Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Fatura.Vivo.html
|
ASCII text, with CRLF line terminators
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\080ba7f6-6ff7-494a-b362-ade637a94d8f.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0bb7433b-f880-48ef-8864-d4cf7860f276.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\25c8a09f-dd60-4ece-913a-8a86fe30fdde.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3ff94aa3-9bcc-4222-a1c2-2730b1c32775.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\5a12c651-a52a-4597-b037-aa501ae66d72.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\621aa5a3-76fa-4127-bd83-ad1183b2667c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\643c1118-a2e8-4aa4-b28f-9aa0aa0209e3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7950492e-bd56-45b6-9c97-5890bfd5fa81.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\96cf249a-e499-4319-8b31-814377d54162.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9baa8bf4-ccca-4b5b-bcfe-7f8aa0bc7f7e.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c86301c-5d2a-4c0c-b697-523dbdbbe525.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\30b9e8c0-3153-4a23-a4b0-8e30b63517a4.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5ac695c3-fcd4-4763-b1ef-c9294ecef4fe.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5d91f73d-0658-4a8e-b48f-5762f170f14d.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\618a8ab7-9cee-4fbf-94f8-118a6f921609.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\63dc9ee7-c639-4983-a076-89d7195d0c43.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\64a70a77-c17a-43ab-b7f3-d1d1bc801c06.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6edb7a1e-0601-4505-8250-d1aca5078288.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8067c521-f575-4e28-a7ee-d9b9cf43fd73.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8f1d0ee2-b246-49ef-930b-5372e39ec5dc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\91e94580-077f-4bd8-b795-0e252a6559eb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\926634f9-1309-4378-a2c7-6b72dcd8b25a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9268208e-af50-4c3c-b51f-71f51922abc9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\4f9996cb-8173-476b-b672-87104b30f99f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\618cdd77-6a53-4c0d-ab0f-56856969bba6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a2bbcfc0-69fd-4834-95be-d9581fa96790.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c77dfe12-ff60-4332-8dca-fa8fb98673c0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cd70cfe9-0d72-4163-a81c-8b77eb97b335.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cd9a7ceb-0b69-4151-b308-3660db033f55.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cdb427d1-33be-4fbb-8665-e52fcaed0cb6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\da53e76e-c053-4b85-b6d5-918a80b5c600.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e0c8ce74-28e7-4d0d-bef8-10dd0bbbb821.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e563af1a-e671-452a-bcba-b2217add21d0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ebd9e086-b980-4448-b2f6-209e181fe351.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f637ef60-2e06-4343-8f67-718102bac700.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c913079c-e23e-45c3-9dfd-378670e9907a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d4ec1c3b-28c9-4f41-b8d6-909c998d7a1b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7b5021d1-aa60-482c-87d6-e54c91f9d985.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8f57c9dc-5a6d-49ac-8f09-d8fbddbab5f7.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\7b5021d1-aa60-482c-87d6-e54c91f9d985.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir1004_693409872\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 108 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1564,18120619820808562449,9042696685717106766,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" "C:\Users\user\Desktop\Fatura.Vivo.html
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://www.google.com/
|
|||
|
https://ogs.google.com
|
unknown
|
||
|
https://about.google/stories/timelapse-planetary-changes/
|
|||
|
https://store.google.com/DE?utm_source=hp_header&utm_medium=google_ooo&utm_campaign=GS100042&hl=de
|
|||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
http://24.228.95.34.bc.googleusercontent.com/?hash=%20Fatura%20Vivo%20ZIP
|
34.95.228.24
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/intl/de/gmail/about/#
|
|||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 15 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
142.250.184.195
|
||
|
scone-pa.clients6.google.com
|
172.217.16.202
|
||
|
www.google.de
|
172.217.18.3
|
||
|
dart.l.doubleclick.net
|
142.250.184.230
|
||
|
google.com
|
172.217.16.206
|
||
|
csp.withgoogle.com
|
172.217.16.209
|
||
|
accounts.google.com
|
142.250.185.205
|
||
|
plus.l.google.com
|
216.58.212.142
|
||
|
stats.l.doubleclick.net
|
66.102.1.155
|
||
|
www-googletagmanager.l.google.com
|
142.250.186.168
|
||
|
mail.google.com
|
142.250.186.165
|
||
|
store.google.com
|
172.217.16.142
|
||
|
adservice.google.com
|
142.250.185.130
|
||
|
about.google
|
216.239.32.29
|
||
|
youtube-ui.l.google.com
|
142.250.184.206
|
||
|
googleads.g.doubleclick.net
|
172.217.18.2
|
||
|
play.google.com
|
142.250.186.142
|
||
|
24.228.95.34.bc.googleusercontent.com
|
34.95.228.24
|
||
|
www.google.com
|
142.250.185.196
|
||
|
clients.l.google.com
|
142.250.186.110
|
||
|
googlehosted.l.googleusercontent.com
|
172.217.23.97
|
||
|
kstatic.googleusercontent.com
|
35.241.11.240
|
||
|
ad.doubleclick.net
|
unknown
|
||
|
time.windows.com
|
unknown
|
||
|
lh3.googleusercontent.com
|
unknown
|
||
|
stats.g.doubleclick.net
|
unknown
|
||
|
clients2.google.com
|
unknown
|
||
|
www.youtube.com
|
unknown
|
||
|
apis.google.com
|
unknown
|
There are 19 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
216.58.212.142
|
plus.l.google.com
|
United States
|
||
|
34.95.228.24
|
24.228.95.34.bc.googleusercontent.com
|
United States
|
||
|
142.250.185.205
|
accounts.google.com
|
United States
|
||
|
172.217.23.97
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
66.102.1.155
|
stats.l.doubleclick.net
|
United States
|
||
|
192.168.2.23
|
unknown
|
unknown
|
||
|
66.102.1.156
|
unknown
|
United States
|
||
|
142.250.186.110
|
clients.l.google.com
|
United States
|
||
|
142.250.184.206
|
youtube-ui.l.google.com
|
United States
|
||
|
35.241.11.240
|
kstatic.googleusercontent.com
|
United States
|
||
|
172.217.16.142
|
store.google.com
|
United States
|
||
|
142.250.184.195
|
gstaticadssl.l.google.com
|
United States
|
||
|
216.239.32.29
|
about.google
|
United States
|
||
|
142.250.184.230
|
dart.l.doubleclick.net
|
United States
|
||
|
172.217.16.206
|
google.com
|
United States
|
||
|
172.217.18.3
|
www.google.de
|
United States
|
||
|
172.217.16.209
|
csp.withgoogle.com
|
United States
|
||
|
172.217.18.2
|
googleads.g.doubleclick.net
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.196
|
www.google.com
|
United States
|
||
|
142.250.185.130
|
adservice.google.com
|
United States
|
||
|
142.250.186.165
|
mail.google.com
|
United States
|
||
|
142.250.186.168
|
www-googletagmanager.l.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 15 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
There are 40 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
20C33E4C000
|
heap
|
page read and write
|
||
|
81D547F000
|
stack
|
page read and write
|
||
|
81D47CB000
|
stack
|
page read and write
|
||
|
26343E85000
|
heap
|
page read and write
|
||
|
24B66AD0000
|
heap
|
page read and write
|
||
|
13537502000
|
heap
|
page read and write
|
||
|
2633E400000
|
heap
|
page read and write
|
||
|
26343E63000
|
heap
|
page read and write
|
||
|
168DC7C000
|
stack
|
page read and write
|
||
|
84DE33C000
|
stack
|
page read and write
|
||
|
84DEB7A000
|
stack
|
page read and write
|
||
|
2633E48D000
|
heap
|
page read and write
|
||
|
2199FED0000
|
heap
|
page read and write
|
||
|
21A9D700000
|
heap
|
page read and write
|
||
|
26343EF5000
|
heap
|
page read and write
|
||
|
20C33E3E000
|
heap
|
page read and write
|
||
|
2633EC00000
|
heap
|
page read and write
|
||
|
2633EBB0000
|
trusted library section
|
page read and write
|
||
|
26343AE4000
|
trusted library allocation
|
page read and write
|
||
|
2480E6E2000
|
heap
|
page read and write
|
||
|
20C33E62000
|
heap
|
page read and write
|
||
|
2DF23FD000
|
stack
|
page read and write
|
||
|
20C33E26000
|
heap
|
page read and write
|
||
|
9576F7F000
|
stack
|
page read and write
|
||
|
20C33E65000
|
heap
|
page read and write
|
||
|
21A9D800000
|
heap
|
page read and write
|
||
|
20C33E73000
|
heap
|
page read and write
|
||
|
26343E56000
|
heap
|
page read and write
|
||
|
2633E429000
|
heap
|
page read and write
|
||
|
26343B70000
|
trusted library allocation
|
page read and write
|
||
|
24B66AE0000
|
heap
|
page read and write
|
||
|
95767CB000
|
stack
|
page read and write
|
||
|
13538DA0000
|
trusted library allocation
|
page read and write
|
||
|
168D7FC000
|
stack
|
page read and write
|
||
|
2633E290000
|
heap
|
page read and write
|
||
|
2480E600000
|
heap
|
page read and write
|
||
|
1462DA20000
|
heap
|
page read and write
|
||
|
13537486000
|
heap
|
page read and write
|
||
|
1462DC77000
|
heap
|
page read and write
|
||
|
B6CA67B000
|
stack
|
page read and write
|
||
|
24B67602000
|
trusted library allocation
|
page read and write
|
||
|
9576C7E000
|
stack
|
page read and write
|
||
|
26343E4C000
|
heap
|
page read and write
|
||
|
20C33E13000
|
heap
|
page read and write
|
||
|
21A9D7D0000
|
remote allocation
|
page read and write
|
||
|
20C33CE0000
|
heap
|
page read and write
|
||
|
21A9D710000
|
heap
|
page read and write
|
||
|
26343E2B000
|
heap
|
page read and write
|
||
|
B6CAAF9000
|
stack
|
page read and write
|
||
|
20C33E32000
|
heap
|
page read and write
|
||
|
2DF2AFE000
|
stack
|
page read and write
|
||
|
24B66C54000
|
heap
|
page read and write
|
||
|
B6CB17F000
|
stack
|
page read and write
|
||
|
81D507B000
|
stack
|
page read and write
|
||
|
2633F200000
|
trusted library allocation
|
page read and write
|
||
|
20C33CD0000
|
heap
|
page read and write
|
||
|
219A0113000
|
heap
|
page read and write
|
||
|
81D4EFF000
|
stack
|
page read and write
|
||
|
21A9D7D0000
|
remote allocation
|
page read and write
|
||
|
2DF22FF000
|
stack
|
page read and write
|
||
|
21A9D902000
|
heap
|
page read and write
|
||
|
7E17E7D000
|
stack
|
page read and write
|
||
|
1353743D000
|
heap
|
page read and write
|
||
|
2480E470000
|
heap
|
page read and write
|
||
|
26343BB0000
|
trusted library allocation
|
page read and write
|
||
|
2633EC15000
|
heap
|
page read and write
|
||
|
26343BE0000
|
trusted library allocation
|
page read and write
|
||
|
1353744A000
|
heap
|
page read and write
|
||
|
26343D90000
|
trusted library allocation
|
page read and write
|
||
|
26343BD0000
|
trusted library allocation
|
page read and write
|
||
|
26343F04000
|
heap
|
page read and write
|
||
|
2E56BBC000
|
stack
|
page read and write
|
||
|
1353745A000
|
heap
|
page read and write
|
||
|
219A0079000
|
heap
|
page read and write
|
||
|
13537449000
|
heap
|
page read and write
|
||
|
26343F02000
|
heap
|
page read and write
|
||
|
2480EF12000
|
heap
|
page read and write
|
||
|
2480E713000
|
heap
|
page read and write
|
||
|
2633ED18000
|
heap
|
page read and write
|
||
|
26343BF0000
|
trusted library allocation
|
page read and write
|
||
|
2633E4FD000
|
heap
|
page read and write
|
||
|
2633F450000
|
trusted library allocation
|
page read and write
|
||
|
1462DA10000
|
heap
|
page read and write
|
||
|
2480EF00000
|
heap
|
page read and write
|
||
|
2633F580000
|
trusted library section
|
page readonly
|
||
|
20C33E76000
|
heap
|
page read and write
|
||
|
84DE87A000
|
stack
|
page read and write
|
||
|
1353744A000
|
heap
|
page read and write
|
||
|
B6CA87D000
|
stack
|
page read and write
|
||
|
7E1797F000
|
stack
|
page read and write
|
||
|
26343F10000
|
heap
|
page read and write
|
||
|
B6CB0FA000
|
stack
|
page read and write
|
||
|
24B66B60000
|
trusted library allocation
|
page read and write
|
||
|
135373E0000
|
trusted library allocation
|
page read and write
|
||
|
20C33D40000
|
heap
|
page read and write
|
||
|
26343AA1000
|
trusted library allocation
|
page read and write
|
||
|
B6CACFB000
|
stack
|
page read and write
|
||
|
2480E66E000
|
heap
|
page read and write
|
||
|
2DF28FE000
|
stack
|
page read and write
|
||
|
2480E613000
|
heap
|
page read and write
|
||
|
24B66C02000
|
heap
|
page read and write
|
||
|
168E07E000
|
stack
|
page read and write
|
||
|
219A0051000
|
heap
|
page read and write
|
||
|
2633E502000
|
heap
|
page read and write
|
||
|
7E179FE000
|
stack
|
page read and write
|
||
|
7E17C7F000
|
stack
|
page read and write
|
||
|
24B66B30000
|
heap
|
page read and write
|
||
|
26343AE0000
|
trusted library allocation
|
page read and write
|
||
|
1462DD13000
|
heap
|
page read and write
|
||
|
13539000000
|
trusted library allocation
|
page read and write
|
||
|
13537459000
|
heap
|
page read and write
|
||
|
26344000000
|
heap
|
page read and write
|
||
|
21A9D770000
|
heap
|
page read and write
|
||
|
26343C00000
|
trusted library allocation
|
page read and write
|
||
|
20C33E00000
|
heap
|
page read and write
|
||
|
20C33E7D000
|
heap
|
page read and write
|
||
|
26343C50000
|
remote allocation
|
page read and write
|
||
|
219A0068000
|
heap
|
page read and write
|
||
|
13537280000
|
heap
|
page read and write
|
||
|
7E1787E000
|
stack
|
page read and write
|
||
|
26343C00000
|
trusted library allocation
|
page read and write
|
||
|
7E17D7D000
|
stack
|
page read and write
|
||
|
26343F08000
|
heap
|
page read and write
|
||
|
2633F530000
|
trusted library section
|
page readonly
|
||
|
81D4FFC000
|
stack
|
page read and write
|
||
|
21A9D829000
|
heap
|
page read and write
|
||
|
26343940000
|
trusted library allocation
|
page read and write
|
||
|
20C33D70000
|
trusted library allocation
|
page read and write
|
||
|
168DF7C000
|
stack
|
page read and write
|
||
|
1462DC29000
|
heap
|
page read and write
|
||
|
9576A7E000
|
stack
|
page read and write
|
||
|
13537400000
|
heap
|
page read and write
|
||
|
2480E629000
|
heap
|
page read and write
|
||
|
81D4B7F000
|
stack
|
page read and write
|
||
|
168DAFF000
|
stack
|
page read and write
|
||
|
20C33E6D000
|
heap
|
page read and write
|
||
|
84DE97C000
|
stack
|
page read and write
|
||
|
26343E00000
|
heap
|
page read and write
|
||
|
26343980000
|
trusted library allocation
|
page read and write
|
||
|
B6CA7F8000
|
stack
|
page read and write
|
||
|
B6CAFFF000
|
stack
|
page read and write
|
||
|
B6CAF7A000
|
stack
|
page read and write
|
||
|
219A0802000
|
trusted library allocation
|
page read and write
|
||
|
26343AC0000
|
trusted library allocation
|
page read and write
|
||
|
13537513000
|
heap
|
page read and write
|
||
|
26343990000
|
trusted library allocation
|
page read and write
|
||
|
168DE7E000
|
stack
|
page read and write
|
||
|
7E17AFE000
|
stack
|
page read and write
|
||
|
20C33E45000
|
heap
|
page read and write
|
||
|
1462DC02000
|
heap
|
page read and write
|
||
|
2DF1D5B000
|
stack
|
page read and write
|
||
|
2633F8D1000
|
trusted library allocation
|
page read and write
|
||
|
26343AA8000
|
trusted library allocation
|
page read and write
|
||
|
26343900000
|
trusted library allocation
|
page read and write
|
||
|
20C33E48000
|
heap
|
page read and write
|
||
|
2633F550000
|
trusted library section
|
page readonly
|
||
|
1462DC75000
|
heap
|
page read and write
|
||
|
21A9D858000
|
heap
|
page read and write
|
||
|
13537467000
|
heap
|
page read and write
|
||
|
2DF26FF000
|
stack
|
page read and write
|
||
|
7E17BFD000
|
stack
|
page read and write
|
||
|
168D3BB000
|
stack
|
page read and write
|
||
|
2633E43D000
|
heap
|
page read and write
|
||
|
81D4DFC000
|
stack
|
page read and write
|
||
|
2480E400000
|
heap
|
page read and write
|
||
|
21A9E202000
|
trusted library allocation
|
page read and write
|
||
|
26343E87000
|
heap
|
page read and write
|
||
|
2633E300000
|
heap
|
page read and write
|
||
|
219A0102000
|
heap
|
page read and write
|
||
|
B6CA6FF000
|
stack
|
page read and write
|
||
|
2633ED00000
|
heap
|
page read and write
|
||
|
219A0013000
|
heap
|
page read and write
|
||
|
13538DD0000
|
remote allocation
|
page read and write
|
||
|
B6CADFF000
|
stack
|
page read and write
|
||
|
26343F0E000
|
heap
|
page read and write
|
||
|
219A0002000
|
heap
|
page read and write
|
||
|
219A007F000
|
heap
|
page read and write
|
||
|
2633F900000
|
trusted library allocation
|
page read and write
|
||
|
26343910000
|
trusted library allocation
|
page read and write
|
||
|
21A9D813000
|
heap
|
page read and write
|
||
|
219A0028000
|
heap
|
page read and write
|
||
|
13538DD0000
|
remote allocation
|
page read and write
|
||
|
26343EE2000
|
heap
|
page read and write
|
||
|
2199FFD0000
|
trusted library allocation
|
page read and write
|
||
|
1462DC68000
|
heap
|
page read and write
|
||
|
219A0100000
|
heap
|
page read and write
|
||
|
13538DD0000
|
remote allocation
|
page read and write
|
||
|
2480EE02000
|
heap
|
page read and write
|
||
|
26343C50000
|
remote allocation
|
page read and write
|
||
|
2E573FF000
|
stack
|
page read and write
|
||
|
9576E7E000
|
stack
|
page read and write
|
||
|
24B66C2F000
|
heap
|
page read and write
|
||
|
81D527F000
|
stack
|
page read and write
|
||
|
2633E413000
|
heap
|
page read and write
|
||
|
26343E3F000
|
heap
|
page read and write
|
||
|
B6CB2FA000
|
stack
|
page read and write
|
||
|
26343AD0000
|
trusted library allocation
|
page read and write
|
||
|
2633ED13000
|
heap
|
page read and write
|
||
|
26343AA0000
|
trusted library allocation
|
page read and write
|
||
|
B6CAD7F000
|
stack
|
page read and write
|
||
|
20C33E5D000
|
heap
|
page read and write
|
||
|
1462DD02000
|
heap
|
page read and write
|
||
|
26343AA5000
|
trusted library allocation
|
page read and write
|
||
|
1462E402000
|
trusted library allocation
|
page read and write
|
||
|
2480E6BF000
|
heap
|
page read and write
|
||
|
20C33E84000
|
heap
|
page read and write
|
||
|
2633E47B000
|
heap
|
page read and write
|
||
|
7E174EB000
|
stack
|
page read and write
|
||
|
26343AA0000
|
trusted library allocation
|
page read and write
|
||
|
24B66C3C000
|
heap
|
page read and write
|
||
|
26343AD0000
|
trusted library allocation
|
page read and write
|
||
|
2633E513000
|
heap
|
page read and write
|
||
|
2633EF00000
|
trusted library allocation
|
page read and write
|
||
|
219A003C000
|
heap
|
page read and write
|
||
|
1462DC5C000
|
heap
|
page read and write
|
||
|
1462DB80000
|
trusted library allocation
|
page read and write
|
||
|
219A0000000
|
heap
|
page read and write
|
||
|
2633F540000
|
trusted library section
|
page readonly
|
||
|
B6CB4FE000
|
stack
|
page read and write
|
||
|
2633E473000
|
heap
|
page read and write
|
||
|
B6CB1FF000
|
stack
|
page read and write
|
||
|
2633ED58000
|
heap
|
page read and write
|
||
|
20C33E75000
|
heap
|
page read and write
|
||
|
26343AC4000
|
trusted library allocation
|
page read and write
|
||
|
2E570FB000
|
stack
|
page read and write
|
||
|
9576D7E000
|
stack
|
page read and write
|
||
|
20C33E7B000
|
heap
|
page read and write
|
||
|
26343E12000
|
heap
|
page read and write
|
||
|
21A9D824000
|
heap
|
page read and write
|
||
|
1462DC3F000
|
heap
|
page read and write
|
||
|
2E571FB000
|
stack
|
page read and write
|
||
|
26343BF0000
|
trusted library allocation
|
page read and write
|
||
|
2199FE70000
|
heap
|
page read and write
|
||
|
2633E48F000
|
heap
|
page read and write
|
||
|
1462DC00000
|
heap
|
page read and write
|
||
|
2DF29FE000
|
stack
|
page read and write
|
||
|
13538E02000
|
trusted library allocation
|
page read and write
|
||
|
81D4BFC000
|
stack
|
page read and write
|
||
|
2633EC02000
|
heap
|
page read and write
|
||
|
24B66C29000
|
heap
|
page read and write
|
||
|
2633ED18000
|
heap
|
page read and write
|
||
|
2633E479000
|
heap
|
page read and write
|
||
|
20C33E6B000
|
heap
|
page read and write
|
||
|
B6CA9FB000
|
stack
|
page read and write
|
||
|
2633E2A0000
|
heap
|
page read and write
|
||
|
21A9D802000
|
heap
|
page read and write
|
||
|
20C33E3B000
|
heap
|
page read and write
|
||
|
26343F14000
|
heap
|
page read and write
|
||
|
B6CB5FA000
|
stack
|
page read and write
|
||
|
26343AA4000
|
trusted library allocation
|
page read and write
|
||
|
2633F570000
|
trusted library section
|
page readonly
|
||
|
2DF217A000
|
stack
|
page read and write
|
||
|
21A9D7A0000
|
trusted library allocation
|
page read and write
|
||
|
26343E1E000
|
heap
|
page read and write
|
||
|
21A9D83D000
|
heap
|
page read and write
|
||
|
26343EFA000
|
heap
|
page read and write
|
||
|
20C33F02000
|
heap
|
page read and write
|
||
|
13537518000
|
heap
|
page read and write
|
||
|
20C34802000
|
trusted library allocation
|
page read and write
|
||
|
20C33E66000
|
heap
|
page read and write
|
||
|
1353742A000
|
heap
|
page read and write
|
||
|
2480E640000
|
heap
|
page read and write
|
||
|
26343AC1000
|
trusted library allocation
|
page read and write
|
||
|
2633E496000
|
heap
|
page read and write
|
||
|
24B66C00000
|
heap
|
page read and write
|
||
|
13537270000
|
heap
|
page read and write
|
||
|
20C33E8D000
|
heap
|
page read and write
|
||
|
219A0063000
|
heap
|
page read and write
|
||
|
26343D90000
|
trusted library allocation
|
page read and write
|
||
|
13537500000
|
heap
|
page read and write
|
||
|
20C33E7F000
|
heap
|
page read and write
|
||
|
2633ED18000
|
heap
|
page read and write
|
||
|
24B66D02000
|
heap
|
page read and write
|
||
|
20C33E69000
|
heap
|
page read and write
|
||
|
26343EB5000
|
heap
|
page read and write
|
||
|
24B66C37000
|
heap
|
page read and write
|
||
|
2480E570000
|
trusted library allocation
|
page read and write
|
||
|
81D517D000
|
stack
|
page read and write
|
||
|
2633E457000
|
heap
|
page read and write
|
||
|
B6CAE7E000
|
stack
|
page read and write
|
||
|
81D537C000
|
stack
|
page read and write
|
||
|
2DF25FD000
|
stack
|
page read and write
|
||
|
20C33E7C000
|
heap
|
page read and write
|
||
|
2480E410000
|
heap
|
page read and write
|
||
|
168DD7D000
|
stack
|
page read and write
|
||
|
26343AA3000
|
trusted library allocation
|
page read and write
|
||
|
26343C10000
|
trusted library allocation
|
page read and write
|
||
|
2480E6D0000
|
heap
|
page read and write
|
||
|
24B66C65000
|
heap
|
page read and write
|
||
|
13537413000
|
heap
|
page read and write
|
||
|
26343AAE000
|
trusted library allocation
|
page read and write
|
||
|
24B66C13000
|
heap
|
page read and write
|
||
|
24B66C3E000
|
heap
|
page read and write
|
||
|
20C33E29000
|
heap
|
page read and write
|
||
|
13537480000
|
heap
|
page read and write
|
||
|
26343C50000
|
remote allocation
|
page read and write
|
||
|
2480E6CE000
|
heap
|
page read and write
|
||
|
9576AFE000
|
stack
|
page read and write
|
||
|
24B66C57000
|
heap
|
page read and write
|
||
|
2633EF81000
|
trusted library allocation
|
page read and write
|
||
|
135372E0000
|
heap
|
page read and write
|
||
|
13539040000
|
trusted library allocation
|
page read and write
|
||
|
84DEA7F000
|
stack
|
page read and write
|
||
|
2199FE60000
|
heap
|
page read and write
|
||
|
13537402000
|
heap
|
page read and write
|
||
|
2DF27FF000
|
stack
|
page read and write
|
||
|
1462DA80000
|
heap
|
page read and write
|
||
|
26343F0A000
|
heap
|
page read and write
|
||
|
2633ED02000
|
heap
|
page read and write
|
||
|
2633E4A1000
|
heap
|
page read and write
|
||
|
2633F560000
|
trusted library section
|
page readonly
|
||
|
2E572FB000
|
stack
|
page read and write
|
||
|
168D9FE000
|
stack
|
page read and write
|
||
|
168D8FE000
|
stack
|
page read and write
|
||
|
2633E48B000
|
heap
|
page read and write
|
||
|
2480E68A000
|
heap
|
page read and write
|
||
|
B6CABFE000
|
stack
|
page read and write
|
||
|
21A9D7D0000
|
remote allocation
|
page read and write
|
||
|
20C33E78000
|
heap
|
page read and write
|
||
|
2633EBA0000
|
trusted library allocation
|
page read and write
|
||
|
1462DC13000
|
heap
|
page read and write
|
||
|
1462DC68000
|
heap
|
page read and write
|
||
|
2633ED58000
|
heap
|
page read and write
|
||
|
2480E702000
|
heap
|
page read and write
|
||
|
1353745A000
|
heap
|
page read and write
|
There are 315 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://www.google.com/
|
||
|
https://store.google.com/DE?utm_source=hp_header&utm_medium=google_ooo&utm_campaign=GS100042&hl=de
|
||
|
https://www.google.com/intl/de/gmail/about/#
|
||
|
https://about.google/stories/timelapse-planetary-changes/
|
||
|
https://store.google.com/DE?utm_source=hp_header&utm_medium=google_ooo&utm_campaign=GS100042&hl=de
|