IOC Report
http://www.bn3b2b2.livelovesouthatlanta.com/#.==wZy9mLilWZANHduVWblNnc1J2cpRWL0NHcuVWLilWZ6pneyImMiNjbi9ievsWYu8Sai9WbuUGbpJ2btxWYi9Gbn5SZt9Ga

loading gif

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1956 --field-trial-handle=1568,i,14781660650222300864,2008606683164464388,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.bn3b2b2.livelovesouthatlanta.com/#.==wZy9mLilWZANHduVWblNnc1J2cpRWL0NHcuVWLilWZ6pneyImMiNjbi9ievsWYu8Sai9WbuUGbpJ2btxWYi9Gbn5SZt9Ga

URLs

Name
IP
Malicious
http://www.bn3b2b2.livelovesouthatlanta.com/#.==wZy9mLilWZANHduVWblNnc1J2cpRWL0NHcuVWLilWZ6pneyImMiNjbi9ievsWYu8Sai9WbuUGbpJ2btxWYi9Gbn5SZt9Ga
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.180.174
http://www.bn3b2b2.livelovesouthatlanta.com/favicon.ico
192.185.72.57
http://www.bn3b2b2.livelovesouthatlanta.com/
192.185.72.57
http://www.bn3b2b2.livelovesouthatlanta.com/#.==wZy9mLilWZANHduVWblNnc1J2cpRWL0NHcuVWLilWZ6pneyImMiNjbi9ievsWYu8Sai9WbuUGbpJ2btxWYi9Gbn5SZt9Ga
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.250.184.45

Domains

Name
IP
Malicious
www.bn3b2b2.livelovesouthatlanta.com
192.185.72.57
accounts.google.com
142.250.184.45
www.google.com
142.250.184.100
clients.l.google.com
142.250.180.174
clients2.google.com
unknown

IPs

IP
Domain
Country
Malicious
142.250.184.45
accounts.google.com
United States
192.168.2.1
unknown
unknown
192.185.72.57
www.bn3b2b2.livelovesouthatlanta.com
United States
239.255.255.250
unknown
Reserved
142.250.184.100
www.google.com
United States
142.250.180.174
clients.l.google.com
United States
127.0.0.1
unknown
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blocklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry
TraceTimeLast
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
There are 42 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
731A07C000
stack
page read and write
2805722A000
heap
page read and write
1E70B05A000
heap
page read and write
1E70B05C000
heap
page read and write
1EDE4243000
heap
page read and write
28058CC0000
trusted library allocation
page read and write
25ECEF02000
heap
page read and write
24625302000
heap
page read and write
84AB3FC000
stack
page read and write
9B53EFD000
stack
page read and write
1C5E5459000
heap
page read and write
2B575B13000
heap
page read and write
1EDE4BBC000
heap
page read and write
2B576002000
heap
page read and write
28058D00000
trusted library allocation
page read and write
25ECF602000
trusted library allocation
page read and write
1E70B065000
heap
page read and write
24625223000
heap
page read and write
1EDE4C02000
heap
page read and write
1E70AEF0000
heap
page read and write
1C5E5471000
heap
page read and write
9C6297A000
stack
page read and write
1E70B047000
heap
page read and write
1E70B042000
heap
page read and write
1EDE4BC6000
heap
page read and write
1E70AE80000
heap
page read and write
28057258000
heap
page read and write
1EDE4289000
heap
page read and write
24625228000
heap
page read and write
24624FB0000
heap
page read and write
CE7ABFE000
stack
page read and write
24624FA0000
heap
page read and write
28058E02000
heap
page read and write
28378202000
trusted library allocation
page read and write
B5097BE000
stack
page read and write
2462527C000
heap
page read and write
28378080000
trusted library allocation
page read and write
1E70B029000
heap
page read and write
1EDE426C000
heap
page read and write
2B575A24000
heap
page read and write
1EDE4BBE000
heap
page read and write
24625010000
heap
page read and write
1E70B07F000
heap
page read and write
25ECECA0000
heap
page read and write
28057248000
heap
page read and write
283780B0000
remote allocation
page read and write
2B575AE2000
heap
page read and write
28058D80000
remote allocation
page read and write
2805724B000
heap
page read and write
1EDE4BB0000
heap
page read and write
28377A56000
heap
page read and write
1C5E546D000
heap
page read and write
9B5407F000
stack
page read and write
2B5757A0000
heap
page read and write
1EDE4313000
heap
page read and write
24625200000
heap
page read and write
1EDE41A0000
heap
page read and write
1E70B07C000
heap
page read and write
25ECEE00000
heap
page read and write
25ECEE4C000
heap
page read and write
9B53D7D000
stack
page read and write
9B53DFF000
stack
page read and write
1EDE4C30000
heap
page read and write
9C625FF000
stack
page read and write
CE7AC7B000
stack
page read and write
1C5E5C02000
trusted library allocation
page read and write
1E70B000000
heap
page read and write
1E70B03D000
heap
page read and write
731A27E000
stack
page read and write
1C5E5400000
heap
page read and write
25ECEE26000
heap
page read and write
24625258000
heap
page read and write
1C5E545C000
heap
page read and write
283780B0000
remote allocation
page read and write
2B575AC8000
heap
page read and write
1E70B013000
heap
page read and write
2B575A00000
heap
page read and write
28377A13000
heap
page read and write
B509A7E000
stack
page read and write
283780B0000
remote allocation
page read and write
25ECEE45000
heap
page read and write
28058D80000
remote allocation
page read and write
1E70B078000
heap
page read and write
CE7AE7F000
stack
page read and write
1E70B06E000
heap
page read and write
2B575A13000
heap
page read and write
1C5E52B0000
heap
page read and write
1EDE438E000
heap
page read and write
9B53FFF000
stack
page read and write
1E70B062000
heap
page read and write
1EDE4B54000
heap
page read and write
9B53B7E000
stack
page read and write
28377A00000
heap
page read and write
2B5759D0000
trusted library allocation
page read and write
7319CFF000
stack
page read and write
9C626FC000
stack
page read and write
1EDE4C00000
heap
page read and write
28377A5C000
heap
page read and write
28057202000
heap
page read and write
28057213000
heap
page read and write
1E70B046000
heap
page read and write
1E70B057000
heap
page read and write
944C1FE000
stack
page read and write
24625260000
heap
page read and write
1E70B06C000
heap
page read and write
24625264000
heap
page read and write
1EDE41D0000
trusted library allocation
page read and write
7319E7E000
stack
page read and write
28057302000
heap
page read and write
84AAF7C000
stack
page read and write
1C5E5429000
heap
page read and write
1EDE4276000
heap
page read and write
9B538FE000
stack
page read and write
B509CFE000
stack
page read and write
1C5E5441000
heap
page read and write
1E70B04E000
heap
page read and write
CE7A97E000
stack
page read and write
1EDE4213000
heap
page read and write
84AB5FF000
stack
page read and write
28377A24000
heap
page read and write
D8277FF000
stack
page read and write
1EDE4254000
heap
page read and write
2B575A6E000
heap
page read and write
2B575800000
heap
page read and write
9C6287F000
stack
page read and write
1E70B07B000
heap
page read and write
28058C70000
trusted library allocation
page read and write
84AB2FF000
stack
page read and write
D8276FB000
stack
page read and write
CE7AA7F000
stack
page read and write
944C4FF000
stack
page read and write
28377920000
heap
page read and write
1EDE4C27000
heap
page read and write
1C5E5402000
heap
page read and write
1EDE4B02000
heap
page read and write
28377A36000
heap
page read and write
944BAFF000
stack
page read and write
25ECEE13000
heap
page read and write
246251E0000
trusted library allocation
page read and write
28058F02000
heap
page read and write
84AB4FD000
stack
page read and write
1EDE4B6F000
heap
page read and write
24625213000
heap
page read and write
9C62779000
stack
page read and write
1E70B06A000
heap
page read and write
24625202000
heap
page read and write
28057283000
heap
page read and write
1C5E5464000
heap
page read and write
1E70B060000
heap
page read and write
28377A02000
heap
page read and write
B50973B000
stack
page read and write
1EDE4290000
heap
page read and write
2805731C000
heap
page read and write
D8274FB000
stack
page read and write
7319D7E000
stack
page read and write
1EDE4B43000
heap
page read and write
1C5E52C0000
heap
page read and write
2B575790000
heap
page read and write
1C5E5A80000
trusted library allocation
page read and write
2805723D000
heap
page read and write
2B575AC0000
heap
page read and write
1EDE43E5000
heap
page read and write
1EDE4B22000
heap
page read and write
28057160000
heap
page read and write
1C5E5513000
heap
page read and write
9C62A7E000
stack
page read and write
1EDE4130000
heap
page read and write
1EDE4291000
heap
page read and write
28057300000
heap
page read and write
1E70B067000
heap
page read and write
280571D0000
heap
page read and write
2B575B02000
heap
page read and write
CE7A7FC000
stack
page read and write
1E70B031000
heap
page read and write
84AB1FE000
stack
page read and write
9C6247F000
stack
page read and write
1EDE4B00000
heap
page read and write
1E70B063000
heap
page read and write
1E70B085000
heap
page read and write
25ECECF0000
heap
page read and write
2B576132000
heap
page read and write
24625268000
heap
page read and write
1EDE4229000
heap
page read and write
944C3FE000
stack
page read and write
9B5387C000
stack
page read and write
1E70B040000
heap
page read and write
25ECEE29000
heap
page read and write
944BC7B000
stack
page read and write
28377A29000
heap
page read and write
1EDE4278000
heap
page read and write
24625802000
trusted library allocation
page read and write
25ECEDF0000
trusted library allocation
page read and write
25ECEC90000
heap
page read and write
9C620EC000
stack
page read and write
2462522E000
heap
page read and write
1EDE4286000
heap
page read and write
1EDE4200000
heap
page read and write
1EDE4C13000
heap
page read and write
2B575AE6000
heap
page read and write
944C2FF000
stack
page read and write
28058D80000
remote allocation
page read and write
24625300000
heap
page read and write
2B575AB7000
heap
page read and write
944BDFF000
stack
page read and write
9B53C7F000
stack
page read and write
B509EFE000
stack
page read and write
28058C90000
trusted library allocation
page read and write
CE7B07E000
stack
page read and write
28057318000
heap
page read and write
2B575A42000
heap
page read and write
2462523C000
heap
page read and write
D8275FB000
stack
page read and write
1E70B045000
heap
page read and write
1E70B058000
heap
page read and write
1EDE4930000
trusted library allocation
page read and write
2B575AB9000
heap
page read and write
944BFFF000
stack
page read and write
944BA7B000
stack
page read and write
283778C0000
heap
page read and write
1E70AE90000
heap
page read and write
2805724B000
heap
page read and write
1E70B102000
heap
page read and write
28057272000
heap
page read and write
25ECEE49000
heap
page read and write
9B5397E000
stack
page read and write
25ECEE30000
heap
page read and write
1E70B03B000
heap
page read and write
1EDE426E000
heap
page read and write
1EDE4A02000
heap
page read and write
2B575AC6000
heap
page read and write
2B576100000
heap
page read and write
28057266000
heap
page read and write
CE7AAFC000
stack
page read and write
944C0FD000
stack
page read and write
1EDE4265000
heap
page read and write
9C62BFF000
stack
page read and write
1EDE4B90000
heap
page read and write
1EDE4C23000
heap
page read and write
28377A40000
heap
page read and write
84AAB0B000
stack
page read and write
1EDE43B9000
heap
page read and write
28377B02000
heap
page read and write
B509DFF000
stack
page read and write
28057170000
heap
page read and write
84AB6FC000
stack
page read and write
7319C7B000
stack
page read and write
24625313000
heap
page read and write
2805725B000
heap
page read and write
283778B0000
heap
page read and write
1E70B03A000
heap
page read and write
1EDE4B22000
heap
page read and write
28057200000
heap
page read and write
D826F9B000
stack
page read and write
1C5E5413000
heap
page read and write
25ECEE02000
heap
page read and write
B509BFE000
stack
page read and write
944BEFB000
stack
page read and write
1C5E5320000
heap
page read and write
2805725B000
heap
page read and write
7319F79000
stack
page read and write
84AB0FF000
stack
page read and write
1E70B05F000
heap
page read and write
1E70AFF0000
trusted library allocation
page read and write
CE7AD7C000
stack
page read and write
1E70B802000
trusted library allocation
page read and write
CE7AF7D000
stack
page read and write
1EDE423C000
heap
page read and write
25ECEE3C000
heap
page read and write
9B53AFF000
stack
page read and write
1EDE4258000
heap
page read and write
1EDE4140000
heap
page read and write
28057313000
heap
page read and write
CE7A3CB000
stack
page read and write
731A17E000
stack
page read and write
9C62B7A000
stack
page read and write
25ECEE54000
heap
page read and write
944C5FE000
stack
page read and write
1C5E5502000
heap
page read and write
There are 268 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
http://www.bn3b2b2.livelovesouthatlanta.com/#.==wZy9mLilWZANHduVWblNnc1J2cpRWL0NHcuVWLilWZ6pneyImMiNjbi9ievsWYu8Sai9WbuUGbpJ2btxWYi9Gbn5SZt9Ga