Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\03cfdb4f-fe87-4704-99fe-c9c8bed841c0.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\09f1c4b7-ea4c-4afb-b505-5214a7977e7c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\32049904-d08f-4947-ad74-03f6d547cb69.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3b790757-ec24-40a6-9fe9-476644b6b9e1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\42ccb01f-8580-4af7-8e87-be70284962d6.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\5ab73026-81ff-41ff-972a-eb6884b28c25.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\84095c43-6093-4d6c-8f69-d9cd65d2767d.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\857ce521-37e9-4031-a7df-ca3676d239ab.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8a709d33-3596-4a4b-865a-2e00ababf7bd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\21b52cd0-0433-4bb9-a8fa-1fed69ed1e2b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\30c9fe40-abe6-4c82-8c6d-3770763902d4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4655ca98-9275-4830-80c6-26ce0edff5db.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\530f5018-9528-4e46-9bf7-15351c5efcdc.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\71f9d21f-ec30-4909-b1fd-5ac59b27f1b2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7d3c6b61-3892-455c-b2fa-f54ea9f349a8.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9a4391fe-bfd4-4674-8a34-c985d2065103.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old$. (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State: (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences.< (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences+. (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesip (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\2467bfdb-89fc-462a-a05b-2551b7de41bf.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\dade1b85-4c1e-45a1-ab79-234c62d8d0cb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\01009a9a-1b6c-4d8b-ad92-a3b344978a9b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldx
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a2df97a7-c6f8-4bf1-8ed6-2943cb552a67.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b79cb624-ec8b-41cb-a2a5-6ad28f7758b3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b7e6d7bc-426c-4e4d-a790-a97978916c9a.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c508a796-dec4-4b66-a76e-cbbf2c4f559d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\daebfeae-f28a-4aeb-bb70-13cc3c01deff.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dee17684-4943-463e-b777-844e2b9bc37d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f03086ac-a57a-4bb9-892f-3c45580b256f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f288d9ba-4b9c-445d-9d9c-76fdbaa689f3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateBU (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheMP (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Caches (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5956_435296513\Ruleset Data
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a2d71031-c218-481d-81f3-9196f7028ea5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a486798b-310c-433f-9374-6440cbeb5686.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b0ada342-eac8-41a8-aad3-71add2a67656.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b635df35-88e3-4fc0-b959-09698f7c6707.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b9a53cf1-4a9b-4ab7-98e0-75c8685a2b17.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3a08c59a-96e8-4bd1-b41e-7af76c186326.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1134515406\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1134515406\download_file_types.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1134515406\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1134515406\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1292928990\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1292928990\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1292928990\crl-set
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1292928990\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1292928990\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1575507340\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1878119372\Filtering Rules
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1878119372\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1878119372\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1878119372\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956_1878119372\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\deca4f28-d0eb-4fe5-96f9-f0a04d3d82d5.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\e84ebd67-ec9e-4906-a858-71af0838f38c.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\fe765b68-bed9-4c29-9dcf-6c46825bf66e.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2023669032\fe765b68-bed9-4c29-9dcf-6c46825bf66e.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5956_2127595659\deca4f28-d0eb-4fe5-96f9-f0a04d3d82d5.tmp
|
Google Chrome extension, version 3
|
dropped
|
There are 216 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://phisher.knowbe4.com/inbox/?keywords=urls%3A%22https%3A%2F%2Fwww.canva.com%2Fdesign%2FDAE2v7jrAx0%2FxbFDaPbUsdgv68II2DfGFg%2Fview%3Futm_content%3DDAE2v7jrAx0%26utm_campaign%3Ddesignshare%26utm_medium%3Dlink%26utm_source%3Dsharebutton%22
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1508,9312042128708575229,11056298167647340253,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1912 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://phisher.knowbe4.com/inbox/?keywords=urls%3A%22https%3A%2F%2Fwww.canva.com%2Fdesign%2FDAE2v7jrAx0%2FxbFDaPbUsdgv68II2DfGFg%2Fview%3Futm_content%3DDAE2v7jrAx0%26utm_campaign%3Ddesignshare%26utm_medium%3Dlink%26utm_source%3Dsharebutton%22
|
|||
|
https://stats.g.doubleclick.net
|
unknown
|
||
|
https://cdn.pendo.io/agent/static/365392a9-6608-44ef-443b-572eef771b95/pendo.js
|
99.86.3.118
|
||
|
https://support.knowbe4.com/hc/en-us/articles/360000913668-KMSAT-Tutorial-Videos
|
|||
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html#id=0bdr1w67vkk&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0h55s9htlfkd&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0aj6ttwwwfnf&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=13xtaxwewx3c&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://www.google.com
|
unknown
|
||
|
https://training.knowbe4.com/ui/login
|
|||
|
https://phisher.knowbe4.com/css/inbox~phishrip~postactions~rules~settings.1d2b91f5.css
|
99.86.3.99
|
||
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html#id=166jfcmfpm0h&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://support.knowbe4.com/hc/en-us/articles/4404511190803-How-to-Use-Advanced-Delivery-Policies-in-Microsoft-365
|
|||
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=1yg98juuglc&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
||
|
https://phisher.knowbe4.com/css/dashboard~phishrip~reports.ae16272d.css
|
99.86.3.99
|
||
|
https://www.google.com/tools/feedback
|
unknown
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://training.knowbe4.com/ui/login?per_redirect=%2F
|
|||
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
||
|
https://www.google.ae
|
unknown
|
||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
216.58.215.238
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://phisher.knowbe4.com/css/inbox~phishrip.0099aa26.css
|
99.86.3.99
|
||
|
https://phisher.knowbe4.com/css/404.75e7179d.css
|
99.86.3.99
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://training.knowbe4.com/ui/login?per_redirect=/2
|
unknown
|
||
|
https://support.knowbe4.com/hc/en-us/categories/200056750-KCM-GRC
|
|||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=1ssd4c1mxbts&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://api.phisher.knowbe4.com/v1/auth/authenticate
|
99.86.3.79
|
||
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0hckhdvdj19&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://phisher.knowbe4.com/css/dashboard.e33453d3.css
|
99.86.3.99
|
||
|
https://training.knowbe4.com/ui/login?per_redirect=/
|
|||
|
https://phisher.knowbe4.com/js/chunk-vendors.9c8c3628.js
|
99.86.3.99
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0x5dzwxn1jz&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://www.google.com/
|
unknown
|
||
|
https://feedback.googleusercontent.com
|
unknown
|
||
|
https://clients6.google.com
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://support.knowbe4.com/hc/en-us/articles/115009454228-Security-Awareness-Training-Platform-KMSAT-Change-Log
|
|||
|
https://support.knowbe4.com/hc/en-us/articles/360015575313-Video-KMSAT-Quarterly-Product-Update-December-2021-
|
|||
|
https://play.google.com
|
unknown
|
||
|
https://phisher.knowbe4.com/2
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0e2ubmyp5qe&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://support.knowbe4.com/hc/en-us
|
|||
|
https://support.knowbe4.com/hc/en-us/categories/200218607-Free-Tools
|
|||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0bdr1w67vkk&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://support.knowbe4.com/hc/en-us/articles/206523288-Quickstart-Implementation-Guide
|
|||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://support.knowbe4.com/hc/en-us/categories/200060614-KMSAT
|
|||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html#id=1ssd4c1mxbts&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://github.com/easylist)
|
unknown
|
||
|
https://phisher.knowbe4.com/css/inbox.fa28ff88.css
|
99.86.3.99
|
||
|
https://creativecommons.org/.
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0kp03ftn5fm&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://hangouts.clients6.google.com
|
unknown
|
||
|
https://phisher.knowbe4.com/css/postactions.c7ba2eda.css
|
99.86.3.99
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.google.com/cr/report
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=09d3l6hlcfvd&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
http://angularjs.org
|
unknown
|
||
|
https://phisher.knowbe4.com/
|
|||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=155xyqqrc35v&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://github.com/angular/material
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://phisher.knowbe4.com/css/reports.d44a3b19.css
|
99.86.3.99
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html#id=0hckhdvdj19&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://phisher.knowbe4.com/inbox/?keywords=urls%3A%22https%3A%2F%2Fwww.canva.com%2Fdesign%2FDAE2v7j
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://support.knowbe4.com/hc/en-us/community/topics
|
|||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.203.109
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://hangouts.google.com/
|
unknown
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=1drnfnl4v3&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
|||
|
https://phisher.knowbe4.com/css/chunk-vendors.f45e3d56.css
|
99.86.3.99
|
||
|
https://support.knowbe4.com/hc/en-us/requests/new
|
|||
|
https://phisher.knowbe4.com/css/inbox~phishrip~postactions.1386de4b.css
|
99.86.3.99
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://phisher.knowbe4.com/js/app.ead6c261.js
|
99.86.3.99
|
||
|
https://meetings.clients6.google.com
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
216.58.215.227
|
||
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
knowbe4.zendesk.com
|
104.16.51.111
|
||
|
accounts.google.com
|
142.250.203.109
|
||
|
www-google-analytics.l.google.com
|
142.250.203.110
|
||
|
stats.l.doubleclick.net
|
108.177.127.154
|
||
|
api-js.mixpanel.com
|
35.190.25.25
|
||
|
phisher.knowbe4.com
|
99.86.3.99
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
||
|
training.knowbe4.com
|
143.204.215.124
|
||
|
theme.zdassets.com
|
104.18.72.113
|
||
|
p19.zdassets.com
|
104.18.70.113
|
||
|
static.zdassets.com
|
104.18.70.113
|
||
|
hcaptcha.com
|
104.16.168.131
|
||
|
cdnjs.cloudflare.com
|
104.16.18.94
|
||
|
www.google.com
|
142.250.203.100
|
||
|
d18dtii85prvml.cloudfront.net
|
99.86.3.118
|
||
|
clients.l.google.com
|
216.58.215.238
|
||
|
newassets.hcaptcha.com
|
104.16.169.131
|
||
|
googlehosted.l.googleusercontent.com
|
172.217.168.33
|
||
|
www.google.ae
|
142.250.203.99
|
||
|
api.phisher.knowbe4.com
|
99.86.3.79
|
||
|
cdn.jsdelivr.net
|
unknown
|
||
|
support.knowbe4.com
|
unknown
|
||
|
stats.g.doubleclick.net
|
unknown
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
clients2.google.com
|
unknown
|
||
|
cdn.pendo.io
|
unknown
|
There are 18 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
|
216.58.215.238
|
clients.l.google.com
|
United States
|
||
|
143.204.215.124
|
training.knowbe4.com
|
United States
|
||
|
104.16.51.111
|
knowbe4.zendesk.com
|
United States
|
||
|
143.204.215.30
|
unknown
|
United States
|
||
|
104.18.72.113
|
theme.zdassets.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
104.16.18.94
|
cdnjs.cloudflare.com
|
United States
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
||
|
108.177.127.154
|
stats.l.doubleclick.net
|
United States
|
||
|
216.58.215.227
|
gstaticadssl.l.google.com
|
United States
|
||
|
142.250.203.100
|
www.google.com
|
United States
|
||
|
104.16.53.111
|
unknown
|
United States
|
||
|
104.16.168.131
|
hcaptcha.com
|
United States
|
||
|
99.86.3.79
|
api.phisher.knowbe4.com
|
United States
|
||
|
99.86.3.99
|
phisher.knowbe4.com
|
United States
|
||
|
35.190.25.25
|
api-js.mixpanel.com
|
United States
|
||
|
104.16.169.131
|
newassets.hcaptcha.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
104.18.70.113
|
p19.zdassets.com
|
United States
|
||
|
172.217.168.33
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
99.86.3.118
|
d18dtii85prvml.cloudfront.net
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 14 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Speech\Voices
|
DefaultTokenId
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
FBC3CFF000
|
stack
|
page read and write
|
||
|
1CF34DF0000
|
unkown
|
page read and write
|
||
|
1DB1D002000
|
unkown
|
page read and write
|
||
|
CD88377000
|
stack
|
page read and write
|
||
|
FBC377E000
|
stack
|
page read and write
|
||
|
1CF34C80000
|
heap
|
page read and write
|
||
|
24565800000
|
unkown
|
page read and write
|
||
|
1CF34E31000
|
unkown
|
page read and write
|
||
|
25791A5D000
|
unkown
|
page read and write
|
||
|
2D428002000
|
unkown
|
page read and write
|
||
|
FBC3DFF000
|
stack
|
page read and write
|
||
|
1CF34CF0000
|
heap
|
page read and write
|
||
|
1DB1CFC0000
|
unkown
|
page read and write
|
||
|
1CF34E5C000
|
unkown
|
page read and write
|
||
|
24565853000
|
unkown
|
page read and write
|
||
|
2D427A66000
|
unkown
|
page read and write
|
||
|
2D4277B0000
|
heap
|
page read and write
|
||
|
24565908000
|
unkown
|
page read and write
|
||
|
1DB1D06F000
|
unkown
|
page read and write
|
||
|
1DB1D100000
|
unkown
|
page read and write
|
||
|
24565864000
|
unkown
|
page read and write
|
||
|
510967B000
|
stack
|
page read and write
|
||
|
1CF34C90000
|
heap
|
page read and write
|
||
|
1CF34E67000
|
unkown
|
page read and write
|
||
|
1DB1D03C000
|
unkown
|
page read and write
|
||
|
1CF34E41000
|
unkown
|
page read and write
|
||
|
7E8FD7E000
|
stack
|
page read and write
|
||
|
294386E0000
|
trusted library allocation
|
page read and write
|
||
|
24566002000
|
unkown
|
page read and write
|
||
|
8F46C7C000
|
stack
|
page read and write
|
||
|
CD8827B000
|
stack
|
page read and write
|
||
|
1DB1CF20000
|
heap
|
page read and write
|
||
|
2456583C000
|
unkown
|
page read and write
|
||
|
CD8857F000
|
stack
|
page read and write
|
||
|
8F472FE000
|
stack
|
page read and write
|
||
|
7E8FA7E000
|
stack
|
page read and write
|
||
|
24565829000
|
unkown
|
page read and write
|
||
|
1DB1D013000
|
unkown
|
page read and write
|
||
|
1CF34E72000
|
unkown
|
page read and write
|
||
|
1CF34E6B000
|
unkown
|
page read and write
|
||
|
CD8807E000
|
stack
|
page read and write
|
||
|
25791A3C000
|
unkown
|
page read and write
|
||
|
1CF34E63000
|
unkown
|
page read and write
|
||
|
25791A56000
|
unkown
|
page read and write
|
||
|
24565640000
|
heap
|
page read and write
|
||
|
CD87D0B000
|
stack
|
page read and write
|
||
|
8F471FE000
|
stack
|
page read and write
|
||
|
1CF35602000
|
unkown
|
page read and write
|
||
|
2D4279E0000
|
unkown
|
page read and write
|
||
|
2D427B00000
|
unkown
|
page read and write
|
||
|
25791A59000
|
unkown
|
page read and write
|
||
|
25791B00000
|
unkown
|
page read and write
|
||
|
1CF34E40000
|
unkown
|
page read and write
|
||
|
29438746000
|
heap
|
page read and write
|
||
|
1DB1D08C000
|
unkown
|
page read and write
|
||
|
1CE001C0000
|
remote allocation
|
page read and write
|
||
|
2D427A3C000
|
unkown
|
page read and write
|
||
|
264BF077000
|
unkown
|
page read and write
|
||
|
1CF34E7B000
|
unkown
|
page read and write
|
||
|
24565881000
|
unkown
|
page read and write
|
||
|
7E8FF7E000
|
stack
|
page read and write
|
||
|
1DB1D029000
|
unkown
|
page read and write
|
||
|
25791A13000
|
unkown
|
page read and write
|
||
|
51094FE000
|
stack
|
page read and write
|
||
|
2D427A66000
|
unkown
|
page read and write
|
||
|
2D427A55000
|
unkown
|
page read and write
|
||
|
1CF34E4D000
|
unkown
|
page read and write
|
||
|
24565889000
|
unkown
|
page read and write
|
||
|
1CF34E7D000
|
unkown
|
page read and write
|
||
|
1DB1D04F000
|
unkown
|
page read and write
|
||
|
8F46D7E000
|
stack
|
page read and write
|
||
|
1CF34E69000
|
unkown
|
page read and write
|
||
|
2D427810000
|
heap
|
page read and write
|
||
|
2D427B13000
|
unkown
|
page read and write
|
||
|
FBC397B000
|
stack
|
page read and write
|
||
|
25791960000
|
heap
|
page read and write
|
||
|
1DB1CF30000
|
heap
|
page read and write
|
||
|
1CF34F02000
|
unkown
|
page read and write
|
||
|
510997E000
|
stack
|
page read and write
|
||
|
1DB1D07D000
|
unkown
|
page read and write
|
||
|
25791B02000
|
unkown
|
page read and write
|
||
|
1CF34E00000
|
unkown
|
page read and write
|
||
|
1CF34E64000
|
unkown
|
page read and write
|
||
|
24565900000
|
unkown
|
page read and write
|
||
|
FBC36FE000
|
stack
|
page read and write
|
||
|
1DB1D000000
|
unkown
|
page read and write
|
||
|
1DB1D102000
|
unkown
|
page read and write
|
||
|
2D427A00000
|
unkown
|
page read and write
|
||
|
2D427A87000
|
unkown
|
page read and write
|
||
|
1CF34E3A000
|
unkown
|
page read and write
|
||
|
245657B0000
|
unkown
|
page read and write
|
||
|
8F46F7B000
|
stack
|
page read and write
|
||
|
2D427A4E000
|
unkown
|
page read and write
|
||
|
245656B0000
|
heap
|
page read and write
|
||
|
294394D0000
|
trusted library allocation
|
page read and write
|
||
|
7E8FC7E000
|
stack
|
page read and write
|
||
|
CD87D8E000
|
stack
|
page read and write
|
||
|
25791A00000
|
unkown
|
page read and write
|
||
|
7E8F7FB000
|
stack
|
page read and write
|
||
|
FBC39FE000
|
stack
|
page read and write
|
||
|
510947B000
|
stack
|
page read and write
|
||
|
2D427A7D000
|
unkown
|
page read and write
|
||
|
25791A64000
|
unkown
|
page read and write
|
||
|
1CF34E7E000
|
unkown
|
page read and write
|
||
|
25791A79000
|
unkown
|
page read and write
|
||
|
1DB1D113000
|
unkown
|
page read and write
|
||
|
25792202000
|
unkown
|
page read and write
|
||
|
510977B000
|
stack
|
page read and write
|
||
|
257919D0000
|
heap
|
page read and write
|
||
|
1CF34E75000
|
unkown
|
page read and write
|
||
|
FBC3BFF000
|
stack
|
page read and write
|
||
|
1CF34E26000
|
unkown
|
page read and write
|
||
|
5109877000
|
stack
|
page read and write
|
||
|
1CF34E6D000
|
unkown
|
page read and write
|
||
|
7E8FE7E000
|
stack
|
page read and write
|
||
|
2D427B08000
|
unkown
|
page read and write
|
||
|
25791B13000
|
unkown
|
page read and write
|
||
|
2943874E000
|
heap
|
page read and write
|
||
|
24565650000
|
heap
|
page read and write
|
||
|
2D427A6C000
|
unkown
|
page read and write
|
||
|
1CE001C0000
|
remote allocation
|
page read and write
|
||
|
2D427A13000
|
unkown
|
page read and write
|
||
|
FBC3AF7000
|
stack
|
page read and write
|
||
|
1CF34E6A000
|
unkown
|
page read and write
|
||
|
25791B08000
|
unkown
|
page read and write
|
||
|
25791A83000
|
unkown
|
page read and write
|
||
|
8F46FFF000
|
stack
|
page read and write
|
||
|
8F470F7000
|
stack
|
page read and write
|
||
|
25791970000
|
heap
|
page read and write
|
||
|
1CF34E57000
|
unkown
|
page read and write
|
||
|
1CE001C0000
|
remote allocation
|
page read and write
|
||
|
1DB1D802000
|
unkown
|
page read and write
|
||
|
1CF34E7C000
|
unkown
|
page read and write
|
||
|
1DB1D08A000
|
unkown
|
page read and write
|
||
|
2456584B000
|
unkown
|
page read and write
|
||
|
24565892000
|
unkown
|
page read and write
|
||
|
24565848000
|
unkown
|
page read and write
|
||
|
FBC367C000
|
stack
|
page read and write
|
||
|
2D4277A0000
|
heap
|
page read and write
|
||
|
1DB1CF90000
|
heap
|
page read and write
|
||
|
1DB1D108000
|
unkown
|
page read and write
|
||
|
2D427B02000
|
unkown
|
page read and write
|
||
|
24565902000
|
unkown
|
page read and write
|
||
|
510957E000
|
stack
|
page read and write
|
||
|
25791A5F000
|
unkown
|
page read and write
|
||
|
1CF34E77000
|
unkown
|
page read and write
|
||
|
CD8847E000
|
stack
|
page read and write
|
||
|
24565813000
|
unkown
|
page read and write
|
||
|
24565913000
|
unkown
|
page read and write
|
||
|
1CF34E84000
|
unkown
|
page read and write
|
||
|
8F46E7B000
|
stack
|
page read and write
|
||
|
1CF34E3D000
|
unkown
|
page read and write
|
||
|
8F46CFE000
|
stack
|
page read and write
|
||
|
2456584E000
|
unkown
|
page read and write
|
||
|
2943874D000
|
heap
|
page read and write
|
||
|
1CF34E5F000
|
unkown
|
page read and write
|
||
|
1DB1D055000
|
unkown
|
page read and write
|
||
|
1CF34E13000
|
unkown
|
page read and write
|
||
|
1CF34E61000
|
unkown
|
page read and write
|
||
|
5109A7E000
|
stack
|
page read and write
|
||
|
2D427A29000
|
unkown
|
page read and write
|
||
|
1CF34E47000
|
unkown
|
page read and write
|
||
|
25792130000
|
unkown
|
page read and write
|
||
|
1CF34E29000
|
unkown
|
page read and write
|
||
|
1CF34E02000
|
unkown
|
page read and write
|
||
|
25791A29000
|
unkown
|
page read and write
|
||
|
2D427A8B000
|
unkown
|
page read and write
|
||
|
7E8FAFE000
|
stack
|
page read and write
|
||
|
2456586F000
|
unkown
|
page read and write
|
||
|
2943874D000
|
heap
|
page read and write
|
There are 160 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://phisher.knowbe4.com/
|
||
|
https://training.knowbe4.com/ui/login?per_redirect=/
|
||
|
https://training.knowbe4.com/ui/login?per_redirect=%2F
|
||
|
https://support.knowbe4.com/hc/en-us
|
||
|
https://training.knowbe4.com/ui/login
|
||
|
https://support.knowbe4.com/hc/en-us/requests/new
|
||
|
https://training.knowbe4.com/ui/login
|
||
|
https://support.knowbe4.com/hc/en-us/signin?return_to=https%3A%2F%2Fsupport.knowbe4.com%2Fhc%2Fen-us&locale=en-us
|
||
|
https://support.knowbe4.com/hc/en-us/articles/4404511190803-How-to-Use-Advanced-Delivery-Policies-in-Microsoft-365
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html#id=0bdr1w67vkk&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://support.knowbe4.com/hc/en-us/categories/200060614-KMSAT
|
||
|
https://support.knowbe4.com/hc/en-us/categories/200056750-KCM-GRC
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0bdr1w67vkk&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=1drnfnl4v3&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://support.knowbe4.com/hc/en-us/categories/200218607-Free-Tools
|
||
|
https://support.knowbe4.com/hc/en-us/articles/4406998837011-KnowBe4-Integrations
|
||
|
https://support.knowbe4.com/hc/en-us/articles/360051710194-Training-Campaign-Overview
|
||
|
https://support.knowbe4.com/hc/en-us/articles/360015575313-Video-KMSAT-Quarterly-Product-Update-December-2021-
|
||
|
https://support.knowbe4.com/hc/en-us/articles/115009454228-Security-Awareness-Training-Platform-KMSAT-Change-Log
|
||
|
https://support.knowbe4.com/hc/en-us/articles/206523288-Quickstart-Implementation-Guide
|
||
|
https://support.knowbe4.com/hc/en-us/articles/360000913668-KMSAT-Tutorial-Videos
|
||
|
https://support.knowbe4.com/hc/en-us/community/topics
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0x5dzwxn1jz&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0aj6ttwwwfnf&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html#id=1ssd4c1mxbts&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=1ssd4c1mxbts&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0h55s9htlfkd&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=1t4edf9ctjfc&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=13xtaxwewx3c&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html#id=0hckhdvdj19&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0hckhdvdj19&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html#id=166jfcmfpm0h&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=1yg98juuglc&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0e2ubmyp5qe&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=1ma0gwcx7e0p&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=0kp03ftn5fm&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=09d3l6hlcfvd&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
||
|
https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html#id=155xyqqrc35v&host=support.knowbe4.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=off&custom=false&hl=en&tplinks=on&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&theme=light
|
There are 28 hidden doms, click here to show them.