Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Downloads\6f9b109d-574d-490d-88c4-a507f995ddcb.tmp
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\324c20de-ba06-4ca2-be22-9e9c6f358695.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\42dc8f85-6252-4824-a24d-e72162f24deb.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4f4e7672-3996-4c88-ad6f-97abaa820640.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\5ce033d7-5d5e-462c-a7a7-1b4762b67bb7.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\678beecf-c275-4515-9948-6f1787f71987.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\997c4d19-9b0a-44fb-830f-558b10db8aad.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\000002.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\18b7df34-1bfd-48f7-a468-50ddf6215de4.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1a9b3cff-5b80-4b99-8985-64189d4f6431.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\40b45761-9b26-44ab-bf02-3b122b02e091.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\46e9f624-000f-4108-9e9e-be6608b2921d.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5de200f8-a547-4bbe-9868-c3cd8c6b4dfd.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\f0fd4302-9239-4895-b77e-411880172921.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\c3a9dd86-9eb3-4b0d-bf28-d02da4b50a71.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a82e23ef-b7e7-4a8a-a55d-a3b3be56f980.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ab04cfbf-d6b7-47ec-ac66-bc409ad109ca.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bca9a4f9-5338-42a0-b1fb-a4653f67f2a9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c506b988-f1d8-4124-a1f2-654d174d83a4.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ec6f7a41-29f8-49cb-b7fe-b828c284aba6.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f73c7b74-309a-4c40-875b-7634dc278376.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a1d9bb83-f47b-41c7-a1d8-0cb3ed05348f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b3e8177a-7d70-4923-aee0-73ce6f4ad36d.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e14cd5d4-679b-4ed7-8ea5-08474371a88c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f68823d2-2a1f-40e8-acbe-cea0f9c0a3a8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1442de5e-26e6-4231-990c-dcad09953320.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_1391472631\manifest.json~
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6136_821389493\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\9c19dec6-f190-427d-bd56-509ebeb601f2.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\9c19dec6-f190-427d-bd56-509ebeb601f2.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6136_454886093\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Downloads\Invoice 173215.pdf.html.crdownload (copy)
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Downloads\Invoice 173215.pdf.html:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 113 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://drive.google.com/uc?export=download&id=1mmXl38H2-j7e7hD_UJbEMMSnMTA0BtQV
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1596,13766732960856306384,14944723332545166900,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1936 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1596,13766732960856306384,14944723332545166900,131072
--lang=en-US --service-sandbox-type=none --enable-audio-service-sandbox --mojo-platform-channel-handle=4796 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://drive.google.com/uc?export=download&id=1mmXl38H2-j7e7hD_UJbEMMSnMTA0BtQV
|
|
||
|
file:///C:/Users/user/Downloads/Invoice%20173215.pdf.html
|
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://cdn.jsdelivr.net/npm/bootstrap
|
unknown
|
||
|
https://doc-0g-3c-docs.googleusercontent.com
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.185.238
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.186.77
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://cdn.jsdelivr.net/npm/jquery
|
unknown
|
||
|
https://ybron.com/axilor/Office365/mails.js
|
208.91.199.159
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://doc-0g-3c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/as6j4cm1
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://cdn.jsdelivr.net/npm/bootstrap-icons
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
https://ybron.com/axilor/Office365/bg.jpg
|
208.91.199.159
|
||
|
https://ybron.com/axilor/Office365/microsoft-.svg
|
208.91.199.159
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://smtpjs.com/v3/smtp.js
|
109.169.71.112
|
||
|
https://drive.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://doc-0g-3c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/as6j4cm1a3j1cera4enkskui1nh5hivr/1652449800000/04750445292818061454/*/1mmXl38H2-j7e7hD_UJbEMMSnMTA0BtQV?e=download
|
142.250.185.193
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 29 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
smtpjs.com
|
109.169.71.112
|
||
|
accounts.google.com
|
142.250.186.77
|
||
|
drive.google.com
|
142.250.185.238
|
||
|
clients.l.google.com
|
142.250.185.238
|
||
|
ybron.com
|
208.91.199.159
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.185.193
|
||
|
clients2.google.com
|
unknown
|
||
|
doc-0g-3c-docs.googleusercontent.com
|
unknown
|
||
|
cdn.jsdelivr.net
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
109.169.71.112
|
smtpjs.com
|
United Kingdom
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
142.250.185.238
|
drive.google.com
|
United States
|
||
|
142.250.185.193
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
208.91.199.159
|
ybron.com
|
United States
|
||
|
142.250.186.77
|
accounts.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
|
Implementing
|
There are 36 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2EA89676000
|
heap
|
page read and write
|
||
|
227F4888000
|
heap
|
page read and write
|
||
|
251EB190000
|
trusted library allocation
|
page read and write
|
||
|
1E686559000
|
heap
|
page read and write
|
||
|
1C906D08000
|
heap
|
page read and write
|
||
|
209F8100000
|
heap
|
page read and write
|
||
|
1E68B2D7000
|
heap
|
page read and write
|
||
|
227F5002000
|
trusted library allocation
|
page read and write
|
||
|
1E68659D000
|
heap
|
page read and write
|
||
|
13F82902000
|
heap
|
page read and write
|
||
|
13F82913000
|
heap
|
page read and write
|
||
|
1E6863F0000
|
trusted library allocation
|
page read and write
|
||
|
1E686C80000
|
trusted library section
|
page readonly
|
||
|
B0571BB000
|
stack
|
page read and write
|
||
|
277F9E29000
|
heap
|
page read and write
|
||
|
1E68B30A000
|
heap
|
page read and write
|
||
|
E3201FF000
|
stack
|
page read and write
|
||
|
13F82680000
|
heap
|
page read and write
|
||
|
12A7CAB0000
|
heap
|
page read and write
|
||
|
44E23F7000
|
stack
|
page read and write
|
||
|
227F486D000
|
heap
|
page read and write
|
||
|
251EB202000
|
heap
|
page read and write
|
||
|
1E686C60000
|
trusted library section
|
page readonly
|
||
|
2EA8964E000
|
heap
|
page read and write
|
||
|
209F78CB000
|
heap
|
page read and write
|
||
|
9E727E000
|
stack
|
page read and write
|
||
|
6CC21FC000
|
stack
|
page read and write
|
||
|
1E68B315000
|
heap
|
page read and write
|
||
|
1C906B00000
|
heap
|
page read and write
|
||
|
9E73FA000
|
stack
|
page read and write
|
||
|
277F9E60000
|
heap
|
page read and write
|
||
|
251EB270000
|
heap
|
page read and write
|
||
|
6CC277E000
|
stack
|
page read and write
|
||
|
1E6863E3000
|
trusted library allocation
|
page read and write
|
||
|
1E686C90000
|
trusted library section
|
page readonly
|
||
|
1E68B190000
|
trusted library allocation
|
page read and write
|
||
|
277F9E00000
|
heap
|
page read and write
|
||
|
1F4F1269000
|
heap
|
page read and write
|
||
|
B05777E000
|
stack
|
page read and write
|
||
|
E6DF7B000
|
stack
|
page read and write
|
||
|
1F4F1E40000
|
trusted library allocation
|
page read and write
|
||
|
1E68B2FB000
|
heap
|
page read and write
|
||
|
2EA8964A000
|
heap
|
page read and write
|
||
|
1006FF000
|
stack
|
page read and write
|
||
|
1F4F0F70000
|
heap
|
page read and write
|
||
|
E3200FE000
|
stack
|
page read and write
|
||
|
9E767D000
|
stack
|
page read and write
|
||
|
1E68B30F000
|
heap
|
page read and write
|
||
|
3B6B079000
|
stack
|
page read and write
|
||
|
19212260000
|
heap
|
page read and write
|
||
|
2EA894B0000
|
heap
|
page read and write
|
||
|
227F487E000
|
heap
|
page read and write
|
||
|
12A7CD08000
|
heap
|
page read and write
|
||
|
22D1A7E000
|
stack
|
page read and write
|
||
|
6CC257F000
|
stack
|
page read and write
|
||
|
EB6C27F000
|
stack
|
page read and write
|
||
|
9E777E000
|
stack
|
page read and write
|
||
|
1E68B2DC000
|
heap
|
page read and write
|
||
|
7D051FD000
|
stack
|
page read and write
|
||
|
1E68B302000
|
heap
|
page read and write
|
||
|
B05767E000
|
stack
|
page read and write
|
||
|
1E68B2FC000
|
heap
|
page read and write
|
||
|
44E277F000
|
stack
|
page read and write
|
||
|
7D050FE000
|
stack
|
page read and write
|
||
|
1E68B15E000
|
trusted library allocation
|
page read and write
|
||
|
1E686559000
|
heap
|
page read and write
|
||
|
9E72FF000
|
stack
|
page read and write
|
||
|
1C906C29000
|
heap
|
page read and write
|
||
|
251EB25E000
|
heap
|
page read and write
|
||
|
B0574FE000
|
stack
|
page read and write
|
||
|
9E6C7E000
|
stack
|
page read and write
|
||
|
1E68B4B0000
|
remote allocation
|
page read and write
|
||
|
23E26841000
|
heap
|
page read and write
|
||
|
1E68B32C000
|
heap
|
page read and write
|
||
|
251EB282000
|
heap
|
page read and write
|
||
|
1E68B4B0000
|
remote allocation
|
page read and write
|
||
|
1E685BF0000
|
trusted library allocation
|
page read and write
|
||
|
1C906C86000
|
heap
|
page read and write
|
||
|
1F4F1BE0000
|
trusted library allocation
|
page read and write
|
||
|
23E26800000
|
heap
|
page read and write
|
||
|
3B6AEF9000
|
stack
|
page read and write
|
||
|
12A7D280000
|
trusted library allocation
|
page read and write
|
||
|
1E68B170000
|
trusted library allocation
|
page read and write
|
||
|
1E68B31B000
|
heap
|
page read and write
|
||
|
19212440000
|
heap
|
page read and write
|
||
|
251EB313000
|
heap
|
page read and write
|
||
|
209F8002000
|
heap
|
page read and write
|
||
|
1E68B302000
|
heap
|
page read and write
|
||
|
1E68B248000
|
heap
|
page read and write
|
||
|
7D0499E000
|
stack
|
page read and write
|
||
|
1E686CA0000
|
trusted library section
|
page readonly
|
||
|
1E68B302000
|
heap
|
page read and write
|
||
|
23E26876000
|
heap
|
page read and write
|
||
|
1E685C3F000
|
heap
|
page read and write
|
||
|
1E68B22B000
|
heap
|
page read and write
|
||
|
9E6F7A000
|
stack
|
page read and write
|
||
|
7D04EFE000
|
stack
|
page read and write
|
||
|
2EA89700000
|
heap
|
page read and write
|
||
|
3B6AB8E000
|
stack
|
page read and write
|
||
|
251EB23C000
|
heap
|
page read and write
|
||
|
1E685C79000
|
heap
|
page read and write
|
||
|
277F9E3D000
|
heap
|
page read and write
|
||
|
1E68B194000
|
trusted library allocation
|
page read and write
|
||
|
1E68B157000
|
trusted library allocation
|
page read and write
|
||
|
1E68B2FB000
|
heap
|
page read and write
|
||
|
EB6B9CB000
|
stack
|
page read and write
|
||
|
1E68B610000
|
trusted library allocation
|
page read and write
|
||
|
209F8114000
|
heap
|
page read and write
|
||
|
71EA4F7000
|
stack
|
page read and write
|
||
|
1E686601000
|
trusted library allocation
|
page read and write
|
||
|
2EA89665000
|
heap
|
page read and write
|
||
|
E6DD7E000
|
stack
|
page read and write
|
||
|
277F9E69000
|
heap
|
page read and write
|
||
|
E6DCFE000
|
stack
|
page read and write
|
||
|
251EB28A000
|
heap
|
page read and write
|
||
|
1E686900000
|
trusted library allocation
|
page read and write
|
||
|
1E68B302000
|
heap
|
page read and write
|
||
|
1E68B2F3000
|
heap
|
page read and write
|
||
|
44E267D000
|
stack
|
page read and write
|
||
|
1F4F0ED0000
|
heap
|
page read and write
|
||
|
3B6AF7D000
|
stack
|
page read and write
|
||
|
1E68B490000
|
trusted library allocation
|
page read and write
|
||
|
277F9E45000
|
heap
|
page read and write
|
||
|
13F826E0000
|
heap
|
page read and write
|
||
|
227F4902000
|
heap
|
page read and write
|
||
|
1E68B171000
|
trusted library allocation
|
page read and write
|
||
|
277F9E40000
|
heap
|
page read and write
|
||
|
1E68B31B000
|
heap
|
page read and write
|
||
|
1E68B25F000
|
heap
|
page read and write
|
||
|
1E686C70000
|
trusted library section
|
page readonly
|
||
|
23E26813000
|
heap
|
page read and write
|
||
|
1C906C48000
|
heap
|
page read and write
|
||
|
23E26867000
|
heap
|
page read and write
|
||
|
1E68B158000
|
trusted library allocation
|
page read and write
|
||
|
1E68B2FB000
|
heap
|
page read and write
|
||
|
44E21FB000
|
stack
|
page read and write
|
||
|
B05797F000
|
stack
|
page read and write
|
||
|
13F83002000
|
trusted library allocation
|
page read and write
|
||
|
1E686681000
|
trusted library allocation
|
page read and write
|
||
|
2EA89600000
|
heap
|
page read and write
|
||
|
71EA2FE000
|
stack
|
page read and write
|
||
|
12A7CD02000
|
heap
|
page read and write
|
||
|
1E685A80000
|
heap
|
page read and write
|
||
|
1C906C53000
|
heap
|
page read and write
|
||
|
1F4F1265000
|
heap
|
page read and write
|
||
|
277F9DB0000
|
trusted library allocation
|
page read and write
|
||
|
277F9E7E000
|
heap
|
page read and write
|
||
|
12A7CC77000
|
heap
|
page read and write
|
||
|
12A7CC81000
|
heap
|
page read and write
|
||
|
1E68B2ED000
|
heap
|
page read and write
|
||
|
209F7913000
|
heap
|
page read and write
|
||
|
1C906A90000
|
heap
|
page read and write
|
||
|
209F78C8000
|
heap
|
page read and write
|
||
|
9E6D78000
|
stack
|
page read and write
|
||
|
EB6C17F000
|
stack
|
page read and write
|
||
|
6CC237B000
|
stack
|
page read and write
|
||
|
277F9F02000
|
heap
|
page read and write
|
||
|
227F4829000
|
heap
|
page read and write
|
||
|
1C906D00000
|
heap
|
page read and write
|
||
|
1E685A90000
|
heap
|
page read and write
|
||
|
1E68B30A000
|
heap
|
page read and write
|
||
|
277F9E84000
|
heap
|
page read and write
|
||
|
12A7CC3C000
|
heap
|
page read and write
|
||
|
1C907260000
|
trusted library allocation
|
page read and write
|
||
|
1E68B2A0000
|
trusted library allocation
|
page read and write
|
||
|
251EB0F0000
|
heap
|
page read and write
|
||
|
277F9E42000
|
heap
|
page read and write
|
||
|
EB6BC7E000
|
stack
|
page read and write
|
||
|
1E68B302000
|
heap
|
page read and write
|
||
|
1E68B2F7000
|
heap
|
page read and write
|
||
|
12A7CAC0000
|
heap
|
page read and write
|
||
|
6CC207F000
|
stack
|
page read and write
|
||
|
227F4870000
|
heap
|
page read and write
|
||
|
1E68B21E000
|
heap
|
page read and write
|
||
|
227F4857000
|
heap
|
page read and write
|
||
|
1F4F0FBE000
|
heap
|
page read and write
|
||
|
1C906C00000
|
heap
|
page read and write
|
||
|
1E685C74000
|
heap
|
page read and write
|
||
|
1F4F1E50000
|
trusted library allocation
|
page read and write
|
||
|
1E686559000
|
heap
|
page read and write
|
||
|
251EB213000
|
heap
|
page read and write
|
||
|
13F82855000
|
heap
|
page read and write
|
||
|
13F82900000
|
heap
|
page read and write
|
||
|
277F9E3A000
|
heap
|
page read and write
|
||
|
13F82670000
|
heap
|
page read and write
|
||
|
1F4F0F40000
|
heap
|
page read and write
|
||
|
227F4790000
|
trusted library allocation
|
page read and write
|
||
|
1E686559000
|
heap
|
page read and write
|
||
|
23E26620000
|
heap
|
page read and write
|
||
|
10007B000
|
stack
|
page read and write
|
||
|
1E68B211000
|
heap
|
page read and write
|
||
|
13F82828000
|
heap
|
page read and write
|
||
|
277F9E2E000
|
heap
|
page read and write
|
||
|
277F9E39000
|
heap
|
page read and write
|
||
|
7D04E7B000
|
stack
|
page read and write
|
||
|
6CC247C000
|
stack
|
page read and write
|
||
|
1E686518000
|
heap
|
page read and write
|
||
|
12A7CC24000
|
heap
|
page read and write
|
||
|
9E694B000
|
stack
|
page read and write
|
||
|
277F9D80000
|
heap
|
page read and write
|
||
|
22D18FC000
|
stack
|
page read and write
|
||
|
1E68B31B000
|
heap
|
page read and write
|
||
|
1E68B31B000
|
heap
|
page read and write
|
||
|
1E68B5A0000
|
trusted library allocation
|
page read and write
|
||
|
E31F55B000
|
stack
|
page read and write
|
||
|
2EA89C80000
|
trusted library allocation
|
page read and write
|
||
|
1E68B150000
|
trusted library allocation
|
page read and write
|
||
|
209F7680000
|
heap
|
page read and write
|
||
|
2EA8966F000
|
heap
|
page read and write
|
||
|
71EA5FD000
|
stack
|
page read and write
|
||
|
E31FFFE000
|
stack
|
page read and write
|
||
|
1E68B174000
|
trusted library allocation
|
page read and write
|
||
|
192123F0000
|
remote allocation
|
page read and write
|
||
|
192123F0000
|
remote allocation
|
page read and write
|
||
|
227F4908000
|
heap
|
page read and write
|
||
|
1E68659A000
|
heap
|
page read and write
|
||
|
2EA894C0000
|
heap
|
page read and write
|
||
|
1E68B040000
|
trusted library allocation
|
page read and write
|
||
|
9E797A000
|
stack
|
page read and write
|
||
|
277F9E13000
|
heap
|
page read and write
|
||
|
13F82868000
|
heap
|
page read and write
|
||
|
23E2685B000
|
heap
|
page read and write
|
||
|
1E68B30F000
|
heap
|
page read and write
|
||
|
1E68B323000
|
heap
|
page read and write
|
||
|
2EA89520000
|
heap
|
page read and write
|
||
|
22D167B000
|
stack
|
page read and write
|
||
|
227F4913000
|
heap
|
page read and write
|
||
|
7D04C7E000
|
stack
|
page read and write
|
||
|
227F4800000
|
heap
|
page read and write
|
||
|
1E68B261000
|
heap
|
page read and write
|
||
|
251EB200000
|
heap
|
page read and write
|
||
|
1F4F1BD0000
|
trusted library allocation
|
page read and write
|
||
|
1C906D02000
|
heap
|
page read and write
|
||
|
1E685C77000
|
heap
|
page read and write
|
||
|
44E247F000
|
stack
|
page read and write
|
||
|
23E26913000
|
heap
|
page read and write
|
||
|
227F4900000
|
heap
|
page read and write
|
||
|
1E68B460000
|
trusted library allocation
|
page read and write
|
||
|
12A7CC66000
|
heap
|
page read and write
|
||
|
1E686402000
|
heap
|
page read and write
|
||
|
71EA7FB000
|
stack
|
page read and write
|
||
|
44E1DCB000
|
stack
|
page read and write
|
||
|
227F46F0000
|
heap
|
page read and write
|
||
|
1E685CFD000
|
heap
|
page read and write
|
||
|
1F4F1260000
|
heap
|
page read and write
|
||
|
7D04FF7000
|
stack
|
page read and write
|
||
|
251EB302000
|
heap
|
page read and write
|
||
|
1C907402000
|
trusted library allocation
|
page read and write
|
||
|
23E26802000
|
heap
|
page read and write
|
||
|
71EA0FF000
|
stack
|
page read and write
|
||
|
1E68B4A0000
|
trusted library allocation
|
page read and write
|
||
|
6CC22FD000
|
stack
|
page read and write
|
||
|
23E26780000
|
trusted library allocation
|
page read and write
|
||
|
2EA89713000
|
heap
|
page read and write
|
||
|
227F4813000
|
heap
|
page read and write
|
||
|
277F9E2D000
|
heap
|
page read and write
|
||
|
1E68B4B0000
|
remote allocation
|
page read and write
|
||
|
277F9E46000
|
heap
|
page read and write
|
||
|
1E68AFF0000
|
trusted library allocation
|
page read and write
|
||
|
1E686400000
|
heap
|
page read and write
|
||
|
EB6BFF7000
|
stack
|
page read and write
|
||
|
1E685C93000
|
heap
|
page read and write
|
||
|
1E68B2A2000
|
heap
|
page read and write
|
||
|
209F77F0000
|
trusted library allocation
|
page read and write
|
||
|
13F82802000
|
heap
|
page read and write
|
||
|
227F4700000
|
heap
|
page read and write
|
||
|
209F813A000
|
heap
|
page read and write
|
||
|
1F4F0FBE000
|
heap
|
page read and write
|
||
|
277F9E6D000
|
heap
|
page read and write
|
||
|
251EB160000
|
heap
|
page read and write
|
||
|
22D1BFF000
|
stack
|
page read and write
|
||
|
1E686518000
|
heap
|
page read and write
|
||
|
6CC267C000
|
stack
|
page read and write
|
||
|
277F9E49000
|
heap
|
page read and write
|
||
|
1E685C6F000
|
heap
|
page read and write
|
||
|
1E6863E0000
|
trusted library allocation
|
page read and write
|
||
|
13F82879000
|
heap
|
page read and write
|
||
|
1E686B70000
|
trusted library allocation
|
page read and write
|
||
|
1E686360000
|
trusted library section
|
page read and write
|
||
|
E31F97B000
|
stack
|
page read and write
|
||
|
1F4F1E30000
|
heap
|
page readonly
|
||
|
1E68B420000
|
trusted library allocation
|
page read and write
|
||
|
1E68B2FE000
|
heap
|
page read and write
|
||
|
13F82800000
|
heap
|
page read and write
|
||
|
12A7CC00000
|
heap
|
page read and write
|
||
|
71EA27D000
|
stack
|
page read and write
|
||
|
1E686518000
|
heap
|
page read and write
|
||
|
EB6C07F000
|
stack
|
page read and write
|
||
|
1F4F0FB7000
|
heap
|
page read and write
|
||
|
1E68B2B0000
|
trusted library allocation
|
page read and write
|
||
|
192123F0000
|
remote allocation
|
page read and write
|
||
|
1C906C71000
|
heap
|
page read and write
|
||
|
277F9E7B000
|
heap
|
page read and write
|
||
|
71EA17D000
|
stack
|
page read and write
|
||
|
209F7888000
|
heap
|
page read and write
|
||
|
2EA89613000
|
heap
|
page read and write
|
||
|
1E686C50000
|
trusted library section
|
page readonly
|
||
|
1008FE000
|
stack
|
page read and write
|
||
|
1E685D02000
|
heap
|
page read and write
|
||
|
19212402000
|
heap
|
page read and write
|
||
|
1E68B150000
|
trusted library allocation
|
page read and write
|
||
|
19212413000
|
heap
|
page read and write
|
||
|
1F4F1EA0000
|
trusted library allocation
|
page read and write
|
||
|
23E26902000
|
heap
|
page read and write
|
||
|
1E68B2D7000
|
heap
|
page read and write
|
||
|
209F78BA000
|
heap
|
page read and write
|
||
|
1F4F1B60000
|
trusted library allocation
|
page read and write
|
||
|
209F7840000
|
heap
|
page read and write
|
||
|
1E685AF0000
|
heap
|
page read and write
|
||
|
277F9E64000
|
heap
|
page read and write
|
||
|
1C906C4C000
|
heap
|
page read and write
|
||
|
1F4F0FBE000
|
heap
|
page read and write
|
||
|
23E26829000
|
heap
|
page read and write
|
||
|
1E68B156000
|
trusted library allocation
|
page read and write
|
||
|
1F4F0EE0000
|
trusted library allocation
|
page read and write
|
||
|
E6DC7B000
|
stack
|
page read and write
|
||
|
44E257F000
|
stack
|
page read and write
|
||
|
22D17FE000
|
stack
|
page read and write
|
||
|
44E22FB000
|
stack
|
page read and write
|
||
|
2EA8965D000
|
heap
|
page read and write
|
||
|
3B6AE7E000
|
stack
|
page read and write
|
||
|
1E68B2FB000
|
heap
|
page read and write
|
||
|
1F4F0F82000
|
heap
|
page read and write
|
||
|
19212502000
|
heap
|
page read and write
|
||
|
EB6BCFD000
|
stack
|
page read and write
|
||
|
277F9E77000
|
heap
|
page read and write
|
||
|
9E74FF000
|
stack
|
page read and write
|
||
|
44E207E000
|
stack
|
page read and write
|
||
|
3B6AFFE000
|
stack
|
page read and write
|
||
|
1E68B151000
|
trusted library allocation
|
page read and write
|
||
|
71EA07B000
|
stack
|
page read and write
|
||
|
22D1CFD000
|
stack
|
page read and write
|
||
|
1E68B2FE000
|
heap
|
page read and write
|
||
|
277F9D10000
|
heap
|
page read and write
|
||
|
1E685C9E000
|
heap
|
page read and write
|
||
|
227F4851000
|
heap
|
page read and write
|
||
|
1E686A70000
|
trusted library allocation
|
page read and write
|
||
|
E31FBFB000
|
stack
|
page read and write
|
||
|
251EB100000
|
heap
|
page read and write
|
||
|
277F9E7A000
|
heap
|
page read and write
|
||
|
227F483C000
|
heap
|
page read and write
|
||
|
9E757E000
|
stack
|
page read and write
|
||
|
3B6AB0D000
|
stack
|
page read and write
|
||
|
19212250000
|
heap
|
page read and write
|
||
|
2EA89708000
|
heap
|
page read and write
|
||
|
1C906C4E000
|
heap
|
page read and write
|
||
|
9E71FE000
|
stack
|
page read and write
|
||
|
9E747F000
|
stack
|
page read and write
|
||
|
E31FEFD000
|
stack
|
page read and write
|
||
|
12A7CC52000
|
heap
|
page read and write
|
||
|
227F484A000
|
heap
|
page read and write
|
||
|
9E6E7A000
|
stack
|
page read and write
|
||
|
277F9E6B000
|
heap
|
page read and write
|
||
|
12A7CC13000
|
heap
|
page read and write
|
||
|
13F8283C000
|
heap
|
page read and write
|
||
|
1F4F1140000
|
heap
|
page read and write
|
||
|
209F7866000
|
heap
|
page read and write
|
||
|
1E68B306000
|
heap
|
page read and write
|
||
|
13F82864000
|
heap
|
page read and write
|
||
|
1C906C7B000
|
heap
|
page read and write
|
||
|
2EA89665000
|
heap
|
page read and write
|
||
|
277F9E4B000
|
heap
|
page read and write
|
||
|
1E685D13000
|
heap
|
page read and write
|
||
|
1E68B200000
|
heap
|
page read and write
|
||
|
1E685C58000
|
heap
|
page read and write
|
||
|
1E68B480000
|
trusted library allocation
|
page read and write
|
||
|
E31FAFE000
|
stack
|
page read and write
|
||
|
209F786F000
|
heap
|
page read and write
|
||
|
3B6B0FF000
|
stack
|
page read and write
|
||
|
2EA89653000
|
heap
|
page read and write
|
||
|
209F7868000
|
heap
|
page read and write
|
||
|
1E68B4C0000
|
trusted library allocation
|
page read and write
|
||
|
23E27002000
|
trusted library allocation
|
page read and write
|
||
|
209F76F0000
|
heap
|
page read and write
|
||
|
23E26610000
|
heap
|
page read and write
|
||
|
2EA8965D000
|
heap
|
page read and write
|
||
|
209F7690000
|
heap
|
page read and write
|
||
|
227F4760000
|
heap
|
page read and write
|
||
|
1E68B190000
|
trusted library allocation
|
page read and write
|
||
|
1E68B620000
|
trusted library allocation
|
page read and write
|
||
|
1E68B23B000
|
heap
|
page read and write
|
||
|
1E68B2FB000
|
heap
|
page read and write
|
||
|
277F9D20000
|
heap
|
page read and write
|
||
|
1E68B306000
|
heap
|
page read and write
|
||
|
1E6863C1000
|
trusted library allocation
|
page read and write
|
||
|
2EA89629000
|
heap
|
page read and write
|
||
|
227F484E000
|
heap
|
page read and write
|
||
|
1E686FF0000
|
trusted library allocation
|
page read and write
|
||
|
1E68B180000
|
trusted library allocation
|
page read and write
|
||
|
1E68659D000
|
heap
|
page read and write
|
||
|
3B6AA8B000
|
stack
|
page read and write
|
||
|
1E685C00000
|
heap
|
page read and write
|
||
|
277F9E66000
|
heap
|
page read and write
|
||
|
9E717B000
|
stack
|
page read and write
|
||
|
7D0491B000
|
stack
|
page read and write
|
||
|
19212424000
|
heap
|
page read and write
|
||
|
E6E077000
|
stack
|
page read and write
|
||
|
19212400000
|
heap
|
page read and write
|
||
|
E6E17E000
|
stack
|
page read and write
|
||
|
E6E27E000
|
stack
|
page read and write
|
||
|
EB6BEFB000
|
stack
|
page read and write
|
||
|
22D1B7D000
|
stack
|
page read and write
|
||
|
209F7829000
|
heap
|
page read and write
|
||
|
19212C02000
|
trusted library allocation
|
page read and write
|
||
|
1E686A60000
|
trusted library allocation
|
page read and write
|
||
|
12A7D402000
|
trusted library allocation
|
page read and write
|
||
|
1C906C13000
|
heap
|
page read and write
|
||
|
209F7902000
|
heap
|
page read and write
|
||
|
277F9E61000
|
heap
|
page read and write
|
||
|
1C906C3C000
|
heap
|
page read and write
|
||
|
12A7CD00000
|
heap
|
page read and write
|
||
|
12A7CB20000
|
heap
|
page read and write
|
||
|
E31FDFE000
|
stack
|
page read and write
|
||
|
1E68B2B2000
|
heap
|
page read and write
|
||
|
251EB229000
|
heap
|
page read and write
|
||
|
277F9E30000
|
heap
|
page read and write
|
||
|
1E68B154000
|
trusted library allocation
|
page read and write
|
||
|
2EA89681000
|
heap
|
page read and write
|
||
|
44E20FD000
|
stack
|
page read and write
|
||
|
1C906D13000
|
heap
|
page read and write
|
||
|
192123C0000
|
trusted library allocation
|
page read and write
|
||
|
71EA3FA000
|
stack
|
page read and write
|
||
|
71EA6FF000
|
stack
|
page read and write
|
||
|
1E68B2FB000
|
heap
|
page read and write
|
||
|
13F82813000
|
heap
|
page read and write
|
||
|
6CC1E7B000
|
stack
|
page read and write
|
||
|
192122C0000
|
heap
|
page read and write
|
||
|
1F4F0FC0000
|
heap
|
page read and write
|
||
|
277F9E4E000
|
heap
|
page read and write
|
||
|
1E68B030000
|
trusted library allocation
|
page read and write
|
||
|
1E68B31D000
|
heap
|
page read and write
|
||
|
277F9E47000
|
heap
|
page read and write
|
||
|
E3203FE000
|
stack
|
page read and write
|
||
|
1E685C13000
|
heap
|
page read and write
|
||
|
2EA89E02000
|
trusted library allocation
|
page read and write
|
||
|
1C906AA0000
|
heap
|
page read and write
|
||
|
19212453000
|
heap
|
page read and write
|
||
|
13F827E0000
|
trusted library allocation
|
page read and write
|
||
|
1F4F1E20000
|
trusted library allocation
|
page read and write
|
||
|
22D197E000
|
stack
|
page read and write
|
||
|
23E26680000
|
heap
|
page read and write
|
||
|
12A7CC5F000
|
heap
|
page read and write
|
||
|
209F7813000
|
heap
|
page read and write
|
||
|
E3202FF000
|
stack
|
page read and write
|
||
|
1E685C8C000
|
heap
|
page read and write
|
||
|
277F9E4D000
|
heap
|
page read and write
|
||
|
1E68B180000
|
trusted library allocation
|
page read and write
|
||
|
1E686518000
|
heap
|
page read and write
|
||
|
9E707F000
|
stack
|
page read and write
|
||
|
1E68B2D5000
|
heap
|
page read and write
|
||
|
1E68B2A0000
|
heap
|
page read and write
|
||
|
209F7800000
|
heap
|
page read and write
|
||
|
1007FB000
|
stack
|
page read and write
|
||
|
B05787E000
|
stack
|
page read and write
|
||
|
2EA8963C000
|
heap
|
page read and write
|
||
|
2EA89702000
|
heap
|
page read and write
|
||
|
1F4F1B70000
|
trusted library allocation
|
page read and write
|
||
|
1F4F0F78000
|
heap
|
page read and write
|
||
|
1005FB000
|
stack
|
page read and write
|
||
|
1E686513000
|
heap
|
page read and write
|
||
|
6CC217E000
|
stack
|
page read and write
|
||
|
1E685C29000
|
heap
|
page read and write
|
||
|
1E68B470000
|
trusted library allocation
|
page read and write
|
||
|
277FA602000
|
trusted library allocation
|
page read and write
|
||
|
1E686415000
|
heap
|
page read and write
|
||
|
251EBA02000
|
trusted library allocation
|
page read and write
|
||
|
6CC1C7B000
|
stack
|
page read and write
|
||
|
1E68B2FB000
|
heap
|
page read and write
|
||
|
1E68B15B000
|
trusted library allocation
|
page read and write
|
||
|
1E68B2FC000
|
heap
|
page read and write
|
||
|
12A7CD13000
|
heap
|
page read and write
|
||
|
B05747E000
|
stack
|
page read and write
|
||
|
1E686518000
|
heap
|
page read and write
|
||
|
1E686500000
|
heap
|
page read and write
|
||
|
1F4F1270000
|
trusted library allocation
|
page read and write
|
There are 465 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Downloads/Invoice%20173215.pdf.html
|
|