Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Chrome Cache Entry: 108
|
XML 1.0 document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 109
|
XML 1.0 document, ASCII text
|
downloaded
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB
--service-sandbox-type=none --mojo-platform-channel-handle=1964 --field-trial-handle=1768,i,3249229338383296899,15023654663304245028,131072
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" "https://s3.amazonaws.com/v5c323s5fg7hnj-794372450934/tv.html
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://s3.amazonaws.com/v5c323s5fg7hnj-794372450934/tv.html
|
|||
https://s3.amazonaws.com/favicon.ico
|
52.217.87.206
|
||
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
216.58.215.238
|
||
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
||
https://s3.amazonaws.com/v5c323s5fg7hnj-794372450934/tv.html
|
52.217.87.206
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
s3.amazonaws.com
|
52.217.122.24
|
||
accounts.google.com
|
172.217.168.45
|
||
www.google.com
|
142.250.203.100
|
||
clients.l.google.com
|
216.58.215.238
|
||
clients2.google.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
172.217.168.45
|
accounts.google.com
|
United States
|
||
192.168.2.1
|
unknown
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
216.58.215.238
|
clients.l.google.com
|
United States
|
||
142.250.203.100
|
www.google.com
|
United States
|
||
52.217.87.206
|
unknown
|
United States
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
246989A0000
|
trusted library allocation
|
page read and write
|
||
24698670000
|
trusted library allocation
|
page read and write
|
||
246989F9000
|
heap
|
page read and write
|
||
246989F5000
|
heap
|
page read and write
|
||
2469871C000
|
heap
|
page read and write
|
||
24698A00000
|
trusted library allocation
|
page read and write
|
||
246989E0000
|
trusted library allocation
|
page read and write
|
||
24698720000
|
heap
|
page read and write
|
||
24698739000
|
heap
|
page read and write
|
||
246994F0000
|
trusted library allocation
|
page read and write
|
||
246988C0000
|
heap
|
page read and write
|
||
E4790CB000
|
stack
|
page read and write
|
||
24698940000
|
trusted library allocation
|
page read and write
|
||
24698660000
|
heap
|
page read and write
|
||
2469871D000
|
heap
|
page read and write
|
||
246986D8000
|
heap
|
page read and write
|
||
24698930000
|
trusted library allocation
|
page read and write
|
||
246986D0000
|
heap
|
page read and write
|
||
E4794F9000
|
stack
|
page read and write
|
||
24698720000
|
heap
|
page read and write
|
||
24699710000
|
trusted library allocation
|
page read and write
|
||
246986F5000
|
heap
|
page read and write
|
||
24698720000
|
heap
|
page read and write
|
||
24698718000
|
heap
|
page read and write
|
||
246988A0000
|
heap
|
page read and write
|
||
E479479000
|
stack
|
page read and write
|
||
246989F0000
|
heap
|
page read and write
|
||
E4795FB000
|
stack
|
page read and write
|
||
24699770000
|
trusted library allocation
|
page read and write
|
||
24699720000
|
trusted library allocation
|
page read and write
|
||
E47957E000
|
stack
|
page read and write
|
||
24699700000
|
heap
|
page readonly
|
There are 22 hidden memdumps, click here to show them.