IOC Report
https://storageapi.fleek.co/9db0d41e-e2fe-4afc-b36b-6d83510d030c-bucket/indexx.html

loading gif

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1932 --field-trial-handle=1796,i,15701762142637122687,14432371106928829043,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" "https://storageapi.fleek.co/9db0d41e-e2fe-4afc-b36b-6d83510d030c-bucket/indexx.html

URLs

Name
IP
Malicious
https://storageapi.fleek.co/9db0d41e-e2fe-4afc-b36b-6d83510d030c-bucket/indexx.html
malicious
https://storageapi.fleek.co/9db0d41e-e2fe-4afc-b36b-6d83510d030c-bucket/indexx.html
104.18.6.145
 malicious
https://storageapi.fleek.co/9db0d41e-e2fe-4afc-b36b-6d83510d030c-bucket/indexx.html
malicious
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
104.18.10.207
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.203.110
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
104.18.10.207
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js
104.18.10.207
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
104.17.24.14
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
172.217.168.45

Domains

Name
IP
Malicious
stackpath.bootstrapcdn.com
104.18.10.207
accounts.google.com
172.217.168.45
cdnjs.cloudflare.com
104.17.24.14
storageapi.fleek.co
104.18.6.145
www.google.com
172.217.168.36
clients.l.google.com
142.250.203.110
clients2.google.com
unknown

IPs

IP
Domain
Country
Malicious
104.17.24.14
cdnjs.cloudflare.com
United States
192.168.2.1
unknown
unknown
104.18.10.207
stackpath.bootstrapcdn.com
United States
142.250.203.110
clients.l.google.com
United States
104.18.6.145
storageapi.fleek.co
United States
172.217.168.45
accounts.google.com
United States
172.217.168.36
www.google.com
United States
239.255.255.250
unknown
Reserved
127.0.0.1
unknown
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blocklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry
TraceTimeLast
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
There are 42 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
16FC7678000
heap
page read and write
23E7E692000
heap
page read and write
3E98FFF000
stack
page read and write
2040A002000
trusted library allocation
page read and write
2B01E370000
remote allocation
page read and write
218AAC13000
heap
page read and write
6077CFB000
stack
page read and write
50E567F000
stack
page read and write
1D137049000
heap
page read and write
1D137039000
heap
page read and write
E5B629C000
stack
page read and write
16FC7702000
heap
page read and write
7452CFE000
stack
page read and write
26F79C2E000
heap
page read and write
23E7E4B0000
heap
page read and write
2B01DBE0000
heap
page read and write
23E7EC90000
trusted library allocation
page read and write
16FC7629000
heap
page read and write
1D137045000
heap
page read and write
20409868000
heap
page read and write
1D137085000
heap
page read and write
50E52FC000
stack
page read and write
1D932CBB000
heap
page read and write
3E98A7B000
stack
page read and write
84DD07E000
stack
page read and write
20409710000
heap
page read and write
204096B0000
heap
page read and write
F50617E000
stack
page read and write
3E992FF000
stack
page read and write
50E4BFD000
stack
page read and write
16FC7602000
heap
page read and write
F50647F000
stack
page read and write
26F79C37000
heap
page read and write
218AAC4B000
heap
page read and write
1D137102000
heap
page read and write
1D13704E000
heap
page read and write
218AAD13000
heap
page read and write
1D13706C000
heap
page read and write
23E7E643000
heap
page read and write
23E7F023000
heap
page read and write
26F79C53000
heap
page read and write
218AAC5D000
heap
page read and write
2ABAF7C000
stack
page read and write
23E7EF22000
heap
page read and write
23E7E510000
heap
page read and write
23E7F030000
heap
page read and write
20409828000
heap
page read and write
2B01DC50000
heap
page read and write
74529FE000
stack
page read and write
218AAD18000
heap
page read and write
26F79C44000
heap
page read and write
16FC763C000
heap
page read and write
23E7EF00000
heap
page read and write
74528FF000
stack
page read and write
2ABB6FC000
stack
page read and write
23E7F002000
heap
page read and write
23E7F000000
heap
page read and write
1D137064000
heap
page read and write
16FC7626000
heap
page read and write
1D932BF0000
heap
page read and write
2B01DD02000
heap
page read and write
1D932CC2000
heap
page read and write
60780FE000
stack
page read and write
6077F7E000
stack
page read and write
20409864000
heap
page read and write
26F79C29000
heap
page read and write
2ABAFFD000
stack
page read and write
218AC5E0000
trusted library allocation
page read and write
218AAAB0000
heap
page read and write
16FC7713000
heap
page read and write
50E547C000
stack
page read and write
1D136FB0000
trusted library allocation
page read and write
16FC7520000
heap
page read and write
50E51FC000
stack
page read and write
16FC765B000
heap
page read and write
23E7E688000
heap
page read and write
1D137041000
heap
page read and write
1D137061000
heap
page read and write
23E7EF08000
heap
page read and write
1D137055000
heap
page read and write
607779E000
stack
page read and write
218ACC10000
remote allocation
page read and write
23E7E66C000
heap
page read and write
218AAC4D000
heap
page read and write
84DC99E000
stack
page read and write
2B01DC40000
heap
page read and write
20409879000
heap
page read and write
23E7E68F000
heap
page read and write
2B01DC33000
heap
page read and write
F50667F000
stack
page read and write
F50657E000
stack
page read and write
16FC7530000
heap
page read and write
1D137802000
trusted library allocation
page read and write
50E4AFC000
stack
page read and write
23E7E643000
heap
page read and write
1D136E40000
heap
page read and write
2ABB1FE000
stack
page read and write
23E7E62D000
heap
page read and write
2ABB4FC000
stack
page read and write
1D137013000
heap
page read and write
2B01DC02000
heap
page read and write
26F79C3A000
heap
page read and write
1D137076000
heap
page read and write
1D137065000
heap
page read and write
218AAC2A000
heap
page read and write
218AAB20000
heap
page read and write
84DC89B000
stack
page read and write
E5B639E000
stack
page read and write
26F79C3C000
heap
page read and write
23E7EFB0000
heap
page read and write
2ABAE7E000
stack
page read and write
1D137075000
heap
page read and write
1D137078000
heap
page read and write
23E7E63C000
heap
page read and write
1D137048000
heap
page read and write
1D137042000
heap
page read and write
E5B677F000
stack
page read and write
26F79B70000
heap
page read and write
1D932B80000
heap
page read and write
218AC850000
trusted library allocation
page read and write
2B01E340000
trusted library allocation
page read and write
218AC810000
trusted library allocation
page read and write
1D13707C000
heap
page read and write
2B01DB80000
heap
page read and write
745259B000
stack
page read and write
2B01E370000
remote allocation
page read and write
F50637B000
stack
page read and write
20409E70000
trusted library allocation
page read and write
3E990FE000
stack
page read and write
E5B631E000
stack
page read and write
1D137050000
heap
page read and write
1D13704F000
heap
page read and write
23E7E629000
heap
page read and write
23E7E7E5000
heap
page read and write
16FC75C0000
trusted library allocation
page read and write
20409813000
heap
page read and write
2ABB2FE000
stack
page read and write
84DC91E000
stack
page read and write
6077BFE000
stack
page read and write
1D13706A000
heap
page read and write
218AAAC0000
heap
page read and write
23E7E663000
heap
page read and write
1D932C87000
heap
page read and write
23E7E669000
heap
page read and write
1D933532000
heap
page read and write
1D932C6B000
heap
page read and write
2B01E402000
trusted library allocation
page read and write
7452BFC000
stack
page read and write
50E4B7E000
stack
page read and write
2B01DB70000
heap
page read and write
1D137030000
heap
page read and write
1D137063000
heap
page read and write
84DCE7E000
stack
page read and write
23E7F013000
heap
page read and write
218AC602000
trusted library allocation
page read and write
84DCD7E000
stack
page read and write
1D137044000
heap
page read and write
1D137046000
heap
page read and write
23E7E713000
heap
page read and write
3E98BFF000
stack
page read and write
6077E7A000
stack
page read and write
3E9887B000
stack
page read and write
218AAC5B000
heap
page read and write
23E7E656000
heap
page read and write
26F79C00000
heap
page read and write
607817E000
stack
page read and write
23E7E7B9000
heap
page read and write
3E98CFC000
stack
page read and write
23E7EFBC000
heap
page read and write
1D137068000
heap
page read and write
16FC7590000
heap
page read and write
2B01DC00000
heap
page read and write
E5B69FD000
stack
page read and write
2ABB0FF000
stack
page read and write
218AAC68000
heap
page read and write
1D137000000
heap
page read and write
50E517F000
stack
page read and write
26F79B60000
heap
page read and write
20409900000
heap
page read and write
23E7E68B000
heap
page read and write
2B01E370000
remote allocation
page read and write
1D932C00000
heap
page read and write
20409800000
heap
page read and write
23E7F027000
heap
page read and write
2B01DC29000
heap
page read and write
218ACC10000
remote allocation
page read and write
E5B6B7D000
stack
page read and write
607807F000
stack
page read and write
23E7E4A0000
heap
page read and write
23E7EF43000
heap
page read and write
23E7EE02000
heap
page read and write
1D13707B000
heap
page read and write
6077AFA000
stack
page read and write
23E7EF6F000
heap
page read and write
26F79BF0000
trusted library allocation
page read and write
20409802000
heap
page read and write
218AAC3E000
heap
page read and write
E5B67FE000
stack
page read and write
6077D79000
stack
page read and write
1D137047000
heap
page read and write
204096A0000
heap
page read and write
E5B6C7F000
stack
page read and write
1D137029000
heap
page read and write
50E4EFC000
stack
page read and write
1D932C13000
heap
page read and write
1D932CCC000
heap
page read and write
1D932C3E000
heap
page read and write
26F79C02000
heap
page read and write
218AC5C0000
trusted library allocation
page read and write
1D13706E000
heap
page read and write
23E7E667000
heap
page read and write
20409913000
heap
page read and write
F50607B000
stack
page read and write
1D933350000
trusted library allocation
page read and write
E5B6A7E000
stack
page read and write
23E7E66E000
heap
page read and write
3E993FE000
stack
page read and write
50E537B000
stack
page read and write
23E7EF22000
heap
page read and write
3E98DFE000
stack
page read and write
218AAD00000
heap
page read and write
2ABB3FD000
stack
page read and write
218AAC02000
heap
page read and write
2ABB5FF000
stack
page read and write
2ABABCD000
stack
page read and write
23E7EC70000
trusted library allocation
page read and write
E5B68FF000
stack
page read and write
218AAC65000
heap
page read and write
1D932CE0000
heap
page read and write
2B01DC58000
heap
page read and write
23E7E613000
heap
page read and write
1D932D13000
heap
page read and write
26F79BC0000
heap
page read and write
7452AF9000
stack
page read and write
745287F000
stack
page read and write
1D137060000
heap
page read and write
26F79D02000
heap
page read and write
1D932D02000
heap
page read and write
50E507F000
stack
page read and write
23E7EF54000
heap
page read and write
26F79C13000
heap
page read and write
23E7E78E000
heap
page read and write
607771E000
stack
page read and write
1D932B90000
heap
page read and write
218AAC00000
heap
page read and write
1D932C29000
heap
page read and write
23E7EF8E000
heap
page read and write
2ABAB4B000
stack
page read and write
218AAD02000
heap
page read and write
16FC7E02000
trusted library allocation
page read and write
3E991FE000
stack
page read and write
23E7E652000
heap
page read and write
20409856000
heap
page read and write
1D136EB0000
heap
page read and write
23E7EF02000
heap
page read and write
2B01DC13000
heap
page read and write
F5060FE000
stack
page read and write
1D13704B000
heap
page read and write
3E988FE000
stack
page read and write
60781FE000
stack
page read and write
218AAC4C000
heap
page read and write
1D13703D000
heap
page read and write
218AAC5C000
heap
page read and write
16FC766A000
heap
page read and write
218ACC10000
remote allocation
page read and write
26F7A402000
trusted library allocation
page read and write
607769C000
stack
page read and write
3E98AFF000
stack
page read and write
50E557F000
stack
page read and write
16FC7613000
heap
page read and write
84DCF7E000
stack
page read and write
1D933402000
heap
page read and write
20409902000
heap
page read and write
16FC7600000
heap
page read and write
1D933500000
heap
page read and write
2040983C000
heap
page read and write
1D136E50000
heap
page read and write
3E98EFD000
stack
page read and write
1D137040000
heap
page read and write
1D137062000
heap
page read and write
23E7E600000
heap
page read and write
1D13707F000
heap
page read and write
There are 272 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://storageapi.fleek.co/9db0d41e-e2fe-4afc-b36b-6d83510d030c-bucket/indexx.html
 malicious