Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
E-Contact Form.Htm
|
HTML document, Non-ISO extended-ASCII text, with very long lines, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\0e9a774f-4934-46e4-b75d-41a7524ff792.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\1d3c8c98-b8bf-4d47-ae03-32c69bf75f13.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\4fccb40c-b96f-4a94-9550-2b76c8f9f884.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\8301140a-c5f7-41ec-8786-3fffb1bd1c6f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\8580609e-35e6-445e-908b-d457bf1840fa.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\cf37e300-1cb2-401d-8022-b3e80bbe0f22.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\f3fbb79e-5341-4b1c-bb52-516a118f5036.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\f77f8489-53fd-4e8c-aab9-6c8e0da061c7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\aaad3cb7-3889-445a-aae4-27b7f667a0fa.tmp
|
data
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\abcdaa6a-a910-4b12-a1c9-96d735a24775.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\b0112fba-be6b-4bcd-ac94-19cd7063f900.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\ffc16d9a-541e-4381-b7b2-e7c533ef5487.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\51a42634-6686-4670-b0ad-ed9be192596d.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\55ebf4de-fd7c-4b51-8083-078f0c91f1d5.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\7fe71b1a-498e-45a0-9687-6f9b16cb0bf4.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\fe5339fa-313f-4fc5-bec7-b53eb7b24356.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\it\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\ja\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\lt\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\lv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\nb\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\pl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\pt_BR\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\pt_PT\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\ro\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\ru\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\sk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\sl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\sr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\sv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\th\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\tr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\uk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\vi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\zh_CN\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_locales\zh_TW\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2888_357851724\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
There are 76 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/alfredo/Desktop/E-Contact%20Form.Htm
|
|
||
|
https://arrogantladygenesh.com/bm/addresss.php
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
arrogantladygenesh.com
|
208.67.105.50
|
||
|
d2fw8kapvfkapu.cloudfront.net
|
108.138.7.46
|
||
|
accounts.google.com
|
142.250.186.173
|
||
|
imgur.com
|
199.232.192.193
|
||
|
dual-a-0001.a-msedge.net
|
204.79.197.200
|
||
|
clients.l.google.com
|
142.250.185.142
|
||
|
ipv4.imgur.map.fastly.net
|
151.101.12.193
|
||
|
clients2.google.com
|
unknown
|
||
|
i.imgur.com
|
unknown
|
||
|
images.vexels.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
108.138.7.46
|
d2fw8kapvfkapu.cloudfront.net
|
United States
|
||
|
34.104.35.123
|
unknown
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.142
|
clients.l.google.com
|
United States
|
||
|
208.67.105.50
|
arrogantladygenesh.com
|
United States
|
||
|
142.250.186.173
|
accounts.google.com
|
United States
|
||
|
151.101.12.193
|
ipv4.imgur.map.fastly.net
|
United States
|
||
|
199.232.192.193
|
imgur.com
|
United States
|
||
|
142.251.36.3
|
unknown
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 1 hidden IPs, click here to show them.