IOC Report
https://znap.link/andrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.com

loading gif

Files

File Path
Type
Category
Malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\136553c3-02b9-4667-abf6-fc83c985e88f.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\26d22008-477f-4171-8f1a-08b2d5e19a00.tmp
SysEx File -
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\3f6b33e2-87fa-4588-9924-16b8d41601c4.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\73d09818-57a5-438f-8a8e-c6383c4f60d1.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\93a87c37-dabb-4a44-9725-8440a87438e2.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\00257fe9-f175-4fbc-bad9-4d33f3f4a81f.tmp
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\067b4d5a-c9ab-43d2-bb27-72ac2750aac3.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0f05e52a-d48f-4145-9b4f-a5d167f0c9e5.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\13ba9a74-29a0-4d61-8e57-b95d96027438.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1825fd71-4ee7-4bb6-a902-ffd87733bf5e.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3bd94555-55c6-4cb5-9e64-1463bec2df64.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6f3649de-6a1b-47da-8273-bb263ff4b95f.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9370c809-8262-4f80-86e4-e4dd9fbd1c26.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d4ba8ec2-e96c-4bb1-ac07-f44c50f47a35\index
ISO-8859 text, with no line terminators, with escape sequences
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d4ba8ec2-e96c-4bb1-ac07-f44c50f47a35\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d4ba8ec2-e96c-4bb1-ac07-f44c50f47a35\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\52fe82a7-3126-4bc8-959a-9c81d00e7d40.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\abe7ac74-2097-4dca-9c5b-0730d5dcdc20.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ac862101-93f3-4813-a542-3573b0e756e4.tmp
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e6c4ed13-43e1-43dc-9951-0451a94d7e08.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ed2919c3-b4bf-40c5-895d-ea555a212203.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\a58a558b-70bd-4711-96f0-252ec7bf8688.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\ee7a6c22-fe5b-468f-a37c-670d5476b28f.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\f4fe4680-1eb6-4504-b117-b5467a99cd31.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\fc5b4e4c-b91b-46ce-aa59-993536d4e3e5.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\327bbf88-3f7e-4a7f-a421-85ab80770821.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\3c97f0cf-f5b8-4e43-a5d0-8b55c73133df.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\3c97f0cf-f5b8-4e43-a5d0-8b55c73133df.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3012_272790469\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
There are 97 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://znap.link/andrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1616,13022126194278002074,11839354016134583040,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1940 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1616,13022126194278002074,11839354016134583040,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=4064 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1616,13022126194278002074,11839354016134583040,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=4984 /prefetch:8

URLs

Name
IP
Malicious
https://znap.link/andrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.com
malicious
https://znap.link/andrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.com
malicious
https://www.znaplink.com/
malicious
https://ambitconsulting.us/jkadnmadiuya/quad/
107.180.51.16
 malicious
https://ambitconsulting.us/jkadnmadiuya/quad/
malicious
https://www.znaplink.com/pricing
malicious
https://app.znaplink.com/uploads/logo/81a345d86e9f562ff86bc945747bf12e.png
165.227.107.5
https://app.znaplink.com/themes/altum/assets/css/bootstrap.min.css?v=2&init=1652446571
165.227.107.5
https://app.znaplink.com/themes/altum/assets/css/custom.css?v=2&init=1652446571
165.227.107.5
https://www.google.com/images/cleardot.gif
unknown
https://app.znaplink.com/themes/altum/assets/js/libraries/bootstrap.min.js?v=2
165.227.107.5
https://www.google.ch
unknown
https://app.znaplink.com/themes/altum/assets/fonts/Eudoxus-Sans-font/EudoxusSans-Bold.woff2
165.227.107.5
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
https://imagedelivery.net/tqC70bVt8T6GtQUXNsa2-g/b29c1f6d-97a2-4c09-cf9e-dcaea7596e00/public
104.18.2.36
https://app.znaplink.com/themes/altum/assets//growl-notification/colored-theme.min.css
165.227.107.5
https://accounts.google.com/MergeSession
unknown
https://www.youtube.com
unknown
https://app.znaplink.com/themes/altum/assets/js/main.js?v=2
165.227.107.5
https://www.google.com
unknown
https://accounts.google.com
unknown
https://www.youtube.com/embed/E5D8uRYd9aM?rel=0&controls=1&autoplay=0&mute=0&start=0
https://znap.link/andrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.comandrea.sel
unknown
https://app.znaplink.com/themes/altum/assets/js/libraries/popper.min.js?v=2
165.227.107.5
https://apis.google.com
unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.10.207
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
https://imagedelivery.net/tqC70bVt8T6GtQUXNsa2-g/d6b2abf0-b28f-42bd-8bb4-56f9a1058c00/public?1652446571
104.18.2.36
https://www-googleapis-staging.sandbox.google.com
unknown
https://static.doubleclick.net
unknown
https://app.znaplink.com/themes/altum/assets//slick/slick.css
165.227.107.5
https://clients2.google.com
unknown
https://app.znaplink.com/uploads/favicon/f5bca4b8ab78370ee3bda11ff8bef797.png
165.227.107.5
https://app.znaplink.com/themes/altum/assets//slick/slick-theme.css
165.227.107.5
https://dns.google
unknown
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
https://www.google.com/intl/en-US/chrome/blank.html
unknown
https://ogs.google.com
unknown
https://znap.link/andrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.com
165.227.107.5
https://rsms.me/inter/inter.css
172.67.158.42
https://app.znaplink.com/themes/altum/assets/fonts/Eudoxus-Sans-font/EudoxusSans-Regular.woff2
165.227.107.5
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.185.238
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.250.186.77
https://payments.google.com/payments/v4/js/integrator.js
unknown
https://imagedelivery.net/tqC70bVt8T6GtQUXNsa2-g/9da4a113-b0d6-42db-e08f-6dcc95858400/public
104.18.2.36
https://googleads.g.doubleclick.net
unknown
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
104.18.11.207
https://app.znaplink.com/themes/altum/assets//slick/slick.min.js
165.227.107.5
https://www.google.com/images/x2.gif
unknown
https://uploads-ssl.webflow.com/6026bc921eff07d61a132750/60b2b236e1947af16d829f32_EudoxusSans-Bold.ttf
13.225.80.69
https://www.youtube.com/
unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.10.207
https://www.google.com/images/dot2.gif
unknown
https://app.znaplink.com/themes/altum/assets/css/link-custom.css?v=2&init=1652446571
165.227.107.5
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.17.25.14
https://app.znaplink.com/themes/altum/assets/js/libraries/fontawesome.min.js?v=2
165.227.107.5
https://app.znaplink.com/themes/altum/assets//growl-notification/growl-notification.min.js
165.227.107.5
https://app.znaplink.com/themes/altum/assets/js/functions.js?v=2
165.227.107.5
https://app.znaplink.com/themes/altum/assets/js/libraries/jquery.min.js?v=2
165.227.107.5
https://app.znaplink.com/uploads/avatars/https://imagedelivery.net/tqC70bVt8T6GtQUXNsa2-g/b29c1f6d-97a2-4c09-cf9e-dcaea7596e00/public
165.227.107.5
https://clients2.googleusercontent.com
unknown
https://www.google.com/
unknown
https://clients2.google.com/service/update2/crx
unknown
https://app.znaplink.com/themes/altum/assets/css/animate.min.css?v=2&init=1652446571
165.227.107.5
There are 53 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gstaticadssl.l.google.com
142.250.74.195
rsms.me
172.67.158.42
proxy-ssl-geo.webflow.com
52.49.198.28
znap.link
165.227.107.5
imagedelivery.net
104.18.2.36
cdnjs.cloudflare.com
104.17.25.14
www.google.com
142.250.185.100
uploads-ssl.webflow.com
13.225.80.69
d2ycxbs0cq3yaz.cloudfront.net
13.224.198.52
stackpath.bootstrapcdn.com
104.18.11.207
client.relay.crisp.chat
64.227.36.222
accounts.google.com
142.250.186.77
www-google-analytics.l.google.com
142.250.184.238
www-googletagmanager.l.google.com
142.250.184.200
maxcdn.bootstrapcdn.com
104.18.10.207
client.crisp.chat
104.18.29.91
static-doubleclick-net.l.google.com
142.250.185.102
d3e54v103j8qbb.cloudfront.net
13.225.84.117
youtube-ui.l.google.com
142.250.186.142
ambitconsulting.us
107.180.51.16
googleads.g.doubleclick.net
142.250.186.98
play.google.com
142.250.186.142
app.znaplink.com
165.227.107.5
clients.l.google.com
142.250.185.238
www.google.ch
142.250.186.131
static.doubleclick.net
unknown
cdn.firstpromoter.com
unknown
clients2.google.com
unknown
code.jquery.com
unknown
www.znaplink.com
unknown
analytics.tiktok.com
unknown
www.youtube.com
unknown
There are 22 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
107.180.51.16
ambitconsulting.us
United States
192.168.2.1
unknown
unknown
104.18.10.207
maxcdn.bootstrapcdn.com
United States
142.250.185.102
static-doubleclick-net.l.google.com
United States
142.250.185.100
www.google.com
United States
13.225.80.118
unknown
United States
13.225.84.117
d3e54v103j8qbb.cloudfront.net
United States
142.250.186.131
www.google.ch
United States
104.18.29.91
client.crisp.chat
United States
13.225.80.69
uploads-ssl.webflow.com
United States
142.250.184.200
www-googletagmanager.l.google.com
United States
142.250.186.77
accounts.google.com
United States
142.250.74.195
gstaticadssl.l.google.com
United States
142.250.186.98
googleads.g.doubleclick.net
United States
165.227.107.5
znap.link
United States
104.18.2.36
imagedelivery.net
United States
142.250.185.238
clients.l.google.com
United States
172.67.158.42
rsms.me
United States
104.18.11.207
stackpath.bootstrapcdn.com
United States
239.255.255.250
unknown
Reserved
64.227.36.222
client.relay.crisp.chat
United States
142.250.186.142
youtube-ui.l.google.com
United States
142.250.184.238
www-google-analytics.l.google.com
United States
52.49.198.28
proxy-ssl-geo.webflow.com
United States
13.224.198.52
d2ycxbs0cq3yaz.cloudfront.net
United States
127.0.0.1
unknown
unknown
104.17.25.14
cdnjs.cloudflare.com
United States
There are 17 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_CURRENT_USER\Software\Microsoft\ActiveMovie\devenum 64-bit
Version
There are 32 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
1C311B0D000
heap
page read and write
1C311AFF000
heap
page read and write
1C311B30000
trusted library allocation
page read and write
1C30CD18000
heap
page read and write
EC110FF000
stack
page read and write
1C30CD02000
heap
page read and write
21FABC63000
heap
page read and write
1C30C4BD000
heap
page read and write
1C30CBD3000
trusted library allocation
page read and write
1C311860000
trusted library allocation
page read and write
1C311B0C000
heap
page read and write
E557CF9000
stack
page read and write
1C311B0C000
heap
page read and write
1C3119E8000
trusted library allocation
page read and write
FC59B7F000
stack
page read and write
1C30C477000
heap
page read and write
21FABD13000
heap
page read and write
1C311A18000
heap
page read and write
257FC020000
heap
page read and write
1C311B08000
heap
page read and write
2C033867000
heap
page read and write
2C034002000
trusted library allocation
page read and write
1C30C240000
heap
page read and write
257FC3F9000
heap
page read and write
2C03387E000
heap
page read and write
1C3119E3000
trusted library allocation
page read and write
1C311A30000
heap
page read and write
21FABC24000
heap
page read and write
21FABC13000
heap
page read and write
1C30C429000
heap
page read and write
1C30CD59000
heap
page read and write
21FAC402000
trusted library allocation
page read and write
1C311B0D000
heap
page read and write
1C30CC15000
heap
page read and write
1C30C350000
trusted library section
page read and write
1006FA000
stack
page read and write
1C3119E0000
trusted library allocation
page read and write
21FABC40000
heap
page read and write
1C311B26000
heap
page read and write
1C30D310000
trusted library section
page readonly
2C033887000
heap
page read and write
1C3118D0000
trusted library allocation
page read and write
2C033650000
heap
page read and write
2C033860000
heap
page read and write
1C3119EE000
trusted library allocation
page read and write
21FABA80000
heap
page read and write
1C30C48E000
heap
page read and write
1C311B0C000
heap
page read and write
1C30CF01000
trusted library allocation
page read and write
1C311B08000
heap
page read and write
257FC040000
heap
page read and write
1C311AFF000
heap
page read and write
257FC156000
heap
page read and write
1C30C502000
heap
page read and write
EC112FE000
stack
page read and write
FC5977E000
stack
page read and write
1C30C457000
heap
page read and write
257FC16C000
heap
page read and write
1C30D320000
trusted library section
page readonly
1C30C472000
heap
page read and write
100DFC000
stack
page read and write
257FC400000
trusted library allocation
page read and write
1C311B2E000
heap
page read and write
1C311AFF000
heap
page read and write
1C311B15000
heap
page read and write
FC59A77000
stack
page read and write
1C311C20000
trusted library allocation
page read and write
1C311B40000
trusted library allocation
page read and write
1C311AFF000
heap
page read and write
1C311A00000
heap
page read and write
1C30CD00000
heap
page read and write
2C03383C000
heap
page read and write
21FABBF0000
trusted library allocation
page read and write
1C311B0A000
heap
page read and write
EC111FB000
stack
page read and write
1C30C46D000
heap
page read and write
1C311B02000
heap
page read and write
257FC16D000
heap
page read and write
2C033900000
heap
page read and write
1C311D10000
trusted library allocation
page read and write
1C30CBD0000
trusted library allocation
page read and write
1001FE000
stack
page read and write
1C30D350000
trusted library section
page readonly
1C311AF8000
heap
page read and write
1005FA000
stack
page read and write
21FABC76000
heap
page read and write
1C30D440000
trusted library allocation
page read and write
1C311B13000
heap
page read and write
EC10C9B000
stack
page read and write
1C311A55000
heap
page read and write
2C033813000
heap
page read and write
1C311B0C000
heap
page read and write
21FABD00000
heap
page read and write
257FC3B0000
trusted library allocation
page read and write
FC5967B000
stack
page read and write
1C311B19000
heap
page read and write
1C311B06000
heap
page read and write
1C30CBE0000
trusted library allocation
page read and write
1C30D300000
trusted library section
page readonly
1C311AEB000
heap
page read and write
1C311AE9000
heap
page read and write
1C311AD8000
heap
page read and write
1C311B17000
heap
page read and write
1C30C4FF000
heap
page read and write
1C311D00000
trusted library allocation
page read and write
1C311B0A000
heap
page read and write
1C30C4A1000
heap
page read and write
1C311AF0000
heap
page read and write
1008FA000
stack
page read and write
257FC168000
heap
page read and write
100CFF000
stack
page read and write
1C311A9F000
heap
page read and write
1C311D20000
trusted library allocation
page read and write
1C311D40000
remote allocation
page read and write
1C30CF81000
trusted library allocation
page read and write
1C311B06000
heap
page read and write
21FABC02000
heap
page read and write
1C311A04000
trusted library allocation
page read and write
2C03385C000
heap
page read and write
EC114FE000
stack
page read and write
257FCF80000
heap
page readonly
2C033862000
heap
page read and write
257FC3F0000
heap
page read and write
1C30CBF0000
trusted library allocation
page read and write
1C311CB0000
trusted library allocation
page read and write
E55788C000
stack
page read and write
1C311A4E000
heap
page read and write
1C311C00000
trusted library allocation
page read and write
E557DF9000
stack
page read and write
21FABA90000
heap
page read and write
1C311B0F000
heap
page read and write
257FC0B0000
trusted library allocation
page read and write
100B7E000
stack
page read and write
1C311A22000
heap
page read and write
257FCF90000
trusted library allocation
page read and write
1C30C513000
heap
page read and write
1C311A01000
trusted library allocation
page read and write
1004F7000
stack
page read and write
257FCF70000
trusted library allocation
page read and write
21FABC00000
heap
page read and write
1C30CC02000
heap
page read and write
1C30CD59000
heap
page read and write
2C033880000
heap
page read and write
257FC170000
heap
page read and write
1C311C10000
trusted library allocation
page read and write
257FC190000
heap
page read and write
2C0336C0000
heap
page read and write
2C03388B000
heap
page read and write
21FABC58000
heap
page read and write
1C311A62000
heap
page read and write
2C033913000
heap
page read and write
257FC18A000
heap
page read and write
257FC128000
heap
page read and write
1009FB000
stack
page read and write
257FBEE0000
heap
page read and write
257FCFA0000
trusted library allocation
page read and write
1C311AFC000
heap
page read and write
257FCD60000
trusted library allocation
page read and write
257FC18A000
heap
page read and write
2C033908000
heap
page read and write
1C30C427000
heap
page read and write
1C311CF0000
trusted library allocation
page read and write
1C30CC00000
heap
page read and write
1C311C10000
trusted library allocation
page read and write
1C30C43C000
heap
page read and write
E557C79000
stack
page read and write
1C311AA9000
heap
page read and write
100FFF000
stack
page read and write
2C03387E000
heap
page read and write
1C30C413000
heap
page read and write
100AFE000
stack
page read and write
21FABAF0000
heap
page read and write
2C033856000
heap
page read and write
100F7D000
stack
page read and write
1C311C20000
trusted library allocation
page read and write
1C30CD18000
heap
page read and write
100A7E000
stack
page read and write
1C30C1D0000
heap
page read and write
257FC170000
heap
page read and write
1C311CD0000
unkown
page read and write
10007B000
stack
page read and write
1C311D40000
remote allocation
page read and write
1C311B0C000
heap
page read and write
1C30C400000
heap
page read and write
21FABD02000
heap
page read and write
1C30D330000
trusted library section
page readonly
257FCFF0000
trusted library allocation
page read and write
257FBEF0000
trusted library allocation
page read and write
1C311B06000
heap
page read and write
2C033660000
heap
page read and write
257FC0C0000
trusted library allocation
page read and write
257FC170000
heap
page read and write
1C3119E1000
trusted library allocation
page read and write
257FC120000
heap
page read and write
1C311B0B000
heap
page read and write
100BFF000
stack
page read and write
1C311C24000
trusted library allocation
page read and write
1C30CD58000
heap
page read and write
1C30CD18000
heap
page read and write
1C30D860000
trusted library allocation
page read and write
1C311B0D000
heap
page read and write
257FC3F5000
heap
page read and write
1C3118C0000
trusted library allocation
page read and write
1C311B02000
heap
page read and write
1C311B13000
heap
page read and write
1C311D50000
trusted library allocation
page read and write
1C3119E0000
trusted library allocation
page read and write
1C311AAB000
heap
page read and write
1C311E70000
trusted library allocation
page read and write
1C30CBB1000
trusted library allocation
page read and write
1C311B08000
heap
page read and write
1C311B0C000
heap
page read and write
FC5997B000
stack
page read and write
100C7F000
stack
page read and write
2C033902000
heap
page read and write
1C30CD13000
heap
page read and write
1C3119E4000
trusted library allocation
page read and write
FC59D7F000
stack
page read and write
2C03382A000
heap
page read and write
1C311D30000
trusted library allocation
page read and write
1C30C494000
heap
page read and write
1C311B02000
heap
page read and write
1007FF000
stack
page read and write
E557D7E000
stack
page read and write
1C311AFA000
heap
page read and write
1C30C1E0000
heap
page read and write
1C311B1C000
heap
page read and write
1C30CD9A000
heap
page read and write
1C30D200000
trusted library allocation
page read and write
EC113FB000
stack
page read and write
2C0337C0000
trusted library allocation
page read and write
1C311D40000
remote allocation
page read and write
1C30C340000
trusted library allocation
page read and write
1C311A41000
heap
page read and write
2C033800000
heap
page read and write
FC596FE000
stack
page read and write
1C30D340000
trusted library section
page readonly
FC59C7C000
stack
page read and write
1C311B02000
heap
page read and write
There are 229 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://ambitconsulting.us/jkadnmadiuya/quad/
 malicious
https://znap.link/andrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.comandrea.selmo-michell.com
https://www.znaplink.com/
https://www.youtube.com/embed/E5D8uRYd9aM?rel=0&controls=1&autoplay=0&mute=0&start=0
https://www.znaplink.com/pricing