IOC Report
https://listfoo.org/zmg5f

loading gif

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1972 --field-trial-handle=1772,i,13714808044369432181,11901859910510463980,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" "https://listfoo.org/zmg5f

URLs

Name
IP
Malicious
https://listfoo.org/zmg5f
https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=ruvQY6uHDeSP9u8PlpqO-Ak&zx=1674636206145
142.250.203.100
https://www.google.com/
https://www.google.com/manifest?pwa=webhp
142.250.203.100
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.250.203.109
https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=ruvQY6uHDeSP9u8PlpqO-Ak&rt=wsrt.486,aft.423,afti.423,prt.322&wh=913&imn=3&ima=3&imad=0&imac=0&aftp=913&bl=m-wt
142.250.203.100
https://www.google.com/client_204?cs=1
142.250.203.100
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
142.250.203.100
https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=1&ei=ruvQY6uHDeSP9u8PlpqO-Ak&zx=1674636232161
142.250.203.100
https://listfoo.org/zmg5f
185.180.199.229
https://www.google.com/gen_204?atyp=csi&ei=ruvQY6uHDeSP9u8PlpqO-Ak&s=webhp&t=all&bl=m-wt&wh=913&imn=3&ima=3&imad=0&imac=0&aftp=913&adh=&ime=3&imex=3&imeh=0&imea=0&imeb=0&imel=0&scp=0&net=dl.1300,ect.4g,rtt.100&mem=ujhs.10,tjhs.11,jhsl.2173,dm.8&sys=hc.4&rt=aft.423,afti.423,prt.322,dcl.327,aftqf.424,ol.904,xjsls.26226,xjses.26870,xjsee.26920,xjs.26921,lcp.356,fcp.193,wsrt.486,cst.75,dnst.32,rqst.232,rspt.116,sslt.75,rqstt.370,unt.257,cstt.295,dit.813&zx=1674636232860
142.250.203.100
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0
172.217.168.78
https://www.google.com/gen_204?atyp=i&ei=ruvQY6uHDeSP9u8PlpqO-Ak&dt19=2&zx=1674636233492
142.250.203.100
https://www.google.com/xjs/_/js/k=xjs.s.en_GB.zobC7UqdsqU.O/ck=xjs.s.F0fY5Pm-eS0.L.W.O/am=AAEqCFcAOAAAQAAAAAAkIAAAAAAAAgAwBkDwlA0I2BAOEIMBsCwBIAAgiNEPEQAABgADGBYABAAAAED-AAQ8AQCDCQsAAAAAAAAAELAEweAGCQoCQAAAAAAAAACU0uTFASAIAgAAAQ/d=1/exm=cdos,csi,d,dpf,hsm,jsa/ed=1/dg=2/br=1/rs=ACT90oHWjJk68F8W9qa5QTlNuGD_7xu0jA/ee=Pjplud:PoEs9b;QGR0gd:Mlhmy;uY49fb:COQbmf;EVNhjf:pw70Gc;sTsDMc:kHVSUb;g8nkx:U4MzKc;wQlYve:aLUfP;kbAm9d:MkHyGd;F9mqte:UoRcbe;oUlnpc:RagDlc;YV5bee:IvPZ6d;dtl0hd:lLQWFe;yGxLoc:FmAr0c;dIoSBb:ZgGg9b;pXdRYb:JKoKVe;wR5FRb:TtcOte;KpRAue:Tia57b;aZ61od:arTwJ;JXS8fb:Qj0suc;rQSrae:C6D5Fc;qavrXe:zQzcXe;UDrY1c:eps46d;w3bZCb:ZPGaIb;VGRfx:VFqbr;imqimf:jKGL2e;Np8Qkd:Dpx6qc;BjwMce:cXX2Wb;oGtAuc:sOXFj;NPKaK:PVlQOd;EmZ2Bf:zr1jrb;daB6be:lMxGPd;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;R4IIIb:QWfeKf;BMxAGc:E5bFse;WDGyFe:jcVOxd;wV5Pjc:L8KGxe;xbe2wc:wbTLEd;DpcR3d:zL72xf;tosKvd:ZCqP3;ESrPQc:mNTJvc;NSEoX:lazG7b;G6wU6e:hezEbd;kCQyJ:ueyPK;okUaUd:wItadb;GleZL:J1A7Od;Xeq57c:wZTUNc;eJZqRc:wUwbse;RiX1h:uiAbXc;oSUNyd:fTfGO;SJsSc:H1GVub;SMDL4c:fTfGO;JsbNhc:Xd8iUd;zOsCQe:Ko78Df;KcokUb:KiuZBf;WCEKNd:I46Hvd;LBgRLc:XVMNvd;LsNahb:ucGLNb;UyG7Kb:wQd0G;TxfV6d:YORN0b;qaS3gd:yiLg6e;aAJE9c:WHW6Ef;BgS6mb:fidj5d;UVmjEd:EesRsb;z97YGf:oug9te;CxXAWb:YyRLvc;VN6jIc:ddQyuf;SLtqO:Kh1xYe;VxQ32b:k0XsBb;DULqB:RKfG5c;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;hjRo6e:F62sG;whEZac:F4AmNb;qddgKe:x4FYXe;eBAeSb:Ck63tb;vfVwPd:OXTqFb;w9w86d:dt4g2b;lkq0A:Z0MWEf;KQzWid:mB4wNe;pNsl2d:j9Yuyc;eHDfl:ofjVkb;Nyt6ic:jn2sGd;SNUn3:x8cHvb;LEikZe:byfTOb,lsjVmc;io8t5d:sgY6Zb;Oj465e:KG2eXe;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;nAFL3:s39S4;iFQyKf:QIhFr/m=DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
142.250.203.100
https://www.google.com/xjs/_/js/k=xjs.s.en_GB.zobC7UqdsqU.O/ck=xjs.s.F0fY5Pm-eS0.L.W.O/am=AAEqCFcAOAAAQAAAAAAkIAAAAAAAAgAwBkDwlA0I2BAOEIMBsCwBIAAgiNEPEQAABgADGBYABAAAAED-AAQ8AQCDCQsAAAAAAAAAELAEweAGCQoCQAAAAAAAAACU0uTFASAIAgAAAQ/d=1/exm=CnSW2d,DPreE,DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,WlNQGd,aa,abd,async,cdos,csi,d,dpf,epYOx,fXO0xe,hsm,jsa,kQvlef,nabPbb,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch/ed=1/dg=2/br=1/rs=ACT90oHWjJk68F8W9qa5QTlNuGD_7xu0jA/ee=Pjplud:PoEs9b;QGR0gd:Mlhmy;uY49fb:COQbmf;EVNhjf:pw70Gc;sTsDMc:kHVSUb;g8nkx:U4MzKc;wQlYve:aLUfP;kbAm9d:MkHyGd;F9mqte:UoRcbe;oUlnpc:RagDlc;YV5bee:IvPZ6d;dtl0hd:lLQWFe;yGxLoc:FmAr0c;dIoSBb:ZgGg9b;pXdRYb:JKoKVe;wR5FRb:TtcOte;KpRAue:Tia57b;aZ61od:arTwJ;JXS8fb:Qj0suc;rQSrae:C6D5Fc;qavrXe:zQzcXe;UDrY1c:eps46d;w3bZCb:ZPGaIb;VGRfx:VFqbr;imqimf:jKGL2e;Np8Qkd:Dpx6qc;BjwMce:cXX2Wb;oGtAuc:sOXFj;NPKaK:PVlQOd;EmZ2Bf:zr1jrb;daB6be:lMxGPd;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;R4IIIb:QWfeKf;BMxAGc:E5bFse;WDGyFe:jcVOxd;wV5Pjc:L8KGxe;xbe2wc:wbTLEd;DpcR3d:zL72xf;tosKvd:ZCqP3;ESrPQc:mNTJvc;NSEoX:lazG7b;G6wU6e:hezEbd;kCQyJ:ueyPK;okUaUd:wItadb;GleZL:J1A7Od;Xeq57c:wZTUNc;eJZqRc:wUwbse;RiX1h:uiAbXc;oSUNyd:fTfGO;SJsSc:H1GVub;SMDL4c:fTfGO;JsbNhc:Xd8iUd;zOsCQe:Ko78Df;KcokUb:KiuZBf;WCEKNd:I46Hvd;LBgRLc:XVMNvd;LsNahb:ucGLNb;UyG7Kb:wQd0G;TxfV6d:YORN0b;qaS3gd:yiLg6e;aAJE9c:WHW6Ef;BgS6mb:fidj5d;UVmjEd:EesRsb;z97YGf:oug9te;CxXAWb:YyRLvc;VN6jIc:ddQyuf;SLtqO:Kh1xYe;VxQ32b:k0XsBb;DULqB:RKfG5c;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;hjRo6e:F62sG;whEZac:F4AmNb;qddgKe:x4FYXe;eBAeSb:Ck63tb;vfVwPd:OXTqFb;w9w86d:dt4g2b;lkq0A:Z0MWEf;KQzWid:mB4wNe;pNsl2d:j9Yuyc;eHDfl:ofjVkb;Nyt6ic:jn2sGd;SNUn3:x8cHvb;LEikZe:byfTOb,lsjVmc;io8t5d:sgY6Zb;Oj465e:KG2eXe;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;nAFL3:s39S4;iFQyKf:QIhFr/m=aLUfP?xjs=s2
142.250.203.100
https://www.google.com/favicon.ico
142.250.203.100
https://google.com/
172.217.168.14
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
142.250.203.100
https://listfoo.org/favicon.ico
185.180.199.229
https://www.google.com/xjs/_/js/k=xjs.s.en_GB.zobC7UqdsqU.O/ck=xjs.s.F0fY5Pm-eS0.L.W.O/am=AAEqCFcAOAAAQAAAAAAkIAAAAAAAAgAwBkDwlA0I2BAOEIMBsCwBIAAgiNEPEQAABgADGBYABAAAAED-AAQ8AQCDCQsAAAAAAAAAELAEweAGCQoCQAAAAAAAAACU0uTFASAIAgAAAQ/d=1/exm=DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,cdos,csi,d,dpf,epYOx,hsm,jsa,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch/ed=1/dg=2/br=1/rs=ACT90oHWjJk68F8W9qa5QTlNuGD_7xu0jA/ee=Pjplud:PoEs9b;QGR0gd:Mlhmy;uY49fb:COQbmf;EVNhjf:pw70Gc;sTsDMc:kHVSUb;g8nkx:U4MzKc;wQlYve:aLUfP;kbAm9d:MkHyGd;F9mqte:UoRcbe;oUlnpc:RagDlc;YV5bee:IvPZ6d;dtl0hd:lLQWFe;yGxLoc:FmAr0c;dIoSBb:ZgGg9b;pXdRYb:JKoKVe;wR5FRb:TtcOte;KpRAue:Tia57b;aZ61od:arTwJ;JXS8fb:Qj0suc;rQSrae:C6D5Fc;qavrXe:zQzcXe;UDrY1c:eps46d;w3bZCb:ZPGaIb;VGRfx:VFqbr;imqimf:jKGL2e;Np8Qkd:Dpx6qc;BjwMce:cXX2Wb;oGtAuc:sOXFj;NPKaK:PVlQOd;EmZ2Bf:zr1jrb;daB6be:lMxGPd;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;R4IIIb:QWfeKf;BMxAGc:E5bFse;WDGyFe:jcVOxd;wV5Pjc:L8KGxe;xbe2wc:wbTLEd;DpcR3d:zL72xf;tosKvd:ZCqP3;ESrPQc:mNTJvc;NSEoX:lazG7b;G6wU6e:hezEbd;kCQyJ:ueyPK;okUaUd:wItadb;GleZL:J1A7Od;Xeq57c:wZTUNc;eJZqRc:wUwbse;RiX1h:uiAbXc;oSUNyd:fTfGO;SJsSc:H1GVub;SMDL4c:fTfGO;JsbNhc:Xd8iUd;zOsCQe:Ko78Df;KcokUb:KiuZBf;WCEKNd:I46Hvd;LBgRLc:XVMNvd;LsNahb:ucGLNb;UyG7Kb:wQd0G;TxfV6d:YORN0b;qaS3gd:yiLg6e;aAJE9c:WHW6Ef;BgS6mb:fidj5d;UVmjEd:EesRsb;z97YGf:oug9te;CxXAWb:YyRLvc;VN6jIc:ddQyuf;SLtqO:Kh1xYe;VxQ32b:k0XsBb;DULqB:RKfG5c;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;hjRo6e:F62sG;whEZac:F4AmNb;qddgKe:x4FYXe;eBAeSb:Ck63tb;vfVwPd:OXTqFb;w9w86d:dt4g2b;lkq0A:Z0MWEf;KQzWid:mB4wNe;pNsl2d:j9Yuyc;eHDfl:ofjVkb;Nyt6ic:jn2sGd;SNUn3:x8cHvb;LEikZe:byfTOb,lsjVmc;io8t5d:sgY6Zb;Oj465e:KG2eXe;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;nAFL3:s39S4;iFQyKf:QIhFr/m=CnSW2d,DPreE,WlNQGd,fXO0xe,kQvlef,nabPbb?xjs=s2
142.250.203.100
https://www.google.com/xjs/_/js/md=1/k=xjs.s.en_GB.zobC7UqdsqU.O/am=AAEqCFcAOAAAQAAAAAAkIAAAAAAAAgAwBkDwlA0I2BAOEIMBsCwBIAAgiNEPEQAABgADGBYABAAAAED-AAQ8AQCDCQsAAAAAAAAAELAEweAGCQoCQAAAAAAAAACU0uTFASAIAgAAAQ/rs=ACT90oFLXSotrQJhVFHbtpFxrnCGNSmSlQ
142.250.203.100
https://www.google.com/gen_204?ei=ruvQY6uHDeSP9u8PlpqO-Ak&ved=0ahUKEwirlsyBquL8AhXkh_0HHRaNA58QiZAHCCA&uact=3
142.250.203.100
https://consent.google.com/save?continue=https://www.google.com/&gl=HR&m=0&pc=shp&x=5&src=2&hl=en&bl=gws_20230118-0_RC1&uxe=none&set_eom=false&set_aps=true&set_sc=true
216.58.215.238
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
142.250.203.100
https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&hl=en-HR&authuser=0&psi=ruvQY6uHDeSP9u8PlpqO-Ak.1674636232907&nolsbt=1&dpr=1
142.250.203.100
https://www.google.com/gen_204?atyp=csi&ei=ruvQY6uHDeSP9u8PlpqO-Ak&s=webhp&st=20420&fid=1&t=fi&zx=1674636232867
142.250.203.100
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.203.110
https://www.google.com/client_204?&atyp=i&biw=1280&bih=913&ei=ruvQY6uHDeSP9u8PlpqO-Ak
142.250.203.100
https://www.google.com/gen_204?ei=ruvQY6uHDeSP9u8PlpqO-Ak&vet=10ahUKEwirlsyBquL8AhXkh_0HHRaNA58QhJAHCBk..s&gl=HR&pc=SEARCH_HOMEPAGE&isMobile=false
142.250.203.100
https://www.google.com/gen_204?ei=ruvQY6uHDeSP9u8PlpqO-Ak&vet=10ahUKEwirlsyBquL8AhXkh_0HHRaNA58QhJAHCBk..h&va=26014
142.250.203.100
https://www.google.com/
142.250.203.100
https://www.google.com/xjs/_/js/k=xjs.s.en_GB.zobC7UqdsqU.O/am=AAEqCFcAOAAAQAAAAAAkIAAAAAAAAgAwBkDwlA0I2BAOEIMBsCwBIAAgiNEPEQAABgADGBYABAAAAED-AAQ8AQCDCQsAAAAAAAAAELAEweAGCQoCQAAAAAAAAACU0uTFASAIAgAAAQ/d=1/ed=1/dg=2/br=1/rs=ACT90oFLXSotrQJhVFHbtpFxrnCGNSmSlQ/m=cdos,dpf,hsm,jsa,d,csi
142.250.203.100
There are 21 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
google.com
172.217.168.14
consent.google.com
216.58.215.238
accounts.google.com
142.250.203.109
plus.l.google.com
172.217.168.78
listfoo.org
185.180.199.229
www.google.com
142.250.203.100
clients.l.google.com
142.250.203.110
clients2.google.com
unknown
apis.google.com
unknown

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
216.58.215.238
consent.google.com
United States
142.250.203.100
www.google.com
United States
185.180.199.229
listfoo.org
Netherlands
142.250.203.110
clients.l.google.com
United States
172.217.168.78
plus.l.google.com
United States
172.217.168.14
google.com
United States
239.255.255.250
unknown
Reserved
127.0.0.1
unknown
unknown
142.250.203.109
accounts.google.com
United States

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blocklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry
TraceTimeLast
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
There are 42 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
ABE7FB000
stack
page read and write
20A5D853000
heap
page read and write
20A5D813000
heap
page read and write
ABE8FB000
stack
page read and write
20A5D900000
heap
page read and write
20A5D829000
heap
page read and write
20A5D7B0000
trusted library allocation
page read and write
ABEAFE000
stack
page read and write
20A5D890000
heap
page read and write
20A5D720000
heap
page read and write
20A5D84C000
heap
page read and write
20A5D886000
heap
page read and write
20A5D83C000
heap
page read and write
20A5D800000
heap
page read and write
20A5D86A000
heap
page read and write
20A5D710000
heap
page read and write
20A5D902000
heap
page read and write
ABE9F7000
stack
page read and write
ABE6FE000
stack
page read and write
20A5D84E000
heap
page read and write
20A5D87A000
heap
page read and write
20A5D908000
heap
page read and write
20A5D849000
heap
page read and write
ABE67E000
stack
page read and write
20A5D913000
heap
page read and write
20A5E202000
trusted library allocation
page read and write
ABEBFE000
stack
page read and write
20A5D780000
heap
page read and write
ABE3CB000
stack
page read and write
There are 19 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://www.google.com/