Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2ab05f94-ed36-4f75-ada2-0ac8c47a81bc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3fcd2179-e311-4077-abb7-d4f67b19b47f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\88087401-3f83-481d-9cfd-88ba6b578055.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\14677b2a-e45b-4d09-abcd-b6498b71076c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\30e9a5a9-bf6d-4085-925a-4ddc664d3753.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6a135a0d-f72f-4169-ad67-40a87867541d.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7da24960-14a3-44d1-b864-8f69aa6f3ae7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\87a7cc36-8305-4a9b-ade0-ec0d67669df6.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8cba0ea6-5148-4f58-8f37-ee068b0aa1d7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9acc028b-31c1-4ea0-9162-890eeac20bd2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\ba66f1d0-b058-457d-a34a-ba6133355a78.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\7fd61e8c-4120-416f-9676-3357b189174b.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ac5bd2c2-2a5c-4791-b314-04c48e831a9e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ac8ce558-dba4-4b91-b85f-092817d9f2b6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c500dd7d-0367-4d7d-ba11-641571d7a60a.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cab14d25-1b3b-4d7d-877e-0874ba9c68a8.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d10651d0-d0c4-4092-b3b8-9bf7460ad255.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d12dc11a-2d05-479c-bc6d-ffcea13ec1be.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d4e4ad71-e5e0-4f26-a85f-1d3fdf64f491.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d78c232e-5872-4cd4-94d5-826b30ab4946.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ec65722b-96c9-4853-acc4-510190786c20.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a7ef37a4-7a2b-4806-aae0-e539fbd8f5b9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\acea78ab-7859-4633-a619-8ff34644a557.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c37e9474-ff6a-413d-8291-dc76f313e0bc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d2dea7e4-5dee-4b48-94ab-8bb31cb0a50c.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f24c03dd-dd18-48c6-9e70-284784cc2ca9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f5162211-2089-40f5-bb6c-15d3c14f40d6.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\03cf3aec-58a7-4a6b-8ebe-fcfc4b720aa9.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1077292454\Filtering Rules
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1077292454\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1077292454\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1077292454\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1077292454\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1077292454\manifest.json~
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5076_1975178483\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8dd00e18-6a50-4b2c-b7d2-54d19192891f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\8dd00e18-6a50-4b2c-b7d2-54d19192891f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5076_1163192272\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 115 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://servermail.nicepage.io/Home.html
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,5326807231580859872,14229278404021066585,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://servermail.nicepage.io/Home.html
|
 |
||
|
https://nicepage.com/Editor/Account/LogOn
|
|
||
|
https://nicepage.com/premium?code=spring22
|
|
||
|
https://nicepage.com/html-templates
|
|
||
|
https://servermail.nicepage.io/Home.html
|
|
||
|
https://nicepage.com/blog
|
|
||
|
https://nicepage.com/download
|
|
||
|
https://nicepage.com/features
|
|
||
|
https://capp.nicepage.com/a0d0aba761b80d62acee87a0bf8bf38bc3e34595/main-libs.css
|
89.187.165.8
|
||
|
https://csite.nicepage.com/Images/Site/features-1200.jpg?v1
|
89.187.165.7
|
||
|
https://images01.nicepage.com/page/87/43/html-template-87432.jpg
|
89.187.165.7
|
||
|
https://connect.facebook.net/signals/config/251025992170426?v=2.9.61&r=stable
|
157.240.17.15
|
||
|
https://nicepage.com/premium?code=spring22
|
85.17.54.85
|
||
|
https://stats.g.doubleclick.net
|
unknown
|
||
|
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-88868916-2&cid=1579679181.1653589132&jid=770968875&_u=YADAAUAAAAAAAC~&z=297391932
|
172.217.168.67
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://csite.nicepage.com/Scripts/Site/auth.js?version=a0d0aba761b80d62acee87a0bf8bf38bc3e34595
|
89.187.165.7
|
||
|
https://www.gravatar.com/avatar/3eacab1c7ffbd813129ceface28448ca?s=32&d=identicon
|
192.0.73.2
|
||
|
https://capp.nicepage.com/6b047001247bd3acaf8181458c0aa5aa8659c202/nicepage.js
|
89.187.165.8
|
||
|
https://images01.nicepage.com/page/23/73/website-template-23732.jpg
|
89.187.165.7
|
||
|
https://images01.nicepage.com/page/31/08/website-template-31086.jpg
|
89.187.165.7
|
||
|
https://csite.resource.nicepage.com/nicepage.css?version=a18fb524-a668-4352-9e9f-e88f59290bb7
|
89.187.165.7
|
||
|
https://www.facebook.com/x/oauth/status?client_id=290410448063109&input_token&origin=1&redirect_uri=https%3A%2F%2Fnicepage.com%2Fblog&sdk=joey&wants_cookie_data=true
|
157.240.17.35
|
||
|
https://www.google.com/pagead/1p-user-list/797221335/?random=1653589132813&cv=9&fst=1653588000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2>m=2oa5n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnicepage.com%2F&tiba=Free%20Website%20Builder%20Software%20%7C%2010%2C000%2B%20Free%20Templates&async=1&fmt=3&is_vtc=1&random=1644770843&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
|
142.250.203.100
|
||
|
https://www.google.com
|
unknown
|
||
|
https://images01.nicepage.com/page/23/73/html-template-23732.jpg
|
89.187.165.7
|
||
|
https://connect.facebook.net/en_US/sdk.js
|
157.240.17.15
|
||
|
https://capp.nicepage.com/a0d0aba761b80d62acee87a0bf8bf38bc3e34595/main-libs.js
|
89.187.165.8
|
||
|
https://connect.facebook.net/en_US/fbevents.js
|
157.240.17.15
|
||
|
https://static.nicepage.com/images/site/payment_methods.png
|
89.187.165.8
|
||
|
https://capp.nicepage.com/assets/jquery-1.9.1.min.js
|
89.187.165.8
|
||
|
https://images03.nicepage.com/a122014e1e8cdf24af08f98c/582b62f529195fe694453e8f/boxblue.png
|
89.187.165.8
|
||
|
https://capp.nicepage.com/a0d0aba761b80d62acee87a0bf8bf38bc3e34595/templates-page-libs.css
|
89.187.165.8
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://resources.nicepage.com/119/81119/password-protection-wp-joomla-online.jpg
|
89.187.165.7
|
||
|
https://csite.nicepage.com/Images/Site/free-html-templates-1200.jpg?v=4
|
89.187.165.7
|
||
|
https://nicepage.com/Content/Images/Site/post-type-wishlist.png
|
85.17.54.85
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://apis.google.com/js/platform.js?onload=initGoogleSignIn
|
172.217.168.78
|
||
|
https://csite.nicepage.com/Images/logo-w.png
|
89.187.165.7
|
||
|
https://nicepage.com/blog
|
85.17.54.85
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://static.nicepage.com/images/site/tick.png
|
89.187.165.8
|
||
|
https://www.facebook.com/tr/?id=251025992170426&ev=PageView&dl=https%3A%2F%2Fnicepage.com%2Fforum&rl=&if=false&ts=1653589172790&sw=1280&sh=1024&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653589144150.117037055&it=1653589172620&coo=false&rqm=GET
|
157.240.17.35
|
||
|
https://nicepage.com/features
|
85.17.54.85
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://www.facebook.com/x/oauth/status?client_id=290410448063109&input_token&origin=1&redirect_uri=https%3A%2F%2Fnicepage.com%2FEditor%2FAccount%2FLogOn&sdk=joey&wants_cookie_data=true
|
157.240.17.35
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
216.58.215.238
|
||
|
https://images01.nicepage.com/page/25/12/website-template-25122.jpg
|
89.187.165.7
|
||
|
https://www.gravatar.com/avatar/2e5e7f3d9fe927d65db53a6c5e087651?s=32&d=identicon
|
192.0.73.2
|
||
|
https://static.nicepage.com/images/social/icon-facebook-login-w.png
|
89.187.165.8
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://images01.nicepage.com/page/32/49/html-template-32495.jpg
|
89.187.165.7
|
||
|
https://www.google.co.uk/pagead/1p-user-list/797221335/?random=1653589132813&cv=9&fst=1653588000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2>m=2oa5n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnicepage.com%2F&tiba=Free%20Website%20Builder%20Software%20%7C%2010%2C000%2B%20Free%20Templates&async=1&fmt=3&is_vtc=1&random=1644770843&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
|
172.217.168.35
|
||
|
https://csite.nicepage.com/Images/Site/free-website-templates-1200.jpg?v=4
|
89.187.165.7
|
||
|
https://static.nicepage.com/images/social/icon-google-login-w.png
|
89.187.165.8
|
||
|
https://nicepage.com/Content/Images/Site/icon-support-32.png
|
85.17.54.85
|
||
|
https://nicepage.com/website-templates
|
85.17.54.85
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www.google.co.uk
|
unknown
|
||
|
https://nicepage.com/forum
|
85.17.54.85
|
||
|
https://images02.nicepage.com/d2c2e8092cf74b7ac9934bea/ce0c8589c7e35fb687ae5524/38c1b8f1-1df7-41f5-a5b9-e8d9afa9792b.png
|
89.187.165.7
|
||
|
https://www.facebook.com/tr/?id=251025992170426&ev=Microdata&dl=https%3A%2F%2Fnicepage.com%2Fforum&rl=&if=false&ts=1653589173296&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Forum%20Recent%20Activity%20-%20Nicepage%20Forum%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnicepage.com%2Fforum%22%2C%22og%3Atitle%22%3A%22Forum%20Recent%20Activity%20-%20Nicepage%20Forum%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.nicepage.com%2Fimages%2Fsite%2Fnicepage.jpg%22%2C%22og%3Adescription%22%3A%22Build%20awesome%20web%20pages%20online%20and%20offline%2C%20for%20WordPress%2C%20Joomla%20and%20HTML%20websites!%20Easy%20Drag-n-Drop.%20No%20coding.%20Mobile-friendly.%20Clean%20HTML.%22%2C%22og%3Asite_name%22%3A%22Nicepage.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1653589144150.117037055&it=1653589172620&coo=false&es=automatic&tm=3&rqm=GET
|
157.240.17.35
|
||
|
https://images01.nicepage.com/page/63/54/website-template-63541.jpg
|
89.187.165.7
|
||
|
https://resources.nicepage.com/999/79999/password-protected.jpg
|
89.187.165.7
|
||
|
https://nicepage.com/Content/Images/Site/post-type-question.png
|
85.17.54.85
|
||
|
https://images03.nicepage.com/a122014e1e8cdf24af08f98c/ebf15a0f5292528baf668321/langs.png
|
89.187.165.8
|
||
|
https://capp.nicepage.com/a0d0aba761b80d62acee87a0bf8bf38bc3e34595/site-common-libs.js
|
89.187.165.8
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://images03.nicepage.com/a122014e1e8cdf24af08f98c/c6a4f9513b875aba994ff889/bars2.png
|
89.187.165.8
|
||
|
https://images02.nicepage.com/d2c2e8092cf74b7ac9934bea/20ca28bc5e6b5fb1bd4045b2/d175bcd3-9271-4cd8-910c-0decf7983c79.png
|
89.187.165.7
|
||
|
https://play.google.com
|
unknown
|
||
|
https://connect.facebook.net/en_US/sdk.js?hash=11eef864727ea0eb3e2464f11a4b10c0
|
157.240.17.15
|
||
|
https://csite.resource.nicepage.com/nicepage.css?version=2ed5712f-ad71-469f-acdc-7c4a4994fbb1
|
89.187.165.7
|
||
|
https://www.google.ch
|
unknown
|
||
|
https://www.gravatar.com/avatar/ca36c1f519952e0cc3511d8fa8fa01d7?s=32&d=identicon
|
192.0.73.2
|
||
|
https://images01.nicepage.com/page/81/13/website-template-81130.jpg
|
89.187.165.7
|
||
|
https://nicepage.com/Content/Images/Site/post-type-bug.png
|
85.17.54.85
|
||
|
https://images01.nicepage.com/cd46d0ff82086185e4d7aa0f/aacfcb8d70df5b5182d11abb/coupon_25_2022-spring-sale-1800_2-dda7.jpg?v2
|
89.187.165.7
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://nicepage.com/Editor/Account/LogOn
|
85.17.54.85
|
||
|
https://www.facebook.com/tr/?id=290410448063109&ev=fb_page_view&dl=https%3A%2F%2Fnicepage.com%2FEditor%2FAccount%2FLogOn&rl=&if=false&ts=1653589185205&sw=1280&sh=1024&at=
|
157.240.17.35
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
|
https://nicepage.com/Content/Images/Site/icon-sticky.png
|
85.17.54.85
|
||
|
https://github.com/easylist)
|
unknown
|
||
|
https://creativecommons.org/.
|
unknown
|
||
|
https://csite.nicepage.com/Styles/auth.css?version=a0d0aba761b80d62acee87a0bf8bf38bc3e34595
|
89.187.165.7
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://images01.nicepage.com/page/29/37/html-template-29376.jpg
|
89.187.165.7
|
||
|
https://www.gravatar.com/avatar/586a4666adf020e716f4458b7be0f417?s=32&d=identicon
|
192.0.73.2
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://images01.nicepage.com/page/70/26/website-template-70266.jpg
|
89.187.165.7
|
||
|
https://capp.nicepage.com/a0d0aba761b80d62acee87a0bf8bf38bc3e34595/site-common-libs.css
|
89.187.165.8
|
||
|
https://www.facebook.com/tr/?id=290410448063109&ev=fb_page_view&dl=https%3A%2F%2Fnicepage.com%2Fblog&rl=&if=false&ts=1653589180611&sw=1280&sh=1024&at=
|
157.240.17.35
|
||
|
https://images01.nicepage.com/page/23/33/html-template-23330.jpg
|
89.187.165.7
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://csite.nicepage.com/Images/Site/icon-input-search.png
|
89.187.165.7
|
||
|
https://images04.nicepage.com/feature/531925/web-page-elements.jpg
|
89.187.165.7
|
||
|
https://nicepage.com/html-templates
|
85.17.54.85
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
216.58.215.227
|
||
|
1897017888.rsc.cdn77.org
|
89.187.165.7
|
||
|
1472085140.rsc.cdn77.org
|
89.187.165.7
|
||
|
nicepage.com
|
85.17.54.85
|
||
|
1487879380.rsc.cdn77.org
|
89.187.165.8
|
||
|
d57e01lyo0mq2.cloudfront.net
|
13.33.124.212
|
||
|
scontent.xx.fbcdn.net
|
157.240.17.15
|
||
|
1235162498.rsc.cdn77.org
|
89.187.165.7
|
||
|
www.google.com
|
142.250.203.100
|
||
|
1238657323.rsc.cdn77.org
|
89.187.165.7
|
||
|
1832675839.rsc.cdn77.org
|
89.187.165.8
|
||
|
1163043995.rsc.cdn77.org
|
89.187.165.7
|
||
|
star-mini.c10r.facebook.com
|
157.240.17.35
|
||
|
accounts.google.com
|
142.250.203.109
|
||
|
1834444515.rsc.cdn77.org
|
89.187.165.7
|
||
|
www-google-analytics.l.google.com
|
142.250.203.110
|
||
|
stats.l.doubleclick.net
|
108.177.127.155
|
||
|
plus.l.google.com
|
172.217.168.78
|
||
|
www-googletagmanager.l.google.com
|
172.217.168.8
|
||
|
www.gravatar.com
|
192.0.73.2
|
||
|
cdn.amplitude.com
|
143.204.238.156
|
||
|
1156509985.rsc.cdn77.org
|
89.187.165.8
|
||
|
googleads.g.doubleclick.net
|
172.217.168.34
|
||
|
www.google.co.uk
|
172.217.168.35
|
||
|
clients.l.google.com
|
216.58.215.238
|
||
|
www.google.ch
|
172.217.168.67
|
||
|
www.facebook.com
|
unknown
|
||
|
static.nicepage.com
|
unknown
|
||
|
resources.nicepage.com
|
unknown
|
||
|
connect.facebook.net
|
unknown
|
||
|
images04.nicepage.com
|
unknown
|
||
|
stats.g.doubleclick.net
|
unknown
|
||
|
images02.nicepage.com
|
unknown
|
||
|
images01.nicepage.com
|
unknown
|
||
|
clients2.google.com
|
unknown
|
||
|
images03.nicepage.com
|
unknown
|
||
|
csite.nicepage.com
|
unknown
|
||
|
capp.nicepage.com
|
unknown
|
||
|
servermail.nicepage.io
|
unknown
|
||
|
csite.resource.nicepage.com
|
unknown
|
||
|
apis.google.com
|
unknown
|
There are 31 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
216.58.215.238
|
clients.l.google.com
|
United States
|
||
|
142.250.203.110
|
www-google-analytics.l.google.com
|
United States
|
||
|
143.204.238.156
|
cdn.amplitude.com
|
United States
|
||
|
157.240.17.35
|
star-mini.c10r.facebook.com
|
United States
|
||
|
157.240.17.15
|
scontent.xx.fbcdn.net
|
United States
|
||
|
172.217.168.8
|
www-googletagmanager.l.google.com
|
United States
|
||
|
172.217.168.67
|
www.google.ch
|
United States
|
||
|
192.168.2.22
|
unknown
|
unknown
|
||
|
89.187.165.7
|
1897017888.rsc.cdn77.org
|
Czech Republic
|
||
|
89.187.165.8
|
1487879380.rsc.cdn77.org
|
Czech Republic
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
||
|
216.58.215.227
|
gstaticadssl.l.google.com
|
United States
|
||
|
108.177.127.155
|
stats.l.doubleclick.net
|
United States
|
||
|
142.250.203.100
|
www.google.com
|
United States
|
||
|
85.17.54.85
|
nicepage.com
|
Netherlands
|
||
|
192.0.73.2
|
www.gravatar.com
|
United States
|
||
|
172.217.168.35
|
www.google.co.uk
|
United States
|
||
|
172.217.168.34
|
googleads.g.doubleclick.net
|
United States
|
||
|
172.217.168.78
|
plus.l.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
13.33.124.212
|
d57e01lyo0mq2.cloudfront.net
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 13 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1E6D8902000
|
heap
|
page read and write
|
||
|
2464C67D000
|
heap
|
page read and write
|
||
|
21E4AE42000
|
heap
|
page read and write
|
||
|
27F90159000
|
heap
|
page read and write
|
||
|
15F7C500000
|
heap
|
page read and write
|
||
|
8CC15CE000
|
stack
|
page read and write
|
||
|
226C5708000
|
heap
|
page read and write
|
||
|
27F9019C000
|
heap
|
page read and write
|
||
|
1F559EC0000
|
heap
|
page read and write
|
||
|
168A9227000
|
heap
|
page read and write
|
||
|
3FDCDFE000
|
stack
|
page read and write
|
||
|
226C5674000
|
heap
|
page read and write
|
||
|
15F7C459000
|
heap
|
page read and write
|
||
|
3FDC67B000
|
stack
|
page read and write
|
||
|
168A9302000
|
heap
|
page read and write
|
||
|
20618B13000
|
heap
|
page read and write
|
||
|
27F94C90000
|
trusted library allocation
|
page read and write
|
||
|
8CC19FE000
|
stack
|
page read and write
|
||
|
27F90600000
|
trusted library allocation
|
page read and write
|
||
|
27F94F04000
|
heap
|
page read and write
|
||
|
1E6D8913000
|
heap
|
page read and write
|
||
|
21E4AE60000
|
heap
|
page read and write
|
||
|
2464C64D000
|
heap
|
page read and write
|
||
|
21E4AE59000
|
heap
|
page read and write
|
||
|
21E4AE5E000
|
heap
|
page read and write
|
||
|
168A91C0000
|
trusted library allocation
|
page read and write
|
||
|
27F94CD3000
|
trusted library allocation
|
page read and write
|
||
|
51EB97C000
|
stack
|
page read and write
|
||
|
27F94D40000
|
trusted library allocation
|
page read and write
|
||
|
27F94EF5000
|
heap
|
page read and write
|
||
|
1F55A013000
|
heap
|
page read and write
|
||
|
27F951A0000
|
trusted library allocation
|
page read and write
|
||
|
41909FE000
|
stack
|
page read and write
|
||
|
2464C653000
|
heap
|
page read and write
|
||
|
226C5665000
|
heap
|
page read and write
|
||
|
27F8F894000
|
heap
|
page read and write
|
||
|
27F94CB0000
|
trusted library allocation
|
page read and write
|
||
|
2464C708000
|
heap
|
page read and write
|
||
|
21E4AF02000
|
heap
|
page read and write
|
||
|
5CD3F7E000
|
stack
|
page read and write
|
||
|
15F7DDC0000
|
trusted library allocation
|
page read and write
|
||
|
27F8F8FE000
|
heap
|
page read and write
|
||
|
1A6E6458000
|
heap
|
page read and write
|
||
|
27F94D30000
|
trusted library allocation
|
page read and write
|
||
|
168A9D73000
|
trusted library allocation
|
page read and write
|
||
|
1F55A113000
|
heap
|
page read and write
|
||
|
27F94F02000
|
heap
|
page read and write
|
||
|
27F90118000
|
heap
|
page read and write
|
||
|
1F55A064000
|
heap
|
page read and write
|
||
|
15F7C449000
|
heap
|
page read and write
|
||
|
27F8F87A000
|
heap
|
page read and write
|
||
|
21E4AE58000
|
heap
|
page read and write
|
||
|
21E4AE56000
|
heap
|
page read and write
|
||
|
27F94EE4000
|
heap
|
page read and write
|
||
|
27F94E1E000
|
heap
|
page read and write
|
||
|
27F95180000
|
trusted library allocation
|
page read and write
|
||
|
946427F000
|
stack
|
page read and write
|
||
|
27F94EF7000
|
heap
|
page read and write
|
||
|
27F8F88E000
|
heap
|
page read and write
|
||
|
20618A00000
|
heap
|
page read and write
|
||
|
41908FB000
|
stack
|
page read and write
|
||
|
27F8F8AF000
|
heap
|
page read and write
|
||
|
21E4AE5F000
|
heap
|
page read and write
|
||
|
21E4AE35000
|
heap
|
page read and write
|
||
|
15F7DE02000
|
trusted library allocation
|
page read and write
|
||
|
27F94D60000
|
trusted library allocation
|
page read and write
|
||
|
168A9D6D000
|
trusted library allocation
|
page read and write
|
||
|
226C5602000
|
heap
|
page read and write
|
||
|
27F90118000
|
heap
|
page read and write
|
||
|
30C11F7000
|
stack
|
page read and write
|
||
|
9463F7E000
|
stack
|
page read and write
|
||
|
27F94D30000
|
trusted library allocation
|
page read and write
|
||
|
1F559ED0000
|
heap
|
page read and write
|
||
|
168A9272000
|
heap
|
page read and write
|
||
|
21E4AE6B000
|
heap
|
page read and write
|
||
|
1E6D8877000
|
heap
|
page read and write
|
||
|
168A9313000
|
heap
|
page read and write
|
||
|
15F7C402000
|
heap
|
page read and write
|
||
|
21E4AE6D000
|
heap
|
page read and write
|
||
|
8D4BE7C000
|
stack
|
page read and write
|
||
|
20618900000
|
trusted library allocation
|
page read and write
|
||
|
BA7A87F000
|
stack
|
page read and write
|
||
|
27F8F902000
|
heap
|
page read and write
|
||
|
27F95100000
|
trusted library allocation
|
page read and write
|
||
|
9463C7B000
|
stack
|
page read and write
|
||
|
1E6D8720000
|
heap
|
page read and write
|
||
|
21E4ABB0000
|
heap
|
page read and write
|
||
|
27F95320000
|
trusted library allocation
|
page read and write
|
||
|
27F90158000
|
heap
|
page read and write
|
||
|
1E6D87C0000
|
trusted library allocation
|
page read and write
|
||
|
946387B000
|
stack
|
page read and write
|
||
|
BBB09FB000
|
stack
|
page read and write
|
||
|
2464C530000
|
heap
|
page read and write
|
||
|
168A9200000
|
heap
|
page read and write
|
||
|
168A92F6000
|
heap
|
page read and write
|
||
|
1E6D9202000
|
trusted library allocation
|
page read and write
|
||
|
20618A41000
|
heap
|
page read and write
|
||
|
15F7C3D0000
|
trusted library allocation
|
page read and write
|
||
|
226C5713000
|
heap
|
page read and write
|
||
|
168A9229000
|
heap
|
page read and write
|
||
|
27F95108000
|
trusted library allocation
|
page read and write
|
||
|
21E4AE84000
|
heap
|
page read and write
|
||
|
27F94EFF000
|
heap
|
page read and write
|
||
|
27F94D4B000
|
trusted library allocation
|
page read and write
|
||
|
5CD417E000
|
stack
|
page read and write
|
||
|
27F90100000
|
heap
|
page read and write
|
||
|
168A9D84000
|
trusted library allocation
|
page read and write
|
||
|
27F94F04000
|
heap
|
page read and write
|
||
|
21E4AE57000
|
heap
|
page read and write
|
||
|
BBB050E000
|
stack
|
page read and write
|
||
|
1F559F30000
|
heap
|
page read and write
|
||
|
27F94F08000
|
heap
|
page read and write
|
||
|
27F94EBB000
|
heap
|
page read and write
|
||
|
15F7C448000
|
heap
|
page read and write
|
||
|
1A6E6300000
|
trusted library allocation
|
page read and write
|
||
|
27F94F0C000
|
heap
|
page read and write
|
||
|
27F94F11000
|
heap
|
page read and write
|
||
|
2464C600000
|
heap
|
page read and write
|
||
|
27F94D70000
|
trusted library allocation
|
page read and write
|
||
|
27F90118000
|
heap
|
page read and write
|
||
|
1E6D8800000
|
heap
|
page read and write
|
||
|
27F94F02000
|
heap
|
page read and write
|
||
|
BBB048B000
|
stack
|
page read and write
|
||
|
27F94F0F000
|
heap
|
page read and write
|
||
|
BA7A677000
|
stack
|
page read and write
|
||
|
2464C63C000
|
heap
|
page read and write
|
||
|
27F90C61000
|
trusted library allocation
|
page read and write
|
||
|
226C5654000
|
heap
|
page read and write
|
||
|
27F94D40000
|
trusted library allocation
|
page read and write
|
||
|
15F7C413000
|
heap
|
page read and write
|
||
|
30C13FD000
|
stack
|
page read and write
|
||
|
1A6E6330000
|
remote allocation
|
page read and write
|
||
|
946397A000
|
stack
|
page read and write
|
||
|
8D4B6FC000
|
stack
|
page read and write
|
||
|
41903EC000
|
stack
|
page read and write
|
||
|
168A92DF000
|
heap
|
page read and write
|
||
|
27F8F813000
|
heap
|
page read and write
|
||
|
15F7C42A000
|
heap
|
page read and write
|
||
|
51EB87F000
|
stack
|
page read and write
|
||
|
8D4C1FF000
|
stack
|
page read and write
|
||
|
21E4AE55000
|
heap
|
page read and write
|
||
|
226C5689000
|
heap
|
page read and write
|
||
|
21E4AE00000
|
heap
|
page read and write
|
||
|
27F8F7A0000
|
trusted library section
|
page read and write
|
||
|
21E4AE26000
|
heap
|
page read and write
|
||
|
15F7C52B000
|
heap
|
page read and write
|
||
|
8D4C0FD000
|
stack
|
page read and write
|
||
|
168A91E0000
|
unkown
|
page readonly
|
||
|
8CC1AFE000
|
stack
|
page read and write
|
||
|
27F90113000
|
heap
|
page read and write
|
||
|
BA7A57C000
|
stack
|
page read and write
|
||
|
21E4AE13000
|
heap
|
page read and write
|
||
|
27F94F0F000
|
heap
|
page read and write
|
||
|
206187A0000
|
heap
|
page read and write
|
||
|
21E4AE7E000
|
heap
|
page read and write
|
||
|
27F95124000
|
trusted library allocation
|
page read and write
|
||
|
27F94D74000
|
trusted library allocation
|
page read and write
|
||
|
168A92B2000
|
heap
|
page read and write
|
||
|
15F7E3C0000
|
remote allocation
|
page read and write
|
||
|
20618A13000
|
heap
|
page read and write
|
||
|
1F55A077000
|
heap
|
page read and write
|
||
|
2464C700000
|
heap
|
page read and write
|
||
|
226C54B0000
|
heap
|
page read and write
|
||
|
8D4C3FF000
|
stack
|
page read and write
|
||
|
30C0E7C000
|
stack
|
page read and write
|
||
|
27F94F04000
|
heap
|
page read and write
|
||
|
226C5E02000
|
trusted library allocation
|
page read and write
|
||
|
3FDCCFF000
|
stack
|
page read and write
|
||
|
21E4AE29000
|
heap
|
page read and write
|
||
|
51EB67F000
|
stack
|
page read and write
|
||
|
27F95121000
|
trusted library allocation
|
page read and write
|
||
|
30C15FC000
|
unkown
|
page read and write
|
||
|
168A923C000
|
heap
|
page read and write
|
||
|
15F7C459000
|
heap
|
page read and write
|
||
|
1A6E6429000
|
heap
|
page read and write
|
||
|
BA7A77E000
|
stack
|
page read and write
|
||
|
BBB08FB000
|
stack
|
page read and write
|
||
|
8D4C2FD000
|
stack
|
page read and write
|
||
|
2464C5D0000
|
trusted library allocation
|
page read and write
|
||
|
27F8F800000
|
heap
|
page read and write
|
||
|
27F94E61000
|
heap
|
page read and write
|
||
|
21E4AE41000
|
heap
|
page read and write
|
||
|
226C5613000
|
heap
|
page read and write
|
||
|
27F908F0000
|
trusted library section
|
page readonly
|
||
|
20618ABA000
|
heap
|
page read and write
|
||
|
21E4AE32000
|
heap
|
page read and write
|
||
|
27F94CD0000
|
trusted library allocation
|
page read and write
|
||
|
5CD3EFE000
|
stack
|
page read and write
|
||
|
2464C5A0000
|
heap
|
page read and write
|
||
|
21E4AD20000
|
trusted library allocation
|
page read and write
|
||
|
30C12F7000
|
stack
|
page read and write
|
||
|
21E4AE46000
|
heap
|
page read and write
|
||
|
BBB0CFE000
|
stack
|
page read and write
|
||
|
27F90118000
|
heap
|
page read and write
|
||
|
168A9D79000
|
trusted library allocation
|
page read and write
|
||
|
27F94D44000
|
trusted library allocation
|
page read and write
|
||
|
5CD42FD000
|
stack
|
page read and write
|
||
|
27F908D0000
|
trusted library section
|
page readonly
|
||
|
1F55A102000
|
heap
|
page read and write
|
||
|
27F94E00000
|
heap
|
page read and write
|
||
|
1F55A079000
|
heap
|
page read and write
|
||
|
27F9019A000
|
heap
|
page read and write
|
||
|
27F901DC000
|
heap
|
page read and write
|
||
|
1F55A028000
|
heap
|
page read and write
|
||
|
2464C66F000
|
heap
|
page read and write
|
||
|
2464C64C000
|
heap
|
page read and write
|
||
|
27F90C83000
|
trusted library allocation
|
page read and write
|
||
|
27F94D60000
|
trusted library allocation
|
page read and write
|
||
|
9463EFF000
|
stack
|
page read and write
|
||
|
BBB058E000
|
stack
|
page read and write
|
||
|
15F7C513000
|
heap
|
page read and write
|
||
|
168A92B8000
|
heap
|
page read and write
|
||
|
1E6D8863000
|
heap
|
page read and write
|
||
|
27F94D47000
|
trusted library allocation
|
page read and write
|
||
|
27F8F829000
|
heap
|
page read and write
|
||
|
2464C629000
|
heap
|
page read and write
|
||
|
51EBC7C000
|
stack
|
page read and write
|
||
|
15F7C518000
|
heap
|
page read and write
|
||
|
27F94F08000
|
heap
|
page read and write
|
||
|
3FDCEFF000
|
stack
|
page read and write
|
||
|
1F55A000000
|
heap
|
page read and write
|
||
|
1A6E6330000
|
remote allocation
|
page read and write
|
||
|
1F55A03E000
|
heap
|
page read and write
|
||
|
27F90159000
|
heap
|
page read and write
|
||
|
21E4AE77000
|
heap
|
page read and write
|
||
|
15F7E000000
|
trusted library allocation
|
page read and write
|
||
|
168A9D00000
|
trusted library allocation
|
page read and write
|
||
|
226C5702000
|
heap
|
page read and write
|
||
|
21E4B602000
|
trusted library allocation
|
page read and write
|
||
|
27F94F02000
|
heap
|
page read and write
|
||
|
8D4BF7E000
|
stack
|
page read and write
|
||
|
21E4AE5A000
|
heap
|
page read and write
|
||
|
226C54A0000
|
heap
|
page read and write
|
||
|
27F90C80000
|
trusted library allocation
|
page read and write
|
||
|
1E6D888B000
|
heap
|
page read and write
|
||
|
21E4AE69000
|
heap
|
page read and write
|
||
|
27F90C90000
|
trusted library allocation
|
page read and write
|
||
|
2464C613000
|
heap
|
page read and write
|
||
|
946407A000
|
stack
|
page read and write
|
||
|
946367D000
|
stack
|
page read and write
|
||
|
3FDC47B000
|
stack
|
page read and write
|
||
|
3FDCFFF000
|
stack
|
page read and write
|
||
|
51EBA7D000
|
stack
|
page read and write
|
||
|
27F94E3E000
|
heap
|
page read and write
|
||
|
27F8F8A0000
|
heap
|
page read and write
|
||
|
168A92C5000
|
heap
|
page read and write
|
||
|
27F8F926000
|
heap
|
page read and write
|
||
|
20619332000
|
heap
|
page read and write
|
||
|
3FDC9FF000
|
stack
|
page read and write
|
||
|
1F55A059000
|
heap
|
page read and write
|
||
|
27F90015000
|
heap
|
page read and write
|
||
|
1A6E6502000
|
heap
|
page read and write
|
||
|
8CC187E000
|
stack
|
page read and write
|
||
|
8D4BCFF000
|
stack
|
page read and write
|
||
|
27F94D10000
|
trusted library allocation
|
page read and write
|
||
|
8D4BAFC000
|
stack
|
page read and write
|
||
|
15F7C2D0000
|
heap
|
page read and write
|
||
|
3FDD0FF000
|
stack
|
page read and write
|
||
|
9463E7E000
|
stack
|
page read and write
|
||
|
8CC154B000
|
stack
|
page read and write
|
||
|
27F90300000
|
trusted library allocation
|
page read and write
|
||
|
8CC1BFF000
|
stack
|
page read and write
|
||
|
3FDC7FF000
|
stack
|
page read and write
|
||
|
30C0EFE000
|
stack
|
page read and write
|
||
|
30C167E000
|
unkown
|
page read and write
|
||
|
51EB77E000
|
stack
|
page read and write
|
||
|
27F94EE6000
|
heap
|
page read and write
|
||
|
3FDCAFE000
|
stack
|
page read and write
|
||
|
27F8F83F000
|
heap
|
page read and write
|
||
|
3FDC8FD000
|
stack
|
page read and write
|
||
|
20618A29000
|
heap
|
page read and write
|
||
|
2464C713000
|
heap
|
page read and write
|
||
|
27F8F690000
|
heap
|
page read and write
|
||
|
1A6E61A0000
|
heap
|
page read and write
|
||
|
27F8F876000
|
heap
|
page read and write
|
||
|
5CD407E000
|
stack
|
page read and write
|
||
|
27F95150000
|
trusted library allocation
|
page read and write
|
||
|
1F55A100000
|
heap
|
page read and write
|
||
|
15F7C449000
|
heap
|
page read and write
|
||
|
BA7A37F000
|
stack
|
page read and write
|
||
|
27F95140000
|
trusted library allocation
|
page read and write
|
||
|
BA7A27B000
|
stack
|
page read and write
|
||
|
27F94D41000
|
trusted library allocation
|
page read and write
|
||
|
27F90002000
|
heap
|
page read and write
|
||
|
9463A7E000
|
stack
|
page read and write
|
||
|
1E6D885A000
|
heap
|
page read and write
|
||
|
2464D002000
|
trusted library allocation
|
page read and write
|
||
|
27F94D43000
|
trusted library allocation
|
page read and write
|
||
|
51EB09B000
|
stack
|
page read and write
|
||
|
2464C702000
|
heap
|
page read and write
|
||
|
21E4AE5C000
|
heap
|
page read and write
|
||
|
20618800000
|
heap
|
page read and write
|
||
|
27F94F08000
|
heap
|
page read and write
|
||
|
15F7C3F0000
|
trusted library allocation
|
page read and write
|
||
|
27F8F878000
|
heap
|
page read and write
|
||
|
27F901DC000
|
heap
|
page read and write
|
||
|
21E4AE61000
|
heap
|
page read and write
|
||
|
168A9288000
|
heap
|
page read and write
|
||
|
4190BFE000
|
stack
|
page read and write
|
||
|
27F94F08000
|
heap
|
page read and write
|
||
|
27F94EE1000
|
heap
|
page read and write
|
||
|
27F90910000
|
trusted library section
|
page readonly
|
||
|
5CD43FD000
|
stack
|
page read and write
|
||
|
1A6E6413000
|
heap
|
page read and write
|
||
|
30C10FF000
|
stack
|
page read and write
|
||
|
226C562A000
|
heap
|
page read and write
|
||
|
15F7C260000
|
heap
|
page read and write
|
||
|
BBB0BFE000
|
stack
|
page read and write
|
||
|
27F9510E000
|
trusted library allocation
|
page read and write
|
||
|
27F90000000
|
heap
|
page read and write
|
||
|
30C0F7E000
|
stack
|
page read and write
|
||
|
27F94E4B000
|
heap
|
page read and write
|
||
|
21E4AE66000
|
heap
|
page read and write
|
||
|
15F7C502000
|
heap
|
page read and write
|
||
|
1A6E6400000
|
heap
|
page read and write
|
||
|
946337C000
|
stack
|
page read and write
|
||
|
21E4AC20000
|
heap
|
page read and write
|
||
|
9463778000
|
stack
|
page read and write
|
||
|
27F95190000
|
remote allocation
|
page read and write
|
||
|
8D4BFFB000
|
stack
|
page read and write
|
||
|
226C567A000
|
heap
|
page read and write
|
||
|
20618ACB000
|
heap
|
page read and write
|
||
|
168A9120000
|
heap
|
page read and write
|
||
|
9463CFF000
|
stack
|
page read and write
|
||
|
27F8F913000
|
heap
|
page read and write
|
||
|
27F95190000
|
remote allocation
|
page read and write
|
||
|
27F94EE6000
|
heap
|
page read and write
|
||
|
BA7A47C000
|
stack
|
page read and write
|
||
|
20618AC5000
|
heap
|
page read and write
|
||
|
27F94CA0000
|
trusted library allocation
|
page read and write
|
||
|
2464C649000
|
heap
|
page read and write
|
||
|
27F908C0000
|
trusted library section
|
page readonly
|
||
|
27F8F620000
|
heap
|
page read and write
|
||
|
20619202000
|
heap
|
page read and write
|
||
|
168A92B6000
|
heap
|
page read and write
|
||
|
27F8F870000
|
heap
|
page read and write
|
||
|
21E4ABC0000
|
heap
|
page read and write
|
||
|
21E4AE3B000
|
heap
|
page read and write
|
||
|
3FDCBFD000
|
stack
|
page read and write
|
||
|
BBB0AF7000
|
stack
|
page read and write
|
||
|
168A9A80000
|
unkown
|
page write copy
|
||
|
1A6E6200000
|
heap
|
page read and write
|
||
|
5CD447E000
|
stack
|
page read and write
|
||
|
20618A6D000
|
heap
|
page read and write
|
||
|
1E6D8813000
|
heap
|
page read and write
|
||
|
226C5510000
|
heap
|
page read and write
|
||
|
168A9190000
|
heap
|
page read and write
|
||
|
27F95100000
|
trusted library allocation
|
page read and write
|
||
|
168A9D14000
|
trusted library allocation
|
page read and write
|
||
|
226C5600000
|
heap
|
page read and write
|
||
|
27F8F857000
|
heap
|
page read and write
|
||
|
15F7C400000
|
heap
|
page read and write
|
||
|
1F559F60000
|
trusted library allocation
|
page read and write
|
||
|
1A6E6C02000
|
trusted library allocation
|
page read and write
|
||
|
20618B02000
|
heap
|
page read and write
|
||
|
27F94D70000
|
trusted library allocation
|
page read and write
|
||
|
20619300000
|
heap
|
page read and write
|
||
|
27F94EAF000
|
heap
|
page read and write
|
||
|
20618790000
|
heap
|
page read and write
|
||
|
15F7C270000
|
heap
|
page read and write
|
||
|
1F55AA02000
|
trusted library allocation
|
page read and write
|
||
|
9463B7A000
|
stack
|
page read and write
|
||
|
226C5DB0000
|
trusted library allocation
|
page read and write
|
||
|
27F8F890000
|
heap
|
page read and write
|
||
|
9463DFE000
|
stack
|
page read and write
|
||
|
27F8F790000
|
trusted library allocation
|
page read and write
|
||
|
27F8F85A000
|
heap
|
page read and write
|
||
|
946417E000
|
stack
|
page read and write
|
||
|
8CC1CFF000
|
stack
|
page read and write
|
||
|
15F7E3C0000
|
remote allocation
|
page read and write
|
||
|
27F907E0000
|
trusted library allocation
|
page read and write
|
||
|
168A9D51000
|
trusted library allocation
|
page read and write
|
||
|
1A6E6190000
|
heap
|
page read and write
|
||
|
15F7C458000
|
heap
|
page read and write
|
||
|
27F94E2C000
|
heap
|
page read and write
|
||
|
168A92F0000
|
heap
|
page read and write
|
||
|
5CD41FE000
|
stack
|
page read and write
|
||
|
27F90118000
|
heap
|
page read and write
|
||
|
27F90900000
|
trusted library section
|
page readonly
|
||
|
27F9019B000
|
heap
|
page read and write
|
||
|
21E4AE40000
|
heap
|
page read and write
|
||
|
27F95280000
|
trusted library allocation
|
page read and write
|
||
|
226C563C000
|
heap
|
page read and write
|
||
|
27F94F0E000
|
heap
|
page read and write
|
||
|
1E6D8829000
|
heap
|
page read and write
|
||
|
226C5700000
|
heap
|
page read and write
|
||
|
1A6E643D000
|
heap
|
page read and write
|
||
|
27F952B0000
|
trusted library allocation
|
page read and write
|
||
|
1A6E6402000
|
heap
|
page read and write
|
||
|
21E4AE7B000
|
heap
|
page read and write
|
||
|
27F908E0000
|
trusted library section
|
page readonly
|
||
|
21E4AE4D000
|
heap
|
page read and write
|
||
|
27F94EA2000
|
heap
|
page read and write
|
||
|
1F55A002000
|
heap
|
page read and write
|
||
|
5CD3C7B000
|
stack
|
page read and write
|
||
|
168A9C02000
|
trusted library allocation
|
page read and write
|
||
|
BA7A2FE000
|
stack
|
page read and write
|
||
|
168A92E5000
|
heap
|
page read and write
|
||
|
4190AFF000
|
stack
|
page read and write
|
||
|
1E6D8790000
|
heap
|
page read and write
|
||
|
27F95160000
|
trusted library allocation
|
page read and write
|
||
|
30C14FF000
|
stack
|
page read and write
|
||
|
1E6D8802000
|
heap
|
page read and write
|
||
|
168A92C9000
|
heap
|
page read and write
|
||
|
27F94F0F000
|
heap
|
page read and write
|
||
|
15F7C48A000
|
heap
|
page read and write
|
||
|
27F90158000
|
heap
|
page read and write
|
||
|
2464C650000
|
heap
|
page read and write
|
||
|
2464C540000
|
heap
|
page read and write
|
||
|
2464C688000
|
heap
|
page read and write
|
||
|
1F55A04B000
|
heap
|
page read and write
|
||
|
15F7C463000
|
heap
|
page read and write
|
||
|
27F94EE1000
|
heap
|
page read and write
|
||
|
94633FF000
|
stack
|
page read and write
|
||
|
27F8F630000
|
heap
|
page read and write
|
||
|
27F94F11000
|
heap
|
page read and write
|
||
|
27F94EFF000
|
heap
|
page read and write
|
||
|
8D4BDFE000
|
stack
|
page read and write
|
||
|
1E6D8840000
|
heap
|
page read and write
|
||
|
30C107C000
|
stack
|
page read and write
|
||
|
27F94D20000
|
trusted library allocation
|
page read and write
|
||
|
27F94EA5000
|
heap
|
page read and write
|
||
|
51EBB7E000
|
stack
|
page read and write
|
||
|
27F94F08000
|
heap
|
page read and write
|
||
|
1E6D8870000
|
heap
|
page read and write
|
||
|
21E4AE3D000
|
heap
|
page read and write
|
||
|
27F94E14000
|
heap
|
page read and write
|
||
|
15F7E3C0000
|
remote allocation
|
page read and write
|
||
|
27F94F04000
|
heap
|
page read and write
|
||
|
21E4AE7A000
|
heap
|
page read and write
|
||
|
168A9130000
|
heap
|
page read and write
|
||
|
168A9213000
|
heap
|
page read and write
|
||
|
27F95170000
|
trusted library allocation
|
page read and write
|
||
|
15F7C440000
|
heap
|
page read and write
|
||
|
27F95190000
|
remote allocation
|
page read and write
|
||
|
168A9D11000
|
trusted library allocation
|
page read and write
|
||
|
1A6E6330000
|
remote allocation
|
page read and write
|
||
|
9463D7E000
|
stack
|
page read and write
|
||
|
1E6D8730000
|
heap
|
page read and write
|
||
|
20618A88000
|
heap
|
page read and write
|
There are 430 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://servermail.nicepage.io/Home.html
|
|
|
|
https://nicepage.com/
|
||
|
https://nicepage.com/download
|
||
|
https://nicepage.com/features
|
||
|
https://nicepage.com/html-templates
|
||
|
https://nicepage.com/premium?code=spring22
|
||
|
https://nicepage.com/forum
|
||
|
https://nicepage.com/blog
|
||
|
https://nicepage.com/Editor/Account/LogOn
|