Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank

Details

Is windows:	true
Is dropped:	false
PID:	4608
Target ID:	0
Parent PID:	3200
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Size:	2509656
MD5:	464953824E644F10FFDC9E093FD18F94
Time:	09:35:33
Date:	25/01/2023
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff658960000
Modulesize:	2568192
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1712,6834009655941694944,2695339048696769679,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	6564
Target ID:	3
Parent PID:	4608
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1712,6834009655941694944,2695339048696769679,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 /prefetch:8
Size:	2509656
MD5:	464953824E644F10FFDC9E093FD18F94
Time:	09:35:33
Date:	25/01/2023
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff658960000
Modulesize:	2568192
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe" "https://styleselect.com/vts0u

Details

Is windows:	true
Is dropped:	false
PID:	4264
Target ID:	5
Parent PID:	3200
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	C:\Program Files\Google\Chrome\Application\chrome.exe" "https://styleselect.com/vts0u
Size:	2509656
MD5:	464953824E644F10FFDC9E093FD18F94
Time:	09:35:34
Date:	25/01/2023
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff658960000
Modulesize:	2568192
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1712,6834009655941694944,2695339048696769679,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5044 /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	7236
Target ID:	12
Parent PID:	4608
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1712,6834009655941694944,2695339048696769679,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5044 /prefetch:8
Size:	2509656
MD5:	464953824E644F10FFDC9E093FD18F94
Time:	09:35:54
Date:	25/01/2023
Reason:	newprocess
Reputation:	low
Is admin:	false
Is elevated:	false
Modulebase:	0x7ff658960000
Modulesize:	2568192
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1712,6834009655941694944,2695339048696769679,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6856 /prefetch:8

Details

Is windows:	true
Is dropped:	false
PID:	8196
Target ID:	13
Parent PID:	4608
Name:	chrome.exe
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1712,6834009655941694944,2695339048696769679,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6856 /prefetch:8
Size:	2509656
MD5:	464953824E644F10FFDC9E093FD18F94
Time:	09:35:54
Date:	25/01/2023
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff658960000
Modulesize:	2568192
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

URLs

Name

Malicious

https://styleselect.com/vts0u

https://apis.google.com/js/googleapis.proxy.js?onload=startup

142.250.185.142

https://lh3.googleusercontent.com/rcQGmayD_9OzAY1gZL3vRvB3Eq5M9ynAiB2P33LAhb27lsmZSl4DQPpELf5VWLkvKBWPSwAmd5-uXnAsiSMQwMvFaCoQinmY6SFhhQ=w0-e60

142.250.185.225

https://lh3.googleusercontent.com/2noIz2X2ov5fXwxhW8AbSDnLpp8tT3mI3-iV_OQ2UOwX_EhIBBgip7FPRs10DYmPKinVM98Qkjr1uN3BhQ3StGXCp1-O_wPwoLZeDQ=rw-e365-w2880

142.250.185.225

https://yt3.ggpht.com/ytc/AL5GRJXf7ZV0JSYp1wUp8Uz25FRkwH9PmS9IwGnknCvhO1g=s68-c-k-c0x00ffffff-no-rj

142.250.181.225

https://apis.google.com/js/client.js

142.250.185.142

https://lh3.googleusercontent.com/FU-s_R5k9ZDky6RTNWsdrN8xa9Jp7C2mwd_Kj9NHQe6Cw_EipUIFLjv0L7fGBh7KloVVACyAI7AIaXMC_bPGKVkX6aebI-4f-UurLRbk

142.250.185.193

https://lh3.googleusercontent.com/gQgn9ZUwHn7UyvQHOcAV_AmbPbpo97fRmCqBIGfPpbB-594aiAFfqQgaUwzEAUaI40O23_uJKvXf8_3QDKS1Aj28wVtz6GUTQFLG84oMGEU-BxiVRouO=w1440-l90-sg-rj-c0xffffff

142.250.185.225

https://lh3.googleusercontent.com/dMQ1Q4xlLrl3-KsZvX_9v56emij4OkRxzapLM7RSuZVd7PgqfjPxKR4KY8hVHYXqP2ZkS-_ZueXb9ywW66H2oCyTglApr1ELCy3woOAviTgFP6uyAd0=h120

142.250.185.225

https://lh3.googleusercontent.com/vnSr97Bu2sI2_h334BHmEn1zTPrtv0hM9MLn3YxkN6JVzmir_VH62GiPIKfwtPBTOQ8xH0XNI40xfPAYbwbJEU-1jG09ovlU0f4S1Q=h120

142.250.185.225

https://www.google.com/gmail/about/static-2.0/css/partials/faq.css?fingerprint=392991776b78fd091779006c96b7384b

142.250.186.132

https://lh3.googleusercontent.com/NksFVpnLFiAE4YKEh9n84ebvfznogwh0AyAUDpmpLqpBP7h791LS9RcIzWpE8XfsiR0NJiHomxV8FyVO2ccMF2VzB_L3omeUWuHu9d3LGJ4Ww6JKviev

142.250.185.225

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/embed.js

142.250.186.46

https://lh3.googleusercontent.com/tUfd9tmqYw7QFa0Nnpde9SawF7tIAhwDw_ZM5YwuG0FmBTzjStOVQu1In41aEdg0FoXcXYEVk4L_FQDbPrXsJy-sg1BMEkU14M89=h120

142.250.185.225

https://lh3.googleusercontent.com/VdXRrd_xoiTD2oe-7FBLg5HOxC0evZYSk9glkZ9etAT5LNvCfL4tPySadjV9I32Y73wAauBLo6HCv4yTX7G9SYE8NG5-LFwNVBpfZw=h120

142.250.185.225

https://www.google.hr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113093516-1&cid=620003221.1674639347&jid=414671037&_u=SACAAEAAQAAAACgBY~&z=1456209430

142.250.185.99

https://www.google.com/setprefs?sig=0_B5Deox5LjV-nPaZIAoirw4ivz0s%3D&hl=en&source=homepage&sa=X&ved=0ahUKEwijlfOgqOL8AhXSSvEDHRPvAK4Q2ZgBCBA

142.250.186.132

https://lh3.googleusercontent.com/YqGm39Z5sh9A5xtQbH_iZFAKj6kwCkY447q5cjzGcb85qccGrZn5xO_N_XwKpx1nd3XA-l6tJyz2qk7Xxk8ThS1-W78mBoEfPVKF4hm4=rw-e365-w2880

142.250.185.225

https://lh3.googleusercontent.com/yfNHOIqQb-_BbTsGZle4fmncMyM2kTjYQzub_Hucf27LCQPNwJiqiOMr39an6X_yB3gCKVExXGgtYm1morm8jkXY53W8h75Z0nUepg=h120

142.250.185.225

https://accounts.google.com/v3/signin/_/AccountsSignInUi/data/batchexecute?rpcids=UEkKwb&source-path=%2Fv3%2Fsignin%2Fidentifier&f.sid=-6484487158070746012&bl=boq_identityfrontendauthuiserver_20230115.08_p0&hl=hr&_reqid=34561&rt=c

142.250.185.173

https://www.google.com/xjs/_/js/k=xjs.s.en_GB.zqI8YkHjj90.O/ck=xjs.s.u-rfaHfpfBg.L.W.O/am=AAEqCFcAOAAAIAAAAAASEAAAAAAAAQAYAyB4ygYEbAgHiMEAWJYAEAAQxOiHCAAAA4ABDAMAAgAAACB_AAKeAIDBhAUAAAAAAAAACFiCYHCDBAUBIAAAAAAAAABKafLiABAEAQ/d=1/exm=CnSW2d,DPreE,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,WlNQGd,aa,abd,async,cdos,csi,d,dpf,epYOx,fXO0xe,hsm,jsa,kQvlef,mu,nabPbb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch/ed=1/dg=2/br=1/rs=ACT90oF6V5SFSDHarfUTZb8Bl8x3BhGQvw/ee=Pjplud:PoEs9b;QGR0gd:Mlhmy;uY49fb:COQbmf;EVNhjf:pw70Gc;sTsDMc:kHVSUb;g8nkx:U4MzKc;wQlYve:aLUfP;kbAm9d:MkHyGd;F9mqte:UoRcbe;oUlnpc:RagDlc;YV5bee:IvPZ6d;dtl0hd:lLQWFe;yGxLoc:FmAr0c;dIoSBb:ZgGg9b;pXdRYb:JKoKVe;wR5FRb:TtcOte;KpRAue:Tia57b;aZ61od:arTwJ;JXS8fb:Qj0suc;rQSrae:C6D5Fc;qavrXe:zQzcXe;UDrY1c:eps46d;w3bZCb:ZPGaIb;VGRfx:VFqbr;imqimf:jKGL2e;Np8Qkd:Dpx6qc;BjwMce:cXX2Wb;oGtAuc:sOXFj;NPKaK:PVlQOd;EmZ2Bf:zr1jrb;daB6be:lMxGPd;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;R4IIIb:QWfeKf;BMxAGc:E5bFse;WDGyFe:jcVOxd;wV5Pjc:L8KGxe;xbe2wc:wbTLEd;DpcR3d:zL72xf;tosKvd:ZCqP3;ESrPQc:mNTJvc;NSEoX:lazG7b;G6wU6e:hezEbd;okUaUd:wItadb;GleZL:J1A7Od;Xeq57c:wZTUNc;eJZqRc:wUwbse;RiX1h:uiAbXc;oSUNyd:fTfGO;SJsSc:H1GVub;SMDL4c:fTfGO;JsbNhc:Xd8iUd;zOsCQe:Ko78Df;KcokUb:KiuZBf;WCEKNd:I46Hvd;LBgRLc:XVMNvd;LsNahb:ucGLNb;UyG7Kb:wQd0G;kCQyJ:ueyPK;TxfV6d:YORN0b;qaS3gd:yiLg6e;aAJE9c:WHW6Ef;BgS6mb:fidj5d;UVmjEd:EesRsb;z97YGf:oug9te;CxXAWb:YyRLvc;VN6jIc:ddQyuf;SLtqO:Kh1xYe;VxQ32b:k0XsBb;DULqB:RKfG5c;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;hjRo6e:F62sG;whEZac:F4AmNb;qddgKe:x4FYXe;eBAeSb:Ck63tb;vfVwPd:OXTqFb;w9w86d:dt4g2b;lkq0A:Z0MWEf;KQzWid:mB4wNe;pNsl2d:j9Yuyc;eHDfl:ofjVkb;Nyt6ic:jn2sGd;SNUn3:x8cHvb;LEikZe:byfTOb,lsjVmc;io8t5d:sgY6Zb;Oj465e:KG2eXe;Erl4fe:FloWmf;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;nAFL3:s39S4;iFQyKf:QIhFr/m=aLUfP?xjs=s2

142.250.186.132

https://lh3.googleusercontent.com/z3dgQsXgGqfadzIUmpGI_ppolUy7H6fgqIbtW_qzLXcBww0nOby8TEE3e_fW84Qa7zeAwe339f5VLkqRD6jk7Z9sEaVh5Y_yaPG9nw=h120

142.250.185.225

https://lh3.googleusercontent.com/PWXM4hp9lRRezHTV86SqLwhRQMz4_Lk08jll3GkWBvBZy_Uk6kvUvwIrVilwaIW2mHZJoccchG6o9a5UdOJEwQPf9oJGmOGSglo3VW0=rw-e365-w2880

142.250.185.225

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.3R2S2iMRC9o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-ukmJKpOYaCGRb909wNTowBRXFA/cb=gapi.loaded_0

142.250.185.142

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

142.250.186.46

https://about.google/assets-main/img/glue-google-solid-logo.svg

216.239.32.29

https://ads.google.com/home/static/js/butterbar/butterbar.min.js?cache=16cd874

142.250.185.238

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113093516-1&cid=620003221.1674639347&jid=414671037&_u=SACAAEAAQAAAACgBY~&z=1456209430

142.250.186.132

https://about.google/assets-products/css/index.min.css?cache=8dee953

216.239.32.29

https://lh3.googleusercontent.com/kQDv-46ToDkqXJ2DIlr7hKXKalQvL0NJy4oGIhNlUkxX95btXayCKNoZuaY_KT-6U8-Iz35FlDZXRd1U3bNFo99a3k0-vwIIbtEIStTKYwD_UxNkjA

142.250.185.225

https://lh3.googleusercontent.com/Pk8YenR3VOTvN9iNHAGWp3pWYZiaYMXXWUkfAjt_LMrf222t9zn815V-GfMRJ1Hjgq7l2k1KiQmxCw5d687WTfIPgwjVfGvoHaSwRDI=h120

142.250.185.225

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=94.0.4606.61&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1

142.250.181.238

https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

142.250.186.46

https://lh3.googleusercontent.com/gcivdVV-tvxWnRUDNOUocQhsZmT9Was6CexDLkqmigkLzk5ZcNjqcgj3q4UROg4b1xbj63W94SONQIU2n3nBSa1qTQQX1SbJj_tQLR0

142.250.185.193

https://lh3.googleusercontent.com/C_Ty0alIJNrRQz5pNFmgA1rsRnhZDj67eVCCHXoJFFot0FQEZydARPRKbBADyHQoA0_Dj6gLITCshiJq6C-H-QM_U2mJwJZVLOQPnwvCL2RerGMEhw0

142.250.185.225

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

172.217.16.130

https://ads.google.com/home/static/js/butterbar/butterbar-config.json?abc12345

142.250.185.238

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

142.250.186.46

https://www.google.com/gen_204?atyp=i&ei=1unQY6PSPNKVxc8Pk96D8Ao&ct=slh&v=t1&pv=0.5158153454166279&me=10:1674639345353,V,0,0,0,0:0,h,1,1,o:19461,V,0,0,1920,969:4,e,B&zx=1674639364818

142.250.186.132

https://lh3.googleusercontent.com/Q4UDu0hKQgAyUzO0RpJTpTKc2DyaZbU-K96JCJjqKd9_ABetMMpS6LxO6Y7Ypm2CVhCro4n4n9PTF97SlwrSjmJFaHdV-_yDr8MpX1M=h120

142.250.185.225

https://lh3.googleusercontent.com/rFIOGuWFGvTm427OcRIhQIeB1SqlCZkVh7N7F-q8Rm6b_mtlUebqvFmXHCkvLuV8ebUiIRIQXbg_ujAXIJ9wg02s7L36Us66yyIAotc

142.250.185.193

https://lh3.googleusercontent.com/WdC-o7ZcZL5WALPSmfUC8H4oYhlhqm1DV45CtHqV06DTRR0rE_P9JXi-J2KXLd9CTyHt_t3ehUm1o_AMltgfAGbvQDku8jsZt0kBSA=h120

142.250.185.225

https://www.google.com/xjs/_/js/md=1/k=xjs.s.hr.yJTSuyULj1Q.O/am=AAEqCFcAOAAAIAAAAAASEAAAAAAAAQAYAyB4ygYEbAgHiMEAWJYAEAAQxOiHCAAAA4ABDAMAAgAAACB_AAKeAIDBhAUAAAAAAAAACFiCYHCDBAUBIAAAAAAAAABKafLiABAEAQ/rs=ACT90oFiIZaGLQNaU8yyAAwPigiW023qaQ

142.250.186.132

https://lh3.googleusercontent.com/gi7EU_u6IiuIRSxunfy5LLqsEJrC08L12aufZc3rP_w8hD8ouiVW89vfe7pTQrSsLXQYyQvnlhBfarK9Ul33ccQOSqKgK3i6iyArwg=h120

142.250.185.225

https://www.youtube.com/embed/by-kTJ0DOLc?rel=0&vq=hd720&start=0&cc_load_policy=1&playsinline=1&origin=https%3A%2F%2Fabout.google&enablejsapi=1&widgetid=1

https://lh3.googleusercontent.com/RwVe2Cm1EjeDmYhdTzr179G0ovq_PCxgPzQ92PO-YxTBEFTHWh0L6Ev8FFDWRgRGrE81vwn95tyg9Ey189OO4kllhhpLAMIsGFZ-UKA=h120

142.250.185.225

https://about.google/assets-products/img/glue-icons.svg

216.239.32.29

https://lh3.googleusercontent.com/9NuRdiRepVI3n1txfg7Ky2wWzB3DvXkWABXeFMSn2tzDYYkv8T_RMA9R17fWi0ziUDIDTVJx0JruCzOev37c4dkK9Wrgkeyam3pM8lI=h120

142.250.185.225

https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=1unQY6PSPNKVxc8Pk96D8Ao&rt=wsrt.308,aft.199,afti.199,prt.39&wh=969&imn=3&ima=2&imad=0&imac=0&aftp=969&bl=PSCp

142.250.186.132

https://www.google.com/gen_204?atyp=i&ei=1unQY6PSPNKVxc8Pk96D8Ao&ct=slh&v=t1&pv=0.5158153454166279&me=7:1674639336387,V,0,0,0,0:7851,V,0,0,1920,969:1115,e,B&zx=1674639345353

142.250.186.132

https://lh3.googleusercontent.com/oJtxC9wrYYcStJ4Ds2ylblE6GyJtbi_HWy01cp88xJGkrELh-SZ6N-kdrMmRglHFy7gsFWUNbG0Jth92P8HOVJkYyMMo76yMJ2vS=h120

142.250.185.225

https://lh3.googleusercontent.com/6nGdwtbmSCuuGF5fSCqvv0f-GOsp927ZXRFxC1NNEqlH-EwAGEqlHXN2rcarUTB7C8Tj8shbcg-9z-CO4XJGTVSaLbT5FPsq0rKET0ZIfWNsj9_f424=h120

142.250.185.225

https://lh3.googleusercontent.com/hcfrojgqkbroG2ScJ_n6ofwCdSOkC6Uk-NPWal_0zQuyKcQrNTgoZpe4bbtJOFuI0Sir0JkrQrKAEhlPbiAnM8v9Hr8xtP47T4saBg=h120

142.250.185.225

https://www.google.com/favicon.ico

142.250.186.132

https://lh3.googleusercontent.com/XfxlbB7Imi28_w277XeVC0u8Yngn8e1bQxhd6YK2snOdqt_uiwripgSEl5VNxgS2cJP2kf0dHv6LfSq8AG6YeJf9cpu1BE1kP36R=h120

142.250.185.225

https://lh3.googleusercontent.com/moWtYpo1G3n-1QfF5rNSy7n2IIQs785-H9DStefngR0kWMsmnPkzMu-SKH3eUxHVddekMttIA5olrn_wo3p50z04NyRZYPHYBc2cxvE=h120

142.250.185.225

https://lh3.googleusercontent.com/2qz9gwasYkOhPEumfqd3_x8HiiRu6fIQR1d-1DRAV8qfkqmQx7Rygzohal7DXbB-urTun2B0thBnpY3BRfqXnJOm4b9QQFk3L4VK=h120

142.250.185.225

https://lh3.googleusercontent.com/MtMPcZawFgE7-ZBRg85xFgdpOPtONPwQcoxQDmjmTBEeLQ_0e-Kpq4U5W_TBgpB35xFXb3fWb7b7oXRh4LyQwWWApn1fzp_GGRVGWHYmVWzweBxaicg=w600-l90-sg-rj-c0xffffff

142.250.185.225

https://about.google/favicon.ico

216.239.32.29

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-69658807-1&cid=276779936.1674639353&jid=274801133&gjid=144316634&_gid=1526238992.1674639353&_u=aEDAAEABAAAAACgBY~&z=1860750059

64.233.184.157

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

142.250.186.46

https://lh3.googleusercontent.com/Amr8tRBfd1Uk8zYm779hnSCwMzArp3LGD1LUhcgPdCOIk0UJczmdKLa42Apx-wzQdrUnsATBiFsyHT5pVit9Al6PwfVewM09FnlwAA=h120

142.250.185.225

https://lh3.googleusercontent.com/DWpSqn9zih2HKA8jegm1_8iYW5luCKjBQYaPaMeeqxF4wVZGDrG1dSz-ZNEmn9HcxNeHdJ_rWAvfvrNEZ_C9j2QPPhr8it81qoi5rW0_l2z7KPjLxY4=w1440-l90-sg-rj-c0xffffff

142.250.185.225

https://www.google.com/xjs/_/js/k=xjs.s.en_GB.zqI8YkHjj90.O/am=AAEqCFcAOAAAIAAAAAASEAAAAAAAAQAYAyB4ygYEbAgHiMEAWJYAEAAQxOiHCAAAA4ABDAMAAgAAACB_AAKeAIDBhAUAAAAAAAAACFiCYHCDBAUBIAAAAAAAAABKafLiABAEAQ/d=1/ed=1/dg=2/br=1/rs=ACT90oFISqX-ps5q8wwgkzpCC-98CMK6Uw/m=cdos,dpf,hsm,jsa,d,csi

142.250.186.132

https://lh3.googleusercontent.com/_M14NRTYPPQYgdKReeicOfwYJfHI-USHThCxb3buQ8dKJ_XBIjR1lnzdLQ3vjYrDVdOn79de6u_JkxB0D44hBrZ88olRx1fU8QIe7Cq_VzxUWalNeQ=w1440-l80-sg-rj-c0xffffff

142.250.185.225

https://lh3.googleusercontent.com/6xlGJ-dkwosfUisVYzRKNE1Wcr5QDDfRfZ4bXktF-Nn0J0ucHd_JI1wjXTls7lt5mvJvvcvtrNc0MESF98dAx6ivasEsZNxoaUZU-Q=h120

142.250.185.225

https://lh3.googleusercontent.com/csWtrOkqW8-iYd6fNH5_8YIuE2Y0Qpu6t-llEIGPzwYKnaOZqRwhYOus8iKMxEJGyQUrskBzpyB2rm4HM88fu1JHOcHbRCZOvBmavw=w0-e60

142.250.185.225

https://www.google.com/gen_204?atyp=csi&ei=8-nQY8rmJq6Cxc8Px66AmAw&s=webhp&t=all&bl=PSCp&wh=969&imn=2&ima=2&imad=0&imac=0&aftp=-1&adh=&ime=2&imex=2&imeh=0&imea=0&imeb=0&imel=0&scp=0&net=dl.10000,ect.4g,rtt.0&mem=ujhs.11,tjhs.15,jhsl.2173,dm.8&sys=hc.16&rt=aft.28,afti.28,aftqf.57,prt.56,xjses.158,xjsee.185,xjs.185,dcl.185,ol.681,lcp.51,fcp.51,wsrt.244,cst.0,dnst.0,rdxt.131,rqst.142,rspt.33,rqstt.135,unt.134,cstt.134,dit.301&zx=1674639364274

142.250.186.132

https://lh3.googleusercontent.com/hHWA5otDm9mYUJdAqTjo7wBWj8euY-SdEhCffO7oQzG3zpzxm-YExt1VDB8X6_5gchW_Ye3bfhOJXyOWgcUr94GtgqltKP4IxiH02O-Xzw5A1IHsxiw=h120

142.250.185.225

https://lh3.googleusercontent.com/vNgpLTvnDUr6-QM8s4OuuESGDXs_brbGoPR-7vfwdxQI7M4MVFV0CC_Hil4qRDSp4P66ik85fdv09jKn89kDAJVknIbd6wkl0zGQJQ=h120

142.250.185.225

https://lh3.googleusercontent.com/Cle-1GLl4P8zbJafbrnN8-7CgfVSduAR1j2DACNepAm5JL37GANl8tIM1h72Cyga71wO2lGcNPONnQl5MKFi_1TGSBQM8mV9qaKdQw=rw-e365-w2880

142.250.185.225

https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&hl=hr&authuser=0&psi=1unQY6PSPNKVxc8Pk96D8Ao.1674639335382&nolsbt=1&dpr=1

142.250.186.132

https://lh3.googleusercontent.com/p2EiNuo4FQe3s8dhYgEiejBxjryT3B46OTWNItLqiwF58V0T62GKHa7VrbOhI7BbnQOBvdkPFu-4YGG0Dg3b0moXWWSc_aB1hw67Kts=h120

142.250.185.225

https://lh3.googleusercontent.com/8v_oGMOj9bgohn50RgLhJ8XGZ2kIUdr0RG4zCkIYnfjK24ORS0WFaTWmnzxXzagUg2fwAmDy1W_Y4oTtIacT2dhQzAqOy5H9Vg23Rq1oVnhUGtOynjY

142.250.185.225

https://lh3.googleusercontent.com/DEiv6a4elaSehnNAuLu1qmehKSI3gOBNZ8ekBnm02m43j-ugKu0OT248ZbTiAgnkDlZFzycQOY9oiBaIbSxCivN-CkKpnk3kREwN_EDdhKk1O9ehZqY=w600-l90-sg-rj-c0xffffff

142.250.185.225

https://lh3.googleusercontent.com/R7Wr9OkT5zk4gY2F3-tLiMwhFaMfO_hCU5LpTxztUaTOi8kU7_0QUIvOTlhHLyMol8kvHhVvdWUtjmAZ6cqiwGhwZzdg0fvc-UXtojU=h120

142.250.185.225

https://styleselect.com/vts0u

178.20.45.197

https://lh3.googleusercontent.com/EUHFjMpMj-UPEu6jfEEP8TPV7QxQerc-n_qulHi3MFPnK_63i5ldHApJsutq7wXqNmN9V2rmk9swsQ9I0eddAv77HIO4uv6gKt8haNAMqjiM9pqNu9w

142.250.185.225

https://www.google.com/gen_204?atyp=i&ei=8-nQY8rmJq6Cxc8Px66AmAw&ct=slh&v=t1&m=HV&pv=0.43093079954171976&me=1:1674639363619,V,0,0,1920,969:0,B,969:0,N,1,8-nQY8rmJq6Cxc8Px66AmAw:0,R,1,1,0,0,1920,969:444,x:752,e,B&zx=1674639364815

142.250.186.132

https://lh3.googleusercontent.com/5CsRqfMEP1Rv-PPv9G4962lyEuvb4roSLJHJQWPbmCa51AmvynfoGfoKsKiS87QhX07xQMZAeLp8qoSy7CjVZkXJ1WapQiJkroCeJw=h120

142.250.185.225

https://about.google/assets-products/img/glue-google-color-logo.svg

216.239.32.29

https://accounts.google.com/ServiceLogin?hl=hr&passive=true&continue=https://www.google.com/&ec=GAZAmgQ

142.250.185.173

https://www.google.com/gmail/about/static-2.0/js/main.min.js?fingerprint=3013f65e4814d5914f9a24976b9493a1

142.250.186.132

https://www.google.com/gen_204?atyp=i&ei=8-nQY8rmJq6Cxc8Px66AmAw&ct=slh&v=t1&pv=0.43093079954171976&me=7:1674639364816,V,0,0,0,0:0,h,1,1,o:9,V,0,0,1920,969:14,h,1,1,i:632,e,B&zx=1674639365471

142.250.186.132

https://about.google/assets-main/img/glue-icons.svg

216.239.32.29

https://lh3.googleusercontent.com/nDCFKerWuvJvG26AZOPsWYFPiw3MRFDYqVJcHzQzK6AgY96TXH50bpQ1IE__BdBxxcXm8ZTaQ6OuJ4pbYF1c-ugOTfOmjhffJXEvJQ=h120

142.250.185.225

https://lh3.googleusercontent.com/j0mZxqPUZ28oopliF6vSV0okYdXUPZH__5C5_4zuI1eNoLd-JFgAFWu4oPFvxTguMH_lihh76znHXocGuTuDGVtlaryO0cLZSNPVMA=h120

142.250.185.225

https://accounts.google.com/v3/signin/identifier?dsh=S-938658160%3A1674635759284236&continue=https%3A%2F%2Fwww.google.com%2F&ec=GAZAmgQ&hl=hr&passive=true&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHetu5YjPVq-WCbyCLrIvbdvKTXbIbaMteNWvg6UIekZa-JukOettsnoJspcOECz1zASggBkXg

https://lh3.googleusercontent.com/aD5GNhlaU2d70gmSy5ioL1dMSUZN9cHDWPLkIBLhCsJ-BgcGUm-PD6o8XExZcx1i2iZV6PH0P8v3ceg0x7Tzd_OZ5FV0nXs5mX15sgA=h120

142.250.185.225

https://lh3.googleusercontent.com/tC78k3bL_DjdIByD4HSnnblCZF0nlR599IWYDDghEJDn7dwg-tuOIXGVR1TwxePI063JTgu9NvrsvRutrqHOfR5AAWduD51R8zuswV8=h120

142.250.185.225

https://styleselect.com/favicon.ico

178.20.45.197

https://about.google/intl/hr/products

216.239.32.29

https://ads.google.com/intl/hr_hr/home/?subid=ww-ww-et-g-awa-a-g_hpafoot1_1!o2&utm_source=google.com&utm_medium=referral&utm_campaign=google_hpafooter&fg=1

https://www.google.com/gen_204?atyp=csi&ei=1unQY6PSPNKVxc8Pk96D8Ao&s=webhp&t=all&bl=PSCp&wh=969&imn=3&ima=2&imad=0&imac=0&aftp=969&adh=&ime=2&imex=2&imeh=1&imea=0&imeb=0&imel=0&scp=0&net=dl.1350,ect.4g,rtt.100&mem=ujhs.11,tjhs.14,jhsl.2173,dm.8&sys=hc.16&rt=aft.199,afti.199,prt.39,aftqf.199,xjses.385,xjsee.411,xjs.411,dcl.411,ol.983,lcp.237,fcp.83,wsrt.308,cst.71,dnst.10,rqst.142,rspt.38,sslt.71,rqstt.204,unt.122,cstt.133,dit.393&zx=1674639335935

142.250.186.132

https://lh3.googleusercontent.com/gQgn9ZUwHn7UyvQHOcAV_AmbPbpo97fRmCqBIGfPpbB-594aiAFfqQgaUwzEAUaI40O23_uJKvXf8_3QDKS1Aj28wVtz6GUTQFLG84oMGEU-BxiVRouO=w600-l90-sg-rj-c0xffffff

142.250.185.225

https://www.google.com/gmail/about/static-2.0/images/logo-gmail.png?fingerprint=c2eaf4aae389c3f885e97081bb197b97

142.250.186.132

https://accounts.google.com/favicon.ico

142.250.185.173

https://lh3.googleusercontent.com/mjVS_Izc6fGAvuaT0v--gb2so5mZvAbI5EUMUB41cWB7tpy81trBCR8rIlj8NoKgPzDWGN-Hs97NlW0T9W57YJ5z9A8QQWwXUYa_Zg=h120

142.250.185.225

https://lh3.googleusercontent.com/9KKBHHVmyet6xnci7yplPWQPpv2H7EvPQFmvy_mTShsOMPqbiMpLQHdHAsImNBL39fTnONH302_YC8LDgE2Am8Q81uXccg302NZpsgTjwtdBbNMDNsg=w1440-l80-sg-rp

142.250.185.225

https://lh3.googleusercontent.com/cS5nvr3r6Q16NoV6IuJLaauz7HNNRPnuHtsHleZ8du594H4EeiOjeNxV-Nq_w-qRA87TUedLQjTmqCG5s6jNZRp29n571FDWyditF-WJhfhQTY_73OM

142.250.185.225

https://www.google.com/xjs/_/js/k=xjs.s.en_GB.zqI8YkHjj90.O/ck=xjs.s.u-rfaHfpfBg.L.W.O/am=AAEqCFcAOAAAIAAAAAASEAAAAAAAAQAYAyB4ygYEbAgHiMEAWJYAEAAQxOiHCAAAA4ABDAMAAgAAACB_AAKeAIDBhAUAAAAAAAAACFiCYHCDBAUBIAAAAAAAAABKafLiABAEAQ/d=1/exm=cdos,csi,d,dpf,hsm,jsa/ed=1/dg=2/br=1/rs=ACT90oF6V5SFSDHarfUTZb8Bl8x3BhGQvw/ee=Pjplud:PoEs9b;QGR0gd:Mlhmy;uY49fb:COQbmf;EVNhjf:pw70Gc;sTsDMc:kHVSUb;g8nkx:U4MzKc;wQlYve:aLUfP;kbAm9d:MkHyGd;F9mqte:UoRcbe;oUlnpc:RagDlc;YV5bee:IvPZ6d;dtl0hd:lLQWFe;yGxLoc:FmAr0c;dIoSBb:ZgGg9b;pXdRYb:JKoKVe;wR5FRb:TtcOte;KpRAue:Tia57b;aZ61od:arTwJ;JXS8fb:Qj0suc;rQSrae:C6D5Fc;qavrXe:zQzcXe;UDrY1c:eps46d;w3bZCb:ZPGaIb;VGRfx:VFqbr;imqimf:jKGL2e;Np8Qkd:Dpx6qc;BjwMce:cXX2Wb;oGtAuc:sOXFj;NPKaK:PVlQOd;EmZ2Bf:zr1jrb;daB6be:lMxGPd;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;R4IIIb:QWfeKf;BMxAGc:E5bFse;WDGyFe:jcVOxd;wV5Pjc:L8KGxe;xbe2wc:wbTLEd;DpcR3d:zL72xf;tosKvd:ZCqP3;ESrPQc:mNTJvc;NSEoX:lazG7b;G6wU6e:hezEbd;okUaUd:wItadb;GleZL:J1A7Od;Xeq57c:wZTUNc;eJZqRc:wUwbse;RiX1h:uiAbXc;oSUNyd:fTfGO;SJsSc:H1GVub;SMDL4c:fTfGO;JsbNhc:Xd8iUd;zOsCQe:Ko78Df;KcokUb:KiuZBf;WCEKNd:I46Hvd;LBgRLc:XVMNvd;LsNahb:ucGLNb;UyG7Kb:wQd0G;kCQyJ:ueyPK;TxfV6d:YORN0b;qaS3gd:yiLg6e;aAJE9c:WHW6Ef;BgS6mb:fidj5d;UVmjEd:EesRsb;z97YGf:oug9te;CxXAWb:YyRLvc;VN6jIc:ddQyuf;SLtqO:Kh1xYe;VxQ32b:k0XsBb;DULqB:RKfG5c;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;hjRo6e:F62sG;whEZac:F4AmNb;qddgKe:x4FYXe;eBAeSb:Ck63tb;vfVwPd:OXTqFb;w9w86d:dt4g2b;lkq0A:Z0MWEf;KQzWid:mB4wNe;pNsl2d:j9Yuyc;eHDfl:ofjVkb;Nyt6ic:jn2sGd;SNUn3:x8cHvb;LEikZe:byfTOb,lsjVmc;io8t5d:sgY6Zb;Oj465e:KG2eXe;Erl4fe:FloWmf;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;nAFL3:s39S4;iFQyKf:QIhFr/m=DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,mu,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1

142.250.186.132

There are 90 hidden URLs, click here to show them.

Domains

Name

Malicious

scone-pa.clients6.google.com

142.250.186.138

ads.google.com

142.250.185.238

google.com

172.217.16.142

csp.withgoogle.com

142.250.185.113

accounts.google.com

142.250.185.173

plus.l.google.com

142.250.185.142

styleselect.com

178.20.45.197

i.ytimg.com

216.58.212.150

mail.google.com

142.250.186.133

adservice.google.com

142.250.186.66

static.doubleclick.net

142.250.185.198

about.google

216.239.32.29

stats.g.doubleclick.net

66.102.1.155

youtube-ui.l.google.com

142.250.186.46

googleads.g.doubleclick.net

172.217.16.130

play.google.com

142.250.185.174

www3.l.google.com

142.250.185.238

www.google.hr

142.250.186.131

photos-ugc.l.googleusercontent.com

142.250.181.225

ghs-svc-https-sni.ghs-ssl.googlehosted.com

142.250.185.147

www.google.com

142.250.186.132

clients.l.google.com

142.250.181.238

googlehosted.l.googleusercontent.com

142.250.185.225

yt3.ggpht.com

unknown

www.blog.google

unknown

lh3.googleusercontent.com

unknown

clients2.google.com

unknown

accounts.youtube.com

unknown

www.youtube.com

unknown

apis.google.com

unknown

There are 20 hidden domains, click here to show them.

IPs

Domain

Country

Malicious

142.250.186.46

youtube-ui.l.google.com

United States

142.250.185.99

unknown

United States

192.168.11.1

unknown

142.250.185.147

ghs-svc-https-sni.ghs-ssl.googlehosted.com

United States

142.250.185.225

googlehosted.l.googleusercontent.com

United States

64.233.184.157

unknown

United States

192.168.11.20

unknown

142.250.181.238

clients.l.google.com

United States

66.102.1.155

stats.g.doubleclick.net

United States

142.250.185.142

plus.l.google.com

United States

142.250.186.132

www.google.com

United States

216.58.212.150

i.ytimg.com

United States

142.250.186.133

mail.google.com

United States

178.20.45.197

styleselect.com

Russian Federation

172.217.16.142

google.com

United States

216.239.32.29

about.google

United States

142.250.185.113

csp.withgoogle.com

United States

142.250.185.198

static.doubleclick.net

United States

142.250.185.238

ads.google.com

United States

142.250.181.225

photos-ugc.l.googleusercontent.com

United States

239.255.255.250

unknown

Reserved

142.250.185.174

play.google.com

United States

142.250.185.173

accounts.google.com

United States

172.217.16.130

googleads.g.doubleclick.net

United States

127.0.0.1

unknown

142.250.186.66

adservice.google.com

United States

There are 16 hidden IPs, click here to show them.

Registry

Path

Value

Malicious

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault

S-1-5-21-3425316567-2969588382-3778222414-1001

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

ahfgeienlihckogmohjhadlkjgocpleb

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

gdaefkejpgkiemlaofpalmlakkmbjdnl

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

gfdkimpbcpahaombhbimeihdjnejgicl

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

kmendfapggjehodndflmmgagdbamhnfd

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

mhjfbmdgcfjbbpaeojofohoefgiehjai

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

neajdppkdcdipfabeoofebfddakdcjhd

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

nkeimhogjdpnpccoofpliimaahmaaome

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

prefs.preference_reset_time

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

gdaefkejpgkiemlaofpalmlakkmbjdnl

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

gfdkimpbcpahaombhbimeihdjnejgicl

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

kmendfapggjehodndflmmgagdbamhnfd

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

neajdppkdcdipfabeoofebfddakdcjhd

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

nkeimhogjdpnpccoofpliimaahmaaome

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

gfdkimpbcpahaombhbimeihdjnejgicl

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon

state

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon

state

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

media.cdm.origin_data

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

software_reporter.reporting

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

media.storage_id_salt

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

google.services.last_account_id

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

google.services.account_id

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.last_triggered_for_startup_urls

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.last_triggered_for_homepage

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

module_blocklist_cache_md5_digest

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

software_reporter.prompt_seed

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

default_search_provider_data.template_url_data

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

safebrowsing.incidents_sent

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

pinned_tabs

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

browser.show_home_button

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

search_provider_overrides

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.last_triggered_for_default_search

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

prefs.preference_reset_time

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

software_reporter.prompt_version

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

google.services.last_username

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

session.startup_urls

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

session.restore_on_startup

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

settings_reset_prompt.prompt_wave

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

homepage

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\PreferenceMACs\Default

homepage_is_newtabpage

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\StabilityMetrics

user_experience_metrics.stability.exited_cleanly

HKEY_CURRENT_USER\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

lastrun

HKEY_CURRENT_USER\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

lastrun

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault

S-1-5-21-3425316567-2969588382-3778222414-1001

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon

state

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\ThirdParty

StatusCodes

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon

state

There are 42 hidden registries, click here to show them.

Memdumps

Base Address

Regiontype

Protect

Malicious

2702AA10000

unclassified section

page readonly

F2D207A000

stack

page read and write

F2D1B2C000

stack

page read and write

F2D1BAF000

stack

page read and write

2702AABA000

heap

page read and write

F2D1F7F000

stack

page read and write

2702AA90000

heap

page read and write

2702AA9B000

heap

page read and write

2702AC40000

heap

page read and write

F2D1E7F000

stack

page read and write

2702AB90000

heap

page read and write

2702A870000

heap

page read and write

F2D1FFF000

stack

page read and write

F2D1EFF000

stack

page read and write

2702AC45000

heap

page read and write

2702AA20000

unclassified section

page readonly

2702A9A0000

heap

page read and write

There are 7 hidden memdumps, click here to show them.

DOM / HTML

URL

Malicious

https://www.google.com/

https://www.google.com/intl/hr/gmail/about/#

https://www.google.hr/imghp?hl=hr&ogbl

https://about.google/products/

https://www.youtube.com/embed/by-kTJ0DOLc?rel=0&vq=hd720&start=0&cc_load_policy=1&playsinline=1&origin=https%3A%2F%2Fabout.google&enablejsapi=1&widgetid=1

https://www.google.com/

https://about.google/?utm_source=google-HR&utm_medium=referral&utm_campaign=hp-footer&fg=1

https://ads.google.com/intl/hr_hr/home/?subid=ww-ww-et-g-awa-a-g_hpafoot1_1!o2&utm_source=google.com&utm_medium=referral&utm_campaign=google_hpafooter&fg=1

https://www.google.com/

There are 1 hidden doms, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
https://styleselect.com/vts0u

Processes

URLs

Domains

IPs

Registry

Memdumps

DOM / HTML

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reporthttps://styleselect.com/vts0u

Processes

URLs

Domains

IPs

Registry

Memdumps

DOM / HTML

IOC Report
https://styleselect.com/vts0u