IOC Report
http://suzy_lamplugh@email.dhqbmail.co.uk

loading gif

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1948 --field-trial-handle=1776,i,12988346674410521245,11443754851562044237,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" "http://suzy_lamplugh@email.dhqbmail.co.uk

URLs

Name
IP
Malicious
http://suzy_lamplugh@email.dhqbmail.co.uk
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.180.174
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
216.58.209.45

Domains

Name
IP
Malicious
accounts.google.com
216.58.209.45
display-block.smtp.dnsrt.co.uk
185.105.66.3
www.google.com
142.250.184.100
clients.l.google.com
142.250.180.174
clients2.google.com
unknown
email.dhqbmail.co.uk
unknown

IPs

IP
Domain
Country
Malicious
185.105.66.3
display-block.smtp.dnsrt.co.uk
United Kingdom
192.168.2.1
unknown
unknown
239.255.255.250
unknown
Reserved
216.58.209.45
accounts.google.com
United States
142.250.184.100
www.google.com
United States
142.250.180.174
clients.l.google.com
United States
127.0.0.1
unknown
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blocklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry
TraceTimeLast
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
There are 41 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
19B0F233000
heap
page read and write
FBCD3FD000
stack
page read and write
16DAB1E5000
heap
page read and write
8C4B4EC000
stack
page read and write
19B0F110000
heap
page read and write
20E8B823000
heap
page read and write
16DAB1B9000
heap
page read and write
19B0F246000
heap
page read and write
1D4AFC36000
heap
page read and write
16DABB02000
heap
page read and write
1D4AFC29000
heap
page read and write
19EC3E02000
heap
page read and write
19B0F23D000
heap
page read and write
27E2445B000
heap
page read and write
19EC3E5C000
heap
page read and write
8C4B56E000
stack
page read and write
4F6BF9000
stack
page read and write
58A587D000
stack
page read and write
139887F000
stack
page read and write
27E24260000
heap
page read and write
16DABB43000
heap
page read and write
4F6EFA000
stack
page read and write
19B0F263000
heap
page read and write
19B0F120000
heap
page read and write
20E8C332000
heap
page read and write
16DABA02000
heap
page read and write
19B0F223000
heap
page read and write
16DABBC8000
heap
page read and write
27E24457000
heap
page read and write
1D4AFC00000
heap
page read and write
19B0F25F000
heap
page read and write
19EC3E29000
heap
page read and write
1D4AFC53000
heap
page read and write
1D4AFAC0000
heap
page read and write
A20317D000
stack
page read and write
27E242C0000
heap
page read and write
16DABC27000
heap
page read and write
16DAB075000
heap
page read and write
139807E000
stack
page read and write
FBCD37B000
stack
page read and write
20E8B720000
heap
page read and write
1D4B0402000
trusted library allocation
page read and write
58A56FD000
stack
page read and write
FBCDE7F000
stack
page read and write
4F6AFF000
stack
page read and write
58A4FEB000
stack
page read and write
20E8B886000
heap
page read and write
16DAB065000
heap
page read and write
20E8B902000
heap
page read and write
4F67FE000
stack
page read and write
A2033FF000
stack
page read and write
19B0F276000
heap
page read and write
58A547F000
stack
page read and write
16DAB08B000
heap
page read and write
19B0F28C000
heap
page read and write
16DABC13000
heap
page read and write
19B0F244000
heap
page read and write
20E8B7B0000
trusted library allocation
page read and write
16DAB088000
heap
page read and write
19B0F25A000
heap
page read and write
19B0F285000
heap
page read and write
19B0F242000
heap
page read and write
16DABB6D000
heap
page read and write
19EC3D40000
remote allocation
page read and write
19B0F24D000
heap
page read and write
19B0F278000
heap
page read and write
19B0F240000
heap
page read and write
FBCDA7F000
stack
page read and write
58A59FF000
stack
page read and write
16DABBB0000
heap
page read and write
16DAB090000
heap
page read and write
16DABB00000
heap
page read and write
FBCE07E000
stack
page read and write
16DABBBC000
heap
page read and write
16DABC00000
heap
page read and write
19EC3F02000
heap
page read and write
FBCDD7E000
stack
page read and write
139837B000
stack
page read and write
27E24463000
heap
page read and write
16DAB021000
heap
page read and write
1D4AFC2E000
heap
page read and write
A2029DE000
stack
page read and write
58A597F000
stack
page read and write
20E8B710000
heap
page read and write
19EC3D10000
trusted library allocation
page read and write
1D4AFBC0000
trusted library allocation
page read and write
A2034FD000
stack
page read and write
8C4B5EE000
stack
page read and write
16DAB027000
heap
page read and write
13987FF000
stack
page read and write
19B0F25C000
heap
page read and write
19B0F261000
heap
page read and write
19B0F302000
heap
page read and write
19B0F265000
heap
page read and write
58A527E000
stack
page read and write
FBCDC7F000
stack
page read and write
1D4AFA60000
heap
page read and write
16DAAFA0000
trusted library allocation
page read and write
16DAB077000
heap
page read and write
16DAB029000
heap
page read and write
1D4AFC44000
heap
page read and write
19B0F26E000
heap
page read and write
16DABB22000
heap
page read and write
4F6CFF000
stack
page read and write
16DAB18E000
heap
page read and write
13985FA000
stack
page read and write
19B0F268000
heap
page read and write
16DABC23000
heap
page read and write
16DAB058000
heap
page read and write
FBCDB7D000
stack
page read and write
16DABC02000
heap
page read and write
19B0F231000
heap
page read and write
27E24413000
heap
page read and write
20E8B8CD000
heap
page read and write
A202D7B000
stack
page read and write
19B0F260000
heap
page read and write
19EC3E00000
heap
page read and write
27E243C0000
trusted library allocation
page read and write
20E8B813000
heap
page read and write
16DAAF10000
heap
page read and write
1D4AFC3D000
heap
page read and write
19B0F258000
heap
page read and write
16DABBCC000
heap
page read and write
27E24513000
heap
page read and write
8C4BB7E000
stack
page read and write
20E8B780000
heap
page read and write
19B0F27B000
heap
page read and write
19B0F180000
heap
page read and write
8C4B97E000
stack
page read and write
16DAB043000
heap
page read and write
20E8B8E6000
heap
page read and write
19EC3D40000
remote allocation
page read and write
20E8C202000
heap
page read and write
19B0FC02000
trusted library allocation
page read and write
FBCD97C000
stack
page read and write
FBCE17E000
stack
page read and write
19B0F23A000
heap
page read and write
27E2447C000
heap
page read and write
13986FF000
stack
page read and write
27E24250000
heap
page read and write
58A52FE000
stack
page read and write
19B0F247000
heap
page read and write
139817B000
stack
page read and write
27E24402000
heap
page read and write
20E8B86F000
heap
page read and write
16DAAF00000
heap
page read and write
20E8B8C3000
heap
page read and write
139827E000
stack
page read and write
1D4AFC02000
heap
page read and write
1397DDE000
stack
page read and write
19B0F26A000
heap
page read and write
16DABB90000
heap
page read and write
16DABB22000
heap
page read and write
19B0F213000
heap
page read and write
19B0F241000
heap
page read and write
19B0F257000
heap
page read and write
A202F7B000
stack
page read and write
20E8B913000
heap
page read and write
16DAB113000
heap
page read and write
FBCD67E000
stack
page read and write
27E24C02000
trusted library allocation
page read and write
19B0F27C000
heap
page read and write
19B0F264000
heap
page read and write
20E8B800000
heap
page read and write
A20307F000
stack
page read and write
19B0F200000
heap
page read and write
16DAB083000
heap
page read and write
A202C7D000
stack
page read and write
1D4AFD02000
heap
page read and write
8C4BA7F000
stack
page read and write
27E24478000
heap
page read and write
16DABC30000
heap
page read and write
16DABB54000
heap
page read and write
16DAB000000
heap
page read and write
19B0F27E000
heap
page read and write
58A54FE000
stack
page read and write
20E8B845000
heap
page read and write
16DAB092000
heap
page read and write
19B0F26C000
heap
page read and write
19B0F262000
heap
page read and write
13983F9000
stack
page read and write
16DAB013000
heap
page read and write
19B0F275000
heap
page read and write
FBCDF7F000
stack
page read and write
A2032FC000
stack
page read and write
FBCD87E000
stack
page read and write
13984FE000
stack
page read and write
FBCD77B000
stack
page read and write
19EC3BA0000
heap
page read and write
19EC3D40000
remote allocation
page read and write
8C4BC7E000
stack
page read and write
19B0F245000
heap
page read and write
58A577F000
stack
page read and write
139877F000
stack
page read and write
19EC3E3D000
heap
page read and write
1D4AFC13000
heap
page read and write
19EC3C10000
heap
page read and write
19B0F229000
heap
page read and write
58A55FF000
stack
page read and write
19EC4602000
trusted library allocation
page read and write
A2031FB000
stack
page read and write
4F677E000
stack
page read and write
19EC3BB0000
heap
page read and write
16DAAFC0000
trusted library allocation
page read and write
1D4AFC3B000
heap
page read and write
A2035FE000
stack
page read and write
27E24440000
heap
page read and write
A20295B000
stack
page read and write
16DAB068000
heap
page read and write
4F6DFF000
stack
page read and write
20E8C300000
heap
page read and write
16DAB03C000
heap
page read and write
16DAAF70000
heap
page read and write
4F66FC000
stack
page read and write
27E24424000
heap
page read and write
A202CFF000
stack
page read and write
1397D5B000
stack
page read and write
20E8B8BC000
heap
page read and write
20E8B829000
heap
page read and write
20E8B88A000
heap
page read and write
19B0F1B0000
trusted library allocation
page read and write
27E24400000
heap
page read and write
19B0F259000
heap
page read and write
1D4AFA70000
heap
page read and write
19EC3E13000
heap
page read and write
27E24502000
heap
page read and write
16DAB056000
heap
page read and write
There are 217 hidden memdumps, click here to show them.