IOC Report
Payslip 28.11.22.html

loading gif

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1960 --field-trial-handle=1748,i,843581558575697743,11274918621816804293,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" "C:\Users\user\Desktop\Payslip 28.11.22.html

URLs

Name
IP
Malicious
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.203.110
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
104.17.25.14
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.10.207
file:///C:/Users/user/Desktop/Payslip%2028.11.22.html
https://socialgrow.co.in/tech/host9/admin/js/mj.php?ar=d29yZA==
65.21.127.94
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
172.217.168.45
https://socialgrow.co.in/tech/host9/9c80cd4.php
65.21.127.94

Domains

Name
IP
Malicious
socialgrow.co.in
65.21.127.94
accounts.google.com
172.217.168.45
cdnjs.cloudflare.com
104.17.25.14
maxcdn.bootstrapcdn.com
104.18.10.207
www.google.com
172.217.168.36
cs1227.wpc.alphacdn.net
192.229.221.185
clients.l.google.com
142.250.203.110
part-0032.t-0009.fbs1-t-msedge.net
13.107.219.60
clients2.google.com
unknown
code.jquery.com
unknown
cdn.jsdelivr.net
unknown
There are 1 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
65.21.127.94
socialgrow.co.in
United States
13.107.219.60
part-0032.t-0009.fbs1-t-msedge.net
United States
192.168.2.1
unknown
unknown
104.18.10.207
maxcdn.bootstrapcdn.com
United States
142.250.203.110
clients.l.google.com
United States
172.217.168.45
accounts.google.com
United States
172.217.168.36
www.google.com
United States
239.255.255.250
unknown
Reserved
192.229.221.185
cs1227.wpc.alphacdn.net
United States
104.17.25.14
cdnjs.cloudflare.com
United States
127.0.0.1
unknown
unknown
There are 1 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blocklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry
TraceTimeLast
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
There are 42 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
202133B0000
trusted library allocation
page read and write
1B2EB856000
heap
page read and write
19418492000
heap
page read and write
14410640000
heap
page read and write
19418477000
heap
page read and write
1DE6ADB0000
heap
page read and write
19D9E7D000
stack
page read and write
69F27FE000
stack
page read and write
17FB5076000
heap
page read and write
14410702000
heap
page read and write
1B2EBD90000
trusted library allocation
page read and write
14410629000
heap
page read and write
20AC9402000
trusted library allocation
page read and write
1B2EB840000
heap
page read and write
202130F0000
trusted library allocation
page read and write
19418D6D000
heap
page read and write
1B2EB902000
heap
page read and write
19418493000
heap
page read and write
74EFAFF000
stack
page read and write
1C3AC7E000
stack
page read and write
19418429000
heap
page read and write
21A4F25C000
heap
page read and write
202130E0000
trusted library allocation
page read and write
20AC79E0000
remote allocation
page read and write
19D9D7B000
stack
page read and write
17FB5102000
heap
page read and write
19418260000
heap
page read and write
1B2EB85F000
heap
page read and write
74EF5FF000
stack
page read and write
1B2EB842000
heap
page read and write
202126E0000
trusted library allocation
page read and write
19418D22000
heap
page read and write
1B2EB85E000
heap
page read and write
1DFEEC00000
heap
page read and write
194182D0000
heap
page read and write
54B7F7F000
stack
page read and write
20AC7B00000
heap
page read and write
1C3A9FC000
stack
page read and write
C0583FA000
stack
page read and write
1DFEEC13000
heap
page read and write
19DA07C000
stack
page read and write
20AC7820000
heap
page read and write
1B2EB864000
heap
page read and write
1B2EB882000
heap
page read and write
1DE6B013000
heap
page read and write
74EF6FE000
stack
page read and write
20213330000
trusted library allocation
page read and write
14410C02000
heap
page read and write
54B7A7F000
stack
page read and write
1B2EB5D0000
heap
page read and write
C45227F000
stack
page read and write
11ADFFB000
stack
page read and write
54B756B000
stack
page read and write
1DFEEA10000
heap
page read and write
144103E0000
heap
page read and write
1941858E000
heap
page read and write
1DFEEC7E000
heap
page read and write
19418270000
heap
page read and write
1B2EB873000
heap
page read and write
54B7DFA000
stack
page read and write
1B2EB867000
heap
page read and write
1DE6B000000
heap
page read and write
20AC7A67000
heap
page read and write
21A4F302000
heap
page read and write
21A4F0E0000
heap
page read and write
1B2EB630000
heap
page read and write
20AC93A0000
trusted library allocation
page read and write
20AC7A3D000
heap
page read and write
5769FF000
stack
page read and write
5766FF000
stack
page read and write
1DE6B037000
heap
page read and write
19D9B7E000
stack
page read and write
17FB4F00000
heap
page read and write
19418C02000
heap
page read and write
5762FB000
stack
page read and write
19418485000
heap
page read and write
1B2EB83D000
heap
page read and write
1B2EB84E000
heap
page read and write
2021262C000
heap
page read and write
1B2EB813000
heap
page read and write
19418DBC000
heap
page read and write
19418513000
heap
page read and write
1B2EB848000
heap
page read and write
54B7CFF000
stack
page read and write
20212643000
heap
page read and write
21A4F150000
heap
page read and write
5768FF000
stack
page read and write
21A4F1B0000
remote allocation
page read and write
19418E23000
heap
page read and write
19D9BFC000
stack
page read and write
21A4F1B0000
remote allocation
page read and write
19418DAF000
heap
page read and write
19418D02000
heap
page read and write
1B2EB800000
heap
page read and write
C452379000
stack
page read and write
1B2EB876000
heap
page read and write
14410689000
heap
page read and write
C4522FF000
stack
page read and write
1B2EB85C000
heap
page read and write
19418487000
heap
page read and write
14410BA0000
trusted library allocation
page read and write
1DFEEC6A000
heap
page read and write
74EF7FF000
stack
page read and write
69F29FE000
stack
page read and write
20212635000
heap
page read and write
1B2EB5C0000
heap
page read and write
1DE6B044000
heap
page read and write
1C3A97E000
stack
page read and write
576BFE000
stack
page read and write
C45207D000
stack
page read and write
20212520000
heap
page read and write
19418E27000
heap
page read and write
202125C0000
trusted library allocation
page read and write
20AC7B02000
heap
page read and write
19DA17F000
stack
page read and write
1DFEF402000
trusted library allocation
page read and write
19418443000
heap
page read and write
2021262C000
heap
page read and write
17FB505B000
heap
page read and write
21A4F0F0000
heap
page read and write
202125F1000
heap
page read and write
19418D00000
heap
page read and write
17FB503D000
heap
page read and write
C0585FE000
stack
page read and write
19418D08000
heap
page read and write
1DE6B102000
heap
page read and write
20212625000
heap
page read and write
144106BF000
heap
page read and write
1B2EB860000
heap
page read and write
1C3A4CB000
stack
page read and write
14410665000
heap
page read and write
20213350000
trusted library allocation
page read and write
1DFEEC02000
heap
page read and write
1C3AD7D000
stack
page read and write
C451DAC000
stack
page read and write
20AC7A5C000
heap
page read and write
1DE6B03E000
heap
page read and write
1DE6B029000
heap
page read and write
20AC7B18000
heap
page read and write
1DE6ADA0000
heap
page read and write
1B2EB857000
heap
page read and write
20AC79E0000
remote allocation
page read and write
19418E00000
heap
page read and write
74EF27B000
stack
page read and write
C4521FC000
stack
page read and write
74EFBFC000
stack
page read and write
17FB5802000
trusted library allocation
page read and write
21A4F180000
trusted library allocation
page read and write
19D9AFB000
stack
page read and write
1B2EB874000
heap
page read and write
21A4FA02000
trusted library allocation
page read and write
19418E02000
heap
page read and write
1B2EB87A000
heap
page read and write
69F23CE000
stack
page read and write
20AC7A4C000
heap
page read and write
17FB4EF0000
heap
page read and write
144106E3000
heap
page read and write
21A4F200000
heap
page read and write
20AC7A4C000
heap
page read and write
1DFEEC28000
heap
page read and write
1B2EB862000
heap
page read and write
21A4F229000
heap
page read and write
20AC7A59000
heap
page read and write
54B7EFE000
stack
page read and write
19D9CFE000
stack
page read and write
11ADEFE000
stack
page read and write
1DFEEA70000
heap
page read and write
2021262C000
heap
page read and write
20AC7830000
heap
page read and write
1941846E000
heap
page read and write
144106C6000
heap
page read and write
576CFE000
stack
page read and write
20213360000
trusted library allocation
page read and write
202125E0000
heap
page read and write
19418458000
heap
page read and write
1DFEED02000
heap
page read and write
C4520FE000
stack
page read and write
1DFEEC6D000
heap
page read and write
144103D0000
heap
page read and write
19418A60000
trusted library allocation
page read and write
5767FD000
stack
page read and write
14410600000
heap
page read and write
19418443000
heap
page read and write
14410713000
heap
page read and write
20AC7A02000
heap
page read and write
20AC7A00000
heap
page read and write
11AE0FB000
stack
page read and write
54B7BF9000
stack
page read and write
19418E13000
heap
page read and write
576AFF000
stack
page read and write
11ADACC000
stack
page read and write
19418D22000
heap
page read and write
17FB506C000
heap
page read and write
20AC7A61000
heap
page read and write
202123E0000
heap
page read and write
69F2AFE000
stack
page read and write
202125B0000
heap
page read and write
14410440000
heap
page read and write
194183D0000
trusted library allocation
page read and write
1B2EB879000
heap
page read and write
144106D0000
heap
page read and write
21A4F1B0000
remote allocation
page read and write
1B2EB83B000
heap
page read and write
1DE6B002000
heap
page read and write
1441066D000
heap
page read and write
19D94EB000
stack
page read and write
C4523FF000
stack
page read and write
202125B5000
heap
page read and write
17FB5029000
heap
page read and write
1C3AEFF000
stack
page read and write
20212624000
heap
page read and write
1DFEEC59000
heap
page read and write
19418E30000
heap
page read and write
C0584FA000
stack
page read and write
20212540000
heap
page read and write
19418D43000
heap
page read and write
5763FC000
stack
page read and write
1DFEEC3C000
heap
page read and write
11AE1FE000
stack
page read and write
54B797A000
stack
page read and write
19418400000
heap
page read and write
1C3AAFE000
stack
page read and write
1DE6AFD0000
trusted library allocation
page read and write
21A4F236000
heap
page read and write
20AC7990000
trusted library allocation
page read and write
20AC9600000
trusted library allocation
page read and write
14410D00000
heap
page read and write
575E9C000
stack
page read and write
19418D0C000
heap
page read and write
19D9F7E000
stack
page read and write
74EF9FC000
stack
page read and write
1DE6B02F000
heap
page read and write
202123F0000
trusted library allocation
page read and write
1B2EB86B000
heap
page read and write
69F267E000
stack
page read and write
202125E9000
heap
page read and write
20AC7A13000
heap
page read and write
1DE6B04C000
heap
page read and write
194185B9000
heap
page read and write
1DFEEC65000
heap
page read and write
1B2EB85A000
heap
page read and write
1B2EB87D000
heap
page read and write
C452179000
stack
page read and write
54B7B7B000
stack
page read and write
1DE6AE00000
heap
page read and write
20AC7B13000
heap
page read and write
C0586FE000
stack
page read and write
1DFEEB70000
trusted library allocation
page read and write
C057EDB000
stack
page read and write
20AC7A5C000
heap
page read and write
14410613000
heap
page read and write
1DE6B602000
trusted library allocation
page read and write
1DFEED13000
heap
page read and write
194185E5000
heap
page read and write
1B2EB858000
heap
page read and write
1DFEEA00000
heap
page read and write
19418D54000
heap
page read and write
21A4F213000
heap
page read and write
69F234C000
stack
page read and write
17FB4F90000
trusted library allocation
page read and write
69F28FE000
stack
page read and write
1941848D000
heap
page read and write
5764FE000
stack
page read and write
19418D90000
heap
page read and write
19D98FE000
stack
page read and write
1DE6B053000
heap
page read and write
1B2EBE02000
trusted library allocation
page read and write
202125D0000
trusted library allocation
page read and write
20AC79E0000
remote allocation
page read and write
17FB4F60000
heap
page read and write
21A4F202000
heap
page read and write
1DFEED00000
heap
page read and write
21A4F240000
heap
page read and write
20AC7A8D000
heap
page read and write
202125B9000
heap
page read and write
17FB5013000
heap
page read and write
20AC7A49000
heap
page read and write
20AC7890000
heap
page read and write
1941843C000
heap
page read and write
1C3ABFD000
stack
page read and write
19418413000
heap
page read and write
74EF8FD000
stack
page read and write
20AC7A2A000
heap
page read and write
54B807F000
stack
page read and write
20213340000
heap
page readonly
17FB5113000
heap
page read and write
1DE6B048000
heap
page read and write
1B2EB829000
heap
page read and write
20AC79B0000
trusted library allocation
page read and write
17FB5000000
heap
page read and write
17FB5002000
heap
page read and write
1B2EB832000
heap
page read and write
There are 282 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
file:///C:/Users/user/Desktop/Payslip%2028.11.22.html