Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0f79bc6b-7e3b-49f6-98a7-b3ce8ff15eb0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\667b3dc1-101b-4bda-9b4c-0f50a2b5580e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6dd3b84d-d457-4f4b-9d79-fe4291f85600.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\70d63fda-fab7-4191-bad1-942c90786c29.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8dfd8790-35fa-4838-b8a6-7d2e5548a5b4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\04e78ca2-c531-4f71-a2c1-4ff5428ac00e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2161041b-8d84-4fb7-9370-082b225f7393.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\22462c64-0211-47cb-9349-e20b466a435c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\321de2f9-c349-451a-87f2-bfd9aa3e8003.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\45523841-d29b-49d5-905e-ddd38af61720.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\59b06cc5-4b05-4c7b-a1e3-9987925734da.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7f48e7c1-a911-4a19-acd0-bed3724d0c95.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8353cdfc-d439-4863-8919-8d6534482963.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\97fcfab9-ce02-40e9-93d0-564389072a3e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\1c12fafa-be49-4eff-be2c-75170fe6a376.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b2b19eb1-0967-47eb-8c6b-e04d4886b75f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b713ae6a-4531-40e9-8dd9-6aa7ab7271fd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d624ca9d-2136-4aa3-9c4a-9c16ac03ad2f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d9a2d138-4493-4ed1-aaf8-a183ed2aa88e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e8159887-1a37-4df9-a1cf-da51a10e8b2f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f54374fc-ce52-4c32-acbc-6b30656c0fdf.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d3539ee2-3af1-40a6-93a4-9c3fdedc2d68.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ea40d692-c168-4a19-a796-e8365da67daa.tmp
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\3cf44c54-d950-4ef6-a76e-233582cb2101.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4036b169-0f2e-4b50-8540-83d1b845fbb6.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6dc5248e-4cd7-467d-b15c-ca2c1ee1b24e.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\c714b332-16c4-4461-afe7-0aaf3776109a.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\3cf44c54-d950-4ef6-a76e-233582cb2101.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1174622557\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\6dc5248e-4cd7-467d-b15c-ca2c1ee1b24e.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\bg\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\ca\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\cs\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\da\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\de\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\el\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\es\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\es_419\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\et\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\fi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\fr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\hi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\_locales\hr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6036_1629604982\CRX_INSTALL\manifest.json
|
ASCII text
|
dropped
|
There are 110 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,17416894625862386819,122532231962354207,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" "https://form.jotform.me/92812002476452
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1544,17416894625862386819,122532231962354207,131072
--lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=3356 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService
--field-trial-handle=1544,17416894625862386819,122532231962354207,131072 --lang=en-US --service-sandbox-type=video_capture
--enable-audio-service-sandbox --mojo-platform-channel-handle=3388 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://form.jotform.me/92812002476452
|
|||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://stats.g.doubleclick.net
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
172.217.168.14
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.203.109
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://lh3.googleusercontent.com
|
unknown
|
||
|
https://cdn03.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?
|
104.26.6.134
|
||
|
https://googleads.g.doubleclick.net
|
unknown
|
||
|
https://accounts.youtube.com
|
unknown
|
||
|
https://cdn02.jotfor.ms/css/styles/nova.css?3.3.34848
|
104.26.6.134
|
||
|
https://form.jotform.me/928120024764522/Registration
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://form.jotform.me/92812002476452
|
|||
|
https://cdn01.jotfor.ms/static/formCss.css?3.3.34848
|
172.67.73.184
|
||
|
https://www.jotform.com/myforms/
|
|||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://cdn02.jotfor.ms/static/prototype.forms.js?3.3.34848
|
104.26.6.134
|
||
|
https://www.google.de
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://form.jotform.me/92812002476452
|
35.201.118.58
|
||
|
https://cdn03.jotfor.ms/static/jotform.forms.js?3.3.34848
|
104.26.6.134
|
||
|
https://accounts.google.com/o/oauth2/auth/identifier?redirect_uri=storagerelay%3A%2F%2Fhttps%2Fwww.jotform.com%3Fid%3Dauth663659&response_type=permission%20id_token&scope=email%20profile%20openid&openid.realm&include_granted_scopes=true&client_id=172124630376-qk1qmdfmur2ojaf39e070iqhpt2foaip.apps.googleusercontent.com&ss_domain=https%3A%2F%2Fwww.jotform.com&fetch_basic_profile=true&gsiwebsdk=2&flowName=GeneralOAuthFlow
|
|||
|
https://www.jotform.com/?utm_source=powered_by_jotform&utm_medium=banner&utm_term=92812002476452&utm_content=powered_by_jotform_text&utm_campaign=powered_by_jotform_signup_hp
|
|||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.jotform.com/
|
|||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.jotform.com/enterprise/?utm_medium=referral&utm_source=jotform.com&utm_content=Jotform_Enterprise_Header&utm_campaign=enterprise_common_header
|
|||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://cdn01.jotfor.ms/css/styles/payment/payment_feature.css?3.3.34848
|
172.67.73.184
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 31 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
172.217.168.3
|
||
|
cdn01.jotfor.ms
|
172.67.73.184
|
||
|
browser.sentry-cdn.com
|
151.101.194.217
|
||
|
cdn.jotfor.ms
|
104.26.6.134
|
||
|
js.jotform.com
|
104.23.134.11
|
||
|
scontent.xx.fbcdn.net
|
157.240.17.15
|
||
|
s3.amazonaws.com
|
54.231.33.202
|
||
|
go.lb.jotform.com
|
35.201.118.58
|
||
|
script.hotjar.com
|
54.230.206.101
|
||
|
cdnjs.cloudflare.com
|
104.17.25.14
|
||
|
www.google.com
|
142.250.203.100
|
||
|
polyfill.io
|
151.101.1.26
|
||
|
form.jotform.me
|
35.201.118.58
|
||
|
cdn02.jotfor.ms
|
104.26.6.134
|
||
|
o61806.ingest.sentry.io
|
34.120.195.249
|
||
|
static-cdn.hotjar.com
|
52.222.191.35
|
||
|
star-mini.c10r.facebook.com
|
157.240.17.35
|
||
|
www.google.de
|
172.217.168.35
|
||
|
accounts.google.com
|
142.250.203.109
|
||
|
plus.l.google.com
|
142.250.203.110
|
||
|
stats.l.doubleclick.net
|
108.177.127.154
|
||
|
dual-a-0001.a-msedge.net
|
204.79.197.200
|
||
|
www.gravatar.com
|
192.0.73.2
|
||
|
www-googletagmanager.l.google.com
|
172.217.168.40
|
||
|
fullstory.com
|
147.75.40.150
|
||
|
part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
||
|
edge.fullstory.com
|
35.201.112.186
|
||
|
i0.wp.com
|
192.0.77.2
|
||
|
www.jotform.com
|
104.23.133.11
|
||
|
insights.hotjar.com
|
52.85.92.79
|
||
|
vars.hotjar.com
|
52.222.191.99
|
||
|
go.files.jotform.com
|
35.190.41.132
|
||
|
s3-w.us-east-1.amazonaws.com
|
52.216.38.25
|
||
|
rs.fullstory.com
|
35.186.194.58
|
||
|
googleads.g.doubleclick.net
|
142.250.203.98
|
||
|
www3.l.google.com
|
172.217.168.78
|
||
|
play.google.com
|
216.58.215.238
|
||
|
cdn03.jotfor.ms
|
104.26.6.134
|
||
|
clients.l.google.com
|
172.217.168.14
|
||
|
events.jotform.com
|
104.23.134.11
|
||
|
googlehosted.l.googleusercontent.com
|
172.217.168.65
|
||
|
cms.jotform.com
|
unknown
|
||
|
lh3.googleusercontent.com
|
unknown
|
||
|
stats.g.doubleclick.net
|
unknown
|
||
|
jotform-common.s3.amazonaws.com
|
unknown
|
||
|
clients2.google.com
|
unknown
|
||
|
moodular.jotform.com
|
unknown
|
||
|
code.jquery.com
|
unknown
|
||
|
static.hotjar.com
|
unknown
|
||
|
www.facebook.com
|
unknown
|
||
|
use.typekit.net
|
unknown
|
||
|
www.linkedin.com
|
unknown
|
||
|
connect.facebook.net
|
unknown
|
||
|
px.ads.linkedin.com
|
unknown
|
||
|
p.typekit.net
|
unknown
|
||
|
accounts.youtube.com
|
unknown
|
||
|
snap.licdn.com
|
unknown
|
||
|
apis.google.com
|
unknown
|
||
|
files.jotform.com
|
unknown
|
There are 49 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
204.79.197.200
|
dual-a-0001.a-msedge.net
|
United States
|
||
|
52.222.191.35
|
static-cdn.hotjar.com
|
United States
|
||
|
35.186.194.58
|
rs.fullstory.com
|
United States
|
||
|
172.217.168.40
|
www-googletagmanager.l.google.com
|
United States
|
||
|
157.240.17.35
|
star-mini.c10r.facebook.com
|
United States
|
||
|
172.67.73.184
|
cdn01.jotfor.ms
|
United States
|
||
|
52.216.38.25
|
s3-w.us-east-1.amazonaws.com
|
United States
|
||
|
147.75.40.150
|
fullstory.com
|
Switzerland
|
||
|
142.250.203.98
|
googleads.g.doubleclick.net
|
United States
|
||
|
108.177.127.154
|
stats.l.doubleclick.net
|
United States
|
||
|
192.0.77.2
|
i0.wp.com
|
United States
|
||
|
192.0.73.2
|
www.gravatar.com
|
United States
|
||
|
172.217.168.14
|
clients.l.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
52.222.191.99
|
vars.hotjar.com
|
United States
|
||
|
13.107.246.60
|
part-0032.t-0009.t-msedge.net
|
United States
|
||
|
157.240.17.15
|
scontent.xx.fbcdn.net
|
United States
|
||
|
172.217.168.3
|
gstaticadssl.l.google.com
|
United States
|
||
|
151.101.194.217
|
browser.sentry-cdn.com
|
United States
|
||
|
104.23.133.11
|
www.jotform.com
|
United States
|
||
|
172.217.168.65
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
||
|
54.231.33.202
|
s3.amazonaws.com
|
United States
|
||
|
142.250.203.100
|
www.google.com
|
United States
|
||
|
35.201.118.58
|
go.lb.jotform.com
|
United States
|
||
|
151.101.1.26
|
polyfill.io
|
United States
|
||
|
172.217.168.35
|
www.google.de
|
United States
|
||
|
35.190.41.132
|
go.files.jotform.com
|
United States
|
||
|
172.217.168.78
|
www3.l.google.com
|
United States
|
||
|
35.201.112.186
|
edge.fullstory.com
|
United States
|
||
|
52.85.92.79
|
insights.hotjar.com
|
United States
|
||
|
104.23.134.11
|
js.jotform.com
|
United States
|
||
|
54.230.206.101
|
script.hotjar.com
|
United States
|
||
|
104.26.6.134
|
cdn.jotfor.ms
|
United States
|
||
|
34.120.195.249
|
o61806.ingest.sentry.io
|
United States
|
There are 28 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\ActiveMovie\devenum 64-bit
|
Version
|
There are 39 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
49E86FE000
|
stack
|
page read and write
|
||
|
851B8FF000
|
stack
|
page read and write
|
||
|
F1F79FD000
|
stack
|
page read and write
|
||
|
F1F7BFD000
|
stack
|
page read and write
|
||
|
1F254E00000
|
heap
|
page read and write
|
||
|
2C7CD7A000
|
stack
|
page read and write
|
||
|
26F22C00000
|
heap
|
page read and write
|
||
|
19DD0A7B000
|
heap
|
page read and write
|
||
|
6AE6FFB000
|
stack
|
page read and write
|
||
|
49E847E000
|
stack
|
page read and write
|
||
|
2061DC84000
|
heap
|
page read and write
|
||
|
17061600000
|
heap
|
page read and write
|
||
|
2C7C8FB000
|
stack
|
page read and write
|
||
|
2061DC5A000
|
heap
|
page read and write
|
||
|
2061DC60000
|
heap
|
page read and write
|
||
|
19DD0A6A000
|
heap
|
page read and write
|
||
|
1E10451D000
|
heap
|
page read and write
|
||
|
19DD1202000
|
trusted library allocation
|
page read and write
|
||
|
208CCE75000
|
heap
|
page read and write
|
||
|
208D24D0000
|
remote allocation
|
page read and write
|
||
|
208CCCB0000
|
heap
|
page read and write
|
||
|
2C7CF7E000
|
stack
|
page read and write
|
||
|
1F254E29000
|
heap
|
page read and write
|
||
|
2C7CE7E000
|
stack
|
page read and write
|
||
|
F1F77FB000
|
stack
|
page read and write
|
||
|
851B9FE000
|
stack
|
page read and write
|
||
|
1E103E59000
|
heap
|
page read and write
|
||
|
2061DC3D000
|
heap
|
page read and write
|
||
|
1F254E6E000
|
heap
|
page read and write
|
||
|
208D24D0000
|
remote allocation
|
page read and write
|
||
|
2061DC00000
|
heap
|
page read and write
|
||
|
2061DC7E000
|
heap
|
page read and write
|
||
|
19DD0B00000
|
heap
|
page read and write
|
||
|
C1D2D7E000
|
stack
|
page read and write
|
||
|
851BAFA000
|
stack
|
page read and write
|
||
|
6AE6A8C000
|
stack
|
page read and write
|
||
|
208D23A0000
|
trusted library allocation
|
page read and write
|
||
|
2C7CB79000
|
stack
|
page read and write
|
||
|
208D2370000
|
trusted library allocation
|
page read and write
|
||
|
208D24C0000
|
trusted library allocation
|
page read and write
|
||
|
26F22C5F000
|
heap
|
page read and write
|
||
|
17061D80000
|
remote allocation
|
page read and write
|
||
|
1E103E29000
|
heap
|
page read and write
|
||
|
1E104502000
|
heap
|
page read and write
|
||
|
2061D9E0000
|
heap
|
page read and write
|
||
|
2C7CEFF000
|
stack
|
page read and write
|
||
|
851B477000
|
stack
|
page read and write
|
||
|
208D2370000
|
trusted library allocation
|
page read and write
|
||
|
2061DC42000
|
heap
|
page read and write
|
||
|
2061DC5C000
|
heap
|
page read and write
|
||
|
19DD0A28000
|
heap
|
page read and write
|
||
|
208CCE26000
|
heap
|
page read and write
|
||
|
C1D2C7F000
|
stack
|
page read and write
|
||
|
1E103E7B000
|
heap
|
page read and write
|
||
|
AF0ADFC000
|
stack
|
page read and write
|
||
|
1E103E13000
|
heap
|
page read and write
|
||
|
19DD0B02000
|
heap
|
page read and write
|
||
|
208D2374000
|
trusted library allocation
|
page read and write
|
||
|
2061DC6D000
|
heap
|
page read and write
|
||
|
1E103E6A000
|
heap
|
page read and write
|
||
|
AF0B57D000
|
stack
|
page read and write
|
||
|
C1D2A7E000
|
stack
|
page read and write
|
||
|
F1F7DFF000
|
stack
|
page read and write
|
||
|
1E103BD0000
|
heap
|
page read and write
|
||
|
208D23B0000
|
trusted library allocation
|
page read and write
|
||
|
49E808B000
|
stack
|
page read and write
|
||
|
26F22D13000
|
heap
|
page read and write
|
||
|
851B97E000
|
stack
|
page read and write
|
||
|
17061590000
|
heap
|
page read and write
|
||
|
208CCD10000
|
heap
|
page read and write
|
||
|
208D2440000
|
trusted library allocation
|
page read and write
|
||
|
AF0AF7F000
|
stack
|
page read and write
|
||
|
1E103E43000
|
heap
|
page read and write
|
||
|
208D24D0000
|
trusted library allocation
|
page read and write
|
||
|
2061DC13000
|
heap
|
page read and write
|
||
|
1E103E92000
|
heap
|
page read and write
|
||
|
AF0B27B000
|
stack
|
page read and write
|
||
|
2061D9D0000
|
heap
|
page read and write
|
||
|
19DD0880000
|
heap
|
page read and write
|
||
|
26F229F0000
|
heap
|
page read and write
|
||
|
17061D50000
|
trusted library allocation
|
page read and write
|
||
|
2061DC58000
|
heap
|
page read and write
|
||
|
1E103E00000
|
heap
|
page read and write
|
||
|
2C7C9FF000
|
stack
|
page read and write
|
||
|
AF0B37C000
|
stack
|
page read and write
|
||
|
1E103E66000
|
heap
|
page read and write
|
||
|
2061DC4E000
|
heap
|
page read and write
|
||
|
26F22D02000
|
heap
|
page read and write
|
||
|
2061DC56000
|
heap
|
page read and write
|
||
|
AF0B07F000
|
stack
|
page read and write
|
||
|
C1D2E7E000
|
stack
|
page read and write
|
||
|
26F22A60000
|
heap
|
page read and write
|
||
|
208D23B4000
|
trusted library allocation
|
page read and write
|
||
|
851BBFF000
|
stack
|
page read and write
|
||
|
6AE72FE000
|
stack
|
page read and write
|
||
|
208D2371000
|
trusted library allocation
|
page read and write
|
||
|
AF0B1FE000
|
stack
|
page read and write
|
||
|
1E103E57000
|
heap
|
page read and write
|
||
|
851B77F000
|
stack
|
page read and write
|
||
|
26F22B60000
|
trusted library allocation
|
page read and write
|
||
|
1F254E13000
|
heap
|
page read and write
|
||
|
17061D80000
|
remote allocation
|
page read and write
|
||
|
851BD7A000
|
stack
|
page read and write
|
||
|
17061641000
|
heap
|
page read and write
|
||
|
F1F80FE000
|
stack
|
page read and write
|
||
|
1F254E87000
|
heap
|
page read and write
|
||
|
1F254DF0000
|
trusted library allocation
|
page read and write
|
||
|
26F22C61000
|
heap
|
page read and write
|
||
|
1F254BB0000
|
heap
|
page read and write
|
||
|
2061DC62000
|
heap
|
page read and write
|
||
|
19DD0980000
|
trusted library allocation
|
page read and write
|
||
|
2061DC67000
|
heap
|
page read and write
|
||
|
851BC7F000
|
stack
|
page read and write
|
||
|
2061DC3B000
|
heap
|
page read and write
|
||
|
208CCCA0000
|
heap
|
page read and write
|
||
|
2061DC65000
|
heap
|
page read and write
|
||
|
AF0A9FC000
|
stack
|
page read and write
|
||
|
1E103C40000
|
heap
|
page read and write
|
||
|
2061DC57000
|
heap
|
page read and write
|
||
|
208CD718000
|
heap
|
page read and write
|
||
|
2061DC32000
|
heap
|
page read and write
|
||
|
AF0B0FE000
|
stack
|
page read and write
|
||
|
F1F73EB000
|
stack
|
page read and write
|
||
|
F1F7AFF000
|
stack
|
page read and write
|
||
|
C1D27BB000
|
stack
|
page read and write
|
||
|
208D270F000
|
heap
|
page read and write
|
||
|
2061DC6B000
|
heap
|
page read and write
|
||
|
208D24D0000
|
remote allocation
|
page read and write
|
||
|
C1D2AFE000
|
stack
|
page read and write
|
||
|
19DD0A13000
|
heap
|
page read and write
|
||
|
26F22C77000
|
heap
|
page read and write
|
||
|
17061D80000
|
remote allocation
|
page read and write
|
||
|
2061DC29000
|
heap
|
page read and write
|
||
|
26F22C29000
|
heap
|
page read and write
|
||
|
208CCE70000
|
heap
|
page read and write
|
||
|
1E103E3C000
|
heap
|
page read and write
|
||
|
208D2860000
|
trusted library allocation
|
page read and write
|
||
|
851BB7F000
|
stack
|
page read and write
|
||
|
C1D2F7F000
|
stack
|
page read and write
|
||
|
19DD0A66000
|
heap
|
page read and write
|
||
|
851B67B000
|
stack
|
page read and write
|
||
|
851B27C000
|
stack
|
page read and write
|
||
|
26F22A00000
|
heap
|
page read and write
|
||
|
2061DC6A000
|
heap
|
page read and write
|
||
|
2061DC7B000
|
heap
|
page read and write
|
||
|
19DD0B13000
|
heap
|
page read and write
|
||
|
26F22C74000
|
heap
|
page read and write
|
||
|
26F22C44000
|
heap
|
page read and write
|
||
|
208CD718000
|
heap
|
page read and write
|
||
|
1F254BC0000
|
heap
|
page read and write
|
||
|
208CD718000
|
heap
|
page read and write
|
||
|
F1F7FFF000
|
stack
|
page read and write
|
||
|
F1F78FE000
|
stack
|
page read and write
|
||
|
26F23402000
|
trusted library allocation
|
page read and write
|
||
|
17061E02000
|
trusted library allocation
|
page read and write
|
||
|
1E103BE0000
|
heap
|
page read and write
|
||
|
17061580000
|
heap
|
page read and write
|
||
|
2061DC40000
|
heap
|
page read and write
|
||
|
26F22C13000
|
heap
|
page read and write
|
||
|
49E897D000
|
stack
|
page read and write
|
||
|
851BE7C000
|
stack
|
page read and write
|
||
|
1E10451D000
|
heap
|
page read and write
|
||
|
49E887F000
|
stack
|
page read and write
|
||
|
851B57A000
|
stack
|
page read and write
|
||
|
17061629000
|
heap
|
page read and write
|
||
|
851BF7E000
|
stack
|
page read and write
|
||
|
2061DA40000
|
heap
|
page read and write
|
||
|
170615F0000
|
heap
|
page read and write
|
||
|
851B87B000
|
stack
|
page read and write
|
||
|
851B2FF000
|
stack
|
page read and write
|
||
|
49E8A7E000
|
stack
|
page read and write
|
||
|
2C7CAFC000
|
stack
|
page read and write
|
||
|
2C7CC7F000
|
stack
|
page read and write
|
||
|
208CCE29000
|
heap
|
page read and write
|
||
|
2061DC7A000
|
heap
|
page read and write
|
||
|
17061702000
|
heap
|
page read and write
|
||
|
49E857E000
|
stack
|
page read and write
|
||
|
2061DC25000
|
heap
|
page read and write
|
||
|
2061DD02000
|
heap
|
page read and write
|
||
|
26F22C6B000
|
heap
|
page read and write
|
||
|
208CCE57000
|
heap
|
page read and write
|
||
|
19DD0A00000
|
heap
|
page read and write
|
||
|
208D237E000
|
trusted library allocation
|
page read and write
|
||
|
19DD0A02000
|
heap
|
page read and write
|
||
|
1E103E73000
|
heap
|
page read and write
|
||
|
2061E202000
|
trusted library allocation
|
page read and write
|
||
|
F1F7EFE000
|
stack
|
page read and write
|
||
|
208CCE00000
|
heap
|
page read and write
|
||
|
49E85FE000
|
stack
|
page read and write
|
||
|
19DD0820000
|
heap
|
page read and write
|
||
|
2061DC5F000
|
heap
|
page read and write
|
||
|
19DD0A3F000
|
heap
|
page read and write
|
||
|
208CCE13000
|
heap
|
page read and write
|
||
|
19DD0810000
|
heap
|
page read and write
|
||
|
2C7C4AB000
|
stack
|
page read and write
|
||
|
208CD758000
|
heap
|
page read and write
|
||
|
2061DC48000
|
heap
|
page read and write
|
||
|
208D2378000
|
trusted library allocation
|
page read and write
|
||
|
17061602000
|
heap
|
page read and write
|
||
|
AF0B47F000
|
stack
|
page read and write
|
||
|
F1F7CFF000
|
stack
|
page read and write
|
||
|
208D2708000
|
heap
|
page read and write
|
||
|
17061613000
|
heap
|
page read and write
|
||
|
1E103E53000
|
heap
|
page read and write
|
||
|
208D2394000
|
trusted library allocation
|
page read and write
|
||
|
6AE70FE000
|
stack
|
page read and write
|
||
|
208D2391000
|
trusted library allocation
|
page read and write
|
||
|
1F254C20000
|
heap
|
page read and write
|
||
|
AF0B67E000
|
stack
|
page read and write
|
||
|
1F254EBF000
|
heap
|
page read and write
|
||
|
19DD0A58000
|
heap
|
page read and write
|
||
|
1706165F000
|
heap
|
page read and write
|
||
|
6AE71FB000
|
stack
|
page read and write
|
||
|
26F22C02000
|
heap
|
page read and write
|
||
|
1F254E3E000
|
heap
|
page read and write
|
||
|
1E103E43000
|
heap
|
page read and write
|
||
|
1E103E4A000
|
heap
|
page read and write
|
||
|
2061E1A0000
|
trusted library allocation
|
page read and write
|
||
|
2061DC77000
|
heap
|
page read and write
|
||
|
49E87FD000
|
stack
|
page read and write
|
||
|
208CCE3D000
|
heap
|
page read and write
|
There are 211 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://form.jotform.me/92812002476452
|
||
|
https://www.jotform.com/?utm_source=powered_by_jotform&utm_medium=banner&utm_term=92812002476452&utm_content=powered_by_jotform_text&utm_campaign=powered_by_jotform_signup_hp
|
||
|
https://accounts.google.com/o/oauth2/auth/identifier?redirect_uri=storagerelay%3A%2F%2Fhttps%2Fwww.jotform.com%3Fid%3Dauth663659&response_type=permission%20id_token&scope=email%20profile%20openid&openid.realm&include_granted_scopes=true&client_id=172124630376-qk1qmdfmur2ojaf39e070iqhpt2foaip.apps.googleusercontent.com&ss_domain=https%3A%2F%2Fwww.jotform.com&fetch_basic_profile=true&gsiwebsdk=2&flowName=GeneralOAuthFlow
|
||
|
https://www.jotform.com/
|
||
|
https://www.jotform.com/myforms/
|
||
|
https://www.jotform.com/enterprise/?utm_medium=referral&utm_source=jotform.com&utm_content=Jotform_Enterprise_Header&utm_campaign=enterprise_common_header
|