Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\0619541d-efde-4b97-89ac-87858b26a841.tmp
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\25c5704a-c4c4-45e5-bad7-da092eccf1c6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\4f00d8ec-401a-4099-ac30-3d87fe0c9e6a.tmp
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\64269ed6-12ae-4006-864a-8e675020f08d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\0d47c0b4-99d5-45d8-922b-159a9522a808.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\1096a981-e73d-4c14-8a47-cae7cb5d6ffe.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\172a1c50-8599-425d-bdd4-d45b04ff3809.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\1d10d499-946d-4ce6-8a41-4e0a2b5dcf6b.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\34fa52f1-05c0-416a-8395-acd446f995c7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\5cff33d4-9fbd-4675-9b11-de0641751f64.tmp
|
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\7d890a49-9aa9-45f9-bba6-f733dca8abec.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\8cdfc90c-3ed5-419d-86b2-7d4b33ace0b1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)
|
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\ce1b6615-639b-40d0-89a2-f28631b5608e.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\fcda211c-ffd3-45d2-a084-fc61f74add84.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\CertCsdDownloadAllowlist.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeExtMalware.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeUrlClientIncident.store (copy)
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeUrlClientIncident.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\IpMalware.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlBilling.store (copy)
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlBilling.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdAllowlist.store (copy)
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdAllowlist.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdDownloadAllowlist.store (copy)
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdDownloadAllowlist.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalBin.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalware.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlUws.store_new
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\c94138de-6848-4f43-b71b-e76ac760e80c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\272f4f39-0e9b-4c7e-b99d-40cb357b043d.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\6556_1793275814\SortingLshClusters
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\6556_1793275814\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\bg\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\ca\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\cs\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\da\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\de\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\el\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\es\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\es_419\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\et\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\fi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\fr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\hi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\hr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\hu\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\it\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\ja\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\ko\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\lt\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6556_981249767\CRX_INSTALL\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
There are 69 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dik.si/OB6x6
|
 |
||
|
https://wealthprogress.mobilemoolah.net/wp-content/plugins/lgalmgawdq/aaa/adob/adob/
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dik.si
|
188.114.96.3
|
|
|
|
wealthprogress.mobilemoolah.net
|
64.227.108.223
|
||
|
stackpath.bootstrapcdn.com
|
104.18.11.207
|
||
|
lipis.github.io
|
185.199.108.153
|
||
|
accounts.google.com
|
142.250.184.237
|
||
|
cdnjs.cloudflare.com
|
104.17.25.14
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.11.207
|
||
|
clients.l.google.com
|
172.217.23.110
|
||
|
clients2.google.com
|
unknown
|
||
|
code.jquery.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
dik.si
|
European Union
|
|
|
|
74.125.108.199
|
unknown
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
142.250.185.234
|
unknown
|
United States
|
||
|
142.250.185.110
|
unknown
|
United States
|
||
|
142.250.185.227
|
unknown
|
United States
|
||
|
172.217.23.110
|
clients.l.google.com
|
United States
|
||
|
104.18.11.207
|
stackpath.bootstrapcdn.com
|
United States
|
||
|
142.250.181.227
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
64.227.108.223
|
wealthprogress.mobilemoolah.net
|
United States
|
||
|
69.16.175.10
|
unknown
|
United States
|
||
|
142.250.184.237
|
accounts.google.com
|
United States
|
||
|
185.199.108.153
|
lipis.github.io
|
Netherlands
|
||
|
142.250.186.42
|
unknown
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
142.250.184.234
|
unknown
|
United States
|
||
|
142.250.186.99
|
unknown
|
United States
|
There are 9 hidden IPs, click here to show them.