Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2de65193-9323-4bbc-9b33-7595d4a14e85.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\40ab066d-491b-4a5f-bbc4-6f114b988baf.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\54993c21-b51c-4757-9575-b220900a434a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7fa03d5c-c19f-4896-997a-ff2d91f86098.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7fd73cad-aace-48ac-a55b-ba71a4834420.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9ed38ada-65de-4475-a162-ba3e84ff162e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c7f7819-c5b0-466c-96e3-b28e69fca4ac.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4409b1fd-6fe6-4672-9064-de733a9d59c1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\79afce29-70f3-4876-ab85-42e8c2f9f1e9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\321675e0-8103-480a-a7e8-b38cce85d665.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\4e795b3c-3c2c-49a8-80bb-0db96d6ccb7b.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a16e0775-36c0-4d66-a918-07242a85afc1.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\aa00a0e4-e508-4131-badc-5eb0c5a54574.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c472a7b2-762b-4774-8fcd-a76600d09759.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cc421846-2af2-4329-9c10-38c5e1cb7d90.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ce054faf-ddbf-4e09-babb-6ebf8923b7fd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\acaa55c2-023a-448c-9697-2cff0dbc3f79.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f1840a41-4f50-4157-b519-9e53f5c0ecd3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3b576cee-3db8-4e8c-8006-1374266a2684.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3f482a4b-2899-4262-be89-6ad22fc4361c.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6140_1085709407\Recovery.crx3
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6140_1085709407\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6140_1085709407\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6140_1085709407\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6140_158424456\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6140_158424456\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ab3c7410-90c5-4216-a441-a4fd65482e58.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\fbe537f8-f982-4c52-a461-84ce3ba85ad7.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\3f482a4b-2899-4262-be89-6ad22fc4361c.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\3b576cee-3db8-4e8c-8006-1374266a2684.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\et\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\fi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\fr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\hi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\hr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\hu\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\it\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ja\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ko\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\lt\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\lv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\nb\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\pl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\pt_BR\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\pt_PT\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ro\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ru\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\sk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\sl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\sr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\sv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\th\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\tr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\uk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\vi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\zh_CN\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\zh_TW\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 150 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,1720915609517302198,2750695470635868226,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1960 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" "http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
|
|||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jsp
|
 |
||
|
https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.g
|
|
||
|
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
|
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.html
|
|
||
|
https://www.gov.cn/2016public/bottom.htm
|
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.form.js
|
114.246.31.165
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.validate.js
|
114.246.31.165
|
||
|
https://zfwzzc.www.gov.cn/check_web/images/jc/red_asterisk.png
|
114.246.31.165
|
||
|
https://zfwzzc.www.gov.cn/check_web/css/EDM.css
|
114.246.31.165
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css
|
117.184.226.1
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/jcInfoNew.js?v=202002181
|
114.246.31.165
|
||
|
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
|
117.184.226.70
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/img/sublogo.png
|
117.184.226.1
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/head/header.js?1660049840950
|
117.184.226.1
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/flexslider/jquery.flexslider.js
|
114.246.31.165
|
||
|
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/lay/modules/layer.js
|
117.184.226.70
|
||
|
http://117.184.226.70:9022/ac-guide-ext/resources/bootstrap-3.3.5/css/bootstrap.min.css
|
117.184.226.70
|
||
|
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/layui.js
|
117.184.226.70
|
||
|
https://zfwzzc.www.gov.cn/check_web/css/base.css
|
114.246.31.165
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://www.gov.cn/govweb/xhtml/2016gov/images/public/select_jiantou.jpg
|
128.1.77.230
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.select.js
|
114.246.31.165
|
||
|
http://117.184.226.70:9022/ac-guide-ext/fillform/notity/js/vue.min.js
|
117.184.226.70
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/img/location.png
|
117.184.226.1
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049839811
|
117.184.226.1
|
||
|
https://zfwzzc.www.gov.cn/check_web/css/master_cn_v1.0.css
|
114.246.31.165
|
||
|
https://www.google.com
|
unknown
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css
|
117.184.226.1
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.dataTables.js
|
114.246.31.165
|
||
|
https://zwdtuser.sh.gov.cn/uc/usercenter/userinfo.jsp
|
117.184.226.7
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/bootstrap/fonts/glyphicons-halflings-regular.woff2
|
117.184.226.1
|
||
|
https://www.gov.cn/govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1534.png
|
128.1.77.230
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/slider.js
|
114.246.31.165
|
||
|
http://117.184.226.70:9022/ac-guide-ext/fillform/common/js/jquery-1.11.0.min.js
|
117.184.226.70
|
||
|
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/ico2.png
|
117.184.226.43
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/placeholder.js
|
114.246.31.165
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/foot-ga.png
|
117.184.226.43
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/util.js
|
114.246.31.165
|
||
|
http://117.184.226.70:9022/favicon.ico
|
117.184.226.70
|
||
|
https://www.gov.cn/govweb/xhtml/2016gov/images/index/2018guohui03.png
|
128.1.77.230
|
||
|
https://zfwzzc.www.gov.cn/check_web/css/xinxikf.css
|
114.246.31.165
|
||
|
https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.css
|
114.246.31.165
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://zfwzzc.www.gov.cn/check_web/kaptcha.jpg?1660049875267
|
114.246.31.165
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/kindeditor/themes/default/default.css
|
114.246.31.165
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jsp
|
117.184.226.1
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/jquery-1.7.2.min.js
|
117.184.226.1
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
172.217.168.14
|
||
|
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/css/modules/layer/default/layer.css?v=3.1.1
|
117.184.226.70
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/css/layui.css
|
117.184.226.70
|
||
|
https://www.gov.cn/2016public/bottom.htm
|
128.1.77.230
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/bootstrap/css/bootstrap.min.css
|
117.184.226.1
|
||
|
https://zfwzzc.www.gov.cn/check_web/images/right_doub.png
|
114.246.31.165
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/plugin/fontawesome/css/font-awesome.min.css
|
117.184.226.1
|
||
|
http://117.184.226.70:9022/ac-guide-ext/resources/bootstrap-3.3.5/js/bootstrap.min.js
|
117.184.226.70
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://zfwzzc.www.gov.cn/check_web/images/jiuc_header.jpg
|
114.246.31.165
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049840950
|
117.184.226.1
|
||
|
https://zfwzzc.www.gov.cn/check_web/images/jc/jiuc_img8.jpg
|
114.246.31.165
|
||
|
https://zfwzzc.www.gov.cn/check_web/images/magnify-icon.png
|
114.246.31.165
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/jquery-1.7.2.min.js
|
117.184.226.1
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/jquery.tips.js
|
114.246.31.165
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://www.gov.cn/govweb/xhtml/2016gov/css/base.css
|
128.1.77.230
|
||
|
https://www.gov.cn/govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1434.png
|
128.1.77.230
|
||
|
https://play.google.com
|
unknown
|
||
|
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/initQA.do
|
117.184.226.70
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/img/sublogo.png
|
117.184.226.1
|
||
|
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/foot-icp.png
|
117.184.226.43
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.html
|
117.184.226.1
|
||
|
https://zwdt.sh.gov.cn/govPortals/common/css/common_new.css
|
117.184.226.1
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery-1.10.2.js
|
114.246.31.165
|
||
|
https://hm.baidu.com/hm.js?3a125f686abed6dc0209db1fb2efac2b
|
103.235.46.191
|
||
|
http://zwdt.sh.gov.cn/govPortals/common/css/common_new.css
|
117.184.226.1
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/head/header.js?1660049839811
|
117.184.226.1
|
||
|
https://zfwzzc.www.gov.cn/check_web/js/flexslider/flexslider.css
|
114.246.31.165
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
|
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/ico3.png
|
117.184.226.43
|
||
|
https://github.com/easylist)
|
unknown
|
||
|
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=1131
|
unknown
|
||
|
https://creativecommons.org/.
|
unknown
|
||
|
https://zfwzzc.www.gov.cn/check_web/images/jc/bgt.png
|
114.246.31.165
|
||
|
https://zfwzzc.www.gov.cn/check_web/errorInfo_querySearch.action?sEcho=1&iColumns=7&sColumns=%2C%2C%2C%2C%2C%2C&iDisplayStart=0&iDisplayLength=10&mDataProp_0=dataNumber&sSearch_0=&bRegex_0=false&bSearchable_0=true&bSortable_0=false&mDataProp_1=sitecode&sSearch_1=&bRegex_1=false&bSearchable_1=true&bSortable_1=false&mDataProp_2=wzmc&sSearch_2=&bRegex_2=false&bSearchable_2=true&bSortable_2=false&mDataProp_3=problem_id&sSearch_3=&bRegex_3=false&bSearchable_3=true&bSortable_3=false&mDataProp_4=bgdate&sSearch_4=&bRegex_4=false&bSearchable_4=true&bSortable_4=false&mDataProp_5=blzt&sSearch_5=&bRegex_5=false&bSearchable_5=true&bSortable_5=false&mDataProp_6=chakan&sSearch_6=&bRegex_6=false&bSearchable_6=true&bSortable_6=false&sSearch=&bRegex=false&iSortCol_0=0&sSortDir_0=asc&iSortingCols=1&status=0%2C1%2C5%2C6%2C7%2C8%2C9%2C16%2C17%2C18&sitecodebg=&problemIdbg=&tt=Tue+Aug+09+2022+14%3A57%3A55+GMT%2B0200+(Central+European+Summer+Time)&size=10&pos=1&pageNo=1&_t=1660049875337
|
114.246.31.165
|
||
|
https://zfwzzc.www.gov.cn/check_web/map/js/echarts.js
|
114.246.31.165
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://zfwzgl.www.gov.cn/favicon.ico
|
36.112.20.164
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/data/dept.json
|
117.184.226.1
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/common/js/version.js?time=0.4290670805374541
|
117.184.226.1
|
||
|
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/ico1.png
|
117.184.226.43
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/head/header.js?1660049838314
|
117.184.226.1
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.gov.cn
|
unknown
|
|
|
|
beian.miit.gov.cn
|
unknown
|
|
|
|
lxm.qrcode.sh.gov.cn
|
117.184.226.43
|
||
|
accounts.google.com
|
142.250.203.109
|
||
|
zwdtuser.sh.gov.cn
|
117.184.226.7
|
||
|
bszs.conac.cn
|
219.141.240.178
|
||
|
zfwzzc.www.gov.cn
|
114.246.31.165
|
||
|
zfwzgl.www.gov.cn
|
36.112.20.164
|
||
|
hm.e.shifen.com
|
103.235.46.191
|
||
|
23a72c571eab6919.cdn.jiashule.com
|
119.39.205.85
|
||
|
dcs.conac.cn
|
219.141.240.182
|
||
|
zgovweb.v.bsgslb.cn
|
128.1.77.230
|
||
|
www.beian.gov.cn
|
219.142.142.150
|
||
|
3z4qr0nn.slt-dk.sched.tdnsv8.com
|
61.54.91.250
|
||
|
clients.l.google.com
|
172.217.168.14
|
||
|
zwdt.sh.gov.cn
|
117.184.226.1
|
||
|
clients2.google.com
|
unknown
|
||
|
www.12377.cn
|
unknown
|
||
|
hm.baidu.com
|
unknown
|
There are 9 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
128.1.77.230
|
zgovweb.v.bsgslb.cn
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
219.141.240.182
|
dcs.conac.cn
|
China
|
||
|
219.141.240.178
|
bszs.conac.cn
|
China
|
||
|
117.184.226.70
|
unknown
|
China
|
||
|
114.251.191.206
|
unknown
|
China
|
||
|
172.217.168.14
|
clients.l.google.com
|
United States
|
||
|
103.235.46.191
|
hm.e.shifen.com
|
Hong Kong
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
114.246.31.165
|
zfwzzc.www.gov.cn
|
China
|
||
|
117.184.226.43
|
lxm.qrcode.sh.gov.cn
|
China
|
||
|
117.184.226.7
|
zwdtuser.sh.gov.cn
|
China
|
||
|
114.251.191.210
|
unknown
|
China
|
||
|
117.184.226.1
|
zwdt.sh.gov.cn
|
China
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
36.112.20.164
|
zfwzgl.www.gov.cn
|
China
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
There are 7 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
There are 39 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8300D0E000
|
stack
|
page read and write
|
||
|
8300D8E000
|
stack
|
page read and write
|
||
|
1481C0EA000
|
heap
|
page read and write
|
||
|
27AA5E7E000
|
heap
|
page read and write
|
||
|
1481C0F1000
|
heap
|
page read and write
|
||
|
13EACE7B000
|
heap
|
page read and write
|
||
|
208A77E000
|
stack
|
page read and write
|
||
|
CCBC07F000
|
stack
|
page read and write
|
||
|
48EEF7F000
|
stack
|
page read and write
|
||
|
187B5C3A000
|
heap
|
page read and write
|
||
|
22E83087000
|
heap
|
page read and write
|
||
|
CCBB97F000
|
stack
|
page read and write
|
||
|
27AA5C30000
|
heap
|
page read and write
|
||
|
187B5C25000
|
heap
|
page read and write
|
||
|
22E83013000
|
heap
|
page read and write
|
||
|
18436FF000
|
stack
|
page read and write
|
||
|
14816600000
|
heap
|
page read and write
|
||
|
27AA5DC0000
|
trusted library allocation
|
page read and write
|
||
|
208AD7C000
|
stack
|
page read and write
|
||
|
14817201000
|
trusted library allocation
|
page read and write
|
||
|
1481C0FC000
|
heap
|
page read and write
|
||
|
27AA5DF0000
|
remote allocation
|
page read and write
|
||
|
27AA5E8A000
|
heap
|
page read and write
|
||
|
18D2A6C0000
|
heap
|
page read and write
|
||
|
1481BED0000
|
remote allocation
|
page read and write
|
||
|
13EACE58000
|
heap
|
page read and write
|
||
|
187B6602000
|
trusted library allocation
|
page read and write
|
||
|
18D2A813000
|
heap
|
page read and write
|
||
|
18434FE000
|
stack
|
page read and write
|
||
|
1481C01C000
|
heap
|
page read and write
|
||
|
13EACE3A000
|
heap
|
page read and write
|
||
|
18D2A650000
|
heap
|
page read and write
|
||
|
28989FE000
|
stack
|
page read and write
|
||
|
14816726000
|
heap
|
page read and write
|
||
|
1E2B07C0000
|
heap
|
page read and write
|
||
|
14816560000
|
heap
|
page read and write
|
||
|
18435FF000
|
stack
|
page read and write
|
||
|
1B67E002000
|
heap
|
page read and write
|
||
|
27AA77A0000
|
trusted library allocation
|
page read and write
|
||
|
1E2B0A9D000
|
heap
|
page read and write
|
||
|
187B5BD0000
|
heap
|
page read and write
|
||
|
13EACCB0000
|
heap
|
page read and write
|
||
|
1481BD70000
|
trusted library allocation
|
page read and write
|
||
|
48EECFF000
|
stack
|
page read and write
|
||
|
1AAED602000
|
heap
|
page read and write
|
||
|
830187D000
|
stack
|
page read and write
|
||
|
1FEA179000
|
stack
|
page read and write
|
||
|
1E2B0B13000
|
heap
|
page read and write
|
||
|
1481666F000
|
heap
|
page read and write
|
||
|
187B5C00000
|
heap
|
page read and write
|
||
|
1B67E100000
|
heap
|
page read and write
|
||
|
1481C02A000
|
heap
|
page read and write
|
||
|
27AA5E68000
|
heap
|
page read and write
|
||
|
289857E000
|
stack
|
page read and write
|
||
|
1842A8B000
|
stack
|
page read and write
|
||
|
27AA5E49000
|
heap
|
page read and write
|
||
|
14816570000
|
heap
|
page read and write
|
||
|
13EACE46000
|
heap
|
page read and write
|
||
|
1481BC10000
|
trusted library allocation
|
page read and write
|
||
|
13EAD5C0000
|
trusted library allocation
|
page read and write
|
||
|
1E2B0820000
|
heap
|
page read and write
|
||
|
18D2A7C0000
|
trusted library allocation
|
page read and write
|
||
|
187B5C3C000
|
heap
|
page read and write
|
||
|
27AA5E2A000
|
heap
|
page read and write
|
||
|
208AE7E000
|
stack
|
page read and write
|
||
|
1481C118000
|
heap
|
page read and write
|
||
|
1481BD7A000
|
trusted library allocation
|
page read and write
|
||
|
14817159000
|
heap
|
page read and write
|
||
|
1E2B0920000
|
trusted library allocation
|
page read and write
|
||
|
13EACE48000
|
heap
|
page read and write
|
||
|
1E2B0A88000
|
heap
|
page read and write
|
||
|
5A4BEBB000
|
stack
|
page read and write
|
||
|
1481C113000
|
heap
|
page read and write
|
||
|
1481C102000
|
heap
|
page read and write
|
||
|
830127F000
|
stack
|
page read and write
|
||
|
5A4C3FB000
|
stack
|
page read and write
|
||
|
22E830BB000
|
heap
|
page read and write
|
||
|
1481C250000
|
trusted library allocation
|
page read and write
|
||
|
1B67E102000
|
heap
|
page read and write
|
||
|
22E82F80000
|
heap
|
page read and write
|
||
|
187B5C13000
|
heap
|
page read and write
|
||
|
1AAED678000
|
heap
|
page read and write
|
||
|
13EACF02000
|
heap
|
page read and write
|
||
|
1481C113000
|
heap
|
page read and write
|
||
|
18431FF000
|
stack
|
page read and write
|
||
|
187B6470000
|
trusted library allocation
|
page read and write
|
||
|
1E2B0B02000
|
heap
|
page read and write
|
||
|
14816658000
|
heap
|
page read and write
|
||
|
18D2A802000
|
heap
|
page read and write
|
||
|
14817118000
|
heap
|
page read and write
|
||
|
7AAE077000
|
stack
|
page read and write
|
||
|
1B67DE20000
|
heap
|
page read and write
|
||
|
27AA5C40000
|
heap
|
page read and write
|
||
|
187B5B80000
|
heap
|
page read and write
|
||
|
13EACE5E000
|
heap
|
page read and write
|
||
|
1842FFF000
|
stack
|
page read and write
|
||
|
1E2B0A6F000
|
heap
|
page read and write
|
||
|
14817113000
|
heap
|
page read and write
|
||
|
CCBBE7B000
|
stack
|
page read and write
|
||
|
14817118000
|
heap
|
page read and write
|
||
|
22E830C9000
|
heap
|
page read and write
|
||
|
13EACE69000
|
heap
|
page read and write
|
||
|
1E2B0B08000
|
heap
|
page read and write
|
||
|
1FE9EFF000
|
stack
|
page read and write
|
||
|
1481BDA0000
|
trusted library allocation
|
page read and write
|
||
|
1FE9F7F000
|
stack
|
page read and write
|
||
|
22E83B00000
|
heap
|
page read and write
|
||
|
208A27B000
|
stack
|
page read and write
|
||
|
14817281000
|
trusted library allocation
|
page read and write
|
||
|
14816E70000
|
trusted library allocation
|
page read and write
|
||
|
208A97E000
|
stack
|
page read and write
|
||
|
1B67DE10000
|
heap
|
page read and write
|
||
|
13EAD602000
|
trusted library allocation
|
page read and write
|
||
|
1481C063000
|
heap
|
page read and write
|
||
|
14817118000
|
heap
|
page read and write
|
||
|
48EE9FF000
|
stack
|
page read and write
|
||
|
1481BDB0000
|
trusted library allocation
|
page read and write
|
||
|
13EACE40000
|
heap
|
page read and write
|
||
|
208A67A000
|
stack
|
page read and write
|
||
|
22E830E1000
|
heap
|
page read and write
|
||
|
1481668B000
|
heap
|
page read and write
|
||
|
1AAED65C000
|
heap
|
page read and write
|
||
|
14816674000
|
heap
|
page read and write
|
||
|
22E83A02000
|
heap
|
page read and write
|
||
|
1481C00F000
|
heap
|
page read and write
|
||
|
289847B000
|
stack
|
page read and write
|
||
|
14816FE1000
|
trusted library allocation
|
page read and write
|
||
|
14816F80000
|
trusted library section
|
page read and write
|
||
|
1481C200000
|
trusted library allocation
|
page read and write
|
||
|
187B5D02000
|
heap
|
page read and write
|
||
|
1AAED613000
|
heap
|
page read and write
|
||
|
1481C100000
|
heap
|
page read and write
|
||
|
1481C000000
|
heap
|
page read and write
|
||
|
14817100000
|
heap
|
page read and write
|
||
|
1B67E000000
|
heap
|
page read and write
|
||
|
1481BED0000
|
trusted library allocation
|
page read and write
|
||
|
18D2A7F0000
|
remote allocation
|
page read and write
|
||
|
22E83029000
|
heap
|
page read and write
|
||
|
1481BE80000
|
trusted library allocation
|
page read and write
|
||
|
830157C000
|
stack
|
page read and write
|
||
|
148178A0000
|
trusted library section
|
page readonly
|
||
|
22E83000000
|
heap
|
page read and write
|
||
|
830177F000
|
stack
|
page read and write
|
||
|
1FEA07C000
|
stack
|
page read and write
|
||
|
7AAD9BB000
|
stack
|
page read and write
|
||
|
CCBC27E000
|
stack
|
page read and write
|
||
|
14816692000
|
heap
|
page read and write
|
||
|
13EACE60000
|
heap
|
page read and write
|
||
|
18433FD000
|
stack
|
page read and write
|
||
|
1AAED629000
|
heap
|
page read and write
|
||
|
14817BF0000
|
trusted library allocation
|
page read and write
|
||
|
28987FE000
|
stack
|
page read and write
|
||
|
13EACE6B000
|
heap
|
page read and write
|
||
|
18D2A840000
|
heap
|
page read and write
|
||
|
1AAED668000
|
heap
|
page read and write
|
||
|
1E2B1202000
|
trusted library allocation
|
page read and write
|
||
|
13EACE64000
|
heap
|
page read and write
|
||
|
1481BC50000
|
trusted library allocation
|
page read and write
|
||
|
22E83B12000
|
heap
|
page read and write
|
||
|
13EACD20000
|
heap
|
page read and write
|
||
|
1AAEDE02000
|
trusted library allocation
|
page read and write
|
||
|
27AA7A00000
|
trusted library allocation
|
page read and write
|
||
|
1481719B000
|
heap
|
page read and write
|
||
|
1481663D000
|
heap
|
page read and write
|
||
|
14817670000
|
trusted library allocation
|
page read and write
|
||
|
1481C0F6000
|
heap
|
page read and write
|
||
|
1B67E028000
|
heap
|
page read and write
|
||
|
1481C112000
|
heap
|
page read and write
|
||
|
1481C102000
|
heap
|
page read and write
|
||
|
18D2A7F0000
|
remote allocation
|
page read and write
|
||
|
1481C0F6000
|
heap
|
page read and write
|
||
|
22E82F70000
|
heap
|
page read and write
|
||
|
208AC7A000
|
stack
|
page read and write
|
||
|
14817890000
|
trusted library section
|
page readonly
|
||
|
22E8306E000
|
heap
|
page read and write
|
||
|
14817850000
|
trusted library section
|
page readonly
|
||
|
1B67E068000
|
heap
|
page read and write
|
||
|
1481BDB0000
|
trusted library allocation
|
page read and write
|
||
|
1481BD94000
|
trusted library allocation
|
page read and write
|
||
|
48EEC7D000
|
stack
|
page read and write
|
||
|
1FEA27F000
|
stack
|
page read and write
|
||
|
22E83068000
|
heap
|
page read and write
|
||
|
27AA5DA0000
|
trusted library allocation
|
page read and write
|
||
|
1B67E113000
|
heap
|
page read and write
|
||
|
CCBC17C000
|
stack
|
page read and write
|
||
|
1E2B0A55000
|
heap
|
page read and write
|
||
|
1481BD90000
|
trusted library allocation
|
page read and write
|
||
|
1481C102000
|
heap
|
page read and write
|
||
|
1B67E058000
|
heap
|
page read and write
|
||
|
1481C0B0000
|
heap
|
page read and write
|
||
|
28988FE000
|
stack
|
page read and write
|
||
|
27AA5F02000
|
heap
|
page read and write
|
||
|
148166FD000
|
heap
|
page read and write
|
||
|
208A477000
|
stack
|
page read and write
|
||
|
1AAED713000
|
heap
|
page read and write
|
||
|
1AAED626000
|
heap
|
page read and write
|
||
|
27AA5E00000
|
heap
|
page read and write
|
||
|
22E83102000
|
heap
|
page read and write
|
||
|
13EACE84000
|
heap
|
page read and write
|
||
|
27AA5E49000
|
heap
|
page read and write
|
||
|
22E83042000
|
heap
|
page read and write
|
||
|
14817500000
|
trusted library allocation
|
page read and write
|
||
|
13EACE61000
|
heap
|
page read and write
|
||
|
14817015000
|
heap
|
page read and write
|
||
|
7AAE17F000
|
stack
|
page read and write
|
||
|
27AA5DF0000
|
remote allocation
|
page read and write
|
||
|
1E2B0A4F000
|
heap
|
page read and write
|
||
|
208A8FE000
|
stack
|
page read and write
|
||
|
187B5C46000
|
heap
|
page read and write
|
||
|
1481C106000
|
heap
|
page read and write
|
||
|
22E83880000
|
trusted library allocation
|
page read and write
|
||
|
1481C03C000
|
heap
|
page read and write
|
||
|
1AAED702000
|
heap
|
page read and write
|
||
|
208A37E000
|
stack
|
page read and write
|
||
|
1481BDB4000
|
trusted library allocation
|
page read and write
|
||
|
48EE50B000
|
stack
|
page read and write
|
||
|
13EACE97000
|
heap
|
page read and write
|
||
|
14817118000
|
heap
|
page read and write
|
||
|
208AA7F000
|
stack
|
page read and write
|
||
|
CCBB87E000
|
stack
|
page read and write
|
||
|
13EACE59000
|
heap
|
page read and write
|
||
|
CCBBBFC000
|
stack
|
page read and write
|
||
|
7AADF7E000
|
stack
|
page read and write
|
||
|
27AA5F00000
|
heap
|
page read and write
|
||
|
27AA5E40000
|
heap
|
page read and write
|
||
|
1481C0B0000
|
heap
|
page read and write
|
||
|
13EACE5C000
|
heap
|
page read and write
|
||
|
13EACE3D000
|
heap
|
page read and write
|
||
|
27AA5E59000
|
heap
|
page read and write
|
||
|
1AAED450000
|
heap
|
page read and write
|
||
|
18D2A902000
|
heap
|
page read and write
|
||
|
14817159000
|
heap
|
page read and write
|
||
|
1481C103000
|
heap
|
page read and write
|
||
|
14817002000
|
heap
|
page read and write
|
||
|
13EACE41000
|
heap
|
page read and write
|
||
|
1481BD91000
|
trusted library allocation
|
page read and write
|
||
|
187B5C02000
|
heap
|
page read and write
|
||
|
1481BD7E000
|
trusted library allocation
|
page read and write
|
||
|
1AAED4C0000
|
heap
|
page read and write
|
||
|
1FEA37E000
|
stack
|
page read and write
|
||
|
1481669D000
|
heap
|
page read and write
|
||
|
5A4C4FF000
|
stack
|
page read and write
|
||
|
1B67DF80000
|
trusted library allocation
|
page read and write
|
||
|
1E2B0A00000
|
heap
|
page read and write
|
||
|
1481C056000
|
heap
|
page read and write
|
||
|
1481C0F8000
|
heap
|
page read and write
|
||
|
18430FC000
|
stack
|
page read and write
|
||
|
13EACE77000
|
heap
|
page read and write
|
||
|
1B67E802000
|
trusted library allocation
|
page read and write
|
||
|
148166AD000
|
heap
|
page read and write
|
||
|
18D2B002000
|
trusted library allocation
|
page read and write
|
||
|
7AAE37F000
|
stack
|
page read and write
|
||
|
1E2B0A7F000
|
heap
|
page read and write
|
||
|
18D2A7F0000
|
remote allocation
|
page read and write
|
||
|
208A57A000
|
stack
|
page read and write
|
||
|
14816613000
|
heap
|
page read and write
|
||
|
28984FE000
|
stack
|
page read and write
|
||
|
14817660000
|
trusted library allocation
|
page read and write
|
||
|
5A4C6FB000
|
stack
|
page read and write
|
||
|
13EACE29000
|
heap
|
page read and write
|
||
|
22E83066000
|
heap
|
page read and write
|
||
|
CCBB8FD000
|
stack
|
page read and write
|
||
|
13EACE44000
|
heap
|
page read and write
|
||
|
1842EFA000
|
stack
|
page read and write
|
||
|
27AA7802000
|
trusted library allocation
|
page read and write
|
||
|
7AAE27D000
|
stack
|
page read and write
|
||
|
1842B0D000
|
stack
|
page read and write
|
||
|
1AAED5C0000
|
trusted library allocation
|
page read and write
|
||
|
1B67E079000
|
heap
|
page read and write
|
||
|
22E82FE0000
|
heap
|
page read and write
|
||
|
28986FE000
|
stack
|
page read and write
|
||
|
187B5C52000
|
heap
|
page read and write
|
||
|
1481719B000
|
heap
|
page read and write
|
||
|
1481C113000
|
heap
|
page read and write
|
||
|
187B5C4B000
|
heap
|
page read and write
|
||
|
187B5C38000
|
heap
|
page read and write
|
||
|
1481BD70000
|
trusted library allocation
|
page read and write
|
||
|
CCBB5DB000
|
stack
|
page read and write
|
||
|
1481BEB0000
|
trusted library allocation
|
page read and write
|
||
|
1481BD71000
|
trusted library allocation
|
page read and write
|
||
|
14816702000
|
heap
|
page read and write
|
||
|
13EACE00000
|
heap
|
page read and write
|
||
|
208AB7F000
|
stack
|
page read and write
|
||
|
13EACCC0000
|
heap
|
page read and write
|
||
|
13EACE45000
|
heap
|
page read and write
|
||
|
18D2A85C000
|
heap
|
page read and write
|
||
|
CCBBF7C000
|
stack
|
page read and write
|
||
|
1AAED460000
|
heap
|
page read and write
|
||
|
13EACE57000
|
heap
|
page read and write
|
||
|
8300C8C000
|
stack
|
page read and write
|
||
|
14817680000
|
trusted library allocation
|
page read and write
|
||
|
1E2B0A29000
|
heap
|
page read and write
|
||
|
13EACE7E000
|
heap
|
page read and write
|
||
|
187B5C29000
|
heap
|
page read and write
|
||
|
1481BC60000
|
trusted library allocation
|
page read and write
|
||
|
1481BD77000
|
trusted library allocation
|
page read and write
|
||
|
1481719A000
|
heap
|
page read and write
|
||
|
1481BEA0000
|
trusted library allocation
|
page read and write
|
||
|
1481BC13000
|
trusted library allocation
|
page read and write
|
||
|
14817860000
|
trusted library section
|
page readonly
|
||
|
27AA5F18000
|
heap
|
page read and write
|
||
|
13EACE6D000
|
heap
|
page read and write
|
||
|
13EACE5F000
|
heap
|
page read and write
|
||
|
14817880000
|
trusted library section
|
page readonly
|
||
|
14816676000
|
heap
|
page read and write
|
||
|
CCBB9FC000
|
stack
|
page read and write
|
||
|
1AAED600000
|
heap
|
page read and write
|
||
|
1481BED0000
|
remote allocation
|
page read and write
|
||
|
22E830CC000
|
heap
|
page read and write
|
||
|
5A4C5FF000
|
stack
|
page read and write
|
||
|
22E83B39000
|
heap
|
page read and write
|
||
|
1AAED63D000
|
heap
|
page read and write
|
||
|
1481BD75000
|
trusted library allocation
|
page read and write
|
||
|
14817770000
|
trusted library allocation
|
page read and write
|
||
|
27AA5DF0000
|
remote allocation
|
page read and write
|
||
|
1481C049000
|
heap
|
page read and write
|
||
|
18432FF000
|
stack
|
page read and write
|
||
|
14816679000
|
heap
|
page read and write
|
||
|
1842B8D000
|
stack
|
page read and write
|
||
|
18437FF000
|
stack
|
page read and write
|
||
|
1B67E013000
|
heap
|
page read and write
|
||
|
7AADC7E000
|
stack
|
page read and write
|
||
|
1481C0E5000
|
heap
|
page read and write
|
||
|
13EACE63000
|
heap
|
page read and write
|
||
|
27AA5CA0000
|
heap
|
page read and write
|
||
|
14816629000
|
heap
|
page read and write
|
||
|
1481BDA0000
|
trusted library allocation
|
page read and write
|
||
|
14817118000
|
heap
|
page read and write
|
||
|
1E2B07B0000
|
heap
|
page read and write
|
||
|
1481C102000
|
heap
|
page read and write
|
||
|
1481C0DE000
|
heap
|
page read and write
|
||
|
1E2B0A62000
|
heap
|
page read and write
|
||
|
27AA5E13000
|
heap
|
page read and write
|
||
|
14817870000
|
trusted library section
|
page readonly
|
||
|
1E2B0B00000
|
heap
|
page read and write
|
||
|
13EACE42000
|
heap
|
page read and write
|
||
|
1B67E03C000
|
heap
|
page read and write
|
||
|
27AA5E59000
|
heap
|
page read and write
|
||
|
22E83113000
|
heap
|
page read and write
|
||
|
1481C0A4000
|
heap
|
page read and write
|
||
|
7AADEFB000
|
stack
|
page read and write
|
||
|
1E2B0A13000
|
heap
|
page read and write
|
||
|
13EACE67000
|
heap
|
page read and write
|
||
|
48EEB7E000
|
stack
|
page read and write
|
||
|
18438FF000
|
stack
|
page read and write
|
||
|
1AAED672000
|
heap
|
page read and write
|
||
|
830137E000
|
stack
|
page read and write
|
||
|
48EEA7E000
|
stack
|
page read and write
|
||
|
CCBBDFE000
|
stack
|
page read and write
|
||
|
18D2A829000
|
heap
|
page read and write
|
||
|
1B67DE80000
|
heap
|
page read and write
|
||
|
830147F000
|
stack
|
page read and write
|
||
|
18D2A660000
|
heap
|
page read and write
|
||
|
830167C000
|
stack
|
page read and write
|
||
|
1481C0F4000
|
heap
|
page read and write
|
||
|
1481D000000
|
heap
|
page read and write
|
||
|
48EEEFF000
|
stack
|
page read and write
|
||
|
48EE58E000
|
stack
|
page read and write
|
||
|
48EEDFD000
|
stack
|
page read and write
|
||
|
1481BEC0000
|
trusted library allocation
|
page read and write
|
||
|
1481BE40000
|
trusted library allocation
|
page read and write
|
||
|
208AAFF000
|
stack
|
page read and write
|
||
|
13EACE62000
|
heap
|
page read and write
|
||
|
27AA5E48000
|
heap
|
page read and write
|
||
|
13EACE7A000
|
heap
|
page read and write
|
||
|
187B5C2F000
|
heap
|
page read and write
|
||
|
187B5C43000
|
heap
|
page read and write
|
||
|
830117D000
|
stack
|
page read and write
|
||
|
1481BED0000
|
remote allocation
|
page read and write
|
||
|
13EACE4E000
|
heap
|
page read and write
|
||
|
13EACE31000
|
heap
|
page read and write
|
||
|
13EACE13000
|
heap
|
page read and write
|
||
|
1B67E063000
|
heap
|
page read and write
|
||
|
27AA5F13000
|
heap
|
page read and write
|
||
|
7AADCFE000
|
stack
|
page read and write
|
||
|
1481BBF0000
|
trusted library allocation
|
page read and write
|
||
|
187B5B70000
|
heap
|
page read and write
|
||
|
14817000000
|
heap
|
page read and write
|
||
|
1FE9E7B000
|
stack
|
page read and write
|
||
|
1E2B0A62000
|
heap
|
page read and write
|
||
|
CCBBCFE000
|
stack
|
page read and write
|
||
|
13EACE5A000
|
heap
|
page read and write
|
||
|
1481C0A2000
|
heap
|
page read and write
|
||
|
1481BEC0000
|
trusted library allocation
|
page read and write
|
||
|
208A2FE000
|
stack
|
page read and write
|
||
|
148165D0000
|
heap
|
page read and write
|
||
|
48EE87E000
|
stack
|
page read and write
|
||
|
14817663000
|
trusted library allocation
|
page read and write
|
||
|
18D2A800000
|
heap
|
page read and write
|
||
|
208A9FE000
|
stack
|
page read and write
|
||
|
1481BD78000
|
trusted library allocation
|
page read and write
|
||
|
208AF7D000
|
stack
|
page read and write
|
||
|
208A87B000
|
stack
|
page read and write
|
||
|
1E2B0A3C000
|
heap
|
page read and write
|
||
|
27AA5E58000
|
heap
|
page read and write
|
||
|
1481C0F6000
|
heap
|
page read and write
|
||
|
14816713000
|
heap
|
page read and write
|
||
|
1481BE90000
|
trusted library allocation
|
page read and write
|
There are 388 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
|
||
|
http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.html
|
||
|
https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jsp
|
||
|
https://zfwzgl.www.gov.cn/exposure/jiucuo.html?site_code=3100000044&url=https%3A%2F%2Fwww.shanghai.g
|
||
|
https://www.gov.cn/2016public/bottom.htm
|
||
|
https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.g
|
||
|
https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.g
|