Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0faf90a8-b432-4bf7-9ce2-b1c5ff93022b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\95ccdf9e-b7b7-4de9-b879-29eea5b4f977.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\35f92f69-a9a1-4552-b711-d37c3d9d6e2a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\45d87001-0254-4f9c-a54e-a7640e725199.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\46bfdda5-0783-42fb-826c-a115746fd6d0.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4d5866c4-9a45-4895-8131-52a1f57aa270.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\97cf04af-e5f0-49b2-a557-bb5438d7db71.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\0d2f39e9-042e-4ab4-bd9f-15e56c7d8087.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b8aa9d1a-c55d-4ca0-b604-46481ef1818e.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\63139fbe-b2b0-46a8-9a88-495f5a059f99.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\f86ae616-600c-400d-8146-4898941be92c.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1740_2048838617\f86ae616-600c-400d-8146-4898941be92c.tmp
|
Google Chrome extension, version 3
|
dropped
|
There are 74 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "http://gossip-celeb-fashion.com
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,9784695222289147633,16330879895871495791,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1936 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://gossip-celeb-fashion.com
|
|||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://gossip-celeb-fashion.com/favicon.ico
|
95.168.170.165
|
||
|
https://gossip-celeb-fashion.com/
|
95.168.170.165
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.186.174
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.185.109
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
http://gossip-celeb-fashion.com/
|
95.168.170.165
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://gossip-celeb-fashion.com/
|
|||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gossip-celeb-fashion.com
|
95.168.170.165
|
||
|
accounts.google.com
|
142.250.185.109
|
||
|
clients.l.google.com
|
142.250.186.174
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.109
|
accounts.google.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.186.174
|
clients.l.google.com
|
United States
|
||
|
95.168.170.165
|
gossip-celeb-fashion.com
|
Netherlands
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
21E61200000
|
heap
|
page read and write
|
||
|
1F7290F4000
|
heap
|
page read and write
|
||
|
2B5E183D000
|
heap
|
page read and write
|
||
|
1897F500000
|
heap
|
page read and write
|
||
|
211B9802000
|
trusted library allocation
|
page read and write
|
||
|
1F724402000
|
heap
|
page read and write
|
||
|
1F723C7B000
|
heap
|
page read and write
|
||
|
2B5E1620000
|
heap
|
page read and write
|
||
|
A8AFDAB000
|
stack
|
page read and write
|
||
|
1F729490000
|
trusted library allocation
|
page read and write
|
||
|
5B4DE7E000
|
stack
|
page read and write
|
||
|
2B5E2002000
|
trusted library allocation
|
page read and write
|
||
|
1F729022000
|
heap
|
page read and write
|
||
|
1F724518000
|
heap
|
page read and write
|
||
|
93FA2F9000
|
stack
|
page read and write
|
||
|
5B4E2FD000
|
stack
|
page read and write
|
||
|
1F724415000
|
heap
|
page read and write
|
||
|
1897F370000
|
trusted library allocation
|
page read and write
|
||
|
211B9102000
|
heap
|
page read and write
|
||
|
1BCA1613000
|
heap
|
page read and write
|
||
|
1BCA1645000
|
heap
|
page read and write
|
||
|
CFB6F77000
|
stack
|
page read and write
|
||
|
1BCA1677000
|
heap
|
page read and write
|
||
|
19002E02000
|
heap
|
page read and write
|
||
|
2B5E1889000
|
heap
|
page read and write
|
||
|
21E61802000
|
heap
|
page read and write
|
||
|
1BCA1666000
|
heap
|
page read and write
|
||
|
1897FC02000
|
trusted library allocation
|
page read and write
|
||
|
1897F210000
|
heap
|
page read and write
|
||
|
1944B48C000
|
heap
|
page read and write
|
||
|
D6B357F000
|
stack
|
page read and write
|
||
|
1BCA1E02000
|
trusted library allocation
|
page read and write
|
||
|
86103FF000
|
stack
|
page read and write
|
||
|
5B4DBEB000
|
stack
|
page read and write
|
||
|
37437E000
|
stack
|
page read and write
|
||
|
5B4E07E000
|
stack
|
page read and write
|
||
|
D6B2D7C000
|
stack
|
page read and write
|
||
|
D6B2F7F000
|
stack
|
page read and write
|
||
|
93FA1FA000
|
stack
|
page read and write
|
||
|
19002E13000
|
heap
|
page read and write
|
||
|
5B4DF7E000
|
stack
|
page read and write
|
||
|
1F723C72000
|
heap
|
page read and write
|
||
|
1F724BD0000
|
trusted library section
|
page readonly
|
||
|
211B9113000
|
heap
|
page read and write
|
||
|
1F72A000000
|
heap
|
page read and write
|
||
|
1F724C00000
|
trusted library section
|
page readonly
|
||
|
1897F400000
|
heap
|
page read and write
|
||
|
1F7290AF000
|
heap
|
page read and write
|
||
|
1944B402000
|
heap
|
page read and write
|
||
|
1F724513000
|
heap
|
page read and write
|
||
|
1897F413000
|
heap
|
page read and write
|
||
|
211B9013000
|
heap
|
page read and write
|
||
|
860FE7E000
|
stack
|
page read and write
|
||
|
19003602000
|
trusted library allocation
|
page read and write
|
||
|
211B9750000
|
trusted library allocation
|
page read and write
|
||
|
211B9000000
|
heap
|
page read and write
|
||
|
1F724C10000
|
trusted library section
|
page readonly
|
||
|
1BCA163A000
|
heap
|
page read and write
|
||
|
19002F02000
|
heap
|
page read and write
|
||
|
2B5E1902000
|
heap
|
page read and write
|
||
|
1897F502000
|
heap
|
page read and write
|
||
|
1BCA165E000
|
heap
|
page read and write
|
||
|
1F729490000
|
remote allocation
|
page read and write
|
||
|
1F723C3F000
|
heap
|
page read and write
|
||
|
1944B44A000
|
heap
|
page read and write
|
||
|
A8B01FC000
|
stack
|
page read and write
|
||
|
93FA87E000
|
stack
|
page read and write
|
||
|
1F729013000
|
heap
|
page read and write
|
||
|
1F7290E3000
|
heap
|
page read and write
|
||
|
2B5E1913000
|
heap
|
page read and write
|
||
|
37457B000
|
stack
|
page read and write
|
||
|
1F7290F8000
|
heap
|
page read and write
|
||
|
CFB717F000
|
stack
|
page read and write
|
||
|
93FAA7F000
|
stack
|
page read and write
|
||
|
93FA7FE000
|
stack
|
page read and write
|
||
|
2B5E1630000
|
heap
|
page read and write
|
||
|
1944B451000
|
heap
|
page read and write
|
||
|
1944B46E000
|
heap
|
page read and write
|
||
|
2B5E188D000
|
heap
|
page read and write
|
||
|
1BCA1664000
|
heap
|
page read and write
|
||
|
1F723C90000
|
heap
|
page read and write
|
||
|
D6B337F000
|
stack
|
page read and write
|
||
|
21E6123E000
|
heap
|
page read and write
|
||
|
1F723C77000
|
heap
|
page read and write
|
||
|
A8B077C000
|
stack
|
page read and write
|
||
|
1944B43C000
|
heap
|
page read and write
|
||
|
374677000
|
stack
|
page read and write
|
||
|
211B903C000
|
heap
|
page read and write
|
||
|
93FA97E000
|
stack
|
page read and write
|
||
|
CFB707F000
|
stack
|
page read and write
|
||
|
21E61213000
|
heap
|
page read and write
|
||
|
21E61900000
|
heap
|
page read and write
|
||
|
21E612CB000
|
heap
|
page read and write
|
||
|
1F724BF0000
|
trusted library section
|
page readonly
|
||
|
1BCA1661000
|
heap
|
page read and write
|
||
|
A8B05FD000
|
stack
|
page read and write
|
||
|
A8B087E000
|
stack
|
page read and write
|
||
|
1F724601000
|
trusted library allocation
|
page read and write
|
||
|
93FA77F000
|
stack
|
page read and write
|
||
|
21E6126E000
|
heap
|
page read and write
|
||
|
CFB69FE000
|
stack
|
page read and write
|
||
|
4DDBA7B000
|
stack
|
page read and write
|
||
|
1F729470000
|
trusted library allocation
|
page read and write
|
||
|
2B5E1813000
|
heap
|
page read and write
|
||
|
1F723C92000
|
heap
|
page read and write
|
||
|
1897F200000
|
heap
|
page read and write
|
||
|
1F723C29000
|
heap
|
page read and write
|
||
|
211B9002000
|
heap
|
page read and write
|
||
|
1F724F90000
|
trusted library allocation
|
page read and write
|
||
|
19002E36000
|
heap
|
page read and write
|
||
|
2B5E1829000
|
heap
|
page read and write
|
||
|
2B5E185B000
|
heap
|
page read and write
|
||
|
93F9DAE000
|
stack
|
page read and write
|
||
|
211B908C000
|
heap
|
page read and write
|
||
|
1944B46E000
|
heap
|
page read and write
|
||
|
1F724500000
|
heap
|
page read and write
|
||
|
1BCA166D000
|
heap
|
page read and write
|
||
|
1F7290FE000
|
heap
|
page read and write
|
||
|
1BCA1640000
|
heap
|
page read and write
|
||
|
A8B097D000
|
stack
|
page read and write
|
||
|
1BCA1674000
|
heap
|
page read and write
|
||
|
1BCA1669000
|
heap
|
page read and write
|
||
|
1BCA15F0000
|
heap
|
page read and write
|
||
|
D6B347E000
|
stack
|
page read and write
|
||
|
1944BC02000
|
trusted library allocation
|
page read and write
|
||
|
211B8FF0000
|
heap
|
page read and write
|
||
|
D6B2A7E000
|
stack
|
page read and write
|
||
|
1BCA165A000
|
heap
|
page read and write
|
||
|
A8B007D000
|
stack
|
page read and write
|
||
|
211B9051000
|
heap
|
page read and write
|
||
|
1F72902E000
|
heap
|
page read and write
|
||
|
A8B04FC000
|
stack
|
page read and write
|
||
|
1BCA1662000
|
heap
|
page read and write
|
||
|
1F729374000
|
trusted library allocation
|
page read and write
|
||
|
860FB8E000
|
stack
|
page read and write
|
||
|
1F729330000
|
trusted library allocation
|
page read and write
|
||
|
1F72933E000
|
trusted library allocation
|
page read and write
|
||
|
1BCA1657000
|
heap
|
page read and write
|
||
|
211B9090000
|
heap
|
page read and write
|
||
|
93FAB7C000
|
stack
|
page read and write
|
||
|
1F729460000
|
trusted library allocation
|
page read and write
|
||
|
93FA67F000
|
stack
|
page read and write
|
||
|
1F723C00000
|
heap
|
page read and write
|
||
|
37487F000
|
stack
|
page read and write
|
||
|
21E6122A000
|
heap
|
page read and write
|
||
|
1897F473000
|
heap
|
page read and write
|
||
|
1944B3C0000
|
trusted library allocation
|
page read and write
|
||
|
1F7290A6000
|
heap
|
page read and write
|
||
|
1897F458000
|
heap
|
page read and write
|
||
|
37477F000
|
stack
|
page read and write
|
||
|
1BCA1642000
|
heap
|
page read and write
|
||
|
1F723D02000
|
heap
|
page read and write
|
||
|
19002E5C000
|
heap
|
page read and write
|
||
|
19002E00000
|
heap
|
page read and write
|
||
|
4DDBB7E000
|
stack
|
page read and write
|
||
|
21E61010000
|
heap
|
page read and write
|
||
|
1897F270000
|
heap
|
page read and write
|
||
|
5B4E47D000
|
stack
|
page read and write
|
||
|
1F723D13000
|
heap
|
page read and write
|
||
|
A8B067B000
|
stack
|
page read and write
|
||
|
1897F402000
|
heap
|
page read and write
|
||
|
D6B317E000
|
stack
|
page read and write
|
||
|
19002E40000
|
heap
|
page read and write
|
||
|
93FA5FB000
|
stack
|
page read and write
|
||
|
1F724F80000
|
trusted library allocation
|
page read and write
|
||
|
A8B037E000
|
stack
|
page read and write
|
||
|
21E61313000
|
heap
|
page read and write
|
||
|
1F723BD0000
|
trusted library allocation
|
page read and write
|
||
|
21E612BA000
|
heap
|
page read and write
|
||
|
1F729043000
|
heap
|
page read and write
|
||
|
1F729370000
|
trusted library allocation
|
page read and write
|
||
|
860FB0B000
|
stack
|
page read and write
|
||
|
1897F479000
|
heap
|
page read and write
|
||
|
1BCA1631000
|
heap
|
page read and write
|
||
|
1F723C13000
|
heap
|
page read and write
|
||
|
CFB68FB000
|
stack
|
page read and write
|
||
|
1F723AD0000
|
heap
|
page read and write
|
||
|
1F724502000
|
heap
|
page read and write
|
||
|
1F72905F000
|
heap
|
page read and write
|
||
|
19002D00000
|
heap
|
page read and write
|
||
|
21E60FB0000
|
heap
|
page read and write
|
||
|
19003490000
|
remote allocation
|
page read and write
|
||
|
1F724518000
|
heap
|
page read and write
|
||
|
211B8F80000
|
heap
|
page read and write
|
||
|
93FA8FE000
|
stack
|
page read and write
|
||
|
1944B44B000
|
heap
|
page read and write
|
||
|
1F729350000
|
trusted library allocation
|
page read and write
|
||
|
1897F513000
|
heap
|
page read and write
|
||
|
D6B27BB000
|
stack
|
page read and write
|
||
|
5B4E0FE000
|
stack
|
page read and write
|
||
|
2B5E186D000
|
heap
|
page read and write
|
||
|
D6B367E000
|
stack
|
page read and write
|
||
|
1F729338000
|
trusted library allocation
|
page read and write
|
||
|
1F7290ED000
|
heap
|
page read and write
|
||
|
1F729400000
|
trusted library allocation
|
page read and write
|
||
|
1BCA162D000
|
heap
|
page read and write
|
||
|
1F72903B000
|
heap
|
page read and write
|
||
|
1F724400000
|
heap
|
page read and write
|
||
|
1F728FA0000
|
trusted library allocation
|
page read and write
|
||
|
D6B327E000
|
stack
|
page read and write
|
||
|
1F7290A9000
|
heap
|
page read and write
|
||
|
1BCA1580000
|
heap
|
page read and write
|
||
|
1BCA1600000
|
heap
|
page read and write
|
||
|
1F729490000
|
remote allocation
|
page read and write
|
||
|
4DDBE7F000
|
stack
|
page read and write
|
||
|
1BCA165F000
|
heap
|
page read and write
|
||
|
1897F468000
|
heap
|
page read and write
|
||
|
1BCA163D000
|
heap
|
page read and write
|
||
|
19002CA0000
|
heap
|
page read and write
|
||
|
1F724AE0000
|
trusted library allocation
|
page read and write
|
||
|
93FA4FB000
|
stack
|
page read and write
|
||
|
1BCA1675000
|
heap
|
page read and write
|
||
|
211B9029000
|
heap
|
page read and write
|
||
|
93FA0F8000
|
stack
|
page read and write
|
||
|
A8B00FE000
|
stack
|
page read and write
|
||
|
2B5E1873000
|
heap
|
page read and write
|
||
|
1F729330000
|
trusted library allocation
|
page read and write
|
||
|
3742FE000
|
stack
|
page read and write
|
||
|
211B8F90000
|
heap
|
page read and write
|
||
|
1BCA1649000
|
heap
|
page read and write
|
||
|
1F729440000
|
trusted library allocation
|
page read and write
|
||
|
861017E000
|
stack
|
page read and write
|
||
|
1944B44E000
|
heap
|
page read and write
|
||
|
1F723C96000
|
heap
|
page read and write
|
||
|
19003460000
|
trusted library allocation
|
page read and write
|
||
|
1BCA162F000
|
heap
|
page read and write
|
||
|
1F729354000
|
trusted library allocation
|
page read and write
|
||
|
CFB6E7E000
|
stack
|
page read and write
|
||
|
A8B0A7E000
|
stack
|
page read and write
|
||
|
93F9CAB000
|
stack
|
page read and write
|
||
|
1F729450000
|
trusted library allocation
|
page read and write
|
||
|
1944B502000
|
heap
|
page read and write
|
||
|
37447C000
|
stack
|
page read and write
|
||
|
1BCA162A000
|
heap
|
page read and write
|
||
|
1BCA1684000
|
heap
|
page read and write
|
||
|
1944B44C000
|
heap
|
page read and write
|
||
|
19002E2A000
|
heap
|
page read and write
|
||
|
D6B2AFD000
|
stack
|
page read and write
|
||
|
1F7290FA000
|
heap
|
page read and write
|
||
|
1BCA167B000
|
heap
|
page read and write
|
||
|
CFB6DFB000
|
stack
|
page read and write
|
||
|
2B5E1790000
|
trusted library allocation
|
page read and write
|
||
|
1BCA166B000
|
heap
|
page read and write
|
||
|
1F723C58000
|
heap
|
page read and write
|
||
|
D6B2E7F000
|
stack
|
page read and write
|
||
|
1944B2C0000
|
heap
|
page read and write
|
||
|
1944B42A000
|
heap
|
page read and write
|
||
|
4DDBF7F000
|
stack
|
page read and write
|
||
|
21E60FA0000
|
heap
|
page read and write
|
||
|
1944B413000
|
heap
|
page read and write
|
||
|
5B4DEFE000
|
stack
|
page read and write
|
||
|
1F724BC0000
|
trusted library section
|
page readonly
|
||
|
93FAC7F000
|
stack
|
page read and write
|
||
|
1F723CFF000
|
heap
|
page read and write
|
||
|
CFB6CFC000
|
stack
|
page read and write
|
||
|
1BCA167A000
|
heap
|
page read and write
|
||
|
19003490000
|
remote allocation
|
page read and write
|
||
|
1BCA1590000
|
heap
|
page read and write
|
||
|
1F723C8D000
|
heap
|
page read and write
|
||
|
1F728F90000
|
trusted library allocation
|
page read and write
|
||
|
21E612C3000
|
heap
|
page read and write
|
||
|
1BCA1702000
|
heap
|
page read and write
|
||
|
1F728FF0000
|
trusted library allocation
|
page read and write
|
||
|
1F729480000
|
trusted library allocation
|
page read and write
|
||
|
D6B2C7E000
|
stack
|
page read and write
|
||
|
1897F440000
|
heap
|
page read and write
|
||
|
21E61302000
|
heap
|
page read and write
|
||
|
2B5E1690000
|
heap
|
page read and write
|
||
|
1BCA165C000
|
heap
|
page read and write
|
||
|
1F729360000
|
trusted library allocation
|
page read and write
|
||
|
1F724F83000
|
trusted library allocation
|
page read and write
|
||
|
1F729048000
|
heap
|
page read and write
|
||
|
21E61288000
|
heap
|
page read and write
|
||
|
1BCA1658000
|
heap
|
page read and write
|
||
|
1BCA164E000
|
heap
|
page read and write
|
||
|
1F724F61000
|
trusted library allocation
|
page read and write
|
||
|
2B5E1886000
|
heap
|
page read and write
|
||
|
1F729000000
|
heap
|
page read and write
|
||
|
93FA3FE000
|
stack
|
page read and write
|
||
|
37427B000
|
stack
|
page read and write
|
||
|
D6B2BFB000
|
stack
|
page read and write
|
||
|
D6B307D000
|
stack
|
page read and write
|
||
|
4DDBD7E000
|
stack
|
page read and write
|
||
|
86102FF000
|
stack
|
page read and write
|
||
|
1F7290DD000
|
heap
|
page read and write
|
||
|
93FA6FE000
|
stack
|
page read and write
|
||
|
2B5E1800000
|
heap
|
page read and write
|
||
|
1944B44F000
|
heap
|
page read and write
|
||
|
1897F428000
|
heap
|
page read and write
|
||
|
1944B513000
|
heap
|
page read and write
|
||
|
1F729490000
|
remote allocation
|
page read and write
|
||
|
A8B047E000
|
stack
|
page read and write
|
||
|
93F9D2E000
|
stack
|
page read and write
|
||
|
5B4E57E000
|
stack
|
page read and write
|
||
|
1F723A60000
|
heap
|
page read and write
|
||
|
1944B470000
|
heap
|
page read and write
|
||
|
21E611E0000
|
trusted library allocation
|
page read and write
|
||
|
4DDBAFE000
|
stack
|
page read and write
|
||
|
1BCA167E000
|
heap
|
page read and write
|
||
|
1944B508000
|
heap
|
page read and write
|
||
|
19003490000
|
remote allocation
|
page read and write
|
||
|
1BCA1D50000
|
trusted library allocation
|
page read and write
|
||
|
1944B400000
|
heap
|
page read and write
|
||
|
1F723BE0000
|
trusted library section
|
page read and write
|
||
|
1F729351000
|
trusted library allocation
|
page read and write
|
||
|
1944B250000
|
heap
|
page read and write
|
||
|
19002C90000
|
heap
|
page read and write
|
||
|
861027B000
|
stack
|
page read and write
|
||
|
1F7290FC000
|
heap
|
page read and write
|
||
|
1F729360000
|
trusted library allocation
|
page read and write
|
||
|
1BCA1646000
|
heap
|
page read and write
|
||
|
1944B500000
|
heap
|
page read and write
|
||
|
1944B260000
|
heap
|
page read and write
|
||
|
2B5E1869000
|
heap
|
page read and write
|
||
|
CFB697E000
|
stack
|
page read and write
|
||
|
2B5E1863000
|
heap
|
page read and write
|
||
|
1944B47E000
|
heap
|
page read and write
|
||
|
861007B000
|
stack
|
page read and write
|
||
|
5B4E1FF000
|
stack
|
page read and write
|
||
|
1944B449000
|
heap
|
page read and write
|
||
|
1F723CA2000
|
heap
|
page read and write
|
||
|
5B4E37E000
|
stack
|
page read and write
|
||
|
1F724BE0000
|
trusted library section
|
page readonly
|
||
|
1F723A70000
|
heap
|
page read and write
|
||
|
1F728FE0000
|
trusted library allocation
|
page read and write
|
There are 315 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://gossip-celeb-fashion.com/
|