unknown
|
||
|
https://p.sfx.ms/is/invis.gif
|
unknown
|
||
|
http://crls.pki.goog/gts1c3/QqFxbi9M48c.crl0
|
unknown
|
||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
||
|
https://shopget24.com/images/sampledata/hack-run.png
|
104.219.248.46
|
||
|
https://onedrive.live.com/
|
unknown
|
||
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
||
|
http://pki.goog/repo/certs/gtsr1.der04
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
|
unknown
|
||
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filescss2-78
|
unknown
|
||
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac2-bf8b3319
|
unknown
|
||
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
||
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
||
|
https://shopget24.com/images/sampledata/hack-run.pngp
|
unknown
|
||
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
|
104.18.11.207
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
||
|
http://shopget24.com/images/sampledata/hack-run.pngD
|
unknown
|
||
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//maincss-3d63
|
unknown
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://onedrive.live.com/view.aspx?resid=5890075B5D858872!361&ithint=onenote&authkey=!AjRjdqYSIWOk6SY
|
|||
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filescss1-11
|
unknown
|
||
|
https://onedrive.live.comh
|
unknown
|
||
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
||
|
https://magenta-flicker-surprise.glitch.me/freedo.html
|
|||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
||
|
https://maxcdn.bootstrapcdn.com/
|
unknown
|
||
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac1-cdc297b4
|
unknown
|
||
|
https://onedrive.live.com/view.aspx?resid=5890075B5D858872
|
unknown
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
http://crl.pki.goog/gtsr1/gtsr1.crl0W
|
unknown
|
||
|
https://spoprod-a.akamaihd.net/files/fabric/assets/icons/fabricmdl2icons.woff
|
unknown
|
||
|
https://pki.goog/repository/0
|
unknown
|
||
|
https://csp.withgoogle.com/csp/hosted-libraries-pushers
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://www.onenote.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://www.onenote.com/
|
unknown
|
||
|
https://1drv.ms/o/s!BHKIhV1bB5BYgmk0Y3amEiFjpOkm?e=4jMd_F12EUOBJkiyUyiEYw&at=9
|
13.107.42.12
|
||
|
https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0GIF89a
|
unknown
|
||
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
||
|
https://logo.clearbit.com/gmail.com
|
65.9.61.53
|
||
|
https://spoprod-a.akamaihd.net
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://feedback.googleusercontent.com
|
unknown
|
||
|
https://clients6.google.com
|
unknown
|
||
|
https://www.onenote.com/officeaddins/learningtools/?et=pxY
|
unknown
|
||
|
http://crl.pki.goog/gsr1/gsr1.crl0;
|
unknown
|
||
|
https://magenta-flicker-surprise.glitch.me/freedo.htmlM
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac_s_office-
|
unknown
|
||
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
|
unknown
|
||
|
http://shopget24.com/images/sampledata/hack-run.png
|
104.219.248.46
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
172.217.168.33
|
||
|
https://www.onenote.com/officeaddins/learningtools/?et=
|
unknown
|
||
|
https://hangouts.clients6.google.com
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.google.com/cr/report
|
unknown
|
||
|
https://1drv.ms/o/s
|
unknown
|
||
|
http://angularjs.org
|
unknown
|
||
|
https://github.com/angular/material
|
unknown
|
||
|
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.773.0927.2003&
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://magenta-flicker-surprise.glitch.me/css/hover.css/
|
unknown
|
||
|
https://p.sfx.ms//storage/aria-2.5.0.min.js
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://onedrive.live.com
|
unknown
|
||
|
https://onedrive.live.com/redir?resid=5890075B5D858872%21361&authkey=%21AjRjdqYSIWOk6SY&page=View&wd=target%28SETTLEMENT%20STATEMENT.one%7C%2FProtrack%20Solutions%20Limited%7C3862be63-9354-4152-aaeb-9aa40f5d9f43%2F%29
|
|||
|
https://code.jquery.com/jquery-3.1.1.min.js
|
unknown
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.203.109
|
||
|
https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-US&wrapperId=suites
|
unknown
|
||
|
https://code.jquery.com/
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://hangouts.google.com/
|
unknown
|
||
|
https://shopget24.com/images/sampledata/hack-run.pngx-turbo-charged-by:
|
unknown
|
||
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/jquery-1.7.2-
|
unknown
|
||
|
http://pki.goog/gsr1/gsr1.crt02
|
unknown
|
||
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filesbucket3
|
unknown
|
||
|
https://onedrive.live.comX-Content-Type-Options:
|
unknown
|
||
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
|
104.18.11.207
|
||
|
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.773.0927.2003&useReq
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
216.58.215.227
|
||
|
accounts.google.com
|
142.250.203.109
|
||
|
i.gyazo.com
|
104.19.143.111
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.11.207
|
||
|
magenta-flicker-surprise.glitch.me
|
18.209.2.231
|
||
|
i-am3p-cor002.api.p001.1drv.com
|
40.90.142.226
|
||
|
1drv.ms
|
13.107.42.12
|
||
|
d26p066pn2w0s0.cloudfront.net
|
65.9.61.53
|
||
|
i-am3p-cor006.api.p001.1drv.com
|
13.104.158.180
|
||
|
cdnjs.cloudflare.com
|
104.16.18.94
|
||
|
clients.l.google.com
|
142.250.203.110
|
||
|
shopget24.com
|
104.219.248.46
|
||
|
googlehosted.l.googleusercontent.com
|
172.217.168.33
|
||
|
onenoteonlinesync.onenote.com
|
unknown
|
||
|
messaging.office.com
|
unknown
|
||
|
c.live.com
|
unknown
|
||
|
ajax.aspnetcdn.com
|
unknown
|
||
|
storage.live.com
|
unknown
|
||
|
skyapi.onedrive.live.com
|
unknown
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
clients2.google.com
|
unknown
|
||
|
code.jquery.com
|
unknown
|
||
|
onedrive.live.com
|
unknown
|
||
|
p.sfx.ms
|
unknown
|
||
|
amcdn.msftauth.net
|
unknown
|
||
|
spoprod-a.akamaihd.net
|
unknown
|
||
|
www.onenote.com
|
unknown
|
||
|
logo.clearbit.com
|
unknown
|
There are 18 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
104.19.143.111
|
i.gyazo.com
|
United States
|
||
|
13.104.158.180
|
i-am3p-cor006.api.p001.1drv.com
|
United States
|
||
|
104.219.248.46
|
shopget24.com
|
United States
|
||
|
104.16.18.94
|
cdnjs.cloudflare.com
|
United States
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
||
|
40.90.142.226
|
i-am3p-cor002.api.p001.1drv.com
|
United States
|
||
|
216.58.215.227
|
gstaticadssl.l.google.com
|
United States
|
||
|
104.18.11.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
|
13.107.42.12
|
1drv.ms
|
United States
|
||
|
18.209.2.231
|
magenta-flicker-surprise.glitch.me
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
172.217.168.33
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
65.9.61.53
|
d26p066pn2w0s0.cloudfront.net
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 5 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 33 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
20E6EBE0000
|
trusted library allocation
|
page read and write
|
||
|
1BF82C71000
|
unkown
|
page read and write
|
||
|
215E717C000
|
unkown
|
page read and write
|
||
|
1BF83F80000
|
trusted library allocation
|
page read and write
|
||
|
1BF8842C000
|
unkown
|
page read and write
|
||
|
1BF83559000
|
unkown
|
page read and write
|
||
|
1BF884C8000
|
unkown
|
page read and write
|
||
|
1D608E02000
|
unkown
|
page read and write
|
||
|
20E6ED30000
|
heap
|
page read and write
|
||
|
1D82FBE0000
|
heap
|
page read and write
|
||
|
1BF88010000
|
trusted library allocation
|
page read and write
|
||
|
1BF8813E000
|
trusted library allocation
|
page read and write
|
||
|
1BF88502000
|
unkown
|
page read and write
|
||
|
20E6FB30000
|
heap
|
page readonly
|
||
|
95223FE000
|
stack
|
page read and write
|
||
|
1BF82CF9000
|
unkown
|
page read and write
|
||
|
1D82FCAC000
|
heap
|
page read and write
|
||
|
1BF82BE0000
|
trusted library section
|
page read and write
|
||
|
2A090108000
|
unkown
|
page read and write
|
||
|
1BF82C76000
|
unkown
|
page read and write
|
||
|
2A159102000
|
unkown
|
page read and write
|
||
|
1D608708000
|
unkown
|
page read and write
|
||
|
6B3CBFE000
|
stack
|
page read and write
|
||
|
215E7180000
|
unkown
|
page read and write
|
||
|
CBFED8F000
|
stack
|
page read and write
|
||
|
1BF88500000
|
unkown
|
page read and write
|
||
|
2A159078000
|
unkown
|
page read and write
|
||
|
20E6FB20000
|
trusted library allocation
|
page read and write
|
||
|
2A159802000
|
unkown
|
page read and write
|
||
|
1AC7E7B000
|
stack
|
page read and write
|
||
|
2A08FE80000
|
heap
|
page read and write
|
||
|
215E71A1000
|
unkown
|
page read and write
|
||
|
195B47E000
|
stack
|
page read and write
|
||
|
215E7191000
|
unkown
|
page read and write
|
||
|
CBFF37F000
|
stack
|
page read and write
|
||
|
1D608627000
|
unkown
|
page read and write
|
||
|
1BF83C10000
|
trusted library section
|
page readonly
|
||
|
1BF88150000
|
trusted library allocation
|
page read and write
|
||
|
1D60868D000
|
unkown
|
page read and write
|
||
|
2A159113000
|
unkown
|
page read and write
|
||
|
2A09003C000
|
unkown
|
page read and write
|
||
|
20E6FB50000
|
trusted library allocation
|
page read and write
|
||
|
1BF88419000
|
unkown
|
page read and write
|
||
|
1D82FE40000
|
heap
|
page read and write
|
||
|
20E6EBD0000
|
heap
|
page read and write
|
||
|
1BF88250000
|
trusted library allocation
|
page read and write
|
||
|
1BF88290000
|
remote allocation
|
page read and write
|
||
|
215E71AA000
|
unkown
|
page read and write
|
||
|
1BF82BD0000
|
unkown
|
page read and write
|
||
|
1AC80FF000
|
stack
|
page read and write
|
||
|
195B0F7000
|
stack
|
page read and write
|
||
|
1D608602000
|
unkown
|
page read and write
|
||
|
20E6F0B0000
|
trusted library allocation
|
page read and write
|
||
|
2A159048000
|
unkown
|
page read and write
|
||
|
2A08FE90000
|
heap
|
page read and write
|
||
|
1BF88514000
|
unkown
|
page read and write
|
||
|
215E7180000
|
unkown
|
page read and write
|
||
|
2A090002000
|
unkown
|
page read and write
|
||
|
2A090070000
|
unkown
|
page read and write
|
||
|
1BF88151000
|
trusted library allocation
|
page read and write
|
||
|
CBFF477000
|
stack
|
page read and write
|
||
|
215E7602000
|
unkown
|
page read and write
|
||
|
1AC7C7E000
|
stack
|
page read and write
|
||
|
1BF83518000
|
unkown
|
page read and write
|
||
|
2A159740000
|
unkown
|
page read and write
|
||
|
1BF83415000
|
unkown
|
page read and write
|
||
|
1D82FC70000
|
heap
|
page read and write
|
||
|
195B5FF000
|
stack
|
page read and write
|
||
|
1D608702000
|
unkown
|
page read and write
|
||
|
2A090029000
|
unkown
|
page read and write
|
||
|
1BF835DB000
|
unkown
|
page read and write
|
||
|
1BF8359A000
|
unkown
|
page read and write
|
||
|
215E7199000
|
unkown
|
page read and write
|
||
|
1D60864F000
|
unkown
|
page read and write
|
||
|
2A159029000
|
unkown
|
page read and write
|
||
|
1BF88513000
|
unkown
|
page read and write
|
||
|
1BF88130000
|
trusted library allocation
|
page read and write
|
||
|
1BF83601000
|
trusted library allocation
|
page read and write
|
||
|
20E6EE00000
|
heap
|
page read and write
|
||
|
1D82FFC0000
|
heap
|
page read and write
|
||
|
2A090100000
|
unkown
|
page read and write
|
||
|
1BF83BE0000
|
trusted library section
|
page readonly
|
||
|
1BF82C89000
|
unkown
|
page read and write
|
||
|
195B7FA000
|
stack
|
page read and write
|
||
|
1BF82C57000
|
unkown
|
page read and write
|
||
|
1D82FC77000
|
heap
|
page read and write
|
||
|
20E6F8E0000
|
trusted library allocation
|
page read and write
|
||
|
1BF82C74000
|
unkown
|
page read and write
|
||
|
1BF88280000
|
trusted library allocation
|
page read and write
|
||
|
215E71D2000
|
unkown
|
page read and write
|
||
|
215E7180000
|
unkown
|
page read and write
|
||
|
2A159070000
|
unkown
|
page read and write
|
||
|
1BF8841E000
|
unkown
|
page read and write
|
||
|
1D82FFC5000
|
heap
|
page read and write
|
||
|
195B97F000
|
stack
|
page read and write
|
||
|
6B3CC7D000
|
stack
|
page read and write
|
||
|
1D82FC96000
|
heap
|
page read and write
|
||
|
1BF8359A000
|
unkown
|
page read and write
|
||
|
2A159000000
|
unkown
|
page read and write
|
||
|
1D608480000
|
heap
|
page read and write
|
||
|
1BF88174000
|
trusted library allocation
|
page read and write
|
||
|
1BF88154000
|
trusted library allocation
|
page read and write
|
||
|
1BF82CB7000
|
unkown
|
page read and write
|
||
|
1BF83900000
|
trusted library allocation
|
page read and write
|
||
|
1BF82C8B000
|
unkown
|
page read and write
|
||
|
20E6EDB7000
|
heap
|
page read and write
|
||
|
215E7199000
|
unkown
|
page read and write
|
||
|
20E6FBA0000
|
trusted library allocation
|
page read and write
|
||
|
1BF82AD0000
|
heap
|
page read and write
|
||
|
215E67E0000
|
remote allocation
|
page read and write
|
||
|
1BF82C90000
|
unkown
|
page read and write
|
||
|
1D608613000
|
unkown
|
page read and write
|
||
|
6B3CB79000
|
stack
|
page read and write
|
||
|
20E6F8D0000
|
trusted library allocation
|
page read and write
|
||
|
1BF82C13000
|
unkown
|
page read and write
|
||
|
1BF82A70000
|
heap
|
page read and write
|
||
|
215E71BD000
|
unkown
|
page read and write
|
||
|
1AC81FE000
|
stack
|
page read and write
|
||
|
1D6085F0000
|
unkown
|
page read and write
|
||
|
2A158F70000
|
heap
|
page read and write
|
||
|
1BF88400000
|
unkown
|
page read and write
|
||
|
F16E0EC000
|
stack
|
page read and write
|
||
|
9522579000
|
stack
|
page read and write
|
||
|
215E7188000
|
unkown
|
page read and write
|
||
|
F16E16F000
|
stack
|
page read and write
|
||
|
1AC7FF7000
|
stack
|
page read and write
|
||
|
2A159088000
|
unkown
|
page read and write
|
||
|
2A08FFF0000
|
unkown
|
page read and write
|
||
|
2A090113000
|
unkown
|
page read and write
|
||
|
195B37A000
|
stack
|
page read and write
|
||
|
1D82FC9E000
|
heap
|
page read and write
|
||
|
215E717C000
|
unkown
|
page read and write
|
||
|
1D608700000
|
unkown
|
page read and write
|
||
|
1BF8845F000
|
unkown
|
page read and write
|
||
|
1BF8843C000
|
unkown
|
page read and write
|
||
|
9521F9B000
|
stack
|
page read and write
|
||
|
F16E1EF000
|
stack
|
page read and write
|
||
|
1BF88620000
|
trusted library allocation
|
page read and write
|
||
|
1BF82A60000
|
heap
|
page read and write
|
||
|
2A090053000
|
unkown
|
page read and write
|
||
|
20E6F040000
|
trusted library allocation
|
page read and write
|
||
|
1D82FCAC000
|
heap
|
page read and write
|
||
|
2A158FE0000
|
heap
|
page read and write
|
||
|
CBFF57F000
|
stack
|
page read and write
|
||
|
2A08FEF0000
|
heap
|
page read and write
|
||
|
CBFF27B000
|
stack
|
page read and write
|
||
|
1BF88200000
|
trusted library allocation
|
page read and write
|
||
|
6B3CA7F000
|
stack
|
page read and write
|
||
|
215E7602000
|
unkown
|
page read and write
|
||
|
1BF83C30000
|
trusted library section
|
page readonly
|
||
|
1BF83A01000
|
trusted library allocation
|
page read and write
|
||
|
195B6FF000
|
stack
|
page read and write
|
||
|
F16E6F7000
|
stack
|
page read and write
|
||
|
20E6EE00000
|
heap
|
page read and write
|
||
|
1BF83559000
|
unkown
|
page read and write
|
||
|
20E6EDB0000
|
heap
|
page read and write
|
||
|
215E7176000
|
unkown
|
page read and write
|
||
|
1AC794C000
|
stack
|
page read and write
|
||
|
20E6F0A0000
|
heap
|
page read and write
|
||
|
195BCFF000
|
stack
|
page read and write
|
||
|
215E7180000
|
unkown
|
page read and write
|
||
|
1BF88210000
|
trusted library allocation
|
page read and write
|
||
|
1BF83F83000
|
trusted library allocation
|
page read and write
|
||
|
2A159047000
|
unkown
|
page read and write
|
||
|
1BF83518000
|
unkown
|
page read and write
|
||
|
1BF88290000
|
trusted library allocation
|
page read and write
|
||
|
215E719B000
|
unkown
|
page read and write
|
||
|
215E67E0000
|
remote allocation
|
page read and write
|
||
|
20E6FB40000
|
trusted library allocation
|
page read and write
|
||
|
195AD4E000
|
stack
|
page read and write
|
||
|
1D60866F000
|
unkown
|
page read and write
|
||
|
1D82FC9E000
|
heap
|
page read and write
|
||
|
2A090000000
|
unkown
|
page read and write
|
||
|
1BF83C20000
|
trusted library section
|
page readonly
|
||
|
20E6EE00000
|
heap
|
page read and write
|
||
|
1BF8851D000
|
unkown
|
page read and write
|
||
|
1D608600000
|
unkown
|
page read and write
|
||
|
2A15907B000
|
unkown
|
page read and write
|
||
|
1D82FC95000
|
heap
|
page read and write
|
||
|
9522479000
|
stack
|
page read and write
|
||
|
215E7199000
|
unkown
|
page read and write
|
||
|
195B27A000
|
stack
|
page read and write
|
||
|
1BF88020000
|
trusted library allocation
|
page read and write
|
||
|
1BF82C86000
|
unkown
|
page read and write
|
||
|
1BF83599000
|
unkown
|
page read and write
|
||
|
1BF83500000
|
unkown
|
page read and write
|
||
|
1D82FC9E000
|
heap
|
page read and write
|
||
|
2A159108000
|
unkown
|
page read and write
|
||
|
2A090802000
|
unkown
|
page read and write
|
||
|
215E7199000
|
unkown
|
page read and write
|
||
|
215E7188000
|
unkown
|
page read and write
|
||
|
195BA7A000
|
stack
|
page read and write
|
||
|
1BF83C00000
|
trusted library section
|
page readonly
|
||
|
215E71BD000
|
unkown
|
page read and write
|
||
|
1BF88280000
|
trusted library allocation
|
page read and write
|
||
|
1BF88131000
|
trusted library allocation
|
page read and write
|
||
|
215E71C7000
|
unkown
|
page read and write
|
||
|
20E6EDF8000
|
heap
|
page read and write
|
||
|
215E67E0000
|
remote allocation
|
page read and write
|
||
|
215E7602000
|
unkown
|
page read and write
|
||
|
1BF83B00000
|
trusted library allocation
|
page read and write
|
||
|
215E7183000
|
unkown
|
page read and write
|
||
|
1D608629000
|
unkown
|
page read and write
|
||
|
215E71AE000
|
unkown
|
page read and write
|
||
|
1BF8850A000
|
unkown
|
page read and write
|
||
|
1BF83F90000
|
trusted library allocation
|
page read and write
|
||
|
1BF88491000
|
unkown
|
page read and write
|
||
|
1AC79CE000
|
stack
|
page read and write
|
||
|
215E7174000
|
unkown
|
page read and write
|
||
|
2A09004C000
|
unkown
|
page read and write
|
||
|
1BF884F8000
|
unkown
|
page read and write
|
||
|
1BF88380000
|
trusted library allocation
|
page read and write
|
||
|
1BF82C3D000
|
unkown
|
page read and write
|
||
|
F16E5FB000
|
stack
|
page read and write
|
||
|
1BF88449000
|
unkown
|
page read and write
|
||
|
2A15904E000
|
unkown
|
page read and write
|
||
|
CBFF07F000
|
stack
|
page read and write
|
||
|
215E71A2000
|
unkown
|
page read and write
|
||
|
1BF88160000
|
trusted library allocation
|
page read and write
|
||
|
215E71AC000
|
unkown
|
page read and write
|
||
|
1D608713000
|
unkown
|
page read and write
|
||
|
1BF83599000
|
unkown
|
page read and write
|
||
|
1BF88130000
|
trusted library allocation
|
page read and write
|
||
|
1BF8851A000
|
unkown
|
page read and write
|
||
|
1D82FCAD000
|
heap
|
page read and write
|
||
|
6B3CAFE000
|
stack
|
page read and write
|
||
|
195B8FF000
|
stack
|
page read and write
|
||
|
2A090013000
|
unkown
|
page read and write
|
||
|
2A09004D000
|
unkown
|
page read and write
|
||
|
CBFED0C000
|
stack
|
page read and write
|
||
|
2A090049000
|
unkown
|
page read and write
|
||
|
195B57B000
|
stack
|
page read and write
|
||
|
1D60863C000
|
unkown
|
page read and write
|
||
|
1BF82C29000
|
unkown
|
page read and write
|
||
|
215E7176000
|
unkown
|
page read and write
|
||
|
1BF82C6C000
|
unkown
|
page read and write
|
||
|
1BF884B7000
|
unkown
|
page read and write
|
||
|
1D82FC40000
|
heap
|
page read and write
|
||
|
F16E8FF000
|
stack
|
page read and write
|
||
|
1D6084F0000
|
heap
|
page read and write
|
||
|
1AC7D7C000
|
stack
|
page read and write
|
||
|
1BF83559000
|
unkown
|
page read and write
|
||
|
2A158F80000
|
heap
|
page read and write
|
||
|
2A090050000
|
unkown
|
page read and write
|
||
|
1D82FC87000
|
heap
|
page read and write
|
||
|
215E717A000
|
unkown
|
page read and write
|
||
|
195ACCB000
|
stack
|
page read and write
|
||
|
195B67E000
|
stack
|
page read and write
|
||
|
1BF884AA000
|
unkown
|
page read and write
|
||
|
1BF82CAC000
|
unkown
|
page read and write
|
||
|
1BF83402000
|
unkown
|
page read and write
|
||
|
2A15904B000
|
unkown
|
page read and write
|
||
|
195B87F000
|
stack
|
page read and write
|
||
|
1BF87FB0000
|
trusted library allocation
|
page read and write
|
||
|
1BF87F90000
|
trusted library allocation
|
page read and write
|
||
|
1BF88200000
|
trusted library allocation
|
page read and write
|
||
|
1D82FCAC000
|
heap
|
page read and write
|
||
|
1BF88270000
|
trusted library allocation
|
page read and write
|
||
|
215E71D2000
|
unkown
|
page read and write
|
||
|
20E6EDA0000
|
trusted library allocation
|
page read and write
|
||
|
215E71B2000
|
unkown
|
page read and write
|
||
|
2A159051000
|
unkown
|
page read and write
|
||
|
2A15903C000
|
unkown
|
page read and write
|
||
|
6B3C79F000
|
stack
|
page read and write
|
||
|
215E7180000
|
unkown
|
page read and write
|
||
|
1BF882A0000
|
trusted library allocation
|
page read and write
|
||
|
1BF82C00000
|
unkown
|
page read and write
|
||
|
1BF88134000
|
trusted library allocation
|
page read and write
|
||
|
1BF82D13000
|
unkown
|
page read and write
|
||
|
20E6F0A5000
|
heap
|
page read and write
|
||
|
6B3C71A000
|
stack
|
page read and write
|
||
|
215E7188000
|
unkown
|
page read and write
|
||
|
1BF88290000
|
remote allocation
|
page read and write
|
||
|
215E71A2000
|
unkown
|
page read and write
|
||
|
215E71CF000
|
unkown
|
page read and write
|
||
|
2A15908C000
|
unkown
|
page read and write
|
||
|
1D608655000
|
unkown
|
page read and write
|
||
|
1BF88260000
|
trusted library allocation
|
page read and write
|
||
|
1BF83400000
|
unkown
|
page read and write
|
||
|
1BF88170000
|
trusted library allocation
|
page read and write
|
||
|
215E719B000
|
unkown
|
page read and write
|
||
|
1AC7EFE000
|
stack
|
page read and write
|
||
|
F16E4FB000
|
stack
|
page read and write
|
||
|
CBFF17B000
|
stack
|
page read and write
|
||
|
2A159100000
|
unkown
|
page read and write
|
||
|
215E7174000
|
unkown
|
page read and write
|
||
|
20E6F0A9000
|
heap
|
page read and write
|
||
|
2A090102000
|
unkown
|
page read and write
|
||
|
1D82FC7B000
|
heap
|
page read and write
|
||
|
215E7188000
|
unkown
|
page read and write
|
||
|
215E719D000
|
unkown
|
page read and write
|
||
|
2A15907E000
|
unkown
|
page read and write
|
||
|
215E71D0000
|
unkown
|
page read and write
|
||
|
1D608490000
|
heap
|
page read and write
|
||
|
215E71A1000
|
unkown
|
page read and write
|
||
|
1BF884F2000
|
unkown
|
page read and write
|
||
|
1BF88240000
|
trusted library allocation
|
page read and write
|
||
|
1D82FC82000
|
heap
|
page read and write
|
||
|
95224FE000
|
stack
|
page read and write
|
||
|
1BF82C9B000
|
unkown
|
page read and write
|
||
|
215E7192000
|
unkown
|
page read and write
|
||
|
2A09008A000
|
unkown
|
page read and write
|
||
|
1BF83513000
|
unkown
|
page read and write
|
||
|
215E71AC000
|
unkown
|
page read and write
|
||
|
2A159054000
|
unkown
|
page read and write
|
||
|
1BF88516000
|
unkown
|
page read and write
|
||
|
1BF88160000
|
trusted library allocation
|
page read and write
|
||
|
1BF88290000
|
remote allocation
|
page read and write
|
||
|
215E7602000
|
unkown
|
page read and write
|
||
|
1BF88138000
|
trusted library allocation
|
page read and write
|
||
|
2A09007C000
|
unkown
|
page read and write
|
||
|
215E719C000
|
unkown
|
page read and write
|
||
|
2A159013000
|
unkown
|
page read and write
|
||
|
F16E7FE000
|
stack
|
page read and write
|
||
|
215E7191000
|
unkown
|
page read and write
|
||
|
215E71B2000
|
unkown
|
page read and write
|
||
|
215E7180000
|
unkown
|
page read and write
|
||
|
215E68A5000
|
unkown
|
page read and write
|
||
|
1BF83BF0000
|
trusted library section
|
page readonly
|
||
|
1BF82D25000
|
unkown
|
page read and write
|
||
|
215E71BC000
|
unkown
|
page read and write
|
||
|
215E719B000
|
unkown
|
page read and write
|
||
|
20E6ED10000
|
heap
|
page read and write
|
||
|
1BF83559000
|
unkown
|
page read and write
|
||
|
1BF82D02000
|
unkown
|
page read and write
|
||
|
215E7188000
|
unkown
|
page read and write
|
||
|
20E6EE1E000
|
heap
|
page read and write
|
||
|
1BF87FA0000
|
trusted library allocation
|
page read and write
|
There are 318 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://magenta-flicker-surprise.glitch.me/freedo.html
|
|
|
|
https://onedrive.live.com/view.aspx?resid=5890075B5D858872!361&ithint=onenote&authkey=!AjRjdqYSIWOk6SY
|
||
|
https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=h7R3p7Jmb0qNr90cvx5K1Q.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2F5890075B5D858872!361&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643419465515&jsapi=1&jsapiver=v1&newsession=1&corrid=b3662fcd-8cee-4569-8ac4-418999ff31bc&usid=b3662fcd-8cee-4569-8ac4-418999ff31bc&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
|
||
|
https://onedrive.live.com/redir?resid=5890075B5D858872%21361&authkey=%21AjRjdqYSIWOk6SY&page=View&wd=target%28SETTLEMENT%20STATEMENT.one%7C%2FProtrack%20Solutions%20Limited%7C3862be63-9354-4152-aaeb-9aa40f5d9f43%2F%29
|