General Info

URL

https://sourceforge.net/projects/npp-compare/

Full analysis
https://app.any.run/tasks/ef65f699-727c-40fc-8ff4-7a865f87cc75
Verdict
Malicious activity
Analysis date
3/14/2019, 14:26:36
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (68.0.3440.106)
  • Google Update Helper (1.3.33.17)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 61.0.2 (x86 en-US) (61.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Loads dropped or rewritten executable
  • SearchProtocolHost.exe (PID: 1040)
Executable content was dropped or overwritten
  • WinRAR.exe (PID: 4064)
Application launched itself
  • chrome.exe (PID: 3336)
Reads Internet Cache Settings
  • chrome.exe (PID: 3336)
Changes settings of System certificates
  • chrome.exe (PID: 3336)
Reads settings of System Certificates
  • chrome.exe (PID: 3336)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
42
Monitored processes
13
Malicious processes
1
Suspicious processes
0

Behavior graph

+
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs winrar.exe no specs winrar.exe chrome.exe no specs searchprotocolhost.exe no specs rundll32.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
1040
CMD
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
Path
C:\Windows\System32\SearchProtocolHost.exe
Indicators
No indicators
Parent process
––
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
Microsoft Corporation
Description
Microsoft Windows Search Protocol Host
Version
7.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\searchprotocolhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\tquery.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\msshooks.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\msidle.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\mssph.dll
c:\windows\system32\mapi32.dll
c:\windows\system32\authz.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\propsys.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\profapi.dll
c:\windows\system32\version.dll
c:\users\admin\desktop\compareplugin.dll

PID
3336
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://sourceforge.net/projects/npp-compare/
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\credui.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\audioses.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wpc.dll
c:\windows\system32\samlib.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\winsta.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\credssp.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\mssprxy.dll
c:\program files\winrar\winrar.exe
c:\windows\system32\shdocvw.dll
c:\windows\system32\winshfhc.dll
c:\windows\system32\wdscore.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sxs.dll
c:\windows\system32\actxprxy.dll
c:\program files\internet explorer\ieproxy.dll

PID
1812
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x78,0x7c,0x80,0x74,0x84,0x6f5b00b0,0x6f5b00c0,0x6f5b00cc
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
3344
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3340 --on-initialized-event-handle=304 --parent-handle=308 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_watcher.dll

PID
2404
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=876,242606157672125368,8062065844879851193,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=D24AAD625AB16B6FA0E38663173B429A --mojo-platform-channel-handle=968 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\68.0.3440.106\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libegl.dll

PID
3008
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=876,242606157672125368,8062065844879851193,131072 --enable-features=PasswordImport --service-pipe-token=7D54F1FD2EBDA03F550594F9872F4BC4 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7D54F1FD2EBDA03F550594F9872F4BC4 --renderer-client-id=4 --mojo-platform-channel-handle=1896 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3548
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=876,242606157672125368,8062065844879851193,131072 --enable-features=PasswordImport --service-pipe-token=17B6551D34E6DD072F91D6ADBA1871ED --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17B6551D34E6DD072F91D6ADBA1871ED --renderer-client-id=3 --mojo-platform-channel-handle=2128 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2340
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=876,242606157672125368,8062065844879851193,131072 --enable-features=PasswordImport --disable-gpu-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=FCE71EEEC1B4B62DA685701DDE69665B --mojo-platform-channel-handle=3024 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\crypt32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\68.0.3440.106\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libegl.dll

PID
3528
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=876,242606157672125368,8062065844879851193,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=67D0798FF0B12BF72AE0B3344DA63977 --mojo-platform-channel-handle=4112 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2248
CMD
"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\Downloads\ComparePlugin.v1.5.6.2.bin.zip"
Path
C:\Program Files\WinRAR\WinRAR.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Alexander Roshal
Description
WinRAR archiver
Version
5.60.0
Modules
Image
c:\program files\winrar\winrar.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\uxtheme.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\riched20.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\mpr.dll
c:\windows\system32\drprov.dll
c:\windows\system32\winsta.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\davhlpr.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\netutils.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\winmm.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\audiodev.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\wmasf.dll
c:\windows\system32\ehstorapi.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\profapi.dll

PID
4064
CMD
"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\Downloads\ComparePlugin.v1.5.6.2.bin.zip"
Path
C:\Program Files\WinRAR\WinRAR.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Alexander Roshal
Description
WinRAR archiver
Version
5.60.0
Modules
Image
c:\program files\winrar\winrar.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\uxtheme.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\riched20.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\mpr.dll
c:\windows\system32\drprov.dll
c:\windows\system32\winsta.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\davhlpr.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\netutils.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\winmm.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\audiodev.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\wmasf.dll
c:\windows\system32\ehstorapi.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\profapi.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll

PID
3636
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=876,242606157672125368,8062065844879851193,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=11F6D94CFFC3C1683EF2EE6CBE33E353 --mojo-platform-channel-handle=4352 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\zipfldr.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\syncui.dll
c:\windows\system32\synceng.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll

PID
2056
CMD
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\Desktop\ComparePlugin.dll
Path
C:\Windows\system32\rundll32.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Windows host process (Rundll32)
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\rundll32.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\propsys.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll

Registry activity

Total events
1478
Read events
1387
Write events
90
Delete events
1

Modification events

PID
Process
Operation
Key
Name
Value
3336
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
3336
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
3336
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
3336
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
3336
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
3336
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13197043618176000
3336
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA\Certificates\1FB86B1168EC743154062E8C9CC5B171A4B7CCB4
Blob
0300000001000000140000001FB86B1168EC743154062E8C9CC5B171A4B7CCB41400000001000000140000000F80611C823161D52F28E78D4638B42CE1C6D9E2040000000100000010000000345EFF15B7A49ADD451B65A7F4BDC6AE0F000000010000002000000010D93C9864A521F3065CC3A522509C2AFABB01581CAD9C6D8E89FDD75F9EA747190000000100000010000000E476DC02F1CECF7E6C1E756CD803F6261800000001000000100000000F3A0527D242DE2DC98E5CFCB1E991EE4B0000000100000044000000370034003200330046003800380043003700460032003600350046003000440045004600430030003800450041003800380043003300420044004500340035005F000000200000000100000098040000308204943082037CA003020102021001FDA3EB6ECA75C888438B724BCFBC91300D06092A864886F70D01010B05003061310B300906035504061302555331153013060355040A130C446967694365727420496E6331193017060355040B13107777772E64696769636572742E636F6D3120301E06035504031317446967694365727420476C6F62616C20526F6F74204341301E170D3133303330383132303030305A170D3233303330383132303030305A304D310B300906035504061302555331153013060355040A130C446967694365727420496E63312730250603550403131E44696769436572742053484132205365637572652053657276657220434130820122300D06092A864886F70D01010105000382010F003082010A0282010100DCAE58904DC1C4301590355B6E3C8215F52C5CBDE3DBFF7143FA642580D4EE18A24DF066D00A736E1198361764AF379DFDFA4184AFC7AF8CFE1A734DCF339790A2968753832BB9A675482D1D56377BDA31321AD7ACAB06F4AA5D4BB74746DD2A93C3902E798080EF13046A143BB59B92BEC207654EFCDAFCFF7AAEDC5C7E55310CE83907A4D7BE2FD30B6AD2B1DF5FFE5774533B3580DDAE8E4498B39F0ED3DAE0D7F46B29AB44A74B58846D924B81C3DA738B129748900445751ADD37319792E8CD540D3BE4C13F395E2EB8F35C7E108E8641008D456647B0A165CEA0AA29094EF397EBE82EAB0F72A7300EFAC7F4FD1477C3A45B2857C2B3F982FDB745589B0203010001A382015A3082015630120603551D130101FF040830060101FF020100300E0603551D0F0101FF040403020186303406082B0601050507010104283026302406082B060105050730018618687474703A2F2F6F6373702E64696769636572742E636F6D307B0603551D1F047430723037A035A0338631687474703A2F2F63726C332E64696769636572742E636F6D2F4469676943657274476C6F62616C526F6F7443412E63726C3037A035A0338631687474703A2F2F63726C342E64696769636572742E636F6D2F4469676943657274476C6F62616C526F6F7443412E63726C303D0603551D200436303430320604551D2000302A302806082B06010505070201161C68747470733A2F2F7777772E64696769636572742E636F6D2F435053301D0603551D0E041604140F80611C823161D52F28E78D4638B42CE1C6D9E2301F0603551D2304183016801403DE503556D14CBB66F0A3E21B1BC397B23DD155300D06092A864886F70D01010B05000382010100233EDF4BD23142A5B67E425C1A44CC69D168B45D4BE004216C4BE26DCCB1E0978FA65309CDAA2A65E5394F1E83A56E5C98A22426E6FBA1ED93C72E02C64D4ABFB042DF78DAB3A8F96DFF21855336604C76CEEC38DCD65180F0C5D6E5D44D2764AB9BC73E71FB4897B8336DC91307EE96A21B1815F65C4C40EDB3C2ECFF71C1E347FFD4B900B43742DA20C9EA6E8AEE1406AE7DA2599888A81B6F2DF4F2C9145F26CF2C8D7EED37C0A9D539B982BF190CEA34AF002168F8AD73E2C932DA38250B55D39A1DF06886ED2E4134EF7CA5501DBF3AF9D3C1080CE6ED1E8A5825E4B877AD2D6EF552DDB4748FAB492E9D3B9334281F78CE94EAC7BDD3C96D1CDE5C32F3
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000069000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
3336
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
1C00000001000000E307030004000E000D001B0012004A0300000000
3344
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3336-13197043616254125
259
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
ShellExtBMP
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
ShellExtIcon
2248
WinRAR.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
0
C:\Users\admin\Downloads\ComparePlugin.v1.5.6.2.bin.zip
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
name
120
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
size
80
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
type
120
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
mtime
100
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\MainWin
Placement
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF42000000420000000204000037020000
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General
LastFolder
C:\Users\admin\Downloads
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
name
120
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
size
80
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
psize
80
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
type
120
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
mtime
100
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
crc
70
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General\Toolbar\Layout
Band56_0
38000000730100000402000000000000D4D0C800000000000000000000000000800103000000000039000000B40200000000000001000000
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General\Toolbar\Layout
Band56_1
38000000730100000500000000000000D4D0C800000000000000000000000000E401010000000000160000002A0000000000000002000000
2248
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General\Toolbar\Layout
Band56_2
38000000730100000400000000000000D4D0C800000000000000000000000000CE0101000000000016000000640000000000000003000000
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
ShellExtBMP
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
ShellExtIcon
4064
WinRAR.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
0
C:\Users\admin\Downloads\ComparePlugin.v1.5.6.2.bin.zip
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
name
120
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
size
80
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
type
120
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
mtime
100
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\DialogEditHistory\ExtrPath
0
C:\Users\admin\Desktop
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\Interface\MainWin
Placement
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF42000000420000000204000037020000
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General
LastFolder
C:\Users\admin\Downloads
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
name
120
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
size
80
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
psize
80
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
type
120
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
mtime
100
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnWidths
crc
70
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General\Toolbar\Layout
Band56_0
38000000730100000402000000000000D4D0C800000000000000000000000000560201000000000039000000B40200000000000001000000
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General\Toolbar\Layout
Band56_1
38000000730100000500000000000000D4D0C8000000000000000000000000005802010000000000160000002A0000000000000002000000
4064
WinRAR.exe
write
HKEY_CURRENT_USER\Software\WinRAR\General\Toolbar\Layout
Band56_2
38000000730100000400000000000000D4D0C800000000000000000000000000FE0101000000000016000000640000000000000003000000
3636
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US

Files activity

Executable files
1
Suspicious files
75
Text files
70
Unknown types
12

Dropped files

PID
Process
Filename
Type
4064
WinRAR.exe
C:\Users\admin\Desktop\ComparePlugin.dll
executable
MD5: a5d5673b4aff3149826977bd5d84b35d
SHA256: 8195d36bf1f4154fc80209b925ae7e3f4c6f45341383bde40dbacf20635211f1
1812
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: b59113c2dcd2d346f31a64f231162ada
SHA256: 1d97c69aea85d3b06787458ea47576b192ce5c5db9940e5eaa514ff977ce2dc2
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\3c762d9e-e5e7-4ec1-923b-f13351e0d846.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 2d21d10c7e90f310f776fb239d7cb6b3
SHA256: 2c3bd241671d902f15fd431974be04378cf934f9089b587e1d0ecb07aa6dd609
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 6f7b3f5a96f2f8e5e0bcb8502b1bfb8b
SHA256: a8a2f1a858123577e2652b24bc33dd165009fa71b3d2940b083425397d9c2392
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1a16e4.TMP
text
MD5: 6f7b3f5a96f2f8e5e0bcb8502b1bfb8b
SHA256: a8a2f1a858123577e2652b24bc33dd165009fa71b3d2940b083425397d9c2392
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\ccdb0359-2ca7-44a3-b31e-0d4add7df349.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: bd88cbf7fed45c411d929684c639dd8f
SHA256: 80efa10d2cc9c665e752d291cb4e7c46036d66689a1d1e980b88b41b879bf248
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF19e5c2.TMP
text
MD5: bd88cbf7fed45c411d929684c639dd8f
SHA256: 80efa10d2cc9c665e752d291cb4e7c46036d66689a1d1e980b88b41b879bf248
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\f920affc-53b7-4120-b7b2-ff6f848061ab.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF19e2d4.TMP
text
MD5: fd541e3a463b661179296802b4a4c2c6
SHA256: ae4133708935baf9a5c01f095cedad41ffba7f9cde69bf78e1c3d282d4e2da9a
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: fd541e3a463b661179296802b4a4c2c6
SHA256: ae4133708935baf9a5c01f095cedad41ffba7f9cde69bf78e1c3d282d4e2da9a
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\ffe5df81-ccfb-4b99-bf4b-19e47814b459.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF19e015.TMP
text
MD5: ca44aa888563d4b5396bf6c120cdb555
SHA256: 42f7fd71e7d14a7b0059677b578303bb988403871fe79b1f9a0e50672d4126ce
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: ca44aa888563d4b5396bf6c120cdb555
SHA256: 42f7fd71e7d14a7b0059677b578303bb988403871fe79b1f9a0e50672d4126ce
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\08b42c41-0eed-457d-afde-6ee66a3e4d0b.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF19d8b3.TMP
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata
flc
MD5: de04cfc0c81b88a4d62349527c694175
SHA256: f95ca4e5c3db76acd527d2ec349b14c05117a78ac7991612c6c38c39a526aac4
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\ead639ae-2dae-4641-a9c4-7316de0bbd91.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\21341c91-da48-4a31-99d4-9571b623d5eb.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\Downloads\ComparePlugin.v1.5.6.2.bin.zip:Zone.Identifier
text
MD5: fbccf14d504b7b2dbcb5a5bda75bd93b
SHA256: eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
3336
chrome.exe
C:\Users\admin\Downloads\ComparePlugin.v1.5.6.2.bin.zip
compressed
MD5: 07618543ef7dce847e0e2577e2e6687b
SHA256: 7213673f789f4feff5c9a14330a01eae8d41587c8599786ba314854d97b896c1
3528
chrome.exe
C:\Users\admin\AppData\Local\Temp\b6574915-8c7d-4b76-8f3d-66b9a90536fa.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\Downloads\Unconfirmed 239182.crdownload
compressed
MD5: 07618543ef7dce847e0e2577e2e6687b
SHA256: 7213673f789f4feff5c9a14330a01eae8d41587c8599786ba314854d97b896c1
3336
chrome.exe
C:\Users\admin\Downloads\Unconfirmed 239182.crdownload
compressed
MD5: b0ceaea5adb8633244102e63546360b7
SHA256: 58221402deb6fce8c5ea943d3a18e81b9ab65d6f2a5f0e55580b6418cf016b5e
3336
chrome.exe
C:\Users\admin\Downloads\f3b9051e-b613-43c3-996f-0325c604889c.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store
binary
MD5: b60d9e18473529fd7a5163005d83fb5d
SHA256: f4c9167253e583ffe6f16899ed400a9d7d9fa984f05d40756c9d71059b20d165
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF19d4da.TMP
binary
MD5: b60d9e18473529fd7a5163005d83fb5d
SHA256: f4c9167253e583ffe6f16899ed400a9d7d9fa984f05d40756c9d71059b20d165
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\e1a895cf-9195-4f0d-b005-1f4529203544.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000053
binary
MD5: 76a100568dd0a5ba1e87d36eedd253c2
SHA256: 59a353ed30991771dcdd233eff283448128809f8d1c9efb4c42854872e6228cf
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000052
binary
MD5: 3c8afb8a09e8d953dd6c31c0a847a62e
SHA256: 89822f43630bd98b76db82c298efcbaea0008b283cc3d21bc694c7c3ec5529e1
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000051
binary
MD5: 55fd1a9f0590d5b0405be40b6145a8dc
SHA256: 1a3567ddb49d234dd1d3b4ca16e44e2de0adae6f6222ce36c1b8fd232d75df60
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000050
image
MD5: b3d4855574b050eb2c885630b432fd30
SHA256: 708d390c4bc87c2e9993da2ba9e308da7c248b035aaf4fb53b2b9f27dbb39314
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004f
image
MD5: 9d4bc65c4e7dd6332ecf29ea95bb5bbb
SHA256: 9c4ec26fc369e79ea144e6cf1a463c8fd3f4ef8b3bf59462c3d05868fac1787d
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004e
compressed
MD5: 15618b515498adbea0732afddb780be6
SHA256: 5698238f50144a268956d93d4a7b0762ad1842817d8180ccb4b05737d9e88126
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004d
image
MD5: 99815270b37d0ab6d6458ce70e67bcde
SHA256: 0207894f8f74da7e5d871fc85e72eb5f26bf825145302ed1b4d8c933cd0bc02e
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004c
image
MD5: 525692a707f1135b8afdf2b0e2ced3f9
SHA256: 81cf518bb2659c4f6df645216f659699bfbb9092e6c7bbfbcab4b3cb85e06780
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004b
image
MD5: 3389902b636e10a0a4a39d5e4ac20aca
SHA256: a238ac09887ff2460e2af76aeb66570af6d14bdb269bfebc30c826fe6c571728
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004a
compressed
MD5: 8f549012f30ed1c9affe9dc5ea4d699d
SHA256: 9cdda5123367151330352f1acfa52c87243d19b633b962db11df3f444d4abb19
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000049
image
MD5: c72f4695cb4fd8b25f7f69cba1c7d9c9
SHA256: bca38d216178561389cfbd3645c0b0b38bb88a19b88735ddf6020ea0e770aaa2
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000048
binary
MD5: d1a2e6cfd6a000e70dc30b0b68ed86f0
SHA256: ff3440a1e34fea5e52f962a5c392736f5b6f2b580d513b1126a6c4ce43f21458
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000047
binary
MD5: 3d57a7382107183da3da4b9fa61767a2
SHA256: fed51eaed210fb3fc6c71855b28081c87ea80e56f05db642a6870b97df504cd7
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000046
binary
MD5: 4bc2746e08caa4a148c3f4c4b06c3b2b
SHA256: 91ce27068a6691c9291e506abb3480cd27d82e08d5a7b9f13625a27d2dcf5ad5
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000045
binary
MD5: bc82ef42f1a09c5e965c83323508f4a5
SHA256: 4892c20cf9b32ddedbd7e58efaba99ff153ea80a5048d4db98824a05e61c6ebe
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000044
binary
MD5: 047e47b32ecd749dc79e2f174c934e9b
SHA256: c0c0e63e954f9ec4e8de0399de665efd6fb4be0e5e079618e3fd10855b300602
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000043
binary
MD5: 6acb2d047714556e3340b6093a127220
SHA256: 3d95441699ce5b8d38a71be8ad26a57176e8724f94381dd94a3e02f63aa2d04f
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000042
binary
MD5: be1d6e3d6bdabe02e66d570b9338aeb8
SHA256: 974c2957f226bb80c96710c2c60597f2a6c155d307b95ea1a3106fda181d2321
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000041
binary
MD5: 50765dccb9c594657184b0f789d95822
SHA256: 2a75a3105ab0b9edb874ef615722c37ca1ffd91d91e738550e234c9b8b6ebd6d
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000040
binary
MD5: fe4d433a93c90ea21a20f49a8ce3fe8d
SHA256: 601faeba08d6447f269c577e69b8665fea14f083b3f1a02e4d97d74d1a2d26f8
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003f
binary
MD5: cd1cf0f7ea0c732504c846bf9a369c1a
SHA256: 6ecc12ce9ca9a186494dbfc3b9cbe846b43b8a61429c1aa38d753af5dc3516bf
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003e
binary
MD5: b6eaf979987cb546f2e7abe087246e59
SHA256: 56f6047301ee0d64a315f423412b238a5dbc1bfdae401aa8578b4cec51bcc233
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003d
binary
MD5: f5ea52c724a2e184d289b3d72614a127
SHA256: 0da0ea8abf6f1f4cb146e40a2253ccee430def80d88a4a35298e70975ba8a11d
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003c
binary
MD5: 5030538ea09427d2f217a6bb8514b386
SHA256: edca62a8ec2b7adf8b6c1e4daa87e75066af754dfa4276c63771c61a17b27a83
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b
binary
MD5: c5189eb0a65979580790c14189b21fcc
SHA256: c97a4c77c09ab9e9e23d7fb24665fe590296a69b021f92145a0f4fae15e20152
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003a
binary
MD5: 11694d6f34d7f317c4e9826c72c6b627
SHA256: 3ca043bc4a1475b2f090c7810813bd8d3ccc68576f41b1c59d72aa91c16d68ff
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039
binary
MD5: f7d3613de2ad42678e295ff0ef381c4a
SHA256: d2b3d675f160f3ea697abd898a978415ac57123c7a5e3f539fbf493792a3b0b0
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038
binary
MD5: c53c551d569389d6101b1435f5d49014
SHA256: 4cc79207f62b0263619051a05ba6698c2a15a6afaf79d1423f3507e2426324d5
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037
binary
MD5: b7cbeef96a1c166e2e54f9e4fa9ab886
SHA256: 6fda24908ec6c91f5dd0de01f62bd532abc8491d8ff0f77a2a0e6d663f0c1bb3
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036
compressed
MD5: 77e4e08d8c655b5d887c9d1536f3492b
SHA256: c7f553ded0c0038444d56df129f4b28c4ed18c29ec4c227e0da0690a3df16e88
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000035
binary
MD5: 7c3b81656f8410ea70821e1d341118be
SHA256: bcc0a4eb94f58aec08b7bdf8fc75a4feed0859480724ae77f1ed7903d5090e09
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034
image
MD5: 123fc0286000f80bc670c7dff6c1421f
SHA256: 956a4e0e8f8cd874fdcdc1b44c7396e6a15358449c51bc5403323cf973d4c475
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000033
image
MD5: 08ecd99195e82c193eeee623d5573e87
SHA256: a0e741ff398b4ea59797bb736d7305d852484c6c3d99993f424cb01e78d5567b
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000032
image
MD5: 73f5b0fb5b9affa7992d3fa9194d42b7
SHA256: 726389295f95affcf84e1f4929fba3e69d2150a118e02ba795176c61d07d8e61
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031
woff2
MD5: dd17f403679eabb5d4b810b684248ed4
SHA256: 93e1869761e16b64655b2c662ff43f24a74e7ad19c51ccb279a8ef7558d824ad
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030
woff2
MD5: 39a22090208f4bec9cbd22b0cd01274b
SHA256: f4b2c7e08609d901507ed5eeda16478646a9307c5dd383782d7f5e97360a1c61
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 7edb48b948e21c9160ef2b5d7859a645
SHA256: 244942273ef4736e477e58d20f747a25b22cd50850b68f5c4f2efb4cc8622dc3
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF19ae38.TMP
text
MD5: 7edb48b948e21c9160ef2b5d7859a645
SHA256: 244942273ef4736e477e58d20f747a25b22cd50850b68f5c4f2efb4cc8622dc3
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\51feeafc-6aa2-4b39-ad5d-ab7e836a0cbd.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF19adda.TMP
text
MD5: 11cfbe31348a7484a9cb01f5d59f9cb4
SHA256: d930e3e2271f9fdaafdcb4d1ecdbec1eb5e5b200efde2f7d85d41478e797e1f4
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 11cfbe31348a7484a9cb01f5d59f9cb4
SHA256: d930e3e2271f9fdaafdcb4d1ecdbec1eb5e5b200efde2f7d85d41478e797e1f4
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\47a87a83-d764-4a04-9310-57a8fe327618.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 06906cd132b68c4363ddc4d920e39ab3
SHA256: e15122d70ead089c689bcd6359e0de52c6985e62010ed8073161841df67db3f3
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF19ad2e.TMP
text
MD5: 06906cd132b68c4363ddc4d920e39ab3
SHA256: e15122d70ead089c689bcd6359e0de52c6985e62010ed8073161841df67db3f3
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\46f76d1b-0af8-4944-b003-018e01f0b7b1.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002f
image
MD5: 99829f522ccbca8f2f7ebe4526578eec
SHA256: 03a36f2271dd5ce0fcd041cb50b59cf235cd33d6dc40869a753d6d9930143a23
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e
woff2
MD5: c776560885223f6a92c1dd7b66bb4332
SHA256: da970fc7ecd1f9bbbbdac18b4e4f98f8417a7fa270aa78fb4331a342793ac4fc
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d
woff2
MD5: 34f2903356fc756dc49cbfe259d7c141
SHA256: ecdeca773a400c748de9e81958fc7b86eb442dc7fa46f30204096b6c9f4062dd
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c
woff2
MD5: 6e09b3a43940e211e4ef5ce79f04ef40
SHA256: 2eb73425b0f3c96daecec8d9ed5c6df45cedc3e79eb9d6e36f6dd0adb143ecde
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b
compressed
MD5: 04e0261ae81a15a4299db8539f9f512b
SHA256: 53d1870086af6c968d6983ccd844745e44ae5ef7d1ce6a6b11c1a1a445e07b86
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a
compressed
MD5: 131b7ebf41e8d7925dd2e6e1f35eb156
SHA256: ca5b001c8ab907b56f083b17d7e9b68a3ef15738befac6147535fad22bf9483c
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029
compressed
MD5: ef16a94cfc63fd18740f778b65325027
SHA256: fa7cd03139b51033669cba9bf73a61aaa22aea80a3e5a4dba9514d952e8990ef
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028
compressed
MD5: 88cb40963c459cb88b5a781e57ed0ccc
SHA256: f303554fe17a12ece5a4923884895078c7e6bea40ba1f2ab61b48a39b9049b1e
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027
compressed
MD5: 027347f1871ae3a5e5e4199773f99644
SHA256: 61f4360a7af13443e767ed947e552f3eacf3ad31272ba4fe2a3771ec15ba9af4
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
binary
MD5: 05ca98e93ecc194930769f8cb5bb9888
SHA256: b3e505b409b491700c62f1f2072ab8ac7a5901932b25e8703b57d568e08cf2a8
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
binary
MD5: 8b7ceac64b1a9e1c4fd73b84a88ffee9
SHA256: d63830495dbf6848b9b80aee6044891abeb0daded6377baef45d7d766e514e62
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
binary
MD5: 0c423995437a5545abc348d06e16edde
SHA256: 47cd819361e8950a7aa10bf8b8a7ddcc407bb56edcca720d8bd7ebb38202fc4c
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
binary
MD5: fcc64458a32466e91e222ed354a4dd00
SHA256: 22b88f0a57daaee19566ee489388d60c06c3eeee01a62425d45db66b66f22c6a
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
image
MD5: 98b3f9b79200973c71898a464fb7a47b
SHA256: e3541db0289eaf06431df95de8d2bc9691f19fdb0b9d403bce16171c056f0e17
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021
image
MD5: d65c264e4bdd1c8da99465495ca400fb
SHA256: 9e13eff01bc5c9d668e0a2624d97c45f7523558a6bb65630271068be1592c35e
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
binary
MD5: 91297c156f8821cd2040678ad9ab787b
SHA256: cc64051c6a4d748d778b3781fa80615184422152cc37b9da7a89a45ced3e27b4
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
binary
MD5: 67b2a44d1357ac9c1ec638f8a70610b8
SHA256: 9b182555f9a1d0a51a403d7d0dfe5bae59a02afa3f4ddfc9e6967368966983b1
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
binary
MD5: 136c76b4ab4ff477a7c52b4fa14ed5df
SHA256: 27a654393f1cd74ccbfd871175cd11ffc7f3bc509f818ab8a6bc768625942a4e
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d
binary
MD5: d80e1e78600594de606a0a6c9c505735
SHA256: acd7da68f6fd7e62c19a2ef1cfae53f61a5d35af59dd6ad44657b639032332dd
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
compressed
MD5: 5ef36007df728e6a793531d9213ebda9
SHA256: b5efa86424cf5db9db8a9185586013a05f5edd3030483233b0a6e6c11892b2a6
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
image
MD5: 9c6843b74a555801dafb48532a521361
SHA256: 5cc33e3773771e5d141de076c3293b26ec148580e30a5fc75aea8f36835eed3e
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
compressed
MD5: c78053d04d99ca1852b6b49fa4099644
SHA256: 20d65d0e376fcfcbc525d04ec3caa152a270e10555466940a77d382e745fd841
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
compressed
MD5: c9b5c2f0ecafdae31e921ba5eebffb84
SHA256: 79495fb9adb36f6854a3f94137ec9c25d91b3a6f6594e47ed36acd435aaa7f8a
3336
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4CA77D36767B6202D4786BF3D1EC5242
binary
MD5: daa2aaf97ef31d81082e40d4462c3b63
SHA256: 9e7ae79bc564b01d695db79eb60f515397ed65bf6507bf2cf3e50152ba08bd23
3336
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4CA77D36767B6202D4786BF3D1EC5242
der
MD5: dc32c3a76d2557c768099dea2da9a2d1
SHA256: f1c1b50ae5a20dd8030ec9f6bc24823dd367b5255759b4e71b61fce9f7375d73
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
compressed
MD5: 6f5e885922e854700ee4a3ec7051b0b1
SHA256: 6e81da392cd8a8afaef14a8125f0d892fd5433027eebb18e735c4e1813a16848
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
compressed
MD5: 4b55e625e0987b99176c0a42c57d6762
SHA256: d8f834287b24d94cc106d53f433ac8aa6cb6c9770d25c55d2166f922fc7d1139
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
compressed
MD5: 37c2cbc1facd70dee30a4af04998dda4
SHA256: 684b380b4b3b47a32c80ab9b633cb10b0ac594f2de49583c152386e9a97da71c
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
compressed
MD5: 6f20ecf6ee2f932429d8f2d67afa4a55
SHA256: 696644671c3215cc4b737317aaefef7bb7539e9a2473776339889a4d05d2bec0
3336
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
binary
MD5: b8958a3cef93af4fa83fb7f484f7bc38
SHA256: 62a8f296b7831e534c3e5b7fef2807ef41dd2571a87a22ec2689d30040375368
3336
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
compressed
MD5: bb377df27a55c05bb3793cd1e125c869
SHA256: 3c4ec495f17d21cc236bc7238bc02728bd945c07157fbf875cac340269afc207
3336
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar90C4.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab90C3.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Session
binary
MD5: 02536c23edc1e418a6fea313d20b2a39
SHA256: 8e8de8689482b477d0beebe0a4ac24b9cabcbfa84848f66b4c0f55cd96dc0fe9
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
woff2
MD5: 7fbbfd1610770d594aef639cfefdd0b0
SHA256: ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
compressed
MD5: 5735342c8818b9d8e1c0abe3939e7fbe
SHA256: d1d990c76a9e6205b9e2c05bfbe2941eef2deeacc832fd411fd32df3a851a17e
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old
text
MD5: 80b8c44b60f8bd20d1cf8277ec794bb1
SHA256: 6371157cf7270dd227625ddf799da6c38c60b3e2110fe540b8bc9df48aef09a6
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old~RF19904f.TMP
text
MD5: 80b8c44b60f8bd20d1cf8277ec794bb1
SHA256: 6371157cf7270dd227625ddf799da6c38c60b3e2110fe540b8bc9df48aef09a6
3336
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar8FF7.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab8FF6.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
der
MD5: 55540a230bdab55187a841cfe1aa1545
SHA256: d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
3336
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
binary
MD5: 1a53fca1b8acd1b1ed1f8d2b2696edfb
SHA256: 7eebcc29e180941c0ba681d29896cecc8492f88f0e4a68d58b0490a8fd2559cb
3336
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar8FD5.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab8FD4.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
compressed
MD5: a6ce90b9145f18e7a721eb3819daaaab
SHA256: 94fe45c14a2ce4fd5f1401c835e5d63111ebf89ff58e03d6b780592f02abf778
3336
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar8FB4.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab8FB3.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B7C322D57057B3593664F2D411D5C076
der
MD5: 345eff15b7a49add451b65a7f4bdc6ae
SHA256: 154c433c491929c5ef686e838e323664a00e6a0d822ccc958fb4dab03e49a08f
3336
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B7C322D57057B3593664F2D411D5C076
binary
MD5: 39c388c6f659d0af44238fee4bf499db
SHA256: f0fa78df95c22f6312761837a9448d71866f4d68ee7b1fe0cde36a7375ba79f0
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
compressed
MD5: 4fc9e7fc98344c7fba51a0dcc73cae9c
SHA256: a0b13712b22bd425c368672db1ac65a4d20d5090fae249609cd7c2800bd7537b
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010
woff2
MD5: f1a4a058fbba1e35a406188ae7eddaf8
SHA256: 1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
compressed
MD5: 63868491c098cf4b40bb9ee0b9033a6b
SHA256: 9eed86d5f0511a4ea0ebd60937e18a06e63b1f22c973451be500637794f7454b
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old
text
MD5: 7282c871a31b4aae7e61cdbb39a13331
SHA256: af615c556e2a22e87135a967c01e869216f65268a88bd218fd6ab70467bdf733
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old~RF198dde.TMP
text
MD5: 7282c871a31b4aae7e61cdbb39a13331
SHA256: af615c556e2a22e87135a967c01e869216f65268a88bd218fd6ab70467bdf733
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
compressed
MD5: 724ae826c7a688c8fca5c71b3b7e790d
SHA256: 8698dc49cd1b3f239fd713e3d4db4aa6c7317ed6116cf2d998779a43eb77aa52
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
compressed
MD5: 84f004985e432d8590679042e1192ee1
SHA256: ceded7040a0498e4660f67cd3463e40f4f9569e92e568cd65c62097cb1c41a0d
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
compressed
MD5: 6b1e95ec851f811a79969c80db657af7
SHA256: 8942d298a6bb039465f2d525224739df6b5d9674d4d27ee06287a4a1b201ea45
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF198cb5.TMP
text
MD5: ea6d75c35eb812fdc5762d84963de026
SHA256: a4e911f2978a45872ede6742468623884a33bca6e015dfb35dd4d55034d9ab74
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: ea6d75c35eb812fdc5762d84963de026
SHA256: a4e911f2978a45872ede6742468623884a33bca6e015dfb35dd4d55034d9ab74
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 84042895723ac99f9599edfc7500051c
SHA256: ac49bbf4b490c77bddf11de45ef4965c72b16b00cb2519fdb627363f760c6219
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF198c38.TMP
text
MD5: 84042895723ac99f9599edfc7500051c
SHA256: ac49bbf4b490c77bddf11de45ef4965c72b16b00cb2519fdb627363f760c6219
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Translate Ranker Model
binary
MD5: e55e1bd67a25ace852879e3977424f89
SHA256: 70ce3185057364b6cb2562dd32d3692552c6628e479a1d11a5faa05024ae5525
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Translate Ranker Model~RF198b2f.TMP
binary
MD5: e55e1bd67a25ace852879e3977424f89
SHA256: 70ce3185057364b6cb2562dd32d3692552c6628e479a1d11a5faa05024ae5525
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\136d1755-8d00-4716-8199-f08602a0665a.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.old~RF198841.TMP
text
MD5: f727dd25cda7b2cc574098cee1f5764a
SHA256: 5f7bd6926940e400ee7faa6d620192ca299f7b5aaa92d672f8173a767b3fbbff
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.old
text
MD5: f727dd25cda7b2cc574098cee1f5764a
SHA256: 5f7bd6926940e400ee7faa6d620192ca299f7b5aaa92d672f8173a767b3fbbff
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF1987d3.TMP
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000016.dbtmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\CURRENT
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\CURRENT~RF1987b4.TMP
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\000016.dbtmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF198747.TMP
text
MD5: 197882774a7ecec9046bc48f63189b66
SHA256: 27377b0d5f989997c2c3f74acf163eed44b60631ddaa768f6655d7be555742b2
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: 197882774a7ecec9046bc48f63189b66
SHA256: 27377b0d5f989997c2c3f74acf163eed44b60631ddaa768f6655d7be555742b2
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\4cfba733-4308-44a7-8e63-db4e11cb7ad1.tmp
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old
text
MD5: 1aa66efdb743fb0a8dcc1cd79b0b6542
SHA256: 28d56532cced7375a2a1c7731e57c1a1c2ec1ac9827f3e5beee7f8069a5f87dd
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: 92be6b127e72365885ad4c3fb6534ee2
SHA256: 54302a2573acc775720e7db0ad85873276713302b4f72596a8dcc44b01c70e51
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old~RF198718.TMP
text
MD5: 1aa66efdb743fb0a8dcc1cd79b0b6542
SHA256: 28d56532cced7375a2a1c7731e57c1a1c2ec1ac9827f3e5beee7f8069a5f87dd
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF198718.TMP
text
MD5: 92be6b127e72365885ad4c3fb6534ee2
SHA256: 54302a2573acc775720e7db0ad85873276713302b4f72596a8dcc44b01c70e51
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\LOG.old
text
MD5: 8ca4ba2b95d7089861a48ed69fde6561
SHA256: aa64c14d0c68b62bbab62a6d6fa4662ff89e1fbc7b337c926ac213c191d6406c
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\LOG.old~RF198708.TMP
text
MD5: 8ca4ba2b95d7089861a48ed69fde6561
SHA256: aa64c14d0c68b62bbab62a6d6fa4662ff89e1fbc7b337c926ac213c191d6406c
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
––
MD5:  ––
SHA256:  ––
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c016064a1f864c8140915d77cf3389a
SHA256: 0e7265d4a8c16223538edd8cd620b8820611c74538e420a88e333be7f62ac787
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: c10ebd4db49249efc8d112b2920d5f73
SHA256: 90a1b994cafe902f22a88a22c0b6cc9cb5b974bf20f8964406dd7d6c9b8867d1
3336
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1a3809.TMP
text
MD5: 2d21d10c7e90f310f776fb239d7cb6b3
SHA256: 2c3bd241671d902f15fd431974be04378cf934f9089b587e1d0ecb07aa6dd609

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
6
TCP/UDP connections
199
DNS requests
140
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
3336 chrome.exe GET 200 104.18.10.39:80 http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt US
der
whitelisted
3336 chrome.exe GET 200 13.35.254.82:80 http://x.ss2.us/x.cer US
der
whitelisted
3336 chrome.exe GET 200 13.35.254.82:80 http://x.ss2.us/x.cer US
der
whitelisted
3336 chrome.exe GET 200 93.184.221.240:80 http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab US
compressed
whitelisted
3336 chrome.exe GET 200 93.184.221.240:80 http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab US
compressed
whitelisted
3336 chrome.exe GET 200 204.13.202.71:80 http://ssl.trustwave.com/issuers/STCA.crt US
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
3336 chrome.exe 216.105.38.13:443 American Internet Services, LLC. US malicious
3336 chrome.exe 216.58.205.227:443 Google Inc. US whitelisted
3336 chrome.exe 172.217.22.35:443 Google Inc. US whitelisted
3336 chrome.exe 216.58.208.45:443 Google Inc. US whitelisted
3336 chrome.exe 104.20.116.11:443 Cloudflare Inc US shared
3336 chrome.exe 172.217.22.10:443 Google Inc. US whitelisted
3336 chrome.exe 172.217.22.99:443 Google Inc. US whitelisted
3336 chrome.exe 185.33.223.221:443 AppNexus, Inc –– unknown
3336 chrome.exe 213.19.162.61:443 The Rubicon Project, Inc. GB unknown
3336 chrome.exe 152.195.15.114:443 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3336 chrome.exe 74.214.194.134:443 PulsePoint B.V. NL unknown
3336 chrome.exe 35.203.66.107:443 Google Inc. US whitelisted
3336 chrome.exe 72.251.249.9:443 Voxel Dot Net, Inc. NL unknown
3336 chrome.exe 151.101.2.2:443 Fastly US shared
3336 chrome.exe 216.105.38.9:443 American Internet Services, LLC. US unknown
3336 chrome.exe 172.217.18.110:443 Google Inc. US whitelisted
3336 chrome.exe 107.22.211.52:443 Amazon.com, Inc. US unknown
3336 chrome.exe 52.31.106.135:443 Amazon.com, Inc. IE unknown
3336 chrome.exe 13.35.253.62:443 US unknown
3336 chrome.exe 104.18.10.39:80 Cloudflare Inc US unknown
3336 chrome.exe 13.35.254.82:80 US unknown
3336 chrome.exe 184.31.92.226:443 Akamai International B.V. NL unknown
3336 chrome.exe 172.217.22.4:443 Google Inc. US whitelisted
3336 chrome.exe 93.184.221.240:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3336 chrome.exe 23.62.124.104:443 Akamai Technologies, Inc. NL unknown
3336 chrome.exe 95.100.198.121:443 Akamai Technologies, Inc. –– unknown
3336 chrome.exe 34.206.117.113:443 Amazon.com, Inc. US unknown
3336 chrome.exe 172.217.16.174:443 Google Inc. US whitelisted
3336 chrome.exe 23.60.196.160:443 Akamai Technologies, Inc. NL whitelisted
3336 chrome.exe 34.249.93.95:443 Amazon.com, Inc. IE unknown
3336 chrome.exe 54.82.237.73:443 Amazon.com, Inc. US unknown
3336 chrome.exe 107.178.240.89:443 Google Inc. US whitelisted
3336 chrome.exe 54.93.117.16:443 Amazon.com, Inc. DE unknown
3336 chrome.exe 2.18.233.201:443 Akamai International B.V. –– whitelisted
3336 chrome.exe 172.217.16.194:443 Google Inc. US whitelisted
3336 chrome.exe 192.0.73.2:443 Automattic, Inc US whitelisted
3336 chrome.exe 35.201.85.158:443 Google Inc. US whitelisted
3336 chrome.exe 216.58.207.34:443 Google Inc. US whitelisted
3336 chrome.exe 192.0.77.2:443 Automattic, Inc US unknown
3336 chrome.exe 216.58.207.66:443 Google Inc. US whitelisted
3336 chrome.exe 52.212.162.244:443 Amazon.com, Inc. IE unknown
3336 chrome.exe 18.196.37.19:443 Amazon.com, Inc. DE unknown
3336 chrome.exe 172.217.23.162:443 Google Inc. US whitelisted
3336 chrome.exe 52.43.244.95:443 Amazon.com, Inc. US unknown
3336 chrome.exe 192.132.33.27:443 Bidtellect Inc. US unknown
3336 chrome.exe 176.34.134.126:443 Amazon.com, Inc. IE unknown
3336 chrome.exe 18.153.11.8:443 US unknown
3336 chrome.exe 151.101.2.49:443 Fastly US suspicious
3336 chrome.exe 172.217.22.34:443 Google Inc. US whitelisted
3336 chrome.exe 204.13.202.71:80 Savvis US unknown
3336 chrome.exe 172.217.16.161:443 Google Inc. US whitelisted
3336 chrome.exe 185.63.144.5:443 LinkedIn Corporation IE unknown
3336 chrome.exe 151.101.2.110:443 Fastly US unknown
3336 chrome.exe 162.247.242.21:443 New Relic US whitelisted
3336 chrome.exe 46.228.164.13:443 Turn Europe (UK) Ltd. GB unknown
3336 chrome.exe 185.29.135.181:443 MediaMath Inc GB unknown
3336 chrome.exe 188.125.66.34:443 Yahoo! UK Services Limited IE shared
3336 chrome.exe 216.58.208.34:443 Google Inc. US whitelisted
3336 chrome.exe 192.138.218.96:443 Connexity, Inc. US unknown
3336 chrome.exe 63.251.210.243:443 Internap Network Services Corporation US unknown
3336 chrome.exe 72.251.249.13:443 Voxel Dot Net, Inc. NL unknown
3336 chrome.exe 34.193.227.152:443 Amazon.com, Inc. US unknown
3336 chrome.exe 37.157.6.253:443 Adform A/S DK unknown
3336 chrome.exe 108.174.10.10:443 LinkedIn Corporation US unknown
3336 chrome.exe 34.253.126.105:443 Amazon.com, Inc. IE unknown
3336 chrome.exe 54.93.153.122:443 Amazon.com, Inc. DE unknown
3336 chrome.exe 18.184.103.21:443 US unknown
3336 chrome.exe 66.117.28.68:443 Adobe Systems Inc. US whitelisted
3336 chrome.exe 185.64.189.115:443 PubMatic, Inc. GB unknown
3336 chrome.exe 213.19.162.80:443 The Rubicon Project, Inc. GB unknown
3336 chrome.exe 173.241.240.17:443 OPENX TECHNOLOGIES, INC. US unknown
3336 chrome.exe 23.211.2.27:443 Akamai Technologies, Inc. NL whitelisted
3336 chrome.exe 100.26.70.242:443 US unknown
3336 chrome.exe 18.130.102.212:443 US unknown
3336 chrome.exe 217.12.15.54:443 Yahoo! UK Services Limited GB shared
3336 chrome.exe 172.217.16.134:443 Google Inc. US unknown
3336 chrome.exe 46.228.164.11:443 Turn Europe (UK) Ltd. GB unknown
3336 chrome.exe 213.155.156.169:443 Telia Company AB –– unknown
3336 chrome.exe 52.29.111.2:443 Amazon.com, Inc. DE unknown
3336 chrome.exe 193.0.160.129:443 Rocket Fuel Inc. NL unknown
3336 chrome.exe 151.101.0.166:443 Fastly US unknown
3336 chrome.exe 172.217.23.130:443 Google Inc. US whitelisted
3336 chrome.exe 64.233.190.94:443 Google Inc. US unknown
3336 chrome.exe 104.109.71.200:443 Akamai International B.V. NL whitelisted
3336 chrome.exe 95.100.196.129:443 Akamai Technologies, Inc. –– unknown
3336 chrome.exe 172.217.22.110:443 Google Inc. US whitelisted
3336 chrome.exe 172.217.21.238:443 Google Inc. US whitelisted
3336 chrome.exe 35.195.2.140:443 Google Inc. US whitelisted
3336 chrome.exe 52.38.145.235:443 Amazon.com, Inc. US unknown
3336 chrome.exe 104.107.252.81:443 Akamai Technologies, Inc. NL unknown
3336 chrome.exe 35.168.154.40:443 Amazon.com, Inc. US unknown
3336 chrome.exe 52.32.129.39:443 Amazon.com, Inc. US unknown
3336 chrome.exe 172.217.18.170:443 Google Inc. US whitelisted
3336 chrome.exe 34.240.126.33:443 Amazon.com, Inc. IE unknown
3336 chrome.exe 172.217.18.99:443 Google Inc. US whitelisted
3336 chrome.exe 172.217.22.2:443 Google Inc. US whitelisted
3336 chrome.exe 54.246.133.167:443 Amazon.com, Inc. IE whitelisted
3336 chrome.exe 54.229.221.102:443 Amazon.com, Inc. IE unknown
3336 chrome.exe 34.194.96.156:443 Amazon.com, Inc. US unknown
3336 chrome.exe 185.33.223.216:443 AppNexus, Inc –– unknown
3336 chrome.exe 54.77.164.43:443 Amazon.com, Inc. IE whitelisted
3336 chrome.exe 52.86.201.172:443 Amazon.com, Inc. US unknown
3336 chrome.exe 35.244.211.220:443 US unknown
3336 chrome.exe 147.75.102.200:443 Packet Host, Inc. US unknown
3336 chrome.exe 104.111.241.32:443 Akamai International B.V. NL unknown
3336 chrome.exe 107.178.254.65:443 Google Inc. US whitelisted
3336 chrome.exe 199.166.0.24:443 Integral Ad Science, Inc. US unknown
3336 chrome.exe 35.201.105.13:443 Google Inc. US unknown
3336 chrome.exe 195.181.174.6:443 Datacamp Limited DE suspicious
3336 chrome.exe 185.59.220.28:443 Datacamp Limited DE malicious
3336 chrome.exe 54.86.0.208:443 Amazon.com, Inc. US unknown
3336 chrome.exe 213.19.162.56:443 The Rubicon Project, Inc. GB unknown
3336 chrome.exe 52.28.187.8:443 Amazon.com, Inc. DE unknown
3336 chrome.exe 217.182.200.20:443 OVH SAS PL unknown
3336 chrome.exe 104.244.37.20:443 Integral Ad Science, Inc. US unknown
3336 chrome.exe 185.172.148.128:443 proinity GmbH DE suspicious
3336 chrome.exe 159.253.128.183:443 SoftLayer Technologies Inc. NL unknown
3336 chrome.exe 66.155.71.150:443 Peer 1 Network (USA) Inc. CA unknown
3336 chrome.exe 104.19.196.151:443 Cloudflare Inc US shared
3336 chrome.exe 2.19.33.59:443 Akamai International B.V. –– whitelisted
3336 chrome.exe 173.241.240.143:443 OPENX TECHNOLOGIES, INC. US unknown
3336 chrome.exe 104.16.92.60:443 Cloudflare Inc US shared
3336 chrome.exe 52.212.41.120:443 Amazon.com, Inc. IE unknown
3336 chrome.exe 35.227.197.177:443 US unknown
3336 chrome.exe 87.121.121.2:443 NetIX Communications Ltd. BG suspicious
–– –– 216.58.205.238:443 Google Inc. US whitelisted
3336 chrome.exe 216.58.206.18:443 Google Inc. US unknown
3336 chrome.exe 216.58.208.50:443 Google Inc. US whitelisted
–– –– 172.217.22.67:443 Google Inc. US whitelisted

DNS requests

Domain IP Reputation
sourceforge.net 216.105.38.13
whitelisted
www.gstatic.com 216.58.205.227
whitelisted
clientservices.googleapis.com 172.217.22.35
whitelisted
accounts.google.com 216.58.208.45
shared
a.fsdn.com 104.20.116.11
104.20.117.11
unknown
fonts.googleapis.com 172.217.22.10
whitelisted
fonts.gstatic.com 172.217.22.99
whitelisted
ib.adnxs.com 185.33.223.221
185.33.223.200
185.33.223.197
185.33.223.202
185.33.223.203
185.33.223.83
185.33.223.208
185.33.223.209
whitelisted
bid.contextweb.com 74.214.194.134
74.214.194.133
unknown
fastlane.rubiconproject.com 213.19.162.61
213.19.162.31
213.19.162.51
213.19.162.21
213.19.162.41
213.19.162.71
whitelisted
adserver-us.adtech.advertising.com 152.195.15.114
whitelisted
dmx.districtm.io 35.203.66.107
unknown
ap.lijit.com 72.251.249.9
72.251.249.14
whitelisted
ml314.com 52.31.106.135
34.249.56.252
34.246.247.78
54.171.224.12
whitelisted
www.google-analytics.com 172.217.18.110
whitelisted
analytics.slashdotmedia.com 216.105.38.9
unknown
cdn.taboola.com 151.101.2.2
151.101.66.2
151.101.130.2
151.101.194.2
whitelisted
tag.crsspxl.com 107.22.211.52
54.235.102.45
unknown
www.stack-sonar.com 13.35.253.62
13.35.253.25
13.35.253.122
13.35.253.23
suspicious
cacerts.digicert.com 104.18.10.39
104.18.11.39
whitelisted
x.ss2.us 13.35.254.82
13.35.254.34
13.35.254.176
13.35.254.54
whitelisted
ads.pro-market.net 184.31.92.226
unknown
www.google.com 172.217.22.4
whitelisted
www.download.windowsupdate.com 93.184.221.240
whitelisted
sb.scorecardresearch.com 23.62.124.104
whitelisted
snap.licdn.com 95.100.198.121
whitelisted
api.stack-sonar.com 34.206.117.113
52.86.217.123
unknown
tags.bluekai.com 23.60.196.160
whitelisted
idsync.rlcdn.com 54.82.237.73
54.210.1.1
54.82.158.121
54.81.103.120
54.80.167.45
54.210.157.45
54.86.0.208
54.85.146.68
whitelisted
pixel.mathtag.com 2.18.233.201
whitelisted
sync.crwdcntrl.net 34.249.93.95
34.251.85.190
52.18.205.56
34.253.166.222
34.255.244.192
52.19.199.239
34.242.41.222
52.16.68.29
whitelisted
ps.eyeota.net 54.93.117.16
whitelisted
clients1.google.com 172.217.16.174
whitelisted
pbid.pro-market.net 107.178.240.89
unknown
trc.taboola.com 151.101.2.2
151.101.66.2
151.101.130.2
151.101.194.2
whitelisted
www.googletagservices.com 172.217.16.194
whitelisted
secure.gravatar.com 192.0.73.2
whitelisted
server.exposebox.com 35.201.85.158
unknown
adservice.google.no 216.58.207.34
whitelisted
adservice.google.com 216.58.207.66
whitelisted
i2.wp.com 192.0.77.2
whitelisted
rtb.mfadsrvr.com 18.196.37.19
18.195.230.94
18.195.160.35
whitelisted
px.powerlinks.com 52.212.162.244
34.253.62.229
34.255.153.52
52.209.1.74
54.77.49.39
34.252.188.147
54.72.100.22
54.194.234.200
whitelisted
cm.g.doubleclick.net 172.217.23.162
whitelisted
match.adsrvr.org 176.34.134.126
52.17.231.199
34.248.238.74
34.251.201.192
34.240.175.172
52.212.134.12
52.18.226.220
34.246.249.223
whitelisted
www.storygize.net 52.43.244.95
54.191.72.134
34.211.85.62
54.71.95.4
54.213.99.120
52.32.160.43
unknown
bttrack.com 192.132.33.27
whitelisted
x.bidswitch.net 18.153.11.8
18.153.11.9
18.153.11.10
18.153.11.11
18.153.11.12
18.153.11.13
18.153.11.14
whitelisted
match.taboola.com 151.101.2.49
151.101.66.49
151.101.130.49
151.101.194.49
whitelisted
securepubads.g.doubleclick.net 172.217.22.34
whitelisted
ssl.trustwave.com 204.13.202.71
whitelisted
tpc.googlesyndication.com 172.217.16.161
whitelisted
js-agent.newrelic.com 151.101.2.110
151.101.66.110
151.101.130.110
151.101.194.110
whitelisted
px.ads.linkedin.com 185.63.144.5
whitelisted
bam.nr-data.net 162.247.242.21
162.247.242.18
162.247.242.20
162.247.242.19
whitelisted
sync.mathtag.com 185.29.135.181
185.29.132.30
185.29.133.52
185.29.132.23
whitelisted
d.turn.com 46.228.164.13
whitelisted
cms.analytics.yahoo.com 188.125.66.34
whitelisted
googleads.g.doubleclick.net 216.58.207.66
whitelisted
pagead2.googlesyndication.com 216.58.208.34
whitelisted
blip.bizrate.com 192.138.218.96
unknown
pxl.connexity.net 63.251.210.243
whitelisted
ce.lijit.com 72.251.249.13
72.251.249.14
whitelisted
thrtle.com 34.193.227.152
107.21.48.136
54.84.105.44
52.7.2.46
54.236.143.74
34.237.94.112
whitelisted
c1.adform.net 37.157.6.253
37.157.2.239
37.157.4.25
37.157.6.247
37.157.2.238
37.157.4.24
whitelisted
www.linkedin.com 108.174.10.10
whitelisted
rtd.tubemogul.com 151.101.2.49
151.101.66.49
151.101.130.49
151.101.194.49
suspicious
partner.mediawallahscript.com 34.253.126.105
52.208.39.108
unknown
cms.quantserve.com 18.184.103.21
18.185.191.3
18.185.206.161
18.184.40.88
3.120.80.142
18.194.20.165
35.156.145.106
35.157.170.79
whitelisted
pixel.everesttech.net 66.117.28.68
whitelisted
d.agkn.com 54.93.153.122
18.185.204.100
18.185.61.88
18.195.58.242
35.158.212.227
3.122.170.13
52.57.68.107
18.184.145.163
whitelisted
rtd-tm.everesttech.net 151.101.2.49
151.101.66.49
151.101.130.49
151.101.194.49
whitelisted
rtb.openx.net 173.241.240.17
whitelisted
image6.pubmatic.com 185.64.189.115
whitelisted
pixel.rubiconproject.com 213.19.162.80
213.19.162.90
whitelisted
ssum-sec.casalemedia.com 23.211.2.27
whitelisted
e.dlx.addthis.com 100.26.70.242
18.205.64.183
18.211.25.162
18.205.242.31
100.24.131.67
23.22.137.125
18.205.212.229
18.208.30.206
whitelisted
ag.innovid.com 18.130.102.212
52.56.230.35
35.177.144.113
whitelisted
s0.2mdn.net 172.217.16.134
whitelisted
ads.yahoo.com 217.12.15.54
217.12.15.83
whitelisted
ad.turn.com 46.228.164.11
whitelisted
d5p.de17a.com 213.155.156.169
213.155.156.184
213.155.156.185
213.155.156.167
213.155.156.182
213.155.156.165
213.155.156.168
213.155.156.166
213.155.156.164
213.155.156.183
213.155.156.181
213.155.156.180
whitelisted
pm.w55c.net 52.29.111.2
18.196.44.198
18.196.199.155
35.158.49.82
18.195.135.198
18.196.45.133
18.196.166.197
18.196.151.146
whitelisted
p.rfihub.com 193.0.160.129
whitelisted
bh.contextweb.com 151.101.0.166
151.101.64.166
151.101.128.166
151.101.192.166
unknown
r.turn.com 46.228.164.11
unknown
c.betrad.com 104.109.71.200
whitelisted
csi.gstatic.com 64.233.190.94
64.233.190.120
whitelisted
googleads4.g.doubleclick.net 172.217.23.130
whitelisted
ae.nflximg.net 95.100.196.129
unknown
fcmatch.google.com 172.217.22.110
whitelisted
fcmatch.youtube.com 172.217.21.238
whitelisted
rtb.4finance.com 35.195.2.140
35.241.172.177
unknown
ads.netflix.com 52.38.145.235
52.38.215.211
52.36.130.57
whitelisted
c.evidon.com 104.107.252.81
whitelisted
l.betrad.com 35.168.154.40
52.0.77.209
107.23.89.178
52.72.136.100
52.54.5.87
52.72.158.71
18.214.158.180
54.88.108.213
whitelisted
ichnaea.netflix.com 52.32.129.39
35.165.195.95
54.148.125.37
52.36.39.216
35.163.6.39
52.40.251.202
52.40.47.226
52.27.150.17
whitelisted
art-s.nflximg.net 95.100.196.129
unknown
ajax.googleapis.com 172.217.18.170
172.217.23.138
216.58.206.10
216.58.207.74
172.217.16.170
172.217.16.138
172.217.22.74
172.217.22.106
216.58.210.10
172.217.16.202
172.217.18.106
172.217.21.202
216.58.205.234
172.217.21.234
172.217.18.10
whitelisted
ichnaea-web.netflix.com 34.240.126.33
52.214.33.123
34.250.195.245
34.251.174.245
52.17.69.132
52.214.59.143
34.247.142.70
52.18.176.52
whitelisted
dnm.nflximg.net 95.100.196.129
unknown
ssl.gstatic.com 172.217.18.99
whitelisted
ade.googlesyndication.com 172.217.22.2
whitelisted
dpm.demdex.net 54.246.133.167
34.249.86.253
52.16.89.247
34.243.36.162
34.247.143.160
34.250.76.236
52.17.182.129
34.241.198.89
whitelisted
magnetic.t.domdex.com 54.229.221.102
52.213.101.26
52.19.5.81
54.76.46.117
whitelisted
api.intentiq.com 34.194.96.156
34.224.247.57
34.192.19.119
34.202.244.152
34.200.72.209
34.233.100.133
whitelisted
secure.adnxs.com 185.33.223.216
185.33.223.203
185.33.223.218
185.33.223.202
185.33.223.210
185.33.223.221
185.33.223.80
185.33.223.100
whitelisted
aa.agkn.com 54.77.164.43
52.49.24.175
34.243.189.217
34.250.48.64
34.243.136.23
54.72.1.54
54.72.61.29
54.72.169.137
whitelisted
i.liadm.com 52.86.201.172
52.86.191.75
52.71.208.229
54.152.56.202
52.71.175.22
54.152.156.164
52.86.132.228
54.164.15.83
whitelisted
a.ctnsnet.com 35.244.211.220
unknown
loadm.exelator.com 147.75.102.200
suspicious
stags.bluekai.com 104.111.241.32
whitelisted
pippio.com 107.178.254.65
whitelisted
fw.adsafeprotected.com 199.166.0.24
whitelisted
insight.reflow.tv 35.201.105.13
unknown
cdn.ctnsnet.com 195.181.174.6
unknown
load77.exelator.com 185.59.220.28
suspicious
id.rlcdn.com 54.86.0.208
54.85.146.68
34.192.38.147
34.193.232.33
34.195.196.224
34.192.141.135
18.207.56.96
54.88.199.196
whitelisted
odr.mookie1.com 52.28.187.8
18.185.204.60
52.58.116.144
52.29.130.14
52.57.13.127
35.158.46.181
52.58.245.253
54.93.128.166
whitelisted
token.rubiconproject.com 213.19.162.56
213.19.162.66
213.19.162.76
213.19.162.26
213.19.162.36
213.19.162.46
whitelisted
googlecm.hit.gemius.pl 217.182.200.20
217.182.200.19
54.38.193.173
217.182.200.29
79.137.69.91
54.38.193.161
79.137.69.120
217.182.201.168
54.38.193.172
217.182.200.41
54.38.193.101
79.137.68.187
unknown
dt.adsafeprotected.com 104.244.37.20
whitelisted
powered-by.reflow.tv 35.201.105.13
unknown
p4-fraqkceql57kk-yys6nsgtfcllxl2e-if-v6exp3-v4.metric.gstatic.com 216.58.205.227
whitelisted
assets.reflow.tv 185.172.148.128
suspicious
um.simpli.fi 159.253.128.183
169.50.137.185
159.253.128.188
whitelisted
pixel-sync.sitescout.com 66.155.71.150
whitelisted
cdnjs.cloudflare.com 104.19.196.151
104.19.199.151
104.19.195.151
104.19.197.151
104.19.198.151
whitelisted
tracking.m6r.eu 2.19.33.59
shared
us-u.openx.net 173.241.240.143
whitelisted
images.reflow.tv 185.172.148.128
suspicious
dmp.truoptik.com 104.16.92.60
104.16.91.60
unknown
io.narrative.io 52.212.41.120
54.72.210.154
unknown
pixel.tapad.com 35.227.197.177
whitelisted
downloads.sourceforge.net 216.105.38.13
malicious
netix.dl.sourceforge.net 87.121.121.2
suspicious
sb-ssl.google.com 216.58.205.238
whitelisted
p4-fraqkceql57kk-yys6nsgtfcllxl2e-156529-i1-v6exp3.v4.metric.gstatic.com 216.58.208.50
unknown
p4-fraqkceql57kk-yys6nsgtfcllxl2e-156529-i2-v6exp3.ds.metric.gstatic.com 216.58.206.18
unknown
p4-fraqkceql57kk-yys6nsgtfcllxl2e-156529-s1-v6exp3-v4.metric.gstatic.com 172.217.22.67
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.