Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\24e5ba0f-f145-426f-ab1e-6d461203546a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\33fd2e86-a15a-4bf0-ac9c-14a32e362fe2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\7d72911d-eb13-4516-9a18-85604d335253.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\0831ba6c-2d09-46a8-bdd8-03bf61786e50.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\13a69c9a-e4a0-49de-b482-3cc3cfbee9df.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\2d267708-0f2c-4d48-9c78-5af93b034f96.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\33277940-538f-432e-9a25-b2f21329c4ac.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\430b40e2-3792-4c9b-9175-9cd5bf9dde76.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\6cb0208f-bd2d-48b5-b4a1-091ea9da3108.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\92f6863e-39b5-43d0-903d-db9ad42d68d1.tmp
|
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\95b5aeea-bc4b-46c2-985d-0d95583184ab.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\97af827d-7d89-49ba-8d37-6fc701920c0c.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\98f43eff-845f-4a71-9f55-4ee686090857.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)
|
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\0a225abe-2daa-487a-876c-603cfdf99db7.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\3228_1964547102\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\3228_1964547102\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\3228_1964547102\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\db4082e6-0ca3-4ac2-9e15-9370e3fd216b.tmp
|
Google Chrome extension, version 3
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\vi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\zh_CN\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir3228_690768042\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
There are 52 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://w2globaldata.cabildodeagayu.com/1/?e=d2FycmVuLnJ1c3NlbGxAdzJnbG9iYWxkYXRhLmNvbQ==
|
 |
||
|
https://w2globaldata.cabildodeagayu.com/1/main/
|
|
||
|
https://w2globaldata.cabildodeagayu.com/1/main/main.php
|
|
||
|
https://www.google.com/recaptcha/api2/bframe?hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LcJNLsfAAAAAFLIycbaJnhsCkE1TOU4w9VVo21f
|
|||
|
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJNLsfAAAAAFLIycbaJnhsCkE1TOU4w9VVo21f&co=aHR0cHM6Ly93Mmdsb2JhbGRhdGEuY2FiaWxkb2RlYWdheXUuY29tOjQ0Mw..&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=normal&cb=v22rtkv1k1xd
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
stackpath.bootstrapcdn.com
|
104.18.11.207
|
||
|
gstaticadssl.l.google.com
|
142.250.186.131
|
||
|
d26p066pn2w0s0.cloudfront.net
|
108.157.4.48
|
||
|
accounts.google.com
|
142.250.203.109
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.11.207
|
||
|
www.google.com
|
142.250.203.100
|
||
|
clients.l.google.com
|
216.58.215.238
|
||
|
w2globaldata.cabildodeagayu.com
|
190.8.176.18
|
||
|
clients2.google.com
|
unknown
|
||
|
logo.clearbit.com
|
unknown
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.186.35
|
unknown
|
United States
|
||
|
142.250.185.99
|
unknown
|
United States
|
||
|
142.250.185.78
|
unknown
|
United States
|
||
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
74.125.163.136
|
unknown
|
United States
|
||
|
216.58.215.238
|
clients.l.google.com
|
United States
|
||
|
142.250.203.100
|
www.google.com
|
United States
|
||
|
216.58.215.234
|
unknown
|
United States
|
||
|
104.18.11.207
|
stackpath.bootstrapcdn.com
|
United States
|
||
|
108.157.4.48
|
d26p066pn2w0s0.cloudfront.net
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.186.131
|
gstaticadssl.l.google.com
|
United States
|
||
|
190.8.176.18
|
w2globaldata.cabildodeagayu.com
|
Colombia
|
||
|
142.250.203.99
|
unknown
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
142.250.186.99
|
unknown
|
United States
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
There are 8 hidden IPs, click here to show them.