IOC Report
https://click.e.miro.com/?qs=71ec040b00af2a7e15c4a00e338d6ed0afd5e86f0dffe31bba3547e216e7734b1d06c2ac32f20d2f03a7c89cefc8ab9152d116ce107afbcb055fd22492a6e096

loading gif

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1976 --field-trial-handle=1764,i,13624171276759586457,679474072376911802,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" "https://click.e.miro.com/?qs=71ec040b00af2a7e15c4a00e338d6ed0afd5e86f0dffe31bba3547e216e7734b1d06c2ac32f20d2f03a7c89cefc8ab9152d116ce107afbcb055fd22492a6e096

URLs

Name
IP
Malicious
https://click.e.miro.com/?qs=71ec040b00af2a7e15c4a00e338d6ed0afd5e86f0dffe31bba3547e216e7734b1d06c2ac32f20d2f03a7c89cefc8ab9152d116ce107afbcb055fd22492a6e096
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.180.174
https://click.e.miro.com/?qs=71ec040b00af2a7e15c4a00e338d6ed0afd5e86f0dffe31bba3547e216e7734b1d06c2ac32f20d2f03a7c89cefc8ab9152d116ce107afbcb055fd22492a6e096
159.92.136.102
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
216.58.209.45
https://click.e.miro.com/favicon.ico
159.92.136.102

Domains

Name
IP
Malicious
accounts.google.com
216.58.209.45
www.google.com
142.250.184.100
clients.l.google.com
142.250.180.174
click.e.miro.com
159.92.136.102
clients2.google.com
unknown

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
159.92.136.102
click.e.miro.com
United States
239.255.255.250
unknown
Reserved
216.58.209.45
accounts.google.com
United States
142.250.184.100
www.google.com
United States
142.250.180.174
clients.l.google.com
United States
127.0.0.1
unknown
unknown
192.168.2.6
unknown
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blocklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry
TraceTimeLast
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
There are 42 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
1DCC7293000
heap
page read and write
115047E000
stack
page read and write
1DCC7C23000
heap
page read and write
26AB09C0000
trusted library allocation
page read and write
26AB0A63000
heap
page read and write
28355467000
heap
page read and write
147F1C02000
heap
page read and write
2623B350000
remote allocation
page read and write
2835543D000
heap
page read and write
26239918000
heap
page read and write
26AB0A02000
heap
page read and write
1DCC7170000
trusted library allocation
page read and write
1DCC727A000
heap
page read and write
26239859000
heap
page read and write
8CE91FF000
stack
page read and write
2623985A000
heap
page read and write
2623988B000
heap
page read and write
2623985A000
heap
page read and write
28355461000
heap
page read and write
1DCC7B22000
heap
page read and write
1EE78A02000
heap
page read and write
1EE79002000
trusted library allocation
page read and write
114FC7B000
stack
page read and write
26AB0B13000
heap
page read and write
1BF12C3C000
heap
page read and write
460B17F000
stack
page read and write
285FE051000
heap
page read and write
1EE78A13000
heap
page read and write
26239730000
heap
page read and write
28355441000
heap
page read and write
460B3F9000
stack
page read and write
28355460000
heap
page read and write
28355475000
heap
page read and write
F7C6AFE000
stack
page read and write
28355413000
heap
page read and write
6F6FA7E000
stack
page read and write
147F1C56000
heap
page read and write
F7C687E000
stack
page read and write
147F1BB0000
trusted library allocation
page read and write
1DCC7B00000
heap
page read and write
8CE8FFD000
stack
page read and write
26AB0B02000
heap
page read and write
114FF7E000
stack
page read and write
28355478000
heap
page read and write
460B37C000
stack
page read and write
F7C677C000
stack
page read and write
28355400000
heap
page read and write
1DCC726F000
heap
page read and write
1BF12D02000
heap
page read and write
28355472000
heap
page read and write
F7C65FE000
stack
page read and write
285FE000000
heap
page read and write
2835546B000
heap
page read and write
2835547C000
heap
page read and write
283552F0000
heap
page read and write
1DCC7C27000
heap
page read and write
2835544F000
heap
page read and write
26AB0A29000
heap
page read and write
745ABFC000
stack
page read and write
285FE0B9000
heap
page read and write
1DCC7256000
heap
page read and write
1DCC7BC8000
heap
page read and write
2D6C57B000
stack
page read and write
147F1BE0000
remote allocation
page read and write
26AB0A78000
heap
page read and write
460B8FA000
stack
page read and write
87DC6FE000
stack
page read and write
F7C6CFF000
stack
page read and write
1EE78B00000
heap
page read and write
147F1C00000
heap
page read and write
F7C627C000
stack
page read and write
28355C02000
trusted library allocation
page read and write
26AB0A58000
heap
page read and write
115017D000
stack
page read and write
114FEFF000
stack
page read and write
26AB0860000
heap
page read and write
745A55B000
stack
page read and write
285FE750000
trusted library allocation
page read and write
87DC9FE000
stack
page read and write
745B1FF000
stack
page read and write
28355448000
heap
page read and write
1DCC7B6F000
heap
page read and write
1DCC7213000
heap
page read and write
1DCC7A02000
heap
page read and write
1DCC7286000
heap
page read and write
2D6C27B000
stack
page read and write
1BF129D0000
heap
page read and write
1EE78A79000
heap
page read and write
2623B290000
trusted library allocation
page read and write
1BF12C02000
heap
page read and write
1BF12C13000
heap
page read and write
115007F000
stack
page read and write
28355468000
heap
page read and write
147F1C40000
heap
page read and write
26AB0A55000
heap
page read and write
2835546E000
heap
page read and write
1DCC7B8E000
heap
page read and write
1EE78B13000
heap
page read and write
87DC8FE000
stack
page read and write
745B0FF000
stack
page read and write
8CE92FC000
stack
page read and write
1EE78A57000
heap
page read and write
2623B402000
trusted library allocation
page read and write
1DCC7B02000
heap
page read and write
26239900000
heap
page read and write
285FE102000
heap
page read and write
1EE787C0000
heap
page read and write
1DCC7313000
heap
page read and write
28355502000
heap
page read and write
8CE8EFF000
stack
page read and write
1DCC73E5000
heap
page read and write
1EE78A3C000
heap
page read and write
1DCC7291000
heap
page read and write
1DCC7B43000
heap
page read and write
147F1A50000
heap
page read and write
285FE900000
heap
page read and write
26AB0A00000
heap
page read and write
28355462000
heap
page read and write
1DCC7BCA000
heap
page read and write
28355439000
heap
page read and write
6F6F34B000
stack
page read and write
87DC67B000
stack
page read and write
460B6FF000
stack
page read and write
285FE113000
heap
page read and write
1DCC725C000
heap
page read and write
2623984A000
heap
page read and write
1DCC7BAF000
heap
page read and write
1DCC7190000
trusted library allocation
page read and write
26239902000
heap
page read and write
28355470000
heap
page read and write
1BF12C3E000
heap
page read and write
28355444000
heap
page read and write
285FDFF0000
heap
page read and write
8CE8CFE000
stack
page read and write
1DCC7259000
heap
page read and write
87DCAFF000
stack
page read and write
460AD7C000
stack
page read and write
26AB08C0000
heap
page read and write
28355476000
heap
page read and write
745AFFF000
stack
page read and write
2835547B000
heap
page read and write
8CE876B000
stack
page read and write
147F1C29000
heap
page read and write
147F1C13000
heap
page read and write
26239913000
heap
page read and write
1DCC7C13000
heap
page read and write
745ADFD000
stack
page read and write
745AAFF000
stack
page read and write
285FDF80000
heap
page read and write
11501FE000
stack
page read and write
6F6F97E000
stack
page read and write
11502FD000
stack
page read and write
11503FE000
stack
page read and write
1EE78A00000
heap
page read and write
8CE90FC000
stack
page read and write
2623991C000
heap
page read and write
26AB0A7C000
heap
page read and write
285FDF90000
heap
page read and write
147F1BE0000
remote allocation
page read and write
28355360000
heap
page read and write
745ACFE000
stack
page read and write
460B5FE000
stack
page read and write
262397F0000
trusted library allocation
page read and write
460B0FF000
stack
page read and write
1DCC7B22000
heap
page read and write
1DCC728D000
heap
page read and write
262397A0000
heap
page read and write
1BF12C52000
heap
page read and write
1EE78B02000
heap
page read and write
1BF12C45000
heap
page read and write
1BF13190000
trusted library allocation
page read and write
1DCC7B54000
heap
page read and write
26239740000
heap
page read and write
26AB0850000
heap
page read and write
28355431000
heap
page read and write
147F1BE0000
remote allocation
page read and write
1DCC73B9000
heap
page read and write
1BF129E0000
heap
page read and write
1EE78A28000
heap
page read and write
F7C66FF000
stack
page read and write
1BF13202000
trusted library allocation
page read and write
28355440000
heap
page read and write
1DCC7277000
heap
page read and write
745B2FF000
stack
page read and write
1DCC7C00000
heap
page read and write
2623B350000
remote allocation
page read and write
147F1D02000
heap
page read and write
1EE78A63000
heap
page read and write
26239800000
heap
page read and write
1BF12A30000
heap
page read and write
1EE787B0000
heap
page read and write
1DCC7243000
heap
page read and write
285FE088000
heap
page read and write
26AB0A25000
heap
page read and write
745AEFF000
stack
page read and write
28355300000
heap
page read and write
1DCC7200000
heap
page read and write
2835544B000
heap
page read and write
460B7FF000
stack
page read and write
1DCC70E0000
heap
page read and write
26AB0A13000
heap
page read and write
1DCC738C000
heap
page read and write
28355473000
heap
page read and write
1DCC722F000
heap
page read and write
28355430000
heap
page read and write
285FE06D000
heap
page read and write
147F1C5C000
heap
page read and write
2835546A000
heap
page read and write
1EE78A68000
heap
page read and write
F7C6BFC000
stack
page read and write
745A97B000
stack
page read and write
26239813000
heap
page read and write
1DCC7C30000
heap
page read and write
2623B2D0000
trusted library allocation
page read and write
26239802000
heap
page read and write
26239840000
heap
page read and write
2835544E000
heap
page read and write
285FE802000
heap
page read and write
147F1A40000
heap
page read and write
1EE78820000
heap
page read and write
26239849000
heap
page read and write
26239879000
heap
page read and write
28355465000
heap
page read and write
1DCC726D000
heap
page read and write
1DCC7229000
heap
page read and write
28355429000
heap
page read and write
285FE029000
heap
page read and write
87DCBFE000
stack
page read and write
28355463000
heap
page read and write
2623984A000
heap
page read and write
F7C69FD000
stack
page read and write
2623B350000
remote allocation
page read and write
26AB1202000
trusted library allocation
page read and write
285FE0CA000
heap
page read and write
285FE013000
heap
page read and write
2623982A000
heap
page read and write
2835546C000
heap
page read and write
28355449000
heap
page read and write
F7C647C000
stack
page read and write
1DCC7C02000
heap
page read and write
2D6C67B000
stack
page read and write
147F1AB0000
heap
page read and write
1BF12C29000
heap
page read and write
28355464000
heap
page read and write
1DCC7288000
heap
page read and write
1DCC70D0000
heap
page read and write
1DCC7140000
heap
page read and write
26AB0A3F000
heap
page read and write
28355485000
heap
page read and write
F7C68FB000
stack
page read and write
28355390000
trusted library allocation
page read and write
26AB0A5B000
heap
page read and write
8CE8B7C000
stack
page read and write
262397D0000
trusted library allocation
page read and write
87DC77E000
stack
page read and write
26239864000
heap
page read and write
1BF12C00000
heap
page read and write
1DCC723D000
heap
page read and write
285FE0C1000
heap
page read and write
1DCC7BBE000
heap
page read and write
460B4FA000
stack
page read and write
2D6C87E000
stack
page read and write
147F2402000
trusted library allocation
page read and write
460B27F000
stack
page read and write
2D6C77C000
stack
page read and write
2835547F000
heap
page read and write
6F6F879000
stack
page read and write
1EE789F0000
trusted library allocation
page read and write
1BF12C2F000
heap
page read and write
8CE8DFF000
stack
page read and write
There are 260 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://click.e.miro.com/expired.html