Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
test@somewhere.com.html
|
HTML document, ISO-8859 text, with very long lines, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\0f78a17b-9996-400f-b421-0a7a1f967db2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\414ccee9-2cf0-45c1-bb36-d9c83977e708.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\1f1fe6c4-ff10-4a04-9b2a-80167bf3ee2d.tmp
|
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\383315f1-4424-4c10-a80f-51361525d0b1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\398277b2-f9b9-4d0b-92cc-7f0287f61020.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\4580db1d-2ccd-48d9-a039-e424fbc2f45f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\5d90d01d-bc05-40cc-b33f-a6838389ba07.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\7a0d8a11-0cce-469c-b939-58201d6e6967.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\8aa0e452-8ccd-4ec0-b7a9-35a13d916e4e.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
|
data
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)
|
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3035005
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
|
SQLite 3.x database, last written using SQLite version 3035005
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13301173707165807
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13301173708720801
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3035005
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\cccec9b9-da4e-4700-a3fa-b754474ae6d3.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\dda4d149-5076-4fa0-a2c0-abce23289ca1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\e704e804-c1a7-4116-a9b7-70aa1fc9725b.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\f129bee2-386e-47f6-ba47-14271f33047b.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\7669c153-0ea1-45bd-899e-6c92688a2fdc.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\e1ca661c-2bca-4dbc-9294-9e5713ad3c2e.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\e20301b0-2c8c-4b36-970c-0d674f002fb7.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_locales\es\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_locales\es_419\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2452_179984024\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
There are 53 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/alfredo/Desktop/test@somewhere.com.html
|
|
||
|
http://www.somewhere.com/
|
192.34.58.29
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
142.250.187.163
|
||
|
stackpath.bootstrapcdn.com
|
104.18.11.207
|
||
|
embed.tawk.to
|
172.67.38.66
|
||
|
d26p066pn2w0s0.cloudfront.net
|
13.224.189.91
|
||
|
accounts.google.com
|
172.217.16.205
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
||
|
www.applicationsecurity.ninja
|
192.34.58.29
|
||
|
clients.l.google.com
|
142.250.181.238
|
||
|
us-east-1.route-1.000webhost.awex.io
|
145.14.144.140
|
||
|
clients2.google.com
|
unknown
|
||
|
ka-f.fontawesome.com
|
unknown
|
||
|
code.jquery.com
|
unknown
|
||
|
kit.fontawesome.com
|
unknown
|
||
|
www.somewhere.com
|
unknown
|
||
|
deflation-community.000webhostapp.com
|
unknown
|
||
|
logo.clearbit.com
|
unknown
|
There are 7 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.150.137
|
unknown
|
United States
|
||
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
34.104.35.123
|
unknown
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
|
142.250.187.163
|
gstaticadssl.l.google.com
|
United States
|
||
|
172.217.16.205
|
accounts.google.com
|
United States
|
||
|
142.250.185.202
|
unknown
|
United States
|
||
|
104.18.11.207
|
stackpath.bootstrapcdn.com
|
United States
|
||
|
69.16.175.42
|
unknown
|
United States
|
||
|
142.250.185.170
|
unknown
|
United States
|
||
|
142.250.181.238
|
clients.l.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.163
|
unknown
|
United States
|
||
|
13.224.189.91
|
d26p066pn2w0s0.cloudfront.net
|
United States
|
||
|
145.14.144.140
|
us-east-1.route-1.000webhost.awex.io
|
Netherlands
|
||
|
104.18.23.52
|
unknown
|
United States
|
||
|
172.67.38.66
|
embed.tawk.to
|
United States
|
||
|
192.34.58.29
|
www.applicationsecurity.ninja
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 10 hidden IPs, click here to show them.