General Info

File name

index.html

Full analysis
https://app.any.run/tasks/1c9f6b47-6dc7-4017-a068-1dde2b5c6d10
Verdict
Malicious activity
Analysis date
7/18/2019, 15:19:25
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

evasion

Indicators:

MIME:
text/html
File info:
HTML document, ASCII text, with very long lines
MD5

d13e9218480edb8738fb455a1794a5c9

SHA1

c9ca1bd71adc1c88d5855cbf455cdf2dab94e684

SHA256

77d4c9261de707e2b03be8969081c32b4836d3cf4a4fee6fc2da156a4f808580

SSDEEP

768:lRiEErnTQGk1aSnAB5cHG5nl67dMjpwCjdUiCfrPUkkgWVsk:/ObTg7HG6Lk3

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
300 seconds
Additional time used
240 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 67.0.4 (x86 en-US) (67.0.4)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Checks for external IP
  • chrome.exe (PID: 3340)
Application launched itself
  • chrome.exe (PID: 3276)
Dropped object may contain Bitcoin addresses
  • chrome.exe (PID: 3276)
Manual execution by user
  • chrome.exe (PID: 3276)
Reads Internet Cache Settings
  • iexplore.exe (PID: 3952)
Reads settings of System Certificates
  • iexplore.exe (PID: 3952)
Changes internet zones settings
  • iexplore.exe (PID: 2628)
Creates files in the user directory
  • iexplore.exe (PID: 3952)
Reads internet explorer settings
  • iexplore.exe (PID: 3952)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.html
|   HyperText Markup Language (100%)
EXIF
HTML
Title:
monday.com: Your team's growth made easy | Sign In
Description:
monday.com: Your team's growth made easy | Sign In
viewport:
width=device-width, initial-scale=1.0, user-scalable=0, minimum-scale=1.0, maximum-scale=1.0
csrfParam:
authenticity_token
csrfToken:
OoGLOw4aLVelYg4fhLPeToKRxVczDmNFUnnLK6DOtr0=
msapplicationTileColor:
#da532c
msapplicationTileImage:
/mstile-144x144.png
themeColor:
#ffffff

Screenshots

Processes

Total processes
62
Monitored processes
22
Malicious processes
0
Suspicious processes
1

Behavior graph

+
start iexplore.exe iexplore.exe chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2628
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\admin\AppData\Local\Temp\index.html
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\profapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\cryptbase.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\ieui.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\url.dll
c:\windows\system32\version.dll
c:\windows\system32\xmllite.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\msfeeds.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\mssprxy.dll

PID
3952
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2628 CREDAT:79873
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
Parent process
iexplore.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\program files\internet explorer\ieshims.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\rpcrtremote.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rsaenh.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\mlang.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\program files\java\jre1.8.0_92\bin\ssv.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
c:\windows\system32\version.dll
c:\progra~1\micros~1\office14\urlredir.dll
c:\windows\system32\secur32.dll
c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
c:\progra~1\micros~1\office14\msohev.dll
c:\program files\java\jre1.8.0_92\bin\jp2ssv.dll
c:\program files\java\jre1.8.0_92\bin\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\deploy.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winmm.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\ksuser.dll
c:\windows\system32\avrt.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\audioses.dll
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\t2embed.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\userenv.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\schannel.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\credssp.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\program files\microsoft office\office14\winword.exe

PID
3276
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe"
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\wpc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\samlib.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wbem\wmiperfinst.dll
c:\windows\system32\pdh.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\progra~1\micros~1\office14\mlshext.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\mf.dll
c:\windows\system32\shdocvw.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\syncui.dll
c:\program files\notepad++\nppshell_06.dll
c:\program files\windows sidebar\sbdrop.dll
c:\windows\system32\stobject.dll
c:\windows\system32\cryptext.dll
c:\windows\system32\colorui.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winspool.drv
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\audioses.dll

PID
2100
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=75.0.3770.100 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6c1ea9d0,0x6c1ea9e0,0x6c1ea9ec
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
2284
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3196 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_watcher.dll

PID
3004
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=3507047427392404076 --mojo-platform-channel-handle=1020 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\75.0.3770.100\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\75.0.3770.100\swiftshader\libegl.dll

PID
3340
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=5139569487616901384 --mojo-platform-channel-handle=1644 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\credssp.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\devrtl.dll

PID
3360
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18029923144086304858 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2248 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1528
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3416939722096500561 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2528 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3564
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10858762307626445673 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2540 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2328
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=15838769171370163496 --mojo-platform-channel-handle=3124 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2476
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=10653494717034995843 --mojo-platform-channel-handle=3344 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3904
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=12638428178437237250 --mojo-platform-channel-handle=3492 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2560
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=1185862170576131848 --mojo-platform-channel-handle=3616 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2924
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=9968110614088280375 --mojo-platform-channel-handle=3720 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3136
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=629052072186774686 --mojo-platform-channel-handle=3400 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\psapi.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll

PID
3308
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5850798640040434310 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
4028
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=4130125549243434742 --mojo-platform-channel-handle=2352 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\sendmail.dll
c:\windows\system32\zipfldr.dll
c:\windows\system32\fxsresm.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\syncui.dll
c:\windows\system32\synceng.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll

PID
2712
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=6470061587014615941 --mojo-platform-channel-handle=488 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2140
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=8488145619936656085 --mojo-platform-channel-handle=2340 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
316
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=11149741708942914906 --mojo-platform-channel-handle=3028 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
360
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1032,7307556497633966668,2775356185929212915,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17954111199317417739 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2132 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

Registry activity

Total events
979
Read events
830
Write events
146
Delete events
3

Modification events

PID
Process
Operation
Key
Name
Value
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
CompatibilityFlags
0
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
SecuritySafe
1
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000077000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\Active
{B4677F97-A95E-11E9-B2FD-5254004A04AF}
0
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Type
4
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Count
1
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Time
E3070700040012000D0013002C008602
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Type
4
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Count
1
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Time
E3070700040012000D0013002C009502
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
FullScreen
no
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Window_Placement
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF20000000200000004003000078020000
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Links
Order
08000000020000000C01000001000000020000007E0000000000000070003200EC000000464B245120005355474745537E312E55524C0000540008000400EFBE454B974D464B24512A000000F94300000000020000000000000000000000000000005300750067006700650073007400650064002000530069007400650073002E00750072006C0000001C00000000000000820000000100000074003200E2000000464B24512000574542534C497E312E55524C0000580008000400EFBE454B864A464B24512A000000743E0000000003000000000000000000000000000000570065006200200053006C006900630065002000470061006C006C006500720079002E00750072006C0000001C00000000000000
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
Path
C:\Users\admin\Favorites\Links\Suggested Sites.url
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
Handler
{B0FA7D7C-7195-4F03-B03E-9DC1C9EBC394}
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
FeedUrl
https://ieonline.microsoft.com/#ieslice
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
DisplayName
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
ErrorState
0
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
DisplayMask
0
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
Path
C:\Users\admin\Favorites\Links\Web Slice Gallery.url
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
Handler
{B0FA7D7C-7195-4F03-B03E-9DC1C9EBC394}
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
FeedUrl
http://go.microsoft.com/fwlink/?LinkId=121315
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
DisplayName
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
ErrorState
0
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
DisplayMask
0
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch
UpgradeTime
02E84FA66B3DD501
2628
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch
UpgradeTime
09F350A66B3DD501
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Type
3
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Count
1
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Time
E3070700040012000D0013002C007003
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
LoadTime
27
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Type
3
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Count
1
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Time
E3070700040012000D0013002C008F03
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
LoadTime
366
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Type
3
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Count
1
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Time
E3070700040012000D0013002D000F01
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
LoadTime
52
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000078000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
3952
iexplore.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
LanguageList
en-US
3952
iexplore.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
LangID
0904
3952
iexplore.exe
write
HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
Microsoft Word
3952
iexplore.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Default MHTML Editor
Last
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /n "%1"
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019071820190719
CachePath
%USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012019071820190719
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019071820190719
CachePrefix
:2019071820190719:
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019071820190719
CacheLimit
8192
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019071820190719
CacheOptions
11
3952
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019071820190719
CacheRepair
0
3952
iexplore.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019032320190324
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
01000000
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
3276
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
3276
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13207929594276132
3276
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
LanguageList
en-US
3276
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aapocclcgogkmnckokdopfmhonfmgoek
F20586EC41B88D29967244CFFA26031887B89B04300F299FD43396E9B7D4F75E
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
15B1C3FE35F29528448F36A72A4DFBC58A8083C7190559D25865779166D220A2
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aohghmighlieiainnegkcijnfilokake
2548EBBA88031510C3B49447DBA2A89923A392C0615414350AAA2DF23E674A7B
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
apdfllckaahabafndbhieahigkjlhalf
21831CCD0460F750615FA917C0388230A10E97F3488F9028684594680B4E6923
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
blpcfgokakmgnkcojhhkbfbldkacnbeo
C74C5C27D264FEC383ED31F6EFA32AC5866338F55CF025BA641FA0809045417B
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
felcaaldnbdncclmgdcncolpebgiejap
E57DEC58EF22A46025B0EEE162535664FF8A06AE9FF6A4E93E9AA8C37E690D41
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
D6B079666F209503A09486C70AC09307652A0F7F783166A999B27C99D0DA79E2
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
93455FA74DC1BED1CA38AD12CDF32304094FA62C7374759ED541C5AA5C0A92FD
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
00175B8120231631976CA8B862A3416996C9373BA3D289F0619DDA992973DDFA
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
63355C14E8C7DF9A075F2EDDEA6F2807DC8166B83F96F4C975B9B6554C6324D7
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
0E265BFED6F1C7D5F0A9BD790C50BB30E78E959631D51EEBB8BB0DE73E65763C
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
04A45240BDA55E8777FA04357712CA6DD942253A21323E4C7D3CCF769B34BFED
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
5D58C2FED93EFDED578B006CB02BBB8DEC329128E2D098172E1316CDD15254DC
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
0D5B759C0954104E18743B28442C574ED2993E481C060249051907E7B54DC20C
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pjkljhegncpnkpknbcohdijeoejaedia
6FB66E9D1A5A92BE1B0868FE1669E627024387D2A70A0A9BC150D5C0DFE17ABF
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
230C2396765981675322D6D42D1170C14223FC3D694C857C5A54D6487496FFEB
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\PTimes
C
42F587B26B3DD501
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C1
1C1GCEA_enUA812UA812
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C2
1C2GCEA_enUA812
3276
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C7
1C7GCEA_enUA812
2284
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3276-13207929592807382
259
3340
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
LanguageList
en-US
4028
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
LanguageList
en-US
4028
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
@sendmail.dll,-21
Desktop (create shortcut)
4028
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
@zipfldr.dll,-10148
Compressed (zipped) folder
4028
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
@sendmail.dll,-4
Mail recipient
4028
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
@C:\Windows\system32\FXSRESM.dll,-120
Fax recipient

Files activity

Executable files
0
Suspicious files
62
Text files
96
Unknown types
8

Dropped files

PID
Process
Filename
Type
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State~RF1be29c.TMP
text
MD5: a365cfacceb09a5d817fa3e49dd1ccda
SHA256: 09c08e140affe2f0147b39e441824c021140107653ede9ceecf9e0f56cda7d9b
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\IpMalware.store_new
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\82fac71c-2da9-4269-a467-f082a6060ebc.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000005.ldb
binary
MD5: a266647834a18991c687aa936bcc1113
SHA256: 3d7dce47b3c02172baaa4788ceac9d7b41503457c67bef9381d1b13379ba2f46
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
binary
MD5: 6750f4c1ae45bf4a211516b83833a9c5
SHA256: b292e8f2c1e7eb3b2fef16aa6ea994f15694a030eac2fe7140562413d7838607
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RF1b293f.TMP
binary
MD5: 6750f4c1ae45bf4a211516b83833a9c5
SHA256: b292e8f2c1e7eb3b2fef16aa6ea994f15694a030eac2fe7140562413d7838607
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1b023e.TMP
text
MD5: d028bb5456ca3a51c4356049b0a08786
SHA256: 5c17695c3339f32ed1f08cd6e402debdab0d51107bdde69ae952a5f364a9aff1
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: d028bb5456ca3a51c4356049b0a08786
SHA256: 5c17695c3339f32ed1f08cd6e402debdab0d51107bdde69ae952a5f364a9aff1
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\22fc1842-932a-4781-a2c0-ccd0a5d6b4b5.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF1b01a2.TMP
text
MD5: e24730d8e51b30529c719e8cfca13e7d
SHA256: ebd0fbcac70b4b062863060b88e49c3d5c9b6156905a7964bbc1e4b8319dd939
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: e24730d8e51b30529c719e8cfca13e7d
SHA256: ebd0fbcac70b4b062863060b88e49c3d5c9b6156905a7964bbc1e4b8319dd939
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\deec2bcb-b4a1-4990-8b19-5a1506b63d14.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: d87e2e486d599347a5d03a4d3af64d11
SHA256: 44abc9a938c2e1101fbb94dc83457f57c8b561a151adb8fb17be7e08092e5603
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1af994.TMP
text
MD5: d87e2e486d599347a5d03a4d3af64d11
SHA256: 44abc9a938c2e1101fbb94dc83457f57c8b561a151adb8fb17be7e08092e5603
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\2b142226-f2d6-4520-8a83-0087e024a2f0.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
mp3
MD5: f11ce9e8f40a392830217253fe75d6de
SHA256: 05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1b8e155296fb7faf_0
binary
MD5: 64a6d20ec1ac3fca73ac0f20657e7aa8
SHA256: ee9086af5027c48f34f32625a3df13ccbcedb7a56d59b2b54eef84ad72e39819
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF1ada73.TMP
text
MD5: e31145b5b2a95387c703bb71267c012a
SHA256: 4f803e7647b06a21aad623d2102db1495d9a7ad8babec0de48fee02bc25095e6
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: e31145b5b2a95387c703bb71267c012a
SHA256: 4f803e7647b06a21aad623d2102db1495d9a7ad8babec0de48fee02bc25095e6
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\ae969c6c-ec84-4454-a916-c852c6a342b9.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5ccfed0faec84cbb_0
binary
MD5: 9fb2f914c2482419b48d55b72e0e8ab6
SHA256: d2c04d1b98d364014696aaf9be6242223fc758e65b1afdf106daa872cf0f5473
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1ada06.TMP
text
MD5: 37f5070b2f9b497e75a71535437a752c
SHA256: 3aa580d0ef78452599fe68906febb7590ce6324b83bfd41920bd3cf2a1cc0fdc
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 37f5070b2f9b497e75a71535437a752c
SHA256: 3aa580d0ef78452599fe68906febb7590ce6324b83bfd41920bd3cf2a1cc0fdc
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\b470bea9-c705-429c-a2e9-b370532c3ddb.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
binary
MD5: 68559c180e1df31125bf2c57620ba0f6
SHA256: d4405ee2e5168b8b89c8a230f198e6107e0ec9e60334d27cd21f8875ac9fc94c
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d962920e88aae033_0
binary
MD5: 5176058b7d13bd6caff2eac78f1012ce
SHA256: 835221d8afff5c77eb57a46cbca6e03a50742cf078d5a64bc1fe2736b16fe87b
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
binary
MD5: 38e24e3828364815d27d2650ab327580
SHA256: 0049526cc2cb8b57e1521e89396f497e936d996206c5beebaf612d0444659f7f
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b
binary
MD5: f30755bf1a1f36ee968e3fa5d6f0f583
SHA256: 3eb9548ea836bcde85c5084ef4d4e610bc7b85e841ef97220a04f8c96b2dac13
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c2b684bb639b3f66_0
binary
MD5: 751b4e418610150b86ccbbabb316f937
SHA256: 874c0f7aba1adfdacd3b2e917a559d0cf94760f217b54166764118190d005f3d
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9496d6e1dfa8d28c_0
binary
MD5: 14b7c16446992b3719b6a64f54a4d626
SHA256: 6e1acdca0fa5f8585f2b9a4c2b87cff16271187cc99cc16468f951d72b12a9e4
3340
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
binary
MD5: 02bc797711a3f7d89fce554b44d303f7
SHA256: 7d14e7235374e49b2ac74331618f047a527a9773b749cbe90f3f55c699a8edfa
3340
chrome.exe
C:\Users\admin\AppData\Local\Temp\TarD4CB.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Temp\CabD4CA.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
compressed
MD5: ea8f42f93bee43a6632dbaddc84bf19a
SHA256: 7cea505e8377dfcce4155bfcc08c8bac011bd181c681c5c5545fca619b4b8f3b
3340
chrome.exe
C:\Users\admin\AppData\Local\Temp\TarD43C.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Temp\CabD43B.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Temp\TarD41B.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
der
MD5: 55540a230bdab55187a841cfe1aa1545
SHA256: d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
3340
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
binary
MD5: 6349bd48f08578603eb31faec4f31d13
SHA256: 5eb941d20d1969aad377b07c72507589327586d8606618b9eab8260dce7b26fc
3340
chrome.exe
C:\Users\admin\AppData\Local\Temp\CabD41A.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cd0e1ee0610d60a5_0
binary
MD5: 00296c552f4f4189e123247e6549b4d7
SHA256: e28e1e0738ab853a5cb8edba12776ff19ba88858d60ecb1879cb8e4aa5ca0e54
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\32a465f4178fa0b6_0
binary
MD5: 54339b94406cfb7cb48551ffd48eeabd
SHA256: 331ba1c0ab6faf0e014de1a06ea1c109a7d614a0ccef2f8799a41fee170e1f06
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\86619ff290436e70_0
binary
MD5: e5af951f9c8a56e2759926d6936af2a6
SHA256: 7e5a4283d332d5273f592adb3d3e6dc8915f887591572dd3072e838761f233d7
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\330c145e2697366e_0
binary
MD5: c58bde3656996b8affe00d2c93ca40db
SHA256: ff4d03223ff9c729ca2e8856c9a2189cd656a858cd17a86a1c67a0394ccbc8f2
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
woff2
MD5: 926c93d201fe51c8f351e858468980c3
SHA256: d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a80695687226af37_0
binary
MD5: 1503906ee409a861aebb3059909cd262
SHA256: 14238610d3fa33f49238db374431a7e7471cc21f50ae1dab4d976fde638ea8a9
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
compressed
MD5: 7c7a32771c5d22369c0d4d8dabbe96ad
SHA256: 1f86fc4ae7e0b28496e79a39cc052adbe0d4f3c5f78b9db0e7545bcf949e8c57
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9329100bffc092b2_0
binary
MD5: 730fb84f0478be36fe39a39b79eb8047
SHA256: 6210866c8b5a322d1720fea1bbb35de46dda5f89f3be3432c05401e743c9f6d1
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b26cdbb5010fea94_0
binary
MD5: d5c1e1a50a7d18d1edd4dee6415f9133
SHA256: 0877c4e26290dfd9cdd4906660e4579cac8f54975c187753bf350fc95d8d6607
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7d1cb9c4eb846797_0
binary
MD5: b517be397b085a66d823bab24840ab74
SHA256: 1fdfc6714556523cdaf02c313e85912bfefc63975b07c53bc9c062c5285574e2
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f39cbceaa67e87f7_0
binary
MD5: 976ba642323bd8cc26c693425a65cb0f
SHA256: ceb4b0e006041e7ddb00f6fe1253486573f5f7c21589c5d6a0aac0067e54ddec
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0f013af3b17d2969_0
binary
MD5: f356532691fa705e9b86b01682a6bda0
SHA256: 1754d11d5e8862b27108624d3135b42695ebe976407073542be94d62d6755ffd
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
compressed
MD5: 18dbb1364d14fa3ea82af427551c52dd
SHA256: 3a403505cdcc12765529f0c03efab0cbd5694f284b811bc290e7d82c6414f7f5
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
compressed
MD5: 9f1be8336b6b77534adc18dc24f3dde5
SHA256: e8a975eb77a90adfff78b69a75bbba131f515c8d6d6fc627b9837e7a5a5a8ef5
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
compressed
MD5: 7dc63e2699a51f3b9d44fb2b8c4a1e35
SHA256: e08e9a9e5c5df791099c51e14a4b6323b5fcb7ddef478dbc6e143540ab3819f2
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RF1ac6cc.TMP
fli
MD5: cf306cec96c4f91b379b5cbd8776205f
SHA256: 2b4ec2e9470bb52f2530f2fb71d34394b402b3ad286f8bb0372978dcf578f3bb
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
fli
MD5: cf306cec96c4f91b379b5cbd8776205f
SHA256: 2b4ec2e9470bb52f2530f2fb71d34394b402b3ad286f8bb0372978dcf578f3bb
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF1a9bb4.TMP
text
MD5: d14e48dbb94d84670370fd276b02dd6c
SHA256: caea75190e9f8b7d3259b3d421d75242b7e4925ebdc695c95478f330ce2dd18e
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: d14e48dbb94d84670370fd276b02dd6c
SHA256: caea75190e9f8b7d3259b3d421d75242b7e4925ebdc695c95478f330ce2dd18e
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\9aae0892-82bb-49e0-acaa-9dfc8fd590af.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1a9b57.TMP
text
MD5: fc7442141be9618f340e5eff3aa22335
SHA256: 0709363795f011559eda6840d11f6ef65313da091007a891ec9ae9b29763b22b
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: fc7442141be9618f340e5eff3aa22335
SHA256: 0709363795f011559eda6840d11f6ef65313da091007a891ec9ae9b29763b22b
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\4904dafd-fb40-433f-9af2-544d1df26951.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
binary
MD5: e08accb36c15b8cf257bc10aa3199e66
SHA256: ca1ac0b3934b76bec1ae3e7b76e59a5ec37c6a0f87310170a32eb8a72e60054c
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlBilling.store
binary
MD5: ebbfeaa0dd3aec4c776e76e8a3b72050
SHA256: 4d8c732fc5114a55a6c7f403ea65ba82e64691fe9f31fb26a0b356859cd6865a
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSuspiciousSite.store
binary
MD5: 8e694f347b1a65451263c1d3bce33840
SHA256: 241f74348f9e658f5017e51a291a483c412cabbcfb9858a0ff57e4a1cd85fc6c
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlBilling.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSuspiciousSite.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlUws.store
binary
MD5: 3ef2a39da72f6db0fd846c57e00c53d7
SHA256: af46a7e1d12dbe2f4ca1c61b919c5d2f0d40e979a29309dcee37adbdc6503171
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlUws.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeUrlClientIncident.store
binary
MD5: bd2a05bc63a946ea99e1de94c59059c0
SHA256: 46a9238c3152029a3371ba7b757cac42b7feb9bfbf9f196b1fdd990261065978
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeUrlClientIncident.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalware.store
binary
MD5: fde3cfad3319e8195d0fee57f5ce04a5
SHA256: 70e418714d248367b9c1d74729a9651ee4956a36fa7aee02f031db70816a286b
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalware.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSubresourceFilter.store
binary
MD5: 58f8b4e7982b6a6ce549cb812767824e
SHA256: a26926094aea5bda22adf6291ecb181af26ad186a1b7309d646be035878adb13
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSubresourceFilter.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdWhitelist.store
binary
MD5: 938658dfed2ca69450d9223deedf88f0
SHA256: 1ca89a96b63f351e8a2378a45bc4a5ac05c8b27ee443ed6074d3c73025825c20
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdWhitelist.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdDownloadWhitelist.store
binary
MD5: 46717e658eab1b27369520c411e798dd
SHA256: dd07218a8f0b27c1e3e57b8fc517ff68e34f1c87e6ab8ca686c4730cdcda6c93
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdDownloadWhitelist.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeExtMalware.store
binary
MD5: 27cb22971b212eb28724a7a5bfe4943c
SHA256: 58d14fe1d179da3421758c585bbbc192689e2407d3a12202a6329e7eee8a07c5
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeExtMalware.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSoceng.store
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSoceng.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalBin.store
binary
MD5: 02a325a8c23533453b398cb81277d979
SHA256: 1aae7d3253db97402159b9b6bb0a48d2e92005c5db132be1e791a322c3df9830
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalBin.store_new
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\CertCsdDownloadWhitelist.store
binary
MD5: da00f5f8a1e4bdb532342a9f0ab950a3
SHA256: 48efa99cdf638eb242b760569e6dbf15c0d0c78d6fa1e4e64ea15543d6bbca5a
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\IpMalware.store
binary
MD5: 43424ec9a25f29f141319f796f26ce91
SHA256: 2906a981195b60d9d011e0447981e7f9082c2b2089517e81f42b380f5c9248d8
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\CertCsdDownloadWhitelist.store_new
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State
text
MD5: a365cfacceb09a5d817fa3e49dd1ccda
SHA256: 09c08e140affe2f0147b39e441824c021140107653ede9ceecf9e0f56cda7d9b
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics-spare.pma
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF194404.TMP
text
MD5: 00cb9ad61fae8108c095b42c2387a2f8
SHA256: 3e3160c1d23c98d778ccf1c176a6030c5b56f4377e43631134f2afbaefc08e9a
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\07660571-b2f3-475e-be17-2ac9f9dea600.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State
text
MD5: 1930b53221344af1e38c46d199d21623
SHA256: 27087bc0d9181b6c09eea32e5f99bd546cd4301e2e93c2e9959171a1a6329258
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State~RF1918ce.TMP
text
MD5: 1930b53221344af1e38c46d199d21623
SHA256: 27087bc0d9181b6c09eea32e5f99bd546cd4301e2e93c2e9959171a1a6329258
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\3c2fcd9f-2fee-4785-ae01-f962097b4861.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF190630.TMP
text
MD5: 00cb9ad61fae8108c095b42c2387a2f8
SHA256: 3e3160c1d23c98d778ccf1c176a6030c5b56f4377e43631134f2afbaefc08e9a
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 00cb9ad61fae8108c095b42c2387a2f8
SHA256: 3e3160c1d23c98d778ccf1c176a6030c5b56f4377e43631134f2afbaefc08e9a
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\d5f4134e-5391-4cdd-862f-1c303ca4d3bb.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1904e8.TMP
text
MD5: abb587b1a16f9c95e846c95afe4d3f8b
SHA256: 7e9e603311fe0f9e7589518316b5341c9a4f021a2fd89aebdd4a7afe32aef4d3
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: abb587b1a16f9c95e846c95afe4d3f8b
SHA256: 7e9e603311fe0f9e7589518316b5341c9a4f021a2fd89aebdd4a7afe32aef4d3
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\19ee3474-2892-4e27-a6da-01291b6bdb7f.tmp
––
MD5:  ––
SHA256:  ––
3952
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012019071820190719\index.dat
dat
MD5: 8ad56e1d5060d598486f8ba94a02de90
SHA256: bb1ab687e69ef071fd8fdfc53a893cc003d8439b0d05decbd9a24c84505fcb3e
3952
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\KFOmCnqEu92Fr1Mu4mxO[1].eot
eot
MD5: 4be1a572fca40bcb2202504cb17aed91
SHA256: 64d06eeb18abad7d4ef1b1ef7409cf108bd4774c50a64e2c7b49ffb708ff24f4
3952
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGRR2OYX\api_client[1].js
html
MD5: 505892d465fffd9361133d13e1f93125
SHA256: e2735f52a19450f768a712eca96c5f1dae2e5959f78f8c2d53cdd7258a6386f1
3952
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
text
MD5: d337aa89f6d53674e28ed174bfcf6aa0
SHA256: 45714595709fd0096cc67c905654606a363f7439a6d19ac58369bcb779f39a97
3952
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\css[1].txt
text
MD5: 9d884a8d52acac785d18e4adc5fb42a9
SHA256: f05b8631b23eb9eba46207a49e22c97e4226aa66d0dd0248d127a9aa22531fb1
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 309fd9335277c20bb0b1cc400398f634
SHA256: 29b62c8ba079adaaeb21ebbc746dcaf89ecdccc49c562efbcf45fdda437f4a22
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF18b6d7.TMP
text
MD5: 309fd9335277c20bb0b1cc400398f634
SHA256: 29b62c8ba079adaaeb21ebbc746dcaf89ecdccc49c562efbcf45fdda437f4a22
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\729fd402-af11-4e0a-853e-76b492658fd2.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF188fd7.TMP
text
MD5: ea8fcdd08034f4c70f6c40d17dbcb93c
SHA256: 544d04d40970cc04d814774eabb0335e75720692ac87371cadbbcadb5ddab6e2
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: ea8fcdd08034f4c70f6c40d17dbcb93c
SHA256: 544d04d40970cc04d814774eabb0335e75720692ac87371cadbbcadb5ddab6e2
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\e2eeb565-2480-4bd3-b8a5-278017571499.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF186acb.TMP
text
MD5: 7c69d9fc8bfe069b0850d0ad3bbf8c97
SHA256: 79b102e8d8841e1736c99e210d71078d73e99ae397a98de13cf39623658b3717
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 7c69d9fc8bfe069b0850d0ad3bbf8c97
SHA256: 79b102e8d8841e1736c99e210d71078d73e99ae397a98de13cf39623658b3717
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\f6e0b805-a5e7-4b14-b6ec-a5b4ffa9bab9.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1857df.TMP
text
MD5: da6609c2d51a457a5a970833f6b9b8d5
SHA256: 422cac4902c7ce2bcfa5405af51058caa25c656b09f31b8063500d5e048a4453
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: da6609c2d51a457a5a970833f6b9b8d5
SHA256: 422cac4902c7ce2bcfa5405af51058caa25c656b09f31b8063500d5e048a4453
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\b3b6a7f7-3710-4213-959b-462e5bc648f6.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
binary
MD5: 70c1d76bdd7009c7b3f2c5487dd27289
SHA256: 472690e261718c7cc3af0c76c91e348534356eb25ba3ee9930bd7b028396e870
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RF185714.TMP
binary
MD5: 70c1d76bdd7009c7b3f2c5487dd27289
SHA256: 472690e261718c7cc3af0c76c91e348534356eb25ba3ee9930bd7b028396e870
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
text
MD5: 0a99652089ab6b67e45eea79385a537f
SHA256: 38271b5ee40fc0fdcea209e14323a4f9cf5352c6fdbb10660678be8f0e493728
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences~RF182805.TMP
text
MD5: 0a99652089ab6b67e45eea79385a537f
SHA256: 38271b5ee40fc0fdcea209e14323a4f9cf5352c6fdbb10660678be8f0e493728
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\b83ce96a-da9d-4c11-bbc4-a7b704cde903.tmp
––
MD5:  ––
SHA256:  ––
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: e6fcfc4b889a3a03a15c425bce8b4a62
SHA256: 0d8ed41ca9aefb474f00e5ce1b383d112699331fcd5378aae227b5f4c02cea82
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF182239.TMP
text
MD5: e6fcfc4b889a3a03a15c425bce8b4a62
SHA256: 0d8ed41ca9aefb474f00e5ce1b383d112699331fcd5378aae227b5f4c02cea82
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\9dcbe869-c7dd-4442-9365-890f2135eaf0.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF181a0b.TMP
text
MD5: 95b281400e0886eb3d5547858ba1d0ca
SHA256: 41c655abe90444002a7ebf1e532a619e4e884f429c77f4309e43d18c22305efb
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 95b281400e0886eb3d5547858ba1d0ca
SHA256: 41c655abe90444002a7ebf1e532a619e4e884f429c77f4309e43d18c22305efb
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\451f6587-4c1b-49b3-bb87-e9ccf7d850c1.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 992658e0cb4ac1a4637684b1deb8e988
SHA256: 0379bc53c6e525bdb3ebdfcf4b55a6dec3589ee132f1ad58154bd7082f77258a
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1817f8.TMP
text
MD5: 992658e0cb4ac1a4637684b1deb8e988
SHA256: 0379bc53c6e525bdb3ebdfcf4b55a6dec3589ee132f1ad58154bd7082f77258a
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\5262324b-6dc4-4d4b-b2c6-b6e6533cbb3e.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee18c807552d0e70_0
binary
MD5: 688a5faa82a4a8266cc46c796028adba
SHA256: f4ac2897b661f8863b3972de424c0f8cf4f5841a4e346cb2ed679ae413c20c90
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e19d7724be7614c4_0
binary
MD5: 59757ea0fd8d091d056ff06159e435bb
SHA256: bf74a738d28389b8c404b411626c84e5ceeec90b85cc2897aff36b41d41964f2
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
binary
MD5: 203b636e8e8cc9c67f652f22017d3e04
SHA256: 116f9cff1d6805dc3821214f20b8f56eb81f80ff3ded109712d0fd5c8ddd533b
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee18c807552d0e70_0
binary
MD5: 13df1ea4e7fa5ea0b3f500030d80f2c4
SHA256: e78a2fe0f6e26baf9f7b08891d9f8d38bd7d89501497d21d4e17259596cdffb9
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
compressed
MD5: 8a635fbd2a8abaa5f588b7d56da22b37
SHA256: ef145f6494b0730b2d203562b6413ab941e15b1d1385aec2599f74030f425639
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old
text
MD5: 97aa7678fb9d338d08c371711b54a104
SHA256: 4657635b66fa68ae1550b7bff4e54016f8874b4df43a004c9a7244c8465c6ca8
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e19d7724be7614c4_0
binary
MD5: db19a52cd0caf4979f041ac524acdf59
SHA256: 03b9c816547a51414493f70dea30f3e9365b7fdbf6047477e6deea1e10ca696f
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
compressed
MD5: 1582e1199a091e74a1bc473831fd0bf7
SHA256: 4bbe7c58c6042327cae75826d04a2ee621dcb075eead3e01c1332b5cedd82810
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Session
binary
MD5: 92eb31d830454841999ecdb4a714d301
SHA256: 63f01870e03b0329f3ae859435ef5610661a45085390af36275ae7d6808c8ffb
3340
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001
binary
MD5: 716b62e5687061863e47319bc29b2fd7
SHA256: 12973357b04dce77f94a73cbb4216f92d4e20a5aaa0b715a4ecdb164758b6444
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: 1276f7de036cb69ffbc104fa79f1d060
SHA256: 3044aa641bd2fed097ee25a5ad052d276eea8ec75a807a244102d75af9ac94f1
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF17fada.TMP
text
MD5: 1276f7de036cb69ffbc104fa79f1d060
SHA256: 3044aa641bd2fed097ee25a5ad052d276eea8ec75a807a244102d75af9ac94f1
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF17fa5d.TMP
text
MD5: 370df9c4af340d044e2946d87d515fd8
SHA256: f4761a6412fee517fddf04004ddcb13b935994fba8550318534705c979a29343
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 370df9c4af340d044e2946d87d515fd8
SHA256: f4761a6412fee517fddf04004ddcb13b935994fba8550318534705c979a29343
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
binary
MD5: f50f89a0a91564d0b8a211f8921aa7de
SHA256: b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
binary
MD5: 891a884b9fa2bff4519f5f56d2a25d62
SHA256: e2610960c3757d1757f206c7b84378efa22d86dcf161a98096a5f0e56e1a367e
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
text
MD5: 8afb4322ff52a635765618404d4c4692
SHA256: b80a43651cbc2a5142edaad0f01873b449a8636303d86669502f5e6ff0eb17ce
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG.old
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old
text
MD5: 722d616be0caaf9ed585c9aea7f3742c
SHA256: f86c514fa380332be463670b3b334c8feedc2f6cb9b4118ea367729b056de0fb
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old
text
MD5: 911b244e4a362b56f2478647d2d61a40
SHA256: 3a5aec1ea537d8841e604d0aa4cd5f9241c805a3d4eb4e372cfb7eeb3678a361
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old~RF17f443.TMP
text
MD5: 454106ccf080f3e3795c229fc73350d4
SHA256: 9974dc611be9e20bdfa7b8d939cb913ad23859dea5f52ebb8d10cead9ab5b4fa
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old
text
MD5: 454106ccf080f3e3795c229fc73350d4
SHA256: 9974dc611be9e20bdfa7b8d939cb913ad23859dea5f52ebb8d10cead9ab5b4fa
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old
text
MD5: 0acecca4cf9ade756da7cc9dcdf02d50
SHA256: 18f910775132b4fee014ea0fab836d857f367e76232fab4ae6a86a92e4c3ebee
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: a874f3e3462932a0c15ed8f780124fc5
SHA256: 01bd196d6a114691ec642082ebf6591765c0168d4098a0cd834869bd11c8b87d
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF17f3d6.TMP
text
MD5: a874f3e3462932a0c15ed8f780124fc5
SHA256: 01bd196d6a114691ec642082ebf6591765c0168d4098a0cd834869bd11c8b87d
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000020.dbtmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old~RF17f3a7.TMP
text
MD5: 3d551b6e929cf62f7aa66091e718704b
SHA256: 1698a1b1bc3e86676392fb8bd4c712438302a5a2220503c08f290ed4b1790404
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old
text
MD5: 3d551b6e929cf62f7aa66091e718704b
SHA256: 1698a1b1bc3e86676392fb8bd4c712438302a5a2220503c08f290ed4b1790404
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
binary
MD5: 0686d6159557e1162d04c44240103333
SHA256: 3303d5eed881951b0bb52cf1c6bfa758770034d0120c197f9f7a3520b92a86fb
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\2be1ecf6-50c4-471a-b66e-546408d83ef4.tmp
––
MD5:  ––
SHA256:  ––
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old
text
MD5: a519780ed0a2f4336db4f5651d79c369
SHA256: da5b71bd0075b55757bf757bf5f4d4a1dcbcf0762cda5b31b28680963e068c75
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old~RF17f378.TMP
text
MD5: a519780ed0a2f4336db4f5651d79c369
SHA256: da5b71bd0075b55757bf757bf5f4d4a1dcbcf0762cda5b31b28680963e068c75
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: 213ae3da120d7862d60b5763b6c9d466
SHA256: 5736534d6ee654c1bf1a8e79e73330af58f622e8657285330d2c7189a55604f4
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF17f359.TMP
text
MD5: 213ae3da120d7862d60b5763b6c9d466
SHA256: 5736534d6ee654c1bf1a8e79e73330af58f622e8657285330d2c7189a55604f4
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old
text
MD5: c4d6cbb269c626168a5d6d0d8cce6c30
SHA256: b62cdbb758278a0c2e50593357390119441d8de09428eb29027f3dfd1332e348
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF17f339.TMP
text
MD5: dc32343f45b01764b6267ad36548102a
SHA256: a250f5ad57d4bd58aae92810d50278e3be2dbf869f126a3a3519691bcdfc2075
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: dc32343f45b01764b6267ad36548102a
SHA256: a250f5ad57d4bd58aae92810d50278e3be2dbf869f126a3a3519691bcdfc2075
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old~RF17f339.TMP
text
MD5: c4d6cbb269c626168a5d6d0d8cce6c30
SHA256: b62cdbb758278a0c2e50593357390119441d8de09428eb29027f3dfd1332e348
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: 1a89a1bebe6c843c4ff582e7ed33ca1f
SHA256: 65099ca087b66aa8ca420ab121daad713e1db5a61c5a574d9b1c0df24f012520
2100
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: b59113c2dcd2d346f31a64f231162ada
SHA256: 1d97c69aea85d3b06787458ea47576b192ce5c5db9940e5eaa514ff977ce2dc2
3276
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c016064a1f864c8140915d77cf3389a
SHA256: 0e7265d4a8c16223538edd8cd620b8820611c74538e420a88e333be7f62ac787
2628
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
––
MD5:  ––
SHA256:  ––
2628
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGRR2OYX\favicon[1].png
image
MD5: 9fb559a691078558e77d6848202f6541
SHA256: 6d8a01dc7647bc218d003b58fe04049e24a9359900b7e0cebae76edf85b8b914
2628
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGRR2OYX\favicon[1].ico
––
MD5:  ––
SHA256:  ––
2628
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini
ini
MD5: 4a3deb274bb5f0212c2419d3d8d08612
SHA256: 2842973d15a14323e08598be1dfb87e54bf88a76be8c7bc94c56b079446edf38

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
4
TCP/UDP connections
95
DNS requests
49
Threats
4

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2628 iexplore.exe GET 200 13.107.21.200:80 http://www.bing.com/favicon.ico US
image
whitelisted
3340 chrome.exe GET –– 172.217.23.174:80 http://redirector.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvOWVmQUFXS041NV9ZVXlJVWwxbGc5TUM4dw/7519.422.0.3_pkedcjkdefgpdelpbcmbmeomcjbeemfm.crx US
––
––
whitelisted
3340 chrome.exe GET 200 52.85.188.163:80 http://x.ss2.us/x.cer US
der
whitelisted
3340 chrome.exe GET 200 93.184.221.240:80 http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab US
compressed
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
–– –– 216.58.207.74:445 Google Inc. US whitelisted
2628 iexplore.exe 13.107.21.200:80 Microsoft Corporation US whitelisted
–– –– 216.58.207.74:139 Google Inc. US whitelisted
3340 chrome.exe 172.217.18.3:443 Google Inc. US whitelisted
3340 chrome.exe 172.217.21.205:443 Google Inc. US whitelisted
3340 chrome.exe 172.217.18.99:443 Google Inc. US whitelisted
3340 chrome.exe 216.58.207.74:443 Google Inc. US whitelisted
3340 chrome.exe 172.217.18.163:443 Google Inc. US whitelisted
3340 chrome.exe 216.58.207.67:443 Google Inc. US whitelisted
3340 chrome.exe 172.217.22.14:443 Google Inc. US whitelisted
3340 chrome.exe 216.58.205.238:443 Google Inc. US whitelisted
3340 chrome.exe 172.217.16.161:443 Google Inc. US whitelisted
3340 chrome.exe 172.217.23.132:443 Google Inc. US whitelisted
3340 chrome.exe 216.58.206.3:443 Google Inc. US whitelisted
3340 chrome.exe 172.217.22.3:443 Google Inc. US whitelisted
3340 chrome.exe 104.17.190.107:443 Cloudflare Inc US unknown
3952 iexplore.exe 54.230.93.85:443 Amazon.com, Inc. US unknown
–– –– 172.217.23.174:80 Google Inc. US whitelisted
–– –– 54.230.93.151:443 Amazon.com, Inc. US unknown
3952 iexplore.exe 54.230.93.151:443 Amazon.com, Inc. US unknown
3952 iexplore.exe 216.58.207.74:443 Google Inc. US whitelisted
3952 iexplore.exe 172.217.22.14:443 Google Inc. US whitelisted
3952 iexplore.exe 99.84.8.21:443 AT&T Services, Inc. US unknown
3952 iexplore.exe 216.58.207.67:443 Google Inc. US whitelisted
–– –– 54.230.93.172:443 Amazon.com, Inc. US unknown
3340 chrome.exe 172.217.16.174:443 Google Inc. US whitelisted
3340 chrome.exe 172.217.22.106:443 Google Inc. US whitelisted
3340 chrome.exe 54.230.93.151:443 Amazon.com, Inc. US unknown
3340 chrome.exe 99.84.8.21:443 AT&T Services, Inc. US unknown
3340 chrome.exe 54.230.93.172:443 Amazon.com, Inc. US unknown
3340 chrome.exe 52.85.188.169:443 Amazon.com, Inc. US unknown
3340 chrome.exe 151.101.2.110:443 Fastly US suspicious
3340 chrome.exe 104.18.72.113:443 Cloudflare Inc US shared
3340 chrome.exe 54.82.156.213:443 Amazon.com, Inc. US unknown
3340 chrome.exe 162.247.242.18:443 New Relic US whitelisted
3340 chrome.exe 104.18.73.113:443 Cloudflare Inc US shared
3340 chrome.exe 52.85.188.163:80 Amazon.com, Inc. US unknown
3340 chrome.exe 93.184.221.240:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3340 chrome.exe 216.239.38.21:443 Google Inc. US whitelisted
3340 chrome.exe 104.16.54.111:443 Cloudflare Inc US shared
3340 chrome.exe 52.200.235.169:443 Amazon.com, Inc. US unknown
3340 chrome.exe 54.229.131.110:443 Amazon.com, Inc. IE unknown

DNS requests

Domain IP Reputation
fonts.googleapis.com 216.58.207.74
whitelisted
www.bing.com 13.107.21.200
204.79.197.200
whitelisted
clientservices.googleapis.com 172.217.18.3
whitelisted
accounts.google.com 172.217.21.205
shared
www.google.com.ua 172.217.18.99
whitelisted
www.gstatic.com 172.217.18.163
whitelisted
fonts.gstatic.com 216.58.207.67
whitelisted
apis.google.com 172.217.22.14
whitelisted
clients2.google.com 216.58.205.238
whitelisted
clients2.googleusercontent.com 172.217.16.161
whitelisted
www.google.com 172.217.23.132
whitelisted
www.google.nl 216.58.206.3
whitelisted
ssl.gstatic.com 172.217.22.3
whitelisted
dl.monday.com 104.17.190.107
104.17.189.107
unknown
cdn2.monday.com 54.230.93.85
54.230.93.151
54.230.93.20
54.230.93.117
whitelisted
pnim.monday.com 104.17.190.107
104.17.189.107
unknown
redirector.gvt1.com 172.217.23.174
whitelisted
dns.msftncsi.com 131.107.255.255
whitelisted
monday.com 99.84.8.21
99.84.8.119
99.84.8.84
99.84.8.68
whitelisted
files.monday.com 54.230.93.172
54.230.93.149
54.230.93.117
54.230.93.7
whitelisted
clients1.google.com 172.217.16.174
whitelisted
safebrowsing.googleapis.com 172.217.22.106
whitelisted
d18vk66ftlazd2.cloudfront.net 52.85.188.169
52.85.188.143
52.85.188.170
52.85.188.191
whitelisted
data.bigbrain.me 54.82.156.213
52.22.237.199
34.202.204.36
unknown
js-agent.newrelic.com 151.101.2.110
151.101.66.110
151.101.130.110
151.101.194.110
whitelisted
static.zdassets.com 104.18.72.113
104.18.73.113
104.18.70.113
104.18.74.113
104.18.71.113
whitelisted
bam.nr-data.net 162.247.242.18
162.247.242.20
162.247.242.21
162.247.242.19
whitelisted
ekr.zdassets.com 104.18.73.113
104.18.70.113
104.18.74.113
104.18.72.113
104.18.71.113
whitelisted
x.ss2.us 52.85.188.163
52.85.188.132
52.85.188.91
52.85.188.124
whitelisted
www.download.windowsupdate.com 93.184.221.240
whitelisted
track.bigbrain.me 52.200.235.169
54.175.246.139
54.198.145.52
unknown
ipinfo.io 216.239.38.21
216.239.36.21
216.239.34.21
216.239.32.21
shared
monday.zendesk.com 104.16.54.111
104.16.51.111
104.16.52.111
104.16.53.111
104.16.55.111
unknown
widget-mediator.zopim.com 54.229.131.110
52.51.161.36
52.215.41.111
54.154.128.160
34.249.137.26
54.76.202.109
unknown
clients4.google.com 216.58.205.238
whitelisted

Threats

PID Process Class Message
3340 chrome.exe A Network Trojan was detected ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)
3340 chrome.exe Potential Corporate Privacy Violation ET POLICY Possible External IP Lookup SSL Cert Observed (ipinfo.io)
3340 chrome.exe A Network Trojan was detected ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)
3340 chrome.exe Potential Corporate Privacy Violation ET POLICY Possible External IP Lookup SSL Cert Observed (ipinfo.io)

Debug output strings

No debug info.