IOC Report
https://www.trekkdesigngroup.online

loading gif

Files

File Path
Type
Category
Malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\14e23506-ac41-428f-970d-5e33427ff689.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\29255d63-927f-4b6f-ae46-8e3a1b9b02b0.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\5342d236-b93f-4635-a2ca-26c5975fa34a.tmp
SysEx File -
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\57c08e80-8251-418d-8127-699664144929.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\5d2c19d2-d1f9-45ce-8b2b-1273475251e3.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\17479bf1-e47e-419c-b00b-f841cdafc199.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\27058494-f2e6-4e83-b8ef-e5a681a3c37c.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8750bdd4-8a4f-47b2-9130-55556371737b.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8dc07f0c-f2d6-42a3-9976-5ede9128e770.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\12ab03c7-34f6-4bb9-a5c4-0f36ca9dc7d7.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\767fc365-abff-4521-a7ff-22e7dcebc033.tmp
ASCII text, with very long lines, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a6aa61b8-46ad-43b8-8033-35163324a167.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bd0cbc99-103a-4ab8-b305-1441d47a8df0.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\be86d6c6-dddd-4ac1-804a-a202e5f04d71.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c38ffe5d-09ed-4e01-82d7-07275066f0f8.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d9dbeb97-288a-4ec8-a235-b3f41cc7dd36.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\db38715e-125f-4bae-9372-095aa98eab9e.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\eacaf335-7bc1-42cd-a6a5-931e1f91e0d8.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fac8166b-b58b-46d0-898e-86f7740f1af8.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\baf2e63f-66d0-4d01-95a5-c130ea21d4e1.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\eb9b5c97-16a5-4e36-8b39-254c74478718.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\f1c11fd4-204a-467f-982b-83e534495b14.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\62712acc-1b35-4522-b3ec-d6c858c6dbaf.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\64fa9257-c8ce-4990-bd83-af46a2a90b23.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\916_684278386\LICENSE
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\916_684278386\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\916_684278386\crl-set
data
dropped
C:\Users\user\AppData\Local\Temp\916_684278386\manifest.fingerprint
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\916_684278386\manifest.json
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\62712acc-1b35-4522-b3ec-d6c858c6dbaf.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir916_1861928941\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
There are 94 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://www.trekkdesigngroup.online
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1580,14193851862152865122,10929051804290473216,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1924 /prefetch:8

URLs

Name
IP
Malicious
https://www.trekkdesigngroup.online
malicious
https://thestlouisblues.com/doc/
38.242.134.24
 malicious
https://thestlouisblues.com/doc/css/share-point.css
38.242.134.24
 malicious
https://www.trekkdesigngroup.online/about/
malicious
https://www.trekkdesigngroup.online/imprint/
malicious
https://thestlouisblues.com/doc/images/logo.png
38.242.134.24
 malicious
https://thestlouisblues.com/doc/
malicious
https://thestlouisblues.com/doc/images/logo_strip.png
38.242.134.24
 malicious
https://www.trekkdesigngroup.online/cookie-settings/
malicious
https://thestlouisblues.com/doc/images/box.PNG
38.242.134.24
 malicious
https://www.trekkdesigngroup.online/
malicious
https://thestlouisblues.com/doc/images/pdf.png
38.242.134.24
 malicious
https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/7bc340391ff879c7dd40.js
151.101.2.79
https://jimdo-storage.freetls.fastly.net/image/313511311/8455d926-cb8a-4401-928b-ec4fe27494e3.jpg?format=pjpg&quality=80,90&auto=webp&disable=upscale&width=800&height=533
151.101.2.79
https://www.google.com/images/cleardot.gif
unknown
https://at.jimdo-platform-eks.net/events
54.154.76.92
https://play.google.com
unknown
https://www.trekkdesigngroup.online/favicon.ico
52.210.19.9
https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/55ae49ade666a31f836e.css
151.101.2.79
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
https://accounts.google.com/MergeSession
unknown
https://www.google.com
unknown
https://www.trekkdesigngroup.online/cookie-settings/
52.210.19.9
https://accounts.google.com
unknown
https://apis.google.com
unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.10.207
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
https://www.trekkdesigngroup.online/2
unknown
https://www.trekkdesigngroup.online/imprint/
52.210.19.9
https://www-googleapis-staging.sandbox.google.com
unknown
https://clients2.google.com
unknown
https://www.trekkdesigngroup.online/contact/
52.210.19.9
https://dns.google
unknown
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
https://www.google.com/intl/en-US/chrome/blank.html
unknown
https://ogs.google.com
unknown
https://thestlouisblues.com/favicon.ico
38.242.134.24
https://at.jimdo-platform-eks.net/cf
54.154.76.92
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.251.36.238
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.251.36.205
https://payments.google.com/payments/v4/js/integrator.js
unknown
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
104.18.11.207
https://www.google.com/images/x2.gif
unknown
https://thestlouisblues.com/doc
38.242.134.24
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.10.207
https://www.google.com/images/dot2.gif
unknown
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.17.25.14
https://clients2.googleusercontent.com
unknown
https://www.trekkdesigngroup.online/
52.210.19.9
https://www.trekkdesigngroup.online/about/
52.210.19.9
https://www.google.com/
unknown
https://clients2.google.com/service/update2/crx
unknown
There are 41 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
jimdo-dolphin-static-assets-prod.freetls.fastly.net
151.101.2.79
stackpath.bootstrapcdn.com
104.18.11.207
gstaticadssl.l.google.com
142.251.36.227
accounts.google.com
142.251.36.205
cdnjs.cloudflare.com
104.17.25.14
jimdo-storage.freetls.fastly.net
151.101.2.79
maxcdn.bootstrapcdn.com
104.18.10.207
thestlouisblues.com
38.242.134.24
clients.l.google.com
142.251.36.238
dolphin-render-ce5083-1529577379-1289163597.eu-west-1.elb.amazonaws.com
52.210.19.9
at.jimdo-platform-eks.net
54.154.76.92
clients2.google.com
unknown
code.jquery.com
unknown
www.trekkdesigngroup.online
unknown
fonts.jimstatic.com
unknown
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
104.18.10.207
maxcdn.bootstrapcdn.com
United States
142.251.36.238
clients.l.google.com
United States
142.251.36.205
accounts.google.com
United States
52.48.59.54
unknown
United States
151.101.2.79
jimdo-dolphin-static-assets-prod.freetls.fastly.net
United States
38.242.134.24
thestlouisblues.com
United States
52.210.19.9
dolphin-render-ce5083-1529577379-1289163597.eu-west-1.elb.amazonaws.com
United States
104.18.11.207
stackpath.bootstrapcdn.com
United States
54.154.76.92
at.jimdo-platform-eks.net
United States
239.255.255.250
unknown
Reserved
127.0.0.1
unknown
unknown
104.17.25.14
cdnjs.cloudflare.com
United States
There are 3 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
There are 33 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
236B42B8000
heap
page read and write
7E30AFF000
stack
page read and write
19B93429000
heap
page read and write
CA0647F000
stack
page read and write
1F75FAE0000
trusted library allocation
page read and write
1E622502000
heap
page read and write
1F75ECA2000
heap
page read and write
BFCBC7B000
stack
page read and write
1F764460000
remote allocation
page read and write
1F764330000
trusted library allocation
page read and write
1F75ECBC000
heap
page read and write
1DCCCE7B000
heap
page read and write
1E020B80000
heap
page read and write
CA0657E000
stack
page read and write
1DCCCE41000
heap
page read and write
1F764307000
trusted library allocation
page read and write
1DCCCE00000
heap
page read and write
236B4120000
heap
page read and write
1E622400000
heap
page read and write
1F764420000
trusted library allocation
page read and write
1E020C64000
heap
page read and write
1E622458000
heap
page read and write
586FB7B000
stack
page read and write
23E19628000
heap
page read and write
19B93400000
heap
page read and write
CA0627E000
stack
page read and write
1DCCCE3A000
heap
page read and write
19B93440000
heap
page read and write
88C97FB000
stack
page read and write
2D7CDFE000
stack
page read and write
1F76410C000
heap
page read and write
CA05CFA000
stack
page read and write
19B933C0000
trusted library allocation
page read and write
1F764344000
trusted library allocation
page read and write
23E19602000
heap
page read and write
CA0607F000
stack
page read and write
BFCBE7C000
stack
page read and write
586F5F7000
stack
page read and write
1F75F513000
heap
page read and write
1E020C5A000
heap
page read and write
F72F4FB000
stack
page read and write
1F763FF0000
trusted library allocation
page read and write
236B4263000
heap
page read and write
F72F2FE000
stack
page read and write
236B4180000
heap
page read and write
88C9A7E000
stack
page read and write
236B4B32000
heap
page read and write
1F764104000
heap
page read and write
586F1BB000
stack
page read and write
1F764300000
trusted library allocation
page read and write
23E19600000
heap
page read and write
1F76409D000
heap
page read and write
88C932D000
stack
page read and write
7E3077F000
stack
page read and write
1DCCCE46000
heap
page read and write
88C92AB000
stack
page read and write
1F75FC00000
trusted library section
page readonly
1F75FC10000
trusted library section
page readonly
1DCCCE44000
heap
page read and write
1E020C5C000
heap
page read and write
1F75EBB0000
trusted library section
page read and write
1F75EA40000
heap
page read and write
1E020C49000
heap
page read and write
586FF7C000
stack
page read and write
23E19663000
heap
page read and write
1F76410D000
heap
page read and write
2D7C71C000
stack
page read and write
1F764300000
trusted library allocation
page read and write
BFCC77F000
stack
page read and write
236B4286000
heap
page read and write
1F764305000
trusted library allocation
page read and write
1DCCCE61000
heap
page read and write
1E622429000
heap
page read and write
7E3047E000
stack
page read and write
1F764330000
trusted library allocation
page read and write
1E020C83000
heap
page read and write
1F76402E000
heap
page read and write
1F764102000
heap
page read and write
F72ECCB000
stack
page read and write
1F764340000
trusted library allocation
page read and write
1DCCCC00000
heap
page read and write
23E194D0000
heap
page read and write
1F75F900000
trusted library allocation
page read and write
1F75F59B000
heap
page read and write
1F75F518000
heap
page read and write
1F75EC6B000
heap
page read and write
236B4110000
heap
page read and write
23E19640000
heap
page read and write
1F764460000
remote allocation
page read and write
236B41B0000
trusted library allocation
page read and write
BFCC67D000
stack
page read and write
586FBFF000
stack
page read and write
1E020C3C000
heap
page read and write
1F764065000
heap
page read and write
1F7640E2000
heap
page read and write
2D7CEFF000
stack
page read and write
1F75EC69000
heap
page read and write
1E020C61000
heap
page read and write
236B4213000
heap
page read and write
F72F3FE000
stack
page read and write
1DCCCE69000
heap
page read and write
1F75EC61000
heap
page read and write
23E19460000
heap
page read and write
23E195D0000
trusted library allocation
page read and write
7E305FF000
stack
page read and write
1F76410E000
heap
page read and write
236B4302000
heap
page read and write
19B933F0000
remote allocation
page read and write
1F75F518000
heap
page read and write
1F75F559000
heap
page read and write
7E3067E000
stack
page read and write
1DCCCE57000
heap
page read and write
19B93260000
heap
page read and write
19B93C02000
trusted library allocation
page read and write
19B93402000
heap
page read and write
1F764321000
trusted library allocation
page read and write
23E19713000
heap
page read and write
1E020D08000
heap
page read and write
1F764410000
trusted library allocation
page read and write
88C9B7F000
stack
page read and write
1F7645F0000
trusted library allocation
page read and write
1F763FE0000
trusted library allocation
page read and write
1DCCCE42000
heap
page read and write
1F764117000
heap
page read and write
F72F1FB000
stack
page read and write
CA058AC000
stack
page read and write
1E020C13000
heap
page read and write
586F77A000
stack
page read and write
1F763F60000
trusted library allocation
page read and write
1F764430000
trusted library allocation
page read and write
1E6221A0000
heap
page read and write
2D7CCFE000
stack
page read and write
BFCC2FE000
stack
page read and write
BFCC37B000
stack
page read and write
1DCCCE58000
heap
page read and write
1F75F400000
heap
page read and write
1F75F518000
heap
page read and write
23E19470000
heap
page read and write
2D7CA7E000
stack
page read and write
23E19702000
heap
page read and write
19B93457000
heap
page read and write
1F764041000
heap
page read and write
1DCCCE29000
heap
page read and write
1DCCCBA0000
heap
page read and write
1F764470000
trusted library allocation
page read and write
1E020C53000
heap
page read and write
1DCCCE5F000
heap
page read and write
1DCCCE63000
heap
page read and write
1F764301000
trusted library allocation
page read and write
236B4200000
heap
page read and write
1DCCCE67000
heap
page read and write
1F75ED13000
heap
page read and write
1F75EAA0000
heap
page read and write
236B4313000
heap
page read and write
1DCCCF02000
heap
page read and write
1E62245B000
heap
page read and write
1E020C99000
heap
page read and write
1E62243D000
heap
page read and write
1F75F415000
heap
page read and write
7E309FD000
stack
page read and write
1F75EBA0000
trusted library allocation
page read and write
1DCCCE59000
heap
page read and write
1E020CA0000
heap
page read and write
1DCCCE64000
heap
page read and write
BFCC57F000
stack
page read and write
23E19700000
heap
page read and write
1F764460000
remote allocation
page read and write
1F764119000
heap
page read and write
1DCCCE4E000
heap
page read and write
1F764450000
trusted library allocation
page read and write
1F75EC00000
heap
page read and write
1F75F3F0000
trusted library allocation
page read and write
BFCC47D000
stack
page read and write
1F75EC8D000
heap
page read and write
1F764111000
heap
page read and write
88C93AE000
stack
page read and write
1F75EC94000
heap
page read and write
1F764460000
trusted library allocation
page read and write
1F75F3D1000
trusted library allocation
page read and write
1DCCCE7E000
heap
page read and write
BFCC07F000
stack
page read and write
1F75F681000
trusted library allocation
page read and write
586FDFE000
stack
page read and write
88C997F000
stack
page read and write
1F75FF60000
trusted library allocation
page read and write
23E19E02000
trusted library allocation
page read and write
1E622190000
heap
page read and write
586FE7F000
stack
page read and write
1E6223D0000
trusted library allocation
page read and write
1DCCCE77000
heap
page read and write
1F75FBC0000
trusted library section
page readonly
1F764320000
trusted library allocation
page read and write
1F763F70000
trusted library allocation
page read and write
19B93250000
heap
page read and write
586FFFD000
stack
page read and write
1F75EC13000
heap
page read and write
19B93502000
heap
page read and write
1F764590000
trusted library allocation
page read and write
1E020C58000
heap
page read and write
1F75F601000
trusted library allocation
page read and write
1F76404E000
heap
page read and write
1F764102000
heap
page read and write
1F75EC8F000
heap
page read and write
1F7645A0000
trusted library allocation
page read and write
236B422A000
heap
page read and write
1F75EC3D000
heap
page read and write
1DCCCE13000
heap
page read and write
1F764105000
heap
page read and write
1DCCCE47000
heap
page read and write
2D7C79E000
stack
page read and write
1DCCCE31000
heap
page read and write
1E622A02000
trusted library allocation
page read and write
1E020C00000
heap
page read and write
236B4A02000
heap
page read and write
19B932C0000
heap
page read and write
BFCC1FC000
stack
page read and write
CA0637E000
stack
page read and write
1F7640FF000
heap
page read and write
1DCCCE5E000
heap
page read and write
1F75F402000
heap
page read and write
1F75FBD0000
trusted library section
page readonly
2D7CBFF000
stack
page read and write
19B933F0000
remote allocation
page read and write
1DCCCE60000
heap
page read and write
1F75F518000
heap
page read and write
1DCCD402000
trusted library allocation
page read and write
CA05E7E000
stack
page read and write
1DCCCDD0000
trusted library allocation
page read and write
1F75EA30000
heap
page read and write
1F765000000
heap
page read and write
1F75EC67000
heap
page read and write
1E622402000
heap
page read and write
1DCCCE7A000
heap
page read and write
7E308FE000
stack
page read and write
1F75F500000
heap
page read and write
1DCCCE5A000
heap
page read and write
1E020D00000
heap
page read and write
1DCCCE6B000
heap
page read and write
1DCCCE45000
heap
page read and write
23E19679000
heap
page read and write
1F763FA0000
trusted library allocation
page read and write
1F76411C000
heap
page read and write
1F764106000
heap
page read and write
BFCC17F000
stack
page read and write
1F75EC57000
heap
page read and write
1DCCCE3D000
heap
page read and write
7E30B7E000
stack
page read and write
1F764440000
trusted library allocation
page read and write
88C98F7000
stack
page read and write
586F87B000
stack
page read and write
CA05F7C000
stack
page read and write
1E020C5E000
heap
page read and write
586F97E000
stack
page read and write
1E020B10000
heap
page read and write
88C96FB000
stack
page read and write
236B4B00000
heap
page read and write
1F764013000
heap
page read and write
1E020C7D000
heap
page read and write
23E19613000
heap
page read and write
1F764104000
heap
page read and write
1F764324000
trusted library allocation
page read and write
1F7640F3000
heap
page read and write
1F76410D000
heap
page read and write
1E020D02000
heap
page read and write
586FA7A000
stack
page read and write
1F763F80000
trusted library allocation
page read and write
1E020C29000
heap
page read and write
1F76410A000
heap
page read and write
1F75F559000
heap
page read and write
1E622513000
heap
page read and write
1DCCCE40000
heap
page read and write
1F764340000
trusted library allocation
page read and write
1F76430E000
trusted library allocation
page read and write
1E622413000
heap
page read and write
1DCCCE62000
heap
page read and write
587007F000
stack
page read and write
1F75FBF0000
trusted library section
page readonly
1F75F3F3000
trusted library allocation
page read and write
1F7640DD000
heap
page read and write
1F764306000
trusted library allocation
page read and write
19B93424000
heap
page read and write
7E3018E000
stack
page read and write
1E020D13000
heap
page read and write
1E021402000
trusted library allocation
page read and write
1E622478000
heap
page read and write
1DCCCE5C000
heap
page read and write
1F764020000
heap
page read and write
1F764308000
trusted library allocation
page read and write
23E19657000
heap
page read and write
19B93413000
heap
page read and write
23E19680000
heap
page read and write
1F75F59A000
heap
page read and write
1F75F5DC000
heap
page read and write
1F76409A000
heap
page read and write
7E3087D000
stack
page read and write
1F75ED02000
heap
page read and write
1F75EC29000
heap
page read and write
1F75EC26000
heap
page read and write
586FCFE000
stack
page read and write
1DCCCB90000
heap
page read and write
CA0617D000
stack
page read and write
1E020B20000
heap
page read and write
23E19668000
heap
page read and write
7E3010C000
stack
page read and write
586FC7E000
stack
page read and write
236B42C9000
heap
page read and write
236B42C1000
heap
page read and write
1E020BB0000
trusted library allocation
page read and write
1F75ECFE000
heap
page read and write
1E622200000
heap
page read and write
CA0667F000
stack
page read and write
586F4FF000
stack
page read and write
1F75F5DB000
heap
page read and write
236B423E000
heap
page read and write
1F764000000
heap
page read and write
19B933F0000
remote allocation
page read and write
1DCCCE84000
heap
page read and write
1DCCCE6D000
heap
page read and write
1F764450000
trusted library allocation
page read and write
586FD7E000
stack
page read and write
1F7643D0000
trusted library allocation
page read and write
1F764059000
heap
page read and write
236B426B000
heap
page read and write
1F75FBE0000
trusted library section
page readonly
There are 314 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://thestlouisblues.com/doc/
 malicious
https://www.trekkdesigngroup.online/
https://www.trekkdesigngroup.online/about/
https://www.trekkdesigngroup.online/cookie-settings/
https://www.trekkdesigngroup.online/imprint/