Automated Malware Analysis IOC Report for

Files

File Path

Type

Category

Malicious

7095678345.htm (1).htm

HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators

initial sample

C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\0f80bb25-1a80-4659-a55b-de9f90caccaa.tmp

SysEx File -

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\1439dec1-731e-4b46-a1d9-0a55cf499c54.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\23bb742e-742a-4f68-bc07-3b1545234961.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\24596c5c-8209-460c-873c-0626407619d2.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\33b65c81-c1cd-4a6f-99e3-73b81fd0b304.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\350e61ff-5816-4ace-9271-dbaeeea15dbb.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\46b846c4-e120-4920-88a2-479f20bf1d05.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1334ab00-76c4-4a6e-961b-4713ff1f9197.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\19b888f2-dc1f-4a93-9ae7-0e75daffe3a0.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\52a1c72e-e143-4d37-92ab-1c2da8135151.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\564a6d9a-3bd5-4eb2-b8d1-cfa206459419.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\65e71bde-122d-428e-9679-04b1f0cde6bf.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\70cd9410-7a4d-4b23-b579-e86033d88524.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\868cbacf-22ac-4b9a-b570-c292d84435b8.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8a252e4f-1d43-493c-927c-7600e041d677.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8fe68368-d6e8-4540-a2c9-28d5cdb13af1.tmp

very short file (no magic)

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)

UTF-8 Unicode text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\50935733-7990-4d23-add7-44762028dc27.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\32d7c743-1d8e-4a84-a408-7628fa67b8de.tmp

ASCII text, with very long lines, with no line terminators

modified

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b3ab9c09-8894-4d09-9abb-a25f71bd9845.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ca2ce562-1e36-452c-9b6c-2b8efb480ecc.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\caacbb89-f460-4cee-8cd3-d07d8ebc46d0.tmp

UTF-8 Unicode text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cf45d06c-0347-41bd-a4b5-217ee7d32dd4.tmp

UTF-8 Unicode text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cf9b5225-6ef4-4197-af8a-2bce6502ee40.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d73e9533-83a4-40c4-9ab6-36e7f29b613f.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)

ASCII text

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dfc4ae95-d03b-41c0-b849-5df7b6a019cb.tmp

UTF-8 Unicode text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e586abdd-e185-4d86-bf2b-8447a5e80dc4.tmp

UTF-8 Unicode text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f255b1f0-6e63-414c-956c-1383928b3701.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version

ASCII text, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)

data

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\cf2ffcf3-defc-475b-9466-2136b768f63c.tmp

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Google\Chrome\User Data\e620577f-9ebd-4b91-9dd8-03a04b134279.tmp

data

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_metadata\verified_contents.json

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_pnacl_json

ASCII text

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o

ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o

ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o

ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe

ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a

current ar archive

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a

current ar archive

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a

current ar archive

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a

current ar archive

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe

ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe

ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped

dropped

C:\Users\user\AppData\Local\Temp\2092_1861363735\manifest.fingerprint

ASCII text, with no line terminators

modified

C:\Users\user\AppData\Local\Temp\2092_1861363735\manifest.json

ASCII text

dropped

C:\Users\user\AppData\Local\Temp\2092_673881303\crl-set

data

dropped

C:\Users\user\AppData\Local\Temp\2092_673881303\manifest.json

ASCII text

dropped

C:\Users\user\AppData\Local\Temp\58e267dc-ca2b-4ffc-935f-2e994564078c.tmp

very short file (no magic)

dropped

C:\Users\user\AppData\Local\Temp\fe17c998-01c1-4a05-9a54-f138f71dd368.tmp

Google Chrome extension, version 3

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\bg\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\ca\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\cs\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\da\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\de\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\el\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\en\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\en_GB\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\es\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\es_419\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\et\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\fi\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\fil\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\fr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\hi\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\hr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\hu\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\id\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\it\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\ja\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\ko\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\lt\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\lv\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\nb\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\nl\messages.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\pl\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\pt_BR\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\pt_PT\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\ro\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\ru\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\sk\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\sl\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\sr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\sv\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\th\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\tr\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\uk\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\vi\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\zh_CN\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_locales\zh_TW\messages.json

UTF-8 Unicode text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\_metadata\verified_contents.json

ASCII text, with very long lines, with no line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\craw_background.js

ASCII text, with very long lines

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\craw_window.js

ASCII text, with very long lines

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\css\craw_window.css

ASCII text

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\html\craw_window.html

HTML document, ASCII text

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\images\flapper.gif

GIF image data, version 89a, 30 x 30

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\images\icon_128.png

PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\images\icon_16.png

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\images\topbar_floating_button.png

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\images\topbar_floating_button_close.png

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\images\topbar_floating_button_hover.png

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\images\topbar_floating_button_maximize.png

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\images\topbar_floating_button_pressed.png

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\CRX_INSTALL\manifest.json

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\scoped_dir2092_832597729\fe17c998-01c1-4a05-9a54-f138f71dd368.tmp

Google Chrome extension, version 3

dropped

There are 113 hidden files, click here to show them.

Processes

Path

Cmdline

Malicious

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\7095678345.htm (1).htm

Details

Is windows:	true
Is dropped:	false
PID:	2092
Target ID:	0
Parent PID:	976
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\7095678345.htm (1).htm
Size:	2150896
MD5:	C139654B5C1438A95B321BB01AD63EF6
Time:	19:49:47
Date:	26/05/2022
Reason:	newprocess
Reputation:	high
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff6a37e0000
Modulesize:	2199552
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1628,9509762433040047653,17946527193721714759,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1960 /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	3176
Target ID:	1
Parent PID:	2092
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1628,9509762433040047653,17946527193721714759,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1960 /prefetch:8
Size:	2150896
MD5:	C139654B5C1438A95B321BB01AD63EF6
Time:	19:49:49
Date:	26/05/2022
Reason:	newprocess
Reputation:	high
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff6a37e0000
Modulesize:	2199552
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

URLs

Name

Malicious

file:///C:/Users/user/Desktop/7095678345.htm%20(1).htm

https://code.jquery.com.de/post/index.php?title=Sign%20in%20to%20your%20account&link=file:///C:/Users/user/Desktop/7095678345.htm%20(1).htm&time=2022-5-26%2019:50:1&ip=102.129.143.42%20:%20Switzerland

38.34.185.163

https://dns.google

unknown

https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p

unknown

https://www.google.com/intl/en-US/chrome/blank.html

unknown

https://ogs.google.com

unknown

https://woodstatech.com/DATA.php

unknown

https://www.google.com/images/cleardot.gif

unknown

https://code.jquery.com.de/ip.php

38.34.185.163

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1

216.58.215.238

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

142.250.203.109

https://payments.google.com/payments/v4/js/integrator.js

unknown

https://chromium.googlesource.com/a/native_client/pnacl-llvm.git

unknown

https://sandbox.google.com/payments/v4/js/integrator.js

unknown

https://www.google.com/images/x2.gif

unknown

https://accounts.google.com/MergeSession

unknown

http://llvm.org/):

unknown

https://www.google.com

unknown

https://www.google.com/images/dot2.gif

unknown

https://code.google.com/p/nativeclient/issues/entry%s:

unknown

https://code.jquery.com.de/jquery-3.5.1.min.js

38.34.185.163

https://code.google.com/p/nativeclient/issues/entry

unknown

https://logo.clearbit.com/globalfoundries.com

143.204.233.38

https://accounts.google.com

unknown

https://clients2.googleusercontent.com

unknown

https://apis.google.com

unknown

https://www.google.com/accounts/OAuthLogin?issueuberauth=1

unknown

https://www.google.com/

unknown

https://www-googleapis-staging.sandbox.google.com

unknown

https://chromium.googlesource.com/a/native_client/pnacl-clang.git

unknown

https://clients2.google.com

unknown

https://clients2.google.com/service/update2/crx

unknown

There are 22 hidden URLs, click here to show them.

Domains

Name

Malicious

d26p066pn2w0s0.cloudfront.net

143.204.233.38

accounts.google.com

142.250.203.109

Details

Name:	accounts.google.com
IP:	142.250.203.109
TargetID:	1
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Active:	true
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
Posts data to webserver	Networking	Application Layer Protocol Non-Application Layer Protocol
URLs found in memory or binary data	Networking

clients.l.google.com

216.58.215.238

code.jquery.com.de

38.34.185.163

Details

Name:	code.jquery.com.de
IP:	38.34.185.163
TargetID:	1
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Active:	true

Signature Hits	Behavior Group	Mitre Attack
Downloads files from webservers via HTTP	Networking	Application Layer Protocol Non-Application Layer Protocol Ingress Tool Transfer

clients2.google.com

unknown

Details

Name:	clients2.google.com
TargetID:	1
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
Downloads files from webservers via HTTP	Networking	Application Layer Protocol Non-Application Layer Protocol Ingress Tool Transfer
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol
URLs found in memory or binary data	Networking

logo.clearbit.com

unknown

Details

Name:	logo.clearbit.com
TargetID:	1
Current Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
Downloads files from webservers via HTTP	Networking	Application Layer Protocol Non-Application Layer Protocol Ingress Tool Transfer

IPs

Domain

Country

Malicious

192.168.2.1

unknown

216.58.215.238

clients.l.google.com

United States

38.34.185.163

code.jquery.com.de

United States

192.168.2.3

unknown

239.255.255.250

unknown

Reserved

143.204.233.38

d26p066pn2w0s0.cloudfront.net

United States

127.0.0.1

unknown

142.250.203.109

accounts.google.com

United States

Registry

Path

Value

Malicious

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

ahfgeienlihckogmohjhadlkjgocpleb

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

gdaefkejpgkiemlaofpalmlakkmbjdnl

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

gfdkimpbcpahaombhbimeihdjnejgicl

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

kmendfapggjehodndflmmgagdbamhnfd

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

mfehgcgbbipciphmccgaenjidiccnmng

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

mhjfbmdgcfjbbpaeojofohoefgiehjai

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

neajdppkdcdipfabeoofebfddakdcjhd

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nkeimhogjdpnpccoofpliimaahmaaome

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

prefs.preference_reset_time

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault

S-1-5-21-3853321935-2125563209-4053062332-1002

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

gfdkimpbcpahaombhbimeihdjnejgicl

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

pkedcjkdefgpdelpbcmbmeomcjbeemfm

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon

state

HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon

state

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

software_reporter.reporting

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

module_blacklist_cache_md5_digest

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

media.storage_id_salt

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

google.services.last_account_id

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

google.services.account_id

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

software_reporter.prompt_seed

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.last_triggered_for_homepage

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

default_search_provider_data.template_url_data

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

safebrowsing.incidents_sent

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

pinned_tabs

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

search_provider_overrides

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.last_triggered_for_default_search

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

prefs.preference_reset_time

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

google.services.last_username

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

session.startup_urls

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

session.restore_on_startup

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

software_reporter.prompt_version

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.last_triggered_for_startup_urls

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.prompt_wave

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

homepage

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

homepage_is_newtabpage

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default

browser.show_home_button

HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics

user_experience_metrics.stability.exited_cleanly

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

lastrun

There are 34 hidden registries, click here to show them.

Memdumps

Base Address

Regiontype

Protect

Malicious

24FA74CC000

heap

page read and write

68E2A7F000

stack

page read and write

1EC850E0000

trusted library allocation

page read and write

D167BFE000

stack

page read and write

24FA2415000

heap

page read and write

208C1FE000

stack

page read and write

24FA2400000

heap

page read and write

8F0E37B000

stack

page read and write

24FA74DB000

heap

page read and write

24FA74E1000

heap

page read and write

24FA7400000

heap

page read and write

24FA2599000

heap

page read and write

1EC852A1000

heap

page read and write

7BC7177000

stack

page read and write

1EC850D0000

heap

page read and write

24FA2559000

heap

page read and write

153EEA30000

heap

page read and write

24FA259A000

heap

page read and write

24FA2599000

heap

page read and write

24FA2380000

trusted library section

page read and write

1E9AB180000

heap

page read and write

24FA74AB000

heap

page read and write

1EC86190000

trusted library allocation

page read and write

24FA74D3000

heap

page read and write

153EEC5A000

heap

page read and write

24FA1B13000

heap

page read and write

245A1713000

heap

page read and write

8F0E47E000

stack

page read and write

24FA7526000

heap

page read and write

24FA1A70000

heap

page read and write

24FA19D0000

heap

page read and write

68E307E000

stack

page read and write

208BC7B000

stack

page read and write

24FA74DD000

heap

page read and write

153EEC7E000

heap

page read and write

24FA751F000

heap

page read and write

24FA7502000

heap

page read and write

24FA7610000

trusted library allocation

page read and write

24FA2C60000

trusted library section

page readonly

24FA2518000

heap

page read and write

1EC85292000

heap

page read and write

24FA74E1000

heap

page read and write

1AF9DD08000

heap

page read and write

D16737F000

stack

page read and write

1E9AB202000

heap

page read and write

24FA1AA1000

heap

page read and write

24FA2900000

trusted library allocation

page read and write

24FA2402000

heap

page read and write

1EC852A1000

heap

page read and write

1AF9DAF0000

heap

page read and write

245A1580000

trusted library allocation

page read and write

24FA25DB000

heap

page read and write

24FA741E000

heap

page read and write

24FA74B8000

heap

page read and write

24FA7510000

heap

page read and write

24FA2558000

heap

page read and write

1EC852A1000

heap

page read and write

1EC85299000

heap

page read and write

245A1649000

heap

page read and write

245A164F000

heap

page read and write

68E2C7B000

stack

page read and write

153EED02000

heap

page read and write

1AF9DA90000

heap

page read and write

245A167D000

heap

page read and write

24FA74E3000

heap

page read and write

24FA2518000

heap

page read and write

24FA74E4000

heap

page read and write

68E270C000

stack

page read and write

1AF9DC00000

heap

page read and write

24FA7060000

trusted library allocation

page read and write

7BC6B7E000

stack

page read and write

D16717A000

stack

page read and write

24FA2C90000

trusted library section

page readonly

24FA72D0000

remote allocation

page read and write

24FA1A00000

heap

page read and write

24FA74E5000

heap

page read and write

1AF9DBF0000

trusted library allocation

page read and write

1EC85F80000

trusted library allocation

page read and write

24FA74DE000

heap

page read and write

24FA71B0000

trusted library allocation

page read and write

1EC85240000

heap

page read and write

24FA7516000

heap

page read and write

24FA2C80000

trusted library section

page readonly

24FA7502000

heap

page read and write

24FA1A75000

heap

page read and write

D16747A000

stack

page read and write

153EEC65000

heap

page read and write

24FA74DB000

heap

page read and write

24FA1970000

heap

page read and write

208BCFE000

stack

page read and write

1EC85460000

heap

page readonly

24FA2B70000

trusted library allocation

page read and write

24FA7194000

trusted library allocation

page read and write

24FA7170000

trusted library allocation

page read and write

24FA7516000

heap

page read and write

24FA2A60000

trusted library allocation

page read and write

24FA7178000

trusted library allocation

page read and write

24FA1A9F000

heap

page read and write

24FA7507000

heap

page read and write

24FA71A0000

trusted library allocation

page read and write

61E255B000

stack

page read and write

245A164B000

heap

page read and write

1AF9E402000

trusted library allocation

page read and write

24FA2559000

heap

page read and write

24FA71A0000

trusted library allocation

page read and write

245A1647000

heap

page read and write

245A164D000

heap

page read and write

24FA2599000

heap

page read and write

1AF9DC55000

heap

page read and write

24FA2513000

heap

page read and write

24FA1A8D000

heap

page read and write

24FA74E9000

heap

page read and write

61E2979000

stack

page read and write

24FA7502000

heap

page read and write

1AF9DC9C000

heap

page read and write

24FA74E6000

heap

page read and write

1EC85490000

trusted library allocation

page read and write

24FA74E9000

heap

page read and write

24FA7010000

trusted library allocation

page read and write

D16787E000

stack

page read and write

153EEC00000

heap

page read and write

24FA2CA0000

trusted library section

page readonly

24FA717E000

trusted library allocation

page read and write

24FA1960000

heap

page read and write

24FA1A8F000

heap

page read and write

D166E7B000

stack

page read and write

1EC861E0000

trusted library allocation

page read and write

24FA7509000

heap

page read and write

245A166F000

heap

page read and write

1EC85485000

heap

page read and write

24FA1A2A000

heap

page read and write

24FA7050000

trusted library allocation

page read and write

245A163C000

heap

page read and write

153EEC60000

heap

page read and write

24FA7509000

heap

page read and write

24FA1A94000

heap

page read and write

24FA746E000

heap

page read and write

245A1613000

heap

page read and write

24FA2600000

trusted library allocation

page read and write

24FA7526000

heap

page read and write

208BE7B000

stack

page read and write

1EC853A0000

trusted library allocation

page read and write

24FA2A70000

trusted library allocation

page read and write

8F0E67E000

stack

page read and write

24FA7170000

trusted library allocation

page read and write

1E9AB110000

heap

page read and write

245A1708000

heap

page read and write

153EEC8A000

heap

page read and write

1E9AB27A000

heap

page read and write

24FA1B02000

heap

page read and write

24FA72B0000

trusted library allocation

page read and write

245A1629000

heap

page read and write

24FA7240000

trusted library allocation

page read and write

68E2D77000

stack

page read and write

24FA7280000

trusted library allocation

page read and write

24FA1AFD000

heap

page read and write

1EC85489000

heap

page read and write

24FA1A8B000

heap

page read and write

1EC853B0000

trusted library allocation

page read and write

24FA7290000

trusted library allocation

page read and write

8F0E57E000

stack

page read and write

24FA74E4000

heap

page read and write

24FA2FF0000

trusted library allocation

page read and write

245A1686000

heap

page read and write

24FA74E2000

heap

page read and write

245A1600000

heap

page read and write

24FA7526000

heap

page read and write

7BC6EFB000

stack

page read and write

1AF9DC4C000

heap

page read and write

24FA717B000

trusted library allocation

page read and write

245A1480000

heap

page read and write

24FA2C70000

trusted library section

page readonly

153EED08000

heap

page read and write

24FA2C50000

trusted library section

page readonly

7BC6FFB000

stack

page read and write

24FA7461000

heap

page read and write

D167077000

stack

page read and write

24FA74DE000

heap

page read and write

24FA7528000

heap

page read and write

1EC85340000

heap

page read and write

24FA73C0000

trusted library allocation

page read and write

1E9AB200000

heap

page read and write

153EEC5D000

heap

page read and write

1E9AB302000

heap

page read and write

1AF9DC6F000

heap

page read and write

153EF402000

trusted library allocation

page read and write

24FA74DE000

heap

page read and write

24FA7190000

trusted library allocation

page read and write

1AF9DC51000

heap

page read and write

153EEA90000

heap

page read and write

D16757B000

stack

page read and write

24FA1A13000

heap

page read and write

24FA74E4000

heap

page read and write

24FA7411000

heap

page read and write

1E9AB120000

heap

page read and write

153EEC02000

heap

page read and write

24FA7516000

heap

page read and write

153EEC3C000

heap

page read and write

D1677FA000

stack

page read and write

24FA74E8000

heap

page read and write

1AF9DC91000

heap

page read and write

153EEC13000

heap

page read and write

1E9AB300000

heap

page read and write

8F0E07C000

stack

page read and write

7BC727E000

stack

page read and write

245A1700000

heap

page read and write

1E9ABC02000

trusted library allocation

page read and write

24FA743E000

heap

page read and write

24FA751F000

heap

page read and write

153EEA20000

heap

page read and write

68E2E7E000

stack

page read and write

1AF9DD02000

heap

page read and write

1EC8528D000

heap

page read and write

24FA750E000

heap

page read and write

D1678FF000

stack

page read and write

1EC85450000

trusted library allocation

page read and write

D16797F000

stack

page read and write

D166EFE000

stack

page read and write

24FA74E1000

heap

page read and write

24FA72C0000

trusted library allocation

page read and write

24FA74A1000

heap

page read and write

153EEC7E000

heap

page read and write

24FA7191000

trusted library allocation

page read and write

1E9AB228000

heap

page read and write

24FA71B4000

trusted library allocation

page read and write

245A1E02000

trusted library allocation

page read and write

24FA2559000

heap

page read and write

24FA72E0000

trusted library allocation

page read and write

D16767E000

stack

page read and write

1E9AB313000

heap

page read and write

24FA72A0000

trusted library allocation

page read and write

24FA72D0000

remote allocation

page read and write

24FA2270000

trusted library allocation

page read and write

24FA7177000

trusted library allocation

page read and write

68E278E000

stack

page read and write

1E9AB213000

heap

page read and write

24FA7171000

trusted library allocation

page read and write

1AF9DD00000

heap

page read and write

153EEC29000

heap

page read and write

24FA74E9000

heap

page read and write

24FA72D0000

remote allocation

page read and write

208C0F7000

stack

page read and write

153EED00000

heap

page read and write

1EC85480000

heap

page read and write

245A1702000

heap

page read and write

24FA1A79000

heap

page read and write

24FA1A3F000

heap

page read and write

24FA73D0000

trusted library allocation

page read and write

D167A7C000

stack

page read and write

24FA7507000

heap

page read and write

24FA2559000

heap

page read and write

208C2FF000

stack

page read and write

D1675FF000

stack

page read and write

24FA74E5000

heap

page read and write

24FA7510000

heap

page read and write

1AF9DD13000

heap

page read and write

7BC6AFC000

stack

page read and write

1AF9DA80000

heap

page read and write

24FA7509000

heap

page read and write

24FA751F000

heap

page read and write

1AF9DC3C000

heap

page read and write

24FA2558000

heap

page read and write

24FA74E4000

heap

page read and write

24FA74DB000

heap

page read and write

7BC6BFF000

stack

page read and write

68E2B7C000

stack

page read and write

24FA72D0000

trusted library allocation

page read and write

24FA742B000

heap

page read and write

24FA74E9000

heap

page read and write

153EEC51000

heap

page read and write

153EEC8D000

heap

page read and write

1E9AB240000

heap

page read and write

24FA7517000

heap

page read and write

24FA2500000

heap

page read and write

1EC8528B000

heap

page read and write

24FA750E000

heap

page read and write

208BFFE000

stack

page read and write

24FA6FF0000

trusted library allocation

page read and write

208BD7E000

stack

page read and write

1EC85248000

heap

page read and write

24FA2518000

heap

page read and write

24FA7507000

heap

page read and write

1E9AB253000

heap

page read and write

24FA7174000

trusted library allocation

page read and write

68E2F7D000

stack

page read and write

24FA74DD000

heap

page read and write

24FA2A63000

trusted library allocation

page read and write

24FA74E2000

heap

page read and write

61E2AF9000

stack

page read and write

24FA74E1000

heap

page read and write

1AF9DC80000

heap

page read and write

7BC707F000

stack

page read and write

24FA7240000

trusted library allocation

page read and write

61E29FE000

stack

page read and write

24FA1B26000

heap

page read and write

24FA7526000

heap

page read and write

D1676FE000

stack

page read and write

1E9AB1B0000

trusted library allocation

page read and write

24FA74E4000

heap

page read and write

61E28F9000

stack

page read and write

153EED13000

heap

page read and write

153EEC80000

heap

page read and write

7BC737F000

stack

page read and write

24FA2518000

heap

page read and write

24FA1A57000

heap

page read and write

24FA7516000

heap

page read and write

1AF9DC13000

heap

page read and write

1EC85210000

heap

page read and write

24FA74E5000

heap

page read and write

1EC85470000

trusted library allocation

page read and write

24FA744B000

heap

page read and write

24FA7516000

heap

page read and write

1EC85410000

trusted library allocation

page read and write

24FA2A80000

trusted library allocation

page read and write

24FA23E1000

trusted library allocation

page read and write

24FA72C0000

trusted library allocation

page read and write

245A1420000

heap

page read and write

208BF7B000

stack

page read and write

1AF9DC29000

heap

page read and write

245A1410000

heap

page read and write

D16727A000

stack

page read and write

153EEB90000

trusted library allocation

page read and write

There are 312 hidden memdumps, click here to show them.

DOM / HTML

URL

Malicious

file:///C:/Users/user/Desktop/7095678345.htm%20(1).htm

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
7095678345.htm (1).htm

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

DOM / HTML

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report7095678345.htm (1).htm

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

DOM / HTML

IOC Report
7095678345.htm (1).htm