General Info

URL

http://www.sweethome3d.com/SweetHome3D.jnlp

Full analysis
https://app.any.run/tasks/933a951d-de14-4457-9aef-fe599de1fe62
Verdict
Malicious activity
Analysis date
7/11/2019, 17:11:47
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 67.0.4 (x86 en-US) (67.0.4)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Application launched itself
  • chrome.exe (PID: 3132)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
52
Monitored processes
17
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3132
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.sweethome3d.com/SweetHome3D.jnlp
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\wpc.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\samlib.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\wship6.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\program files\java\jre1.8.0_92\bin\javaws.exe
c:\windows\system32\mssprxy.dll
c:\windows\system32\msisip.dll
c:\windows\system32\wshext.dll
c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll
c:\windows\system32\wbem\wmiperfinst.dll
c:\windows\system32\pdh.dll
c:\windows\system32\audioses.dll

PID
3808
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=75.0.3770.100 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6c88a9d0,0x6c88a9e0,0x6c88a9ec
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
3096
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3136 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_watcher.dll

PID
2420
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=9941764634104793399 --mojo-platform-channel-handle=1056 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\75.0.3770.100\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\75.0.3770.100\swiftshader\libegl.dll

PID
2672
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=9647141031139720870 --mojo-platform-channel-handle=1640 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\credssp.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\devrtl.dll

PID
2448
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16241311490719521762 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2220 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3492
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8706064582326153449 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2240 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2544
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8405961961853546061 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2460 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3184
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12124214500553772317 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3464
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12109980220247909410 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3248
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=11771890986941878929 --mojo-platform-channel-handle=3676 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3344
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=12445027977261013210 --mojo-platform-channel-handle=3768 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3428
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=482736344084315614 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3232
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=15939767080100783868 --mojo-platform-channel-handle=3576 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll

PID
2336
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4881822517139524091 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2668
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1223349707392172920 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2544 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2396
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1036,8443097242234197082,2266034938592160911,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=398070897655893702 --mojo-platform-channel-handle=988 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\sendmail.dll
c:\windows\system32\zipfldr.dll
c:\windows\system32\fxsresm.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\syncui.dll
c:\windows\system32\synceng.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll

Registry activity

Total events
890
Read events
844
Write events
45
Delete events
1

Modification events

PID
Process
Operation
Key
Name
Value
3132
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
01000000
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
3132
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
3132
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13207331523546125
3132
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
LanguageList
en-US
3096
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3132-13207331522218000
259
2672
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
LanguageList
en-US
2396
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
LanguageList
en-US
2396
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
@sendmail.dll,-21
Desktop (create shortcut)
2396
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
@zipfldr.dll,-10148
Compressed (zipped) folder
2396
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
@sendmail.dll,-4
Mail recipient
2396
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
@C:\Windows\system32\FXSRESM.dll,-120
Fax recipient

Files activity

Executable files
0
Suspicious files
36
Text files
64
Unknown types
3

Dropped files

PID
Process
Filename
Type
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF10cfb6.TMP
text
MD5: 199e5465972eeed4d945b12c0758e0f4
SHA256: 58e66c21e662b39e79c42437173f2ad84217d1737dea985a0e3545f8a7ea689c
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 6eaeee7df5f878bb34505e5e90680781
SHA256: f99b020a5bf97c07b97123403b627d67d1410988791e44e13f9e2ac4996bf67c
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\5ab6e594-634f-41d1-b575-e88a4dbe07a2.tmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: bbf23d9c6902383de466398722d40714
SHA256: 56e4e5bd9191bc7f9b276a88b6ccb6f8177807f2aa4ced888c272a65e9b467ff
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF10a8f4.TMP
text
MD5: bbf23d9c6902383de466398722d40714
SHA256: 56e4e5bd9191bc7f9b276a88b6ccb6f8177807f2aa4ced888c272a65e9b467ff
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\6423d937-4eea-4173-82cd-834d51a1c42b.tmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
binary
MD5: ee0a40675a863e7358988446eda6277a
SHA256: 4daa89ab6a507bda75a75677d0a73b8fd95004498197c2964b112a81db1294c9
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RF109fcc.TMP
binary
MD5: ee0a40675a863e7358988446eda6277a
SHA256: 4daa89ab6a507bda75a75677d0a73b8fd95004498197c2964b112a81db1294c9
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: b0da2b227945f878a9186239b2c05e4a
SHA256: 4a61bfa4173570067c2055b79999155e9758882ea6a2fa307a4ee8e7bcc2b161
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF106bbc.TMP
text
MD5: b0da2b227945f878a9186239b2c05e4a
SHA256: 4a61bfa4173570067c2055b79999155e9758882ea6a2fa307a4ee8e7bcc2b161
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\85a01b1d-3961-4a94-bef9-87da078e6190.tmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: bb18cd6ec0a53a4de582c9ce760965eb
SHA256: cabed39ec1138af6b9d472ca0a4b36be867a0ab687b3b6b1bf8e284c72a82efb
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF10667c.TMP
text
MD5: bb18cd6ec0a53a4de582c9ce760965eb
SHA256: cabed39ec1138af6b9d472ca0a4b36be867a0ab687b3b6b1bf8e284c72a82efb
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\43ada101-f13e-4c7f-8838-0b1348ca6aa3.tmp
––
MD5:  ––
SHA256:  ––
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: cb74e26c44dbc8f944692f8499092f28
SHA256: 9b60010176de159b9d20184de9835ae037544d59958b2858db7834acfece8706
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF106330.TMP
text
MD5: cb74e26c44dbc8f944692f8499092f28
SHA256: 9b60010176de159b9d20184de9835ae037544d59958b2858db7834acfece8706
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\9a6cf9b4-7cfb-4f5b-b13f-3f56078f211f.tmp
––
MD5:  ––
SHA256:  ––
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
binary
MD5: b71c9faff6556a73c25ed53d87e42624
SHA256: cad368db84429ec9301fe2d357abd1bc5db9c9c85c352e5843b37f6890dee051
2672
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar52A7.tmp
––
MD5:  ––
SHA256:  ––
2672
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab52A6.tmp
––
MD5:  ––
SHA256:  ––
2672
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
binary
MD5: db85fce90d629e70dd26213d0de979df
SHA256: e1e7e14449c90effca4966e4967be95d7cd62aafd9d9be1ababb9bfae25d00ab
2672
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
der
MD5: 135c822ab88e3d738307b048551984cb
SHA256: 98ae3597e090bf15d380a3ba854da46cb8629876b6255ba9fc16449b29c6eae0
2672
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77F12B034AEDCF94AE3AC5680669205B_CEF79E62036F6A4311806781F0EC3E43
binary
MD5: 22ca5190666d934c0e8529e6b7b97297
SHA256: ebc8f1c0327251b693d904f9b30641805aba0e949f1fd143730c59c46aad7973
2672
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77F12B034AEDCF94AE3AC5680669205B_CEF79E62036F6A4311806781F0EC3E43
der
MD5: dfdb961835866c630ea7887f9534663c
SHA256: 500bb57a48524eb75e7574da47498142efa33b379ba9c280855576043902f57d
2672
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8828F39C7C0CE9A14B25C7EB321181BA_0F3B0F9C7E9E8F15AA930243C0EFCBA2
binary
MD5: f83b665e64a1b74b72d2db2882d26d62
SHA256: 2fa859ea15107d2962662fa97d1488b5c41b39f43f4d079f3a41158bb7ff6154
2672
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8828F39C7C0CE9A14B25C7EB321181BA_0F3B0F9C7E9E8F15AA930243C0EFCBA2
der
MD5: 7b122fba5cc663da1a9abaf5678c1c07
SHA256: 4b8ec080c72fbb41359807ab8792d56fd0c2b4e1b4bdcb9bae9be723cff84ab7
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3478338b2add6210_0
binary
MD5: 5eeb8b69bcf27133409c224cf14be0aa
SHA256: 3fd6ad6101ec5764896c46e0d1a5d6638b712d655618eb68f06f94be6759860b
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
compressed
MD5: 09a12f451040037356efd458a6cf8141
SHA256: f74bc88876a8aaa9f9f6e30d52bcf35139cf830045ce3d383845b6b21f870243
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2dfc8e9e26d4aacd_0
binary
MD5: 384c74b5a909b72537ed8927dfe268bb
SHA256: 97d5cfbcfa35bd10a4730a3073282d8b2fef5912d8144b6318bfdaa74f73ec5d
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
image
MD5: 16507a857b49ebe827a1f722cd357a01
SHA256: 89290423779312fa07bf8b1209a0a0f07bac1b70eac3356334162076f57963b3
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\79372807fb4a704c_0
binary
MD5: 44724481bac59bf95e0955a509571774
SHA256: 78261b6dec59795d08cbcd18985f6239451ce43633863e0ca482d218ace34061
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\30673e4744776c3e_0
binary
MD5: 1d18751b64cf8298e5ab0d920911fd85
SHA256: f612df2237c3fbb06758d2c6c909101b94d6d3a8d9b10d2b139610e09c18f353
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dbad726d1265bfd9_0
binary
MD5: bab7f033c6a5b7498c25a7d2c81b55db
SHA256: 33a59bec96f60d3f6e16372600614ba940698f2ad628926a51475c26286fb17e
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83743526b6d24efa_0
binary
MD5: dc69fab3b2c049a18a3e0e7179e0d8b1
SHA256: 6c8ddb06ac98815a4b75e4cb111ac99a650a7d80d21b0ea6226e8e2378debe0a
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\58259370e2d0c46f_0
binary
MD5: 332090ae96288c9b0607309d6587d54d
SHA256: 7d275319e486f9f2c16201fa7dc984c0e86e74fc7785af6c624f8ecbdada22e4
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\68e32c205483ed7d_0
binary
MD5: 8a2f1196e130c18711eeabf8f085c192
SHA256: 7e35b1c05b6cd3cb6f0f56c784a714bfcba66852ed00b8114c719f045f548fd9
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
compressed
MD5: 6a7174e4228ad42acbe33a53ec6223a2
SHA256: 3cdaefc60b77ce7556b2e22a7b8b60a4a063fd417d9e3548e6f8b5732752db0e
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
binary
MD5: c343456c13ce2f34bcde215bddd968eb
SHA256: 4454b9c5cb8f7b7e45854380665c7ac17da118a104bebd5b50a683022f6fb987
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2ff9dec263a05789_0
binary
MD5: 4995411f5d1ecf31daca635c8a307957
SHA256: 5bb646588d9453d60e793f11114c90bf978dab6dd2b7f7c79c07916151af0eb2
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
binary
MD5: 76cf021d15213457bbe823cdcc5e3e8d
SHA256: 8fec1962146320491a2925edc890868c3dd5a82cbb1999b3d2a58dc40049ec5e
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
binary
MD5: 390f555f3e9a6ff1568cd7f930dcd0d7
SHA256: bee2bb4d80c23560f341b283ddbf3ca048f9d024edf87198454e857adca84630
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 9afc07f63e375f7ccce13c132911cf6c
SHA256: dd0cce08cb4dc8cb3d079f25a6ec72c916a95da5fb1ce2b8ea5d6617f4c6d49a
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF103ad8.TMP
text
MD5: 9afc07f63e375f7ccce13c132911cf6c
SHA256: dd0cce08cb4dc8cb3d079f25a6ec72c916a95da5fb1ce2b8ea5d6617f4c6d49a
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\107e819d-df3f-4ce7-b2f2-ae3a1f7d69de.tmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: a2b0d13b4a092a7592f31aaf16bdd76e
SHA256: e05b7c15cfb03e93ba62567fd0fba6ac5418ca50dd434697ecc08713666c5a0d
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1032ca.TMP
text
MD5: a2b0d13b4a092a7592f31aaf16bdd76e
SHA256: e05b7c15cfb03e93ba62567fd0fba6ac5418ca50dd434697ecc08713666c5a0d
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\09e0798b-0849-48bd-80c3-482cfff1d144.tmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 199e5465972eeed4d945b12c0758e0f4
SHA256: 58e66c21e662b39e79c42437173f2ad84217d1737dea985a0e3545f8a7ea689c
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF10320e.TMP
text
MD5: 6eaeee7df5f878bb34505e5e90680781
SHA256: f99b020a5bf97c07b97123403b627d67d1410988791e44e13f9e2ac4996bf67c
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\0fe1c5ee-0109-4dc0-9a85-e697af24c261.tmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee18c807552d0e70_0
binary
MD5: eb25c5ee7cc6ab3ebeae8fd5e64d9fa4
SHA256: a9dfea6f6fc1627c34429daa19ba00627d4d1c35acbc623f958266cea44d1749
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
compressed
MD5: 8a635fbd2a8abaa5f588b7d56da22b37
SHA256: ef145f6494b0730b2d203562b6413ab941e15b1d1385aec2599f74030f425639
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\29f2a9a60011a465_0
binary
MD5: e6574bad161b435fbecfd423d6304bb4
SHA256: 72902fed974ae99f63dbc9ae7a37122fa92bd599d2a2d74fe83e769293089795
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
compressed
MD5: 8fb599ceea7130ecf270e69c1c33d6eb
SHA256: 4331b48b956e3cd4c5f7b1a3558455fff6ffcdeeca629a9d6983024e78c4d1c0
2672
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001
binary
MD5: b71f2f11923564788f0f0c2792c95e09
SHA256: 1ad7e9550277c1e226dd831a07742b171945cbc056019f21b6a429f135fc7264
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old
text
MD5: 97aa7678fb9d338d08c371711b54a104
SHA256: 4657635b66fa68ae1550b7bff4e54016f8874b4df43a004c9a7244c8465c6ca8
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Session
binary
MD5: 92eb31d830454841999ecdb4a714d301
SHA256: 63f01870e03b0329f3ae859435ef5610661a45085390af36275ae7d6808c8ffb
3132
chrome.exe
C:\Users\admin\Downloads\Unconfirmed 811352.crdownload
xml
MD5: 9f1bf86a82517db7ad9d3267f385bb25
SHA256: 6dd3f3e877559715bfa3c5be8437382ace54872cc22dbcbf7801fc2785ee0bca
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: 1276f7de036cb69ffbc104fa79f1d060
SHA256: 3044aa641bd2fed097ee25a5ad052d276eea8ec75a807a244102d75af9ac94f1
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF101464.TMP
text
MD5: 1276f7de036cb69ffbc104fa79f1d060
SHA256: 3044aa641bd2fed097ee25a5ad052d276eea8ec75a807a244102d75af9ac94f1
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 370df9c4af340d044e2946d87d515fd8
SHA256: f4761a6412fee517fddf04004ddcb13b935994fba8550318534705c979a29343
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF1013d8.TMP
text
MD5: 370df9c4af340d044e2946d87d515fd8
SHA256: f4761a6412fee517fddf04004ddcb13b935994fba8550318534705c979a29343
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
binary
MD5: f50f89a0a91564d0b8a211f8921aa7de
SHA256: b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\Downloads\662d8a55-2ba8-4627-9310-dc7347499556.tmp
xml
MD5: 9f1bf86a82517db7ad9d3267f385bb25
SHA256: 6dd3f3e877559715bfa3c5be8437382ace54872cc22dbcbf7801fc2785ee0bca
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\CURRENT~RF101176.TMP
text
MD5: 206702161f94c5cd39fadd03f4014d98
SHA256: 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\CURRENT
text
MD5: 206702161f94c5cd39fadd03f4014d98
SHA256: 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\000002.dbtmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\MANIFEST-000001
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
binary
MD5: 891a884b9fa2bff4519f5f56d2a25d62
SHA256: e2610960c3757d1757f206c7b84378efa22d86dcf161a98096a5f0e56e1a367e
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
text
MD5: d5a56fc49652d0775aea5a303b2e55db
SHA256: c5d73dd0d5d61bd8bab99a976c2546e3b45774d6c2e185ee824f007d43da04b2
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG.old
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old
text
MD5: 722d616be0caaf9ed585c9aea7f3742c
SHA256: f86c514fa380332be463670b3b334c8feedc2f6cb9b4118ea367729b056de0fb
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old
text
MD5: 454106ccf080f3e3795c229fc73350d4
SHA256: 9974dc611be9e20bdfa7b8d939cb913ad23859dea5f52ebb8d10cead9ab5b4fa
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old
text
MD5: 911b244e4a362b56f2478647d2d61a40
SHA256: 3a5aec1ea537d8841e604d0aa4cd5f9241c805a3d4eb4e372cfb7eeb3678a361
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old~RF100d9e.TMP
text
MD5: 454106ccf080f3e3795c229fc73350d4
SHA256: 9974dc611be9e20bdfa7b8d939cb913ad23859dea5f52ebb8d10cead9ab5b4fa
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old
text
MD5: 0acecca4cf9ade756da7cc9dcdf02d50
SHA256: 18f910775132b4fee014ea0fab836d857f367e76232fab4ae6a86a92e4c3ebee
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF100d11.TMP
text
MD5: a874f3e3462932a0c15ed8f780124fc5
SHA256: 01bd196d6a114691ec642082ebf6591765c0168d4098a0cd834869bd11c8b87d
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: a874f3e3462932a0c15ed8f780124fc5
SHA256: 01bd196d6a114691ec642082ebf6591765c0168d4098a0cd834869bd11c8b87d
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000020.dbtmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old
text
MD5: 3d551b6e929cf62f7aa66091e718704b
SHA256: 1698a1b1bc3e86676392fb8bd4c712438302a5a2220503c08f290ed4b1790404
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old~RF100cc3.TMP
text
MD5: 3d551b6e929cf62f7aa66091e718704b
SHA256: 1698a1b1bc3e86676392fb8bd4c712438302a5a2220503c08f290ed4b1790404
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
binary
MD5: 0686d6159557e1162d04c44240103333
SHA256: 3303d5eed881951b0bb52cf1c6bfa758770034d0120c197f9f7a3520b92a86fb
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\06a285fa-573e-48f1-8426-9e90e7ed151e.tmp
––
MD5:  ––
SHA256:  ––
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old~RF100ca4.TMP
text
MD5: a519780ed0a2f4336db4f5651d79c369
SHA256: da5b71bd0075b55757bf757bf5f4d4a1dcbcf0762cda5b31b28680963e068c75
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old
text
MD5: a519780ed0a2f4336db4f5651d79c369
SHA256: da5b71bd0075b55757bf757bf5f4d4a1dcbcf0762cda5b31b28680963e068c75
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF100c37.TMP
text
MD5: 213ae3da120d7862d60b5763b6c9d466
SHA256: 5736534d6ee654c1bf1a8e79e73330af58f622e8657285330d2c7189a55604f4
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: 213ae3da120d7862d60b5763b6c9d466
SHA256: 5736534d6ee654c1bf1a8e79e73330af58f622e8657285330d2c7189a55604f4
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: dc32343f45b01764b6267ad36548102a
SHA256: a250f5ad57d4bd58aae92810d50278e3be2dbf869f126a3a3519691bcdfc2075
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old
text
MD5: c4d6cbb269c626168a5d6d0d8cce6c30
SHA256: b62cdbb758278a0c2e50593357390119441d8de09428eb29027f3dfd1332e348
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old~RF100c17.TMP
text
MD5: c4d6cbb269c626168a5d6d0d8cce6c30
SHA256: b62cdbb758278a0c2e50593357390119441d8de09428eb29027f3dfd1332e348
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF100c17.TMP
text
MD5: dc32343f45b01764b6267ad36548102a
SHA256: a250f5ad57d4bd58aae92810d50278e3be2dbf869f126a3a3519691bcdfc2075
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c016064a1f864c8140915d77cf3389a
SHA256: 0e7265d4a8c16223538edd8cd620b8820611c74538e420a88e333be7f62ac787
3132
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: 1a89a1bebe6c843c4ff582e7ed33ca1f
SHA256: 65099ca087b66aa8ca420ab121daad713e1db5a61c5a574d9b1c0df24f012520
3808
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: b59113c2dcd2d346f31a64f231162ada
SHA256: 1d97c69aea85d3b06787458ea47576b192ce5c5db9940e5eaa514ff977ce2dc2

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
71
TCP/UDP connections
38
DNS requests
35
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/SweetHome3D.jnlp FR
xml
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/de/download.jsp FR
html
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/sweethome3d.css?version=2 FR
text
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/SweetHome3D.js FR
html
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/SweetHome3DLogo.png FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/SweetHome3DLogoSmallScreen.png FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/filler.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/search.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/topMenuContourTopLeft.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/topMenuContourTopRight.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourTopLeft2.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourTopRight2.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourBottomLeft.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourBottomRight.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/en_small.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourTopLeft.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourTopRight.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuItemContourBottomLeft.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuItemContourBottomRight.gif FR
image
unknown
2672 chrome.exe GET 200 216.105.38.13:80 http://sflogo.sourceforge.net/sflogo.php?group_id=152568&type=12 US
image
malicious
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/optionsContourTopLeft.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/optionsContourTopRight.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/en.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/fr.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/pt.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/es.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/it.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/de.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/nl.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/sv.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/cs.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/pl.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/hu.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/sl.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuItemContourBottom.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuItemBackground.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourBottom.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuItemContourRight.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourTop.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/headerBackground.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourRight.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/backg.jpg FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuBackground.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuContourLeft.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/headerSeparator.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/menuItemContourLeft.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/topMenuContourTop.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/el.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/bg.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/ru.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/vi.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/zh_CN.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/zh_TW.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/optionsContourBottomRight.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/bullet.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/flags/ja.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/optionsContourBottomLeft.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/optionsContourRight.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/optionsContourTop.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/optionsContourLeft.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/decoration/optionsContourBottom.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/buttons/Download_SF_en.png FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/buttons/amazon-apps-store-de-black.png FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/warning.gif FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/buttons/Get-it-from-MS-de.png FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/buttons/Download_on_the_Mac_App_Store_Badge_DE_165x40.png FR
image
unknown
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/images/eteks.gif FR
image
unknown
2672 chrome.exe GET 200 23.37.43.27:80 http://s.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEHiupDHBXOt1ew2KYQp0jmc%3D NL
der
whitelisted
2672 chrome.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQu7Xbjq6rqggE7PFAsQRgy8Q8tzwQUkEeKG4TToN%2BkJNYZtBf1IaOym6gCEA7fr0YLsTZHJYxFeyuWNYA%3D US
der
whitelisted
2672 chrome.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAx5qUSwjBGVIJJhX%2BJrHYM%3D US
der
whitelisted
2672 chrome.exe GET 200 176.31.241.24:80 http://www.sweethome3d.com/favicon.ico FR
image
unknown

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2672 chrome.exe 172.217.22.99:443 Google Inc. US whitelisted
2672 chrome.exe 176.31.241.24:80 OVH SAS FR unknown
2672 chrome.exe 172.217.22.77:443 Google Inc. US whitelisted
2672 chrome.exe 172.217.18.110:443 Google Inc. US whitelisted
–– –– 172.217.18.110:443 Google Inc. US whitelisted
2672 chrome.exe 172.217.18.4:443 Google Inc. US whitelisted
2672 chrome.exe 172.217.22.35:443 Google Inc. US whitelisted
2672 chrome.exe 172.217.22.10:443 Google Inc. US whitelisted
2672 chrome.exe 172.217.18.3:443 Google Inc. US whitelisted
2672 chrome.exe 172.217.21.227:443 Google Inc. US whitelisted
2672 chrome.exe 172.217.22.110:443 Google Inc. US whitelisted
–– –– 172.217.22.35:443 Google Inc. US whitelisted
2672 chrome.exe 172.217.21.206:443 Google Inc. US whitelisted
2672 chrome.exe 172.217.22.34:443 Google Inc. US whitelisted
2672 chrome.exe 216.58.206.2:443 Google Inc. US whitelisted
2672 chrome.exe 216.58.207.34:443 Google Inc. US whitelisted
2672 chrome.exe 216.105.38.13:80 American Internet Services, LLC. US malicious
2672 chrome.exe 23.210.248.226:443 Akamai International B.V. NL whitelisted
2672 chrome.exe 185.60.216.19:443 Facebook, Inc. IE whitelisted
2672 chrome.exe 216.58.208.42:443 Google Inc. US whitelisted
2672 chrome.exe 23.37.43.27:80 Akamai Technologies, Inc. NL whitelisted
2672 chrome.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2672 chrome.exe 185.60.216.35:443 Facebook, Inc. IE whitelisted

DNS requests

Domain IP Reputation
www.sweethome3d.com 176.31.241.24
unknown
clientservices.googleapis.com 172.217.22.99
whitelisted
accounts.google.com 172.217.22.77
shared
sb-ssl.google.com 172.217.18.110
whitelisted
www.google.com 172.217.18.4
whitelisted
www.google.ch 172.217.22.35
whitelisted
fonts.googleapis.com 172.217.22.10
whitelisted
www.gstatic.com 172.217.18.3
whitelisted
apis.google.com 172.217.22.110
whitelisted
fonts.gstatic.com 172.217.21.227
whitelisted
ssl.gstatic.com 172.217.22.35
whitelisted
consent.google.com 172.217.21.206
whitelisted
adservice.google.ch 172.217.22.34
whitelisted
adservice.google.com 216.58.206.2
whitelisted
googleads.g.doubleclick.net 216.58.207.34
whitelisted
sflogo.sourceforge.net 216.105.38.13
malicious
www.paypal.com 23.210.248.226
whitelisted
www.amazon.de 143.204.205.221
whitelisted
itunes.apple.com 92.122.156.104
whitelisted
www.eteks.com 176.31.241.24
unknown
sourceforge.net 216.105.38.13
whitelisted
www.microsoft.com 23.210.249.93
whitelisted
connect.facebook.net 185.60.216.19
whitelisted
translate.googleapis.com 216.58.208.42
whitelisted
downloads.sourceforge.net 216.105.38.13
malicious
sweethome3d.cvs.sourceforge.net 216.105.38.20
unknown
java.com 104.108.56.225
whitelisted
www.7-zip.org 159.65.89.65
suspicious
s.symcd.com 23.37.43.27
whitelisted
staticxx.facebook.com 185.60.216.19
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
www.facebook.com 185.60.216.35
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.